Fast2test MS-102問題集402問でMicrosoft 365 Certifiedを確実実践 [Q66-Q87]

Share

Fast2test MS-102問題集402問でMicrosoft 365 Certifiedを確実実践

リアル最新MS-102試験問題MS-102問題集


Microsoft MS-102 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Implement and manage Conditional Access policies
  • Implement and manage Azure AD Identity Protection
トピック 2
  • Configure organizational settings, including security, privacy, and profile
  • Implement and manage a Microsoft 365 tenant
トピック 3
  • Implement sensitivity labels and sensitivity label policies
  • Implement Microsoft Purview data loss prevention (DLP)
トピック 4
  • Manage and monitor Microsoft 365 license allocations
  • Create and manage groups, including Microsoft 365 groups
トピック 5
  • Configure notifications in service health
  • Identify and respond to service health issues
トピック 6
  • Review and respond to threats identified in threat analytics
  • Implement Microsoft Purview information protection and data lifecycle management
トピック 7
  • Implement and manage Azure AD Password Protection
  • Implement and manage directory synchronization by using Azure AD Connect cloud sync
トピック 8
  • Implement and manage multi-factor authentication (MFA)
  • Implement and manage self-service password reset (SSPR)

 

質問 # 66
Your network contains an Active Directory forest named Contoso. Local.
You have a Microsoft 365 subscription.
You plan to implement a directory synchronization solution that will use password hash synchronization.
From the Microsoft 365 admin center, you successfully verify the contoso.com domain name.
You need to prepare the environment for the planned directory synchronization solution.
What should you do first?

  • A. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.
  • B. From the Microsoft 365 admin center verify the Contoso. Local domain name.
  • C. From Active Directory Users and Computers, modify the UPN suffix for all users.
  • D. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix.

正解:D


質問 # 67
You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project.
Which DNS record should you recommend?

  • A. host (A)
  • B. text (TXT)
  • C. host information
  • D. pointer (PTR)

正解:D

解説:
Explanation
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
Text (TXT)
Mail exchanger (MX)
incorrect answer options you may see on the exam include the following:
alias (CNAME)
Host (A)
host (AAA)
Pointer (PTR)
Name Server (NS)
host information (HINFO)
pointer (PTR)
Reference:
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-


質問 # 68
You have a Microsoft 365 E5 tenant.
The Microsoft Secure Score for the tenant is shown in the following exhibit.

You plan to enable Security defaults for Azure Active Directory (Azure AD).
Which three improvement actions will this affect?

  • A. Require MFA for administrative roles.
  • B. Use limited administrative roles
  • C. Ensure all users can complete multi-factor authentication for secure access
  • D. Enable self-service password reset
  • E. Enable policy to block legacy authentication

正解:A、C、E

解説:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults


質問 # 69
You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.
You need to configure policies to meet the following requirements:
Customize the common attachments filter.
Enable impersonation protection for sender domains.
Which type of policy should you configure for each requirement? To answer, drag the appropriate policy types to the correct requirements. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
A close-up of a question Description automatically generated

Box 1: Anti-malware
Customize the common attachments filter.
See step 5 below.
1. Use the Microsoft 365 Defender portal to create anti-malware policies In the Microsoft 365 Defender portal at https://security.microsoft.com, go to Email & Collaboration > Policies
& Rules > Threat policies > Anti-Malware in the Policies section. To go directly to the Anti-malware page, use https://security.microsoft.com/antimalwarev2
2. On the Anti-malware page, select Create to open the new anti-malware policy wizard.
On the Name your policy page, configure these settings:
Name: Enter a unique, descriptive name for the policy.
Description: Enter an optional description for the policy.
3. When you're finished on the Name your policy page, select Next.
4. On the Users and domains page, identify the internal recipients that the policy applies to (recipient conditions)
5. On the Protection settings page, configure the following settings:
Protection settings section:
Enable the common attachments filter: If you select this option, messages with the specified attachments are treated as malware and are automatically quarantined. You can modify the list by clicking Customize file types and selecting or deselecting values in the list.
6. Etc.
Box 2: Anti-phishing
Enable impersonation protection for sender domains.
Anti-phishing policies in Microsoft 365
The high-level differences between anti-phishing policies in EOP and anti-phishing policies in Defender for Office 365 are described in the following table:

Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-malware-policies-configure
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-phishing-policies-about


質問 # 70
You have device compliance policies shown in the following table.

