Visit here for our full Microsoft MS-900 exam dumps and practice test questions.
Question 101:
What is Microsoft 365 message encryption primarily used for?
A) Compressing files
B) Encrypting email messages to protect sensitive content
C) Organizing folders
D) Scheduling meetings
Answer: B
Explanation:
Organizations must protect sensitive information in emails sent to external recipients who may not have secure email systems, requiring encryption that ensures only intended recipients can read content.
Option A is incorrect as compressing files involves reducing file sizes for storage or transmission efficiency. Message encryption protects content confidentiality through cryptographic mechanisms rather than compression. These represent different technical capabilities serving different purposes.
Option B is correct as Microsoft 365 message encryption protects sensitive email content by encrypting messages so only authorized recipients can read them. Users can send encrypted emails to any recipient regardless of email system, and recipients access encrypted messages through secure portals even without Microsoft 365 accounts. Encryption can be applied manually by users selecting encryption options or automatically through mail flow rules or sensitivity labels detecting sensitive content. Organizations configure encryption templates defining protection levels including preventing forwarding, printing, or copying content. Message encryption helps organizations protect personally identifiable information, financial data, health records, and confidential communications meeting regulatory requirements like HIPAA, GDPR, or financial regulations. Recipients prove identity before accessing encrypted content ensuring only authorized parties read sensitive information.
Option C is incorrect because organizing folders involves file management and content organization. Message encryption protects content through cryptography rather than organizing how content is stored. Protection and organization serve different purposes.
Option D is incorrect as scheduling meetings involves calendar applications and scheduling features. Message encryption protects email content confidentiality rather than managing calendars or appointments. These represent different application capabilities.
Question 102:
Which Microsoft 365 feature allows administrators to simulate phishing attacks to train users?
A) Attack simulation training
B) Safe Links
C) Safe Attachments
D) Anti-spam policies
Answer: A
Explanation:
Human error remains the weakest security link, and users need regular training recognizing phishing attempts through realistic simulations that test awareness without actual risk from real attacks.
Option A is correct as attack simulation training allows administrators to simulate phishing attacks to educate users and measure susceptibility to social engineering. Administrators create simulated phishing campaigns selecting from templates mimicking credential harvesting, malware attachments, link manipulation, or drive-by-url attacks. Simulations are sent to selected users, and the platform tracks who clicked malicious links, entered credentials, or opened attachments. Users who fail simulations receive immediate training explaining how to recognize threats. Administrators view reports showing organizational susceptibility, identify users requiring additional training, and track improvement over time. Attack simulation training helps organizations reduce successful phishing attacks by improving user awareness, identify high-risk users needing focused training, demonstrate security awareness program effectiveness, and meet compliance requirements for security training.
Option B refers to Safe Links which protects against malicious URLs by checking links at click-time and blocking dangerous websites. While Safe Links provides technical protection, it does not train users to recognize phishing attempts. Safe Links operates automatically without user education.
Option C represents Safe Attachments which opens email attachments in virtual environments to detect malware. While protecting against malicious attachments, Safe Attachments does not educate users about recognizing suspicious emails. It provides technical protection rather than awareness training.
Option D refers to anti-spam policies which block unwanted emails based on content and sender reputation. While anti-spam reduces phishing emails reaching users, it does not train users to recognize threats that bypass filtering. Technical filtering and user training serve complementary but different security purposes.
Question 103:
What is the purpose of Microsoft 365 information barriers?
A) Building construction
B) Preventing communication and collaboration between specific groups for compliance
C) Network firewall rules
D) Physical security systems
Answer: B
Explanation:
Some industries face regulatory requirements preventing communication between specific groups like trading desks and research departments or conflicting client teams requiring technical enforcement of communication boundaries.
Option A is incorrect as building construction involves physical architecture and facilities. Information barriers implement digital communication restrictions within Microsoft 365 rather than physical barriers. These represent completely different uses of the term barrier.
