[Mar 15, 2026] MS-102 PDF Questions and Testing Engine With 550 Questions
Updated Exam Engine for MS-102 Exam Free Demo & 365 Day Updates
NEW QUESTION # 91
You have a Microsoft 365 E5 subscription that.
You need to identify whenever a sensitivity label is applied, changed, or removed within the subscription.
Which feature should you use, and how many days will the data be retained? To answer, select the appropriate options in the answer area.
NOTE Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 92
You have a Microsoft 365 E5 subscription that contains two groups named Group1 and Group2.
You need to ensure that each group can perform the tasks shown in the following table.
The solution must use the principle of least privilege.
Which role should you assign to each group? To answer, drag the appropriate roles to the correct groups. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://learn.microsoft.com/en-us/microsoft-365/admin/add-users/about-admin-roles
NEW QUESTION # 93
HOTSPOT
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint site named Site1 and a data loss prevention (DLP) policy named DLP1. DLP1 contains the rules shown in the following table.
Site1 contains the files shown in the following table.
Which policy tips are shown for each file? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Box 1: Rule1 tip only
File1 matches Rule1, Rule2, and Rule3.
Rule1 has the highest priority.
Note: The Priority parameter specifies a priority value for the policy that determines the order of policy processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and policies can ' t have the same priority value.
Box 2: Rule1 tip only
Note: User Override support
The option to override is per rule, and it overrides all of the actions in the rule (except sending a notification, which can ' t be overridden).
It ' s possible for content to match several rules in a DLP policy or several different DLP policies, but only the policy tip from the most restrictive, highest-priority rule will be shown (including policies in Test mode). For example, a policy tip from a rule that blocks access to content will be shown over a policy tip from a rule that simply sends a notification. This prevents people from seeing a cascade of policy tips.
If the policy tips in the most restrictive rule allow people to override the rule, then overriding this rule also overrides any other rules that the content matched.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-overview-plan-for-dlp
https://learn.microsoft.com/en-us/microsoft-365/compliance/use-notifications-and-policy-tips
NEW QUESTION # 94
You need to create the Safe Attachments policy to meet the technical requirements.
Which option should you select?
- A. Enable redirect
- B. Dynamic Delivery
- C. Block
- D. Replace
Answer: B
Explanation:
Reference:
https://github.com/MicrosoftDocs/microsoft-365-docs/blob/public/microsoft-365/security/office-365-security
/safe-attachments.md
Topic 4, FabrikamOverview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.
Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of [email protected].
Fabrikam does NOT plan to implement identity federation.
Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers.
The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements
Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.
Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal.
Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online.
App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.
Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.
NEW QUESTION # 95
You have a Microsoft 365 subscription that contains a user named User1 and a Microsoft SharePoint Online site named Site1. User1 is assigned the Owner role for Site1. To Site1, you publish the file plan retention labels shown in the following table.
Site1 contains the files shown in the following table.
Which files can User1 rename, and which files can User1 delete? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 96
You have a Microsoft 365 subscription.
All uses are assigned Microsoft 365 Apps for enterprise licenses.
You need to ensure that reports display the names of users that have activated Microsoft 365 apps and on how many devices. What should you modify in the Microsoft 365 admin center?
- A. Organization information
- B. Org settings for Privacy profile
- C. the Reports reader role
- D. Org settings for Reports
Answer: D
NEW QUESTION # 97
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.
All the groups are deleted.
Which groups can be restored, and what is the retention period? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Group3 only
Box 2: 30 days
If you've deleted a group, it will be retained for 30 days by default. This 30-day period is considered a
"soft-delete" because you can still restore the group. After 30 days, the group and its associated contents are permanently deleted and cannot be restored.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/restore-deleted-group
NEW QUESTION # 98
You have a Microsoft 365 E5 tenant.
You configure a device compliance policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android
NEW QUESTION # 99
You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.
You need to configure policies to meet the following requirements:
Customize the common attachments filter.
Enable impersonation protection for sender domains.
Which type of policy should you configure for each requirement? To answer, drag the appropriate policy types to the correct requirements. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Box 1: Anti-malware
Customize the common attachments filter.
See step 5 below.
1. Use the Microsoft 365 Defender portal to create anti-malware policies In the Microsoft 365 Defender portal at https://security.microsoft.com, go to Email & Collaboration > Policies
& Rules > Threat policies > Anti-Malware in the Policies section. To go directly to the Anti-malware page, use https://security.microsoft.com/antimalwarev2
2. On the Anti-malware page, select Create to open the new anti-malware policy wizard.
On the Name your policy page, configure these settings:
Name: Enter a unique, descriptive name for the policy.
Description: Enter an optional description for the policy.
3. When you're finished on the Name your policy page, select Next.
4. On the Users and domains page, identify the internal recipients that the policy applies to (recipient conditions)
5. On the Protection settings page, configure the following settings:
Protection settings section:
Enable the common attachments filter: If you select this option, messages with the specified attachments are treated as malware and are automatically quarantined. You can modify the list by clicking Customize file types and selecting or deselecting values in the list.