The device compliance state for each policy is shown in the following table.

NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 71
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Office 365. You have the policies shown in the following table.

All the policies are configured to send malicious email messages to quarantine. Which policies support a customized quarantine retention period?

  • A. Policy1 and Policy2 only
  • B. Policy3 and Policy4 only
  • C. Policy1 and Policy3only
  • D. Policy2 and Policy4 only

正解:A


質問 # 72
You have a Microsoft 365 tenant that contains 1,000 iOS devices enrolled in Microsoft Intune. You plan to purchase volume-purchased apps and deploy the apps to the devices. You need to track used licenses and manage the apps by using Intune. What should you use to purchase the apps?

  • A. Microsoft Store for Business
  • B. Apple iTunes Store
  • C. Apple Configurator
  • D. Apple Business Manager

正解:D

解説:
Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/vpp-apps-ios


質問 # 73
You have a Microsoft 365 subscription that contains the users in the following table.

In Microsoft Endpoint Manager, you create two device type restrictions that have the settings shown in the following table.

In Microsoft Endpoint Manager, you create three device limit restrictions that have the settings shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 74
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You have labels in Microsoft 365 as shown in the following table.

The content in Microsoft 365 is assigned labels as shown in the following table.

You have labels In Microsoft 365 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

正解:

解説:

Explanation


質問 # 75
You have a Microsoft 365 E5 subscription that uses Microsoft intune.
in the Microsoft Endpoint Manager admin center, you discover many stale and inactive devices, You enable device clean-up rules What can you configure as the minimum number of days before a device a removed automatically?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:D


質問 # 76
You enable the Azure AD Identity Protection weekly digest email.
You create the users shown in the following table.

Which users will receive the weekly digest email automatically?

  • A. Admin2, Admin3, and Admin4 only
  • B. Admin2 and Admin3 only
  • C. Admin3 only
  • D. Admin1, Admin2, Admin3, and Admin4
  • E. Admin1 and Admin3 only

正解:E

解説:
Explanation
By default, all Global Admins receive the email. Any newly created Global Admins, Security Readers or Security Administrators will automatically be added to the recipients list.


質問 # 77
You have a Microsoft 365 tenant that contains a Windows 10 device named Device1 and the Microsoft Endpoint Manager policies shown in the following table.

The policies are assigned to Device1.
Which policy settings will be applied to Device1?

  • A. only the settings of Policy2
  • B. no settings
  • C. only the settings of Policy3
  • D. only the settings of Policy1

正解:B


質問 # 78
You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy.
You need to ensure that only devices marked as compliant can access Microsoft Office 365 apps.
Which policy type should you configure?

  • A. attack surface reduction (ASR)
  • B. conditional access
  • C. Endpoint detection and response
  • D. account protection

正解:B

解説:
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started


質問 # 79
You have a Microsoft 365 subscription that uses an Azure AD tenant named contoso.com. The tenant contains the users shown in the following table.

You add another user named User5 to the User Administrator role.
You need to identify which two management tasks User5 can perform.
Which two tasks should you identify? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Reset the password of User2 and User4 only.
  • B. Reset the password of User4 only
  • C. Delete User1, User2, and User4 only.
  • D. Delete any user in Azure AD.
  • E. Reset the password of any user in Azure AD.
  • F. Delete User2 and User4 only.