Option B is correct as Microsoft 365 information barriers prevent communication and collaboration between specific user groups to meet regulatory or organizational requirements. Information barriers enforce policies restricting users in defined segments from communicating through Teams chats and calls, scheduling meetings together, sharing files, or collaborating in shared workspaces. Organizations use information barriers to comply with financial services regulations preventing conflicts of interest like Chinese walls separating trading and research, prevent insider trading by restricting communication between specific groups, manage client conflicts in professional services preventing teams serving competing clients from collaborating, and enforce organizational policies requiring communication segregation. Administrators define segments based on user attributes like department or role and configure policies controlling which segments can communicate. Information barriers automatically enforce restrictions across Microsoft 365 services.
Option C is incorrect because network firewall rules control network traffic between systems. While both involve restricting access, information barriers operate at the collaboration layer rather than network infrastructure. Firewalls block network connections while information barriers prevent communication within applications.
Option D is incorrect as physical security systems involve access control for buildings and facilities. Information barriers restrict digital communication and collaboration rather than physical access. These represent different security domains.
Question 104:
Which Microsoft 365 service provides automated remediation of security threats?
A) Microsoft Defender
B) Microsoft Word
C) Microsoft Excel
D) Microsoft PowerPoint
Answer: A
Explanation:
Security teams cannot manually respond to every threat given attack volumes and speed, requiring automation that investigates alerts, determines legitimacy, and remediates threats without human intervention.
Option A is correct as Microsoft Defender provides automated investigation and remediation capabilities responding to security threats without manual intervention. When Defender detects threats including malware, suspicious files, or compromised accounts, automated investigation analyzes the threat scope, identifies affected systems and users, determines relationships between alerts, and executes remediation actions like quarantining files, isolating devices, blocking malicious URLs, disabling compromised accounts, or deleting malicious emails. Automation uses playbooks defining investigation steps and remediation actions appropriate for different threat types. Security teams review remediation actions through action center, approve pending actions, and track investigation progress. Automated remediation reduces response times from hours to minutes, ensures consistent threat handling, scales security operations enabling small teams to handle large threat volumes, and frees analysts to focus on complex investigations requiring human judgment.
Option B refers to Microsoft Word for creating documents. Word is a productivity application without security or threat remediation capabilities. Document creation and security operations represent completely different application purposes.
Option C represents Microsoft Excel for spreadsheet calculations. Excel does not provide security monitoring or threat remediation. While security teams might track threats in Excel, the application itself does not automate security responses.
Option D refers to Microsoft PowerPoint for presentations. PowerPoint is a content creation tool without security or remediation capabilities. Presentation creation and security operations serve entirely different purposes.
Question 105:
What is the purpose of Microsoft 365 compliance policies for devices?
A) Ensuring devices meet security requirements before accessing resources
B) Installing office furniture
C) Managing cafeteria menus
D) Organizing parking spaces
Answer: A
Explanation:
Organizations must ensure devices accessing corporate resources meet minimum security standards preventing compromised or unprotected devices from introducing threats or accessing sensitive data.
Option A is correct as Microsoft 365 compliance policies ensure devices meet defined security requirements before accessing organizational resources. Compliance policies evaluate device configurations including password complexity, encryption status, operating system versions, jailbreak or root status, threat level from Defender, and firewall enabled status. Devices failing compliance checks are marked non-compliant and can be blocked from accessing email, SharePoint, or other resources through Conditional Access integration. Users receive notifications explaining non-compliance reasons and remediation steps. Compliance policies help organizations enforce minimum security baselines, prevent unprotected devices from accessing sensitive data, meet regulatory requirements for device security, and reduce risk from compromised devices. Administrators create policies defining requirements and assign them to user groups or devices.
Option B is incorrect and absurd as installing office furniture involves facilities management and physical space planning. Compliance policies govern device security configurations rather than furniture. These represent completely unrelated organizational activities.
Option C is incorrect as managing cafeteria menus involves food service operations. Compliance policies enforce device security rather than managing dining services. These serve completely different organizational functions.