6. Etc.
Box 2: Anti-phishing
Enable impersonation protection for sender domains.
Anti-phishing policies in Microsoft 365
The high-level differences between anti-phishing policies in EOP and anti-phishing policies in Defender for Office 365 are described in the following table:
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-malware-policies-configure
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-phishing-policies-about
NEW QUESTION # 100
You need to meet the technical requirement for the EU PII data.
What should you create?
- A. a data loss prevention (DLP) policy from the Security & Compliance admin center
- B. a retention policy from the Exchange admin center
- C. a retention policy from the Security & Compliance admin center.
- D. a data loss prevention (DLP) policy from the Exchange admin center
Answer: C
Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/retention-policies EU PII wants both documents and email message to be preserved so S&C Admin Center for Retention. If this was for Email only, this probably could have been done in EAC.
Topic 1, A Datum Case Study:
Overview
Existing Environment
This is a case study Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.
Current Infrastructure
A Datum recently purchased a Microsoft 365 subscription.
All user files are migrated to Microsoft 365.
All mailboxes are hosted in Microsoft 365. The users in each office have email suffixes that include the country of the user, for example, [email protected] or user2#uk.ad3tum.com.
Each office has a security information and event management (SIEM) appliance. The appliances come from three different vendors.
A Datum uses and processes Personally Identifiable Information (PII).
Problem Statements
Requirements
A Datum entered into litigation. The legal department must place a hold on all the documents of a user named User1 that are in Microsoft 365.
Business Goals
A Datum warns to be fully compliant with all the relevant data privacy laws in the regions where it operates.
A Datum wants to minimize the cost of hardware and software whenever possible.
Technical Requirements
A Datum identifies the following technical requirements:
Centrally perform log analysis for all offices.
Aggregate all data from the SIEM appliances to a central cloud repository for later analysis.
Ensure that a SharePoint administrator can identify who accessed a specific file stored in a document library.
Provide the users in the finance department with access to Service assurance information in Microsoft Office
365.
Ensure that documents and email messages containing the PII data of European Union (EU) citizens are preserved for 10 years.
If a user attempts to download 1,000 or more files from Microsoft SharePoint Online within 30 minutes, notify a security administrator and suspend the user's user account.
A security administrator requires a report that shows which Microsoft 36S users signed in Based on the report, the security administrator will create a policy to require multi-factor authentication when a sign in is high risk.
Ensure that the users in the New York office can only send email messages that contain sensitive US. PII data to other New York office users. Email messages must be monitored to ensure compliance. Auditors in the New York office must have access to reports that show the sent and received email messages containing sensitive U.S. PII data.
NEW QUESTION # 101
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You have labels in Microsoft 365 as shown in the following table.
The content in Microsoft 365 is assigned labels as shown in the following table.
You have labels In Microsoft 365 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
Explanation
NEW QUESTION # 102
You have a Microsoft 365 E5 subscription.
Your company s Microsoft Secure Score recommends the actions shown in the following exhibit.
You select Create Safe Links policies for email messages and change Status to Risk accepted in the Status & action plan settings.
How does the change affect the Secure Score?
- A. remains the same
- B. decreases by 1 point
- C. decreases by 9 points
- D. increases by 9 points
- E. increases by 1 point
Answer: A
NEW QUESTION # 103
You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
You create a sensitivity label named Label1.
To which resource can you apply Label1?
- A. Group1, Group2, and Sitel
- B. Sitel only
- C. Groupl and Group2 only
- D. Group2 only
- E. Group1 only
Answer: A
Explanation:
Assign sensitivity labels to Microsoft 365 groups in Azure Active Directory Azure Active Directory (Azure AD), part of Microsoft Entra, supports applying sensitivity labels published by the Microsoft Purview compliance portal to Microsoft 365 groups.
In addition to using sensitivity labels to protect documents and emails, you can also use sensitivity labels to protect content in the following containers: Microsoft Teams sites, Microsoft 365 groups (formerly Office 365 groups), and SharePoint sites.
When you configure a label policy, you can:
Choose which users and groups see the labels. Labels can be published to any specific user or email-enabled security group, distribution group, or Microsoft 365 group (which can have dynamic membership) in Azure AD.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites
https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
NEW QUESTION # 104
You have a Microsoft 365 E5 subscription.
You plan to implement identity protection by configuring a sign-in risk policy and a user risk policy. Which type of risk is detected by each policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 105
HOTSPOT
You have a Microsoft 365 subscription.
You are planning a threat management solution for your organization.
You need to minimize the likelihood that users will be affected by the following threats:
Opening files in Microsoft SharePoint that contain malicious content
Impersonation and spoofing attacks in email messages
Which policies should you create in Microsoft 365 Defender? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 106
......
Exam Passing Guarantee MS-102 Exam with Accurate Quastions: https://www.dumpsvalid.com/MS-102-still-valid-exam.html
Test Engine to Practice Test for MS-102 Valid and Updated Dumps: https://drive.google.com/open?id=1sC1KXDOhtDYtCAVLQzSYcOkrQO_gxbY_