[May-2019-New]Braindump2go 114Q MS-101 Exam Dumps Share[Q12-Q22]

May/2019 Braindump2go MS-101 Exam Dumps with PDF and VCE New Updated Today! Following are some new MS-101 Exam Questions:

1.|2019 Latest MS-101 Exam Dumps (PDF & VCE) Instant Download:

https://www.braindump2go.com/ms-101.html

2.|2019 Latest MS-101 Exam Questions & Answers Instant Download:

https://drive.google.com/drive/folders/1KVZ6uvgke0CyiKN6s3PCc3F5LsZZYt7A?usp=sharing

QUESTION 12
From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.)

You need to reduce the likelihood that the sign-ins are identified as risky.
What should you do?

A. From the Security & Compliance admin center, create a classification label.
B. From the Security & Compliance admin center, add the users to the Security Readers role group.
C. From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.
D. From the Conditional access blade in the Azure Active Directory admin center, create named locations.

Answer: D

QUESTION 13
You implement Microsoft Azure Advanced Threat Protection (Azure ATP).
You have an Azure ATP sensor configured as shown m the following exhibit.

How long after the Azure ATP cloud service is updated will the sensor update?

A. 1 hour
B. 12 hours
C. 48 hours
D. 7 days
E. 24 hours

Answer: E
Explanation:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-whats-new

QUESTION 14
Your company has a Microsoft 365 E5 subscription.
Users in the research department work with sensitive data. You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.
What should you do from the Security & Compliance admin center?

A. Create a data toss prevention (DLP) policy that has a Content is shared condition.
B. Modify the default safe links policy.
C. Create a data loss prevention (DLP) policy that has a Content contains condition.
D. Create a new safe links policy.

Answer: D
Explanation:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-atp-safe-links-policies#policies-that-apply-to-specific-email-recipients

QUESTION 15
You have a Microsoft 365 tenant.
You have a line-of-business application named App1 that users access by using the My Apps portal. After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control,
You need to be alerted by email if impossible travel is detected for a user of Appl. The solution must ensure that alerts are generated for App1 only.
What should you do?

A. From Microsoft Cloud App Security, create a Cloud Discovery anomaly detection policy.
B. From Microsoft Cloud App Security, modify the impossible travel alert policy.
C. From Microsoft Cloud App Security, create an app discovery policy.
D. From the Azure Active Directory admin center, modify the conditional access policy.

Answer: A
Explanation:
https://docs.microsoft.com/en-us/cloud-app-security/cloud-discovery-anomaly-detection-policy

QUESTION 16
A user receives the following message when attempting to sign in to
https://myapps.microsoft.com:
“Your sign-in was blocked. We’ve detected something unusual about this sign-in. For example, you might be signing in from a new location device, or app. Before you can continue, we need to verity your identity. Please contact your admin.”
Which configuration prevents the users from signing in?

A. Microsoft Azure Active Directory (Azure AD) Identity Protection policies
B. Microsoft Azure Active Directory (Azure AD) conditional access policies
C. Security & Compliance supervision policies
D. Security & Compliance data loss prevention (DIP) policies

Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

QUESTION 17
The users at your company use Dropbox to store documents. The users access Dropbox by using the MyApps portal.
You need to ensure that user access to Dropbox is authenticated by using a Microsoft 365 identify. The documents must be protected if the data is downloaded to an untrusted device.
What should you do?

A. From the Intune admin center, configure the Conditional access settings.
B. From the Azure Active Directory admin center, configure the Organizational relationships settings
C. From the Azure Active Directory admin center, configure the Application proxy settings.
D. From the Azure Active Directory admin center, configure the Devices settings.

Answer: B

QUESTION 18
Your network contains an Active Directory domain named contoso.com. The domain contains 100 Windows 8.1 devices. You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices. You need to recommend a Windows 10 deployment method. What should you recommend?

A. a provision g package
B. an in place upgrade
C. wipe and load refresh
D. Windows Autopilot

Answer: B
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/windows10-infrastructure

QUESTION 19
You use Microsoft System Center Configuration Manager (Current Branch) to manage devices. Your company uses the following types of devices:
– Windows 10
– Windows 8.1
– Android
– iOS
Which devices can be managed by using co-management?

A. Windows 10 and Windows 8.1 only
B. Windows 10, Android, and iOS only
C. Windows 10 only
D. Windows 10, Windows 8.1, Android, and iOS

Answer: D
Explanation:
https://docs.microsoft.com/en-us/sccm/core/plan-design/choose-a-device-management-solution#bkmk_intune

QUESTION 20
You have Windows 10 Pro devices that are joined to an Active Directory domain. You plan to create a Microsoft 365 tenant and to upgrade the devices to Windows 10 Enterprise. You are evaluating whether to deploy Windows Hello for Business for SSO to Microsoft 365 services. What are two prerequisites of the deployment? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

A. Microsoft Azure Active Directory (Azure AD)
B. smartcards
C. Microsoft Intune enrollment
D. TPM-enabled devices
E. computers that have biometric hardware features

Answer: AC
Explanation:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base

QUESTION 21
Your company has a Microsoft 365 E3 subscription.
All devices run Windows 10 Pro and are joined to Microsoft Azure Active Directory (Azure AD). You need to change the edition of Windows 10 to Enterprise the next time users sign in to their computer. The solution must minimize downtime for the users.
What should you use?

A. Windows Autopilot
B. Windows Update
C. Subscription Activation
D. an in-place upgrade

Answer: A
Explanation:
https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot

QUESTION 22
You have a Microsoft 365 subscription.
You plan to enable Microsoft Azure Information Protection. You need to ensure that only the members of a group named PilotUsers can protect content What should you do?

A. From the AADRM PowerShell module, run the set-AadrmonboardingControlPolicy cmdlet.
B. From Azure Information Protection, create a policy.
C. From the AAORM PowerShell module, run the Add-AadrmRoleBasedAdministrator cmdlet.
D. From Azure Information Protection, configure the protection activation status.

Answer: B
Explanation:
https://blogs.technet.microsoft.com/kemckinn/2018/05/17/creating-labels-for-azure-information-protection/


!!!RECOMMEND!!!

1.|2019 Latest MS-101 Exam Dumps (PDF & VCE) Instant Download:

https://www.braindump2go.com/ms-101.html

2.|2019 Latest MS-101 Study Guide VideoInstant Download:

https://youtu.be/JH6eist5h78