Option D is incorrect because organizing parking spaces involves facilities and parking management. Compliance policies ensure device security compliance rather than managing physical parking. These represent unrelated organizational operations.
Question 106:
Which Microsoft 365 feature provides real-time translation of messages in Teams?
A) Inline message translation
B) Microsoft Translator app
C) Automatic captions
D) Live transcription
Answer: A
Explanation:
Global organizations with multilingual teams need communication tools enabling natural language use while ensuring everyone understands conversations regardless of language barriers.
Option A is correct as inline message translation in Microsoft Teams provides real-time translation of chat messages allowing users to communicate in their native languages while recipients view messages in their preferred languages. Users can translate individual messages by selecting translation options or configure automatic translation for all messages from specific languages. Teams supports dozens of languages enabling global collaboration across language barriers. The feature uses Microsoft Translator technology providing accurate translations within the conversation interface. Organizations use inline translation to enable multilingual teams to collaborate naturally without language training requirements, improve communication between global offices, support international projects, and promote inclusive communication where everyone can participate in their preferred language. Translation happens within Teams without external tools or interrupting conversation flow.
Option B refers to the Microsoft Translator app which is a standalone translation application. While the same translation technology powers both, inline translation integrates directly into Teams conversations rather than requiring separate applications. Inline translation provides more seamless experience for team communication.
Option C represents automatic captions which transcribe spoken audio in meetings into text displayed on screen. While helpful for accessibility and understanding, captions transcribe rather than translate, showing content in the same language spoken rather than translating to different languages.
Option D refers to live transcription which converts meeting speech to text in real-time. Like captions, transcription creates text of spoken words rather than translating between languages. Transcription and translation serve different communication support purposes.
Question 107:
What is the maximum number of owners that can be assigned to a Microsoft 365 Group?
A) 10
B) 50
C) 100
D) Unlimited
Answer: C
Explanation:
Groups require management including member additions, settings changes, and resource management, and understanding owner limits helps organizations structure group administration appropriately.
Option A suggesting 10 owners is too restrictive for larger teams or groups spanning multiple departments requiring distributed administration. Microsoft provides more generous limits to accommodate teams needing multiple administrators.
Option B indicating 50 owners is closer to the actual limit but still understates the capacity Microsoft provides for group ownership. Larger organizations may have groups requiring extensive administrative distribution.
Option C is correct as Microsoft 365 Groups support up to 100 owners per group. Owners can add or remove members, change group settings, delete groups, and manage connected resources like SharePoint sites and Teams teams. Multiple owners provide administrative redundancy ensuring groups can be managed even when specific administrators are unavailable. However, groups typically function best with smaller numbers of owners following principle of least privilege. Having 100 owners would indicate overly broad administrative access. Most groups function effectively with 2-5 owners providing backup while maintaining clear accountability. The 100-owner limit accommodates exceptional cases while most organizations use far fewer owners per group.
Option D suggesting unlimited owners is incorrect as Microsoft implements specific limits. While 100 is generous, unlimited ownership would create security and management challenges. Defined limits encourage appropriate administrative structures and security practices.
Question 108:
Which Microsoft 365 service helps organizations discover and classify personal data for GDPR compliance?
A) Data Loss Prevention with sensitive information types
B) Microsoft Paint
C) Microsoft Calculator
D) Windows Media Player
Answer: A
Explanation:
GDPR and similar privacy regulations require organizations to know where personal data resides, classify data appropriately, and implement appropriate protections necessitating automated discovery across vast content volumes.
Option A is correct as Data Loss Prevention with sensitive information types helps organizations discover and classify personal data for GDPR compliance. DLP scans content across Exchange, SharePoint, OneDrive, Teams, and Endpoint identifying personally identifiable information including EU national identification numbers, passport numbers, credit card numbers, health information, and financial data using pre-built sensitive information types or custom patterns. Organizations create DLP policies that automatically classify discovered personal data, apply sensitivity labels, restrict sharing, encrypt content, or alert data protection officers. DLP provides visibility into where personal data resides, how it moves through the organization, and who accesses it supporting data mapping requirements. Organizations use DLP to meet GDPR requirements for knowing what personal data they process, implementing appropriate technical protections, preventing unauthorized disclosure, and demonstrating compliance to regulators.