正解:A、F

解説:
Explanation
Users with the User Administrator role can create users and manage all aspects of users with some restrictions (see below).
Only on users who are non-admins or in any of the following limited admin roles:
* Directory Readers
* Guest Inviter
* Helpdesk Administrator
* Message Center Reader
* Reports Reader
* User Administrator
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#availab


質問 # 80
You have a Microsoft 365 E5 tenant that contains the users shown in the following table.

The tenant contains the devices shown in the following table.

You have the apps shown in the following table.

You plan to use Microsoft Endpoint Manager to manage the apps for the users.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
Graphical user interface, text, application Description automatically generated

Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/apps-deploy
https://docs.microsoft.com/en-us/mem/intune/apps/apps-windows-10-app-deploy


質問 # 81
You have a Microsoft 365 E5 tenant that contains the resources shown in the following table.

To which resources can you apply a sensitivity label by using an auto-labeling policy?

  • A. Account1 and Site1 only
  • B. Mailbox1, Account1, Site1, and Channel1
  • C. Mailbox1 and Site1 only
  • D. Mailbox1, Account1, and Site1 only
  • E. Account1, Site1, and Channel1 only

正解:E

解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide


質問 # 82
You have a Microsoft 365 E5 tenant.
You plan to create a custom Compliance Manager assessment template based on the ISO 27001:2013 template.
You need to export the existing template.
Which file format should you use for the exported template?

  • A. CSV
  • B. XLSX
  • C. JSON
  • D. XML

正解:B

解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-templates?view=o365-worldw


質問 # 83
HOTSPOT
You have a Microsoft 365 E5 subscription.
You need to implement identity protection. The solution must meet the following requirements:
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

  • A. Identify when a user's credentials are compromised and shared on the dark web.
  • B. Provide users that have compromised credentials with the ability to self-remediate.

正解:A

解説:
Explanation

Box 1: A user risk policy
Identify when a user's credentials are compromised and shared on the dark web.
User risk-based Conditional Access policy
Identity Protection analyzes signals about user accounts and calculates a risk score based on the probability that the user has been compromised. If a user has risky sign-in behavior, or their credentials have been leaked, Identity Protection will use these signals to calculate the user risk level. Administrators can configure user risk-based Conditional Access policies to enforce access controls based on user risk, including requirements such as:
Block access
Allow access but require a secure password change.
A secure password change will remediate the user risk and close the risky user event to prevent unnecessary noise for administrators.
Box 2: Require password change
Provide users that have compromised credentials with the ability to self-remediate.
A secure password change will remediate the user risk and close the risky user event to prevent unnecessary noise for administrators Reference:
https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies#


質問 # 84
You have a Microsoft 365 tenant.
You plan to manage incidents in the tenant by using the Microsoft 365 security center.
Which Microsoft service source will appear on the Incidents page of the Microsoft 365 security center?

  • A. Microsoft Defender for CloudUse the
  • B. Microsoft Purview
  • C. Azure Arc
  • D. Microsoft Defender for Identity

正解:D

解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/defender/investigate-alerts?view=o365-worldwide


質問 # 85
You have a Microsoft 365 E5 tenant.
You configure a device compliance policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
Graphical user interface, text, application, email Description automatically generated

Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android


質問 # 86
You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project.
Which DNS record should you recommend?

  • A. alias (CNAME)
  • B. host (A)
  • C. text (TXT)
  • D. host information

正解:A

解説:
Explanation
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
Text (TXT)
Mail exchanger (MX)
incorrect answer options you may see on the exam include the following:
alias (CNAME)
Host (A)
host (AAA)
Pointer (PTR)
Name Server (NS)
host information (HINFO)
pointer (PTR)
Reference:
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-


質問 # 87
......

MS-102別格な問題集で最上級の成績にさせるMS-102問題:https://jp.fast2test.com/MS-102-premium-file.html

手に入れよう!最新MS-102認定の有効な試験問題集解答:https://drive.google.com/open?id=15xSROu05xO7KzPqrpsA9LwfqV_LQT5Kn


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어