Option B refers to Microsoft Paint for basic image editing. Paint has no data discovery or classification capabilities. Image editing and data privacy compliance represent completely unrelated application purposes.
Option C represents Microsoft Calculator for arithmetic calculations. Calculator performs mathematical operations without any data discovery or compliance features. Calculation and data classification serve entirely different purposes.
Option D refers to Windows Media Player for playing audio and video. Media Player provides entertainment functionality without data discovery or privacy compliance capabilities. These represent fundamentally different software categories.
Question 109:
What is the purpose of Microsoft 365 threat intelligence?
A) Stock market analysis
B) Providing insights into threats targeting the organization
C) Weather forecasting
D) Traffic predictions
Answer: B
Explanation:
Organizations need intelligence about threats specifically targeting them including attacker tactics, campaigns, and indicators enabling proactive defense and informed security decisions.
Option A is incorrect as stock market analysis involves financial systems analyzing market trends, pricing, and investment opportunities. Threat intelligence focuses on security threats rather than financial markets. These represent completely different types of intelligence serving different purposes.
Option B is correct as Microsoft 365 threat intelligence provides insights into security threats targeting the organization by aggregating threat data from Microsoft Defender services, analyzing attack patterns and techniques, identifying campaigns targeting the organization or similar organizations, providing indicators of compromise for proactive hunting, tracking threat actors and their methods, and offering recommended responses to detected threats. Threat intelligence helps security teams understand their threat landscape, prioritize defenses against threats most likely to impact them, respond to incidents with knowledge of attacker techniques, hunt proactively for threats, and make informed security investment decisions. Microsoft’s global visibility across billions of signals provides comprehensive threat intelligence unavailable to individual organizations. Security teams use threat intelligence dashboards to monitor threats, investigate specific campaigns, and access threat analytics.
Option C is incorrect as weather forecasting involves meteorological systems predicting atmospheric conditions. Threat intelligence analyzes security risks rather than weather patterns. These represent completely unrelated prediction domains.
Option D is incorrect because traffic predictions involve transportation systems forecasting road congestion and travel times. Threat intelligence focuses on cybersecurity threats rather than vehicular traffic. These serve completely different analysis purposes.
Question 110:
Which Microsoft 365 feature allows organizations to create custom compliance solutions?
A) Microsoft Graph API and compliance APIs
B) Microsoft Paint
C) Microsoft Notepad
D) Windows Calculator
Answer: A
Explanation:
Organizations with unique compliance requirements or existing compliance systems need programmatic access to Microsoft 365 compliance capabilities for integration with custom workflows and third-party systems.
Option A is correct as Microsoft Graph API and compliance APIs enable organizations to create custom compliance solutions by providing programmatic access to compliance capabilities. Developers can use APIs to search and export content for eDiscovery, apply and manage retention policies, implement custom hold scenarios, access audit logs programmatically, manage sensitivity labels, implement custom DLP solutions, and integrate Microsoft 365 compliance with third-party systems. APIs enable organizations to automate compliance workflows, integrate compliance data with security information and event management systems, build custom reporting and dashboards, extend compliance capabilities beyond native features, and integrate Microsoft 365 compliance with existing organizational compliance frameworks. Organizations with sophisticated compliance requirements use APIs to build tailored solutions matching their specific processes and integrations.
Option B refers to Microsoft Paint for basic image editing. Paint provides drawing and editing capabilities without any compliance or API functionality. Image creation and compliance integration represent completely different capabilities.
Option C represents Microsoft Notepad for plain text editing. Notepad creates simple text files without providing compliance capabilities or APIs for integration. Text editing and compliance automation serve entirely different purposes.
Option D refers to Windows Calculator for arithmetic operations. Calculator performs calculations without any compliance functionality or programmatic interfaces. Mathematical operations and compliance integration are completely unrelated capabilities.
Question 111:
What is Microsoft 365 Multi-Geo primarily used for?
A) Geography education
B) Storing data in multiple geographic locations to meet data residency requirements
C) Map creation
D) GPS navigation
Answer: B
Explanation:
Multinational organizations face data residency requirements mandating specific data must remain within particular countries or regions necessitating geographic control over where data is stored.
Option A is incorrect as geography education involves teaching geographical concepts and knowledge. Multi-Geo refers to data storage locations rather than educational content about geography. These represent completely different uses of geography terminology.
Option B is correct as Microsoft 365 Multi-Geo enables organizations to store data in multiple geographic locations meeting data residency requirements for different regions. Organizations provision satellite locations in addition to their primary datacenter region, assign users to specific geographies ensuring their data resides in designated locations, control where SharePoint sites and Microsoft 365 Groups store data, and meet country-specific regulations requiring data remain within borders. Multi-Geo supports multinational organizations with data sovereignty obligations, subsidiaries subject to local data laws, or contractual commitments requiring geographic data control. The feature ensures Exchange mailboxes, OneDrive content, SharePoint sites, and Teams data reside in specified geographies while maintaining unified tenant administration and user experience. Organizations use Multi-Geo to expand globally while respecting regional data regulations.
Option C is incorrect because map creation involves cartography and geographic information systems. Multi-Geo controls data storage locations rather than creating visual maps. These serve completely different purposes involving geography.
Option D is incorrect as GPS navigation provides location-based directions and wayfinding. Multi-Geo manages data residency rather than providing navigation services. These represent different applications of geographic technology.
Question 112:
Which Microsoft 365 service provides protection against malicious websites?
A) Safe Links in Defender for Office 365
B) Microsoft Excel
C) Microsoft Word
D) Microsoft PowerPoint
Answer: A
Explanation:
Malicious websites deliver malware, steal credentials, and execute attacks requiring protection that checks links at access time detecting threats missed by initial email filtering.
Option A is correct as Safe Links in Microsoft Defender for Office 365 provides protection against malicious websites by checking URLs in emails and documents at click-time. When users click links protected by Safe Links, Microsoft redirects the request through scanning infrastructure that checks the destination URL against threat intelligence, analyzes the website for malicious content, blocks access to known dangerous sites, allows access to safe sites, and logs all link clicks for security reporting. Safe Links protects against phishing sites, malware distribution sites, credential harvesting pages, and newly weaponized URLs not yet in reputation databases. Time-of-click checking catches threats added to websites after emails are delivered. Organizations configure Safe Links policies defining which users receive protection, whether to scan links in Office documents, and how to handle suspicious URLs. Safe Links provides essential protection given that URLs represent primary attack vectors in phishing campaigns.
Option B refers to Microsoft Excel for spreadsheet creation. Excel is a productivity application without website protection capabilities. While Safe Links might protect links in Excel documents, Excel itself does not provide web protection.
Option C represents Microsoft Word for document creation. Word does not offer website protection capabilities. Safe Links can protect links within Word documents, but Word itself is not a security service.
Option D refers to Microsoft PowerPoint for presentations. PowerPoint creates presentations without providing web protection. Like other Office applications, PowerPoint benefits from Safe Links protection but does not itself provide security services.
Question 113:
What is the purpose of Microsoft 365 privileged identity management?
A) Managing employee salaries
B) Managing and controlling privileged access with time-bound elevation and approval workflows
C) Organizing office parties
D) Scheduling building maintenance
Answer: B
Explanation:
Privileged administrative accounts represent extreme security risks requiring additional controls beyond standard access management to minimize exposure windows and ensure accountability for high-risk operations.
Option A is incorrect as managing employee salaries involves human resources and payroll systems handling compensation, benefits, and financial transactions. Privileged identity management focuses on controlling administrative access to systems rather than employee compensation. These represent completely different organizational functions.
Option B is correct as Microsoft 365 privileged identity management provides just-in-time privileged access with time-bound elevation and approval workflows reducing security risks from standing administrative privileges. Instead of granting permanent administrative roles, PIM requires administrators to activate roles when needed for limited durations like hours. Activation requests can require approval from designated approvers, multi-factor authentication, and business justification. All privileged operations are logged comprehensively for auditing. PIM provides access reviews for periodic certification of role assignments, alerts for suspicious privileged activities, and dashboards showing privileged access usage patterns. Organizations use PIM to implement least privilege principles, reduce attack surface by eliminating standing admin rights, ensure accountability through approval workflows, meet compliance requirements for privileged access controls, and prevent credential theft impact by limiting elevation windows.
Option C is incorrect because organizing office parties involves event planning and employee engagement activities. Privileged identity management controls administrative system access rather than social events. These serve completely different organizational purposes.
Option D is incorrect as scheduling building maintenance involves facilities management systems tracking repairs, inspections, and upkeep. Privileged identity management governs IT administrative access rather than physical building maintenance. These represent different operational domains.
Question 114:
Which Microsoft 365 feature provides step-by-step guidance for deploying and configuring services?
A) Setup guidance and deployment advisors
B) Microsoft Paint
C) Microsoft Calculator
D) Windows Media Player
Answer: A
Explanation:
Microsoft 365 deployment complexity challenges organizations lacking expertise requiring guided processes that simplify configuration ensuring services are set up securely following best practices.
Option A is correct as setup guidance and deployment advisors provide step-by-step guidance for deploying and configuring Microsoft 365 services. These tools offer personalized recommendations based on organizational characteristics, guide administrators through configuration steps for services like Exchange, SharePoint, Teams, and security features, provide checklists ensuring important configuration steps are completed, recommend best practices for security and compliance settings, and help organizations avoid common deployment mistakes. Deployment advisors ask questions about organizational needs and provide customized deployment plans. Setup guidance simplifies complex configurations making Microsoft 365 accessible to organizations without dedicated IT expertise. Organizations use deployment advisors to accelerate onboarding, ensure proper configuration, implement security best practices from the start, and reduce support incidents from misconfiguration.
Option B refers to Microsoft Paint for basic image editing. Paint creates and edits graphics without providing deployment guidance or IT configuration assistance. Image editing and deployment guidance represent completely different capabilities.
Option C represents Microsoft Calculator for arithmetic calculations. Calculator performs mathematical operations without providing any deployment or configuration guidance for IT services. These serve entirely different purposes.
Option D refers to Windows Media Player for playing audio and video files. Media Player provides entertainment functionality without deployment or configuration guidance capabilities. Media playback and IT deployment represent fundamentally different application categories.
Question 115:
What is the purpose of Microsoft 365 service encryption with Customer Key?
A) Physical key management
B) Allowing customers to control encryption keys for data at rest
C) Car key duplication
D) Building access cards
Answer: B
Explanation:
Organizations with stringent data sovereignty or compliance requirements need control over encryption keys ensuring data remains encrypted even from Microsoft, providing additional assurance for highly regulated industries.
Option A is incorrect as physical key management involves controlling access to buildings and facilities through physical keys or access cards. Customer Key refers to cryptographic encryption keys controlling data access rather than physical keys. These represent different types of keys serving different purposes.
Option B is correct as Microsoft 365 service encryption with Customer Key allows customers to control their own encryption keys for data at rest in Microsoft 365. Organizations provide root keys stored in Azure Key Vault or on-premises hardware security modules, and Microsoft uses these customer-controlled keys to encrypt data. Customer Key provides additional encryption layer beyond Microsoft’s default encryption, ensures customers control keys required to decrypt their data, enables customers to revoke Microsoft’s access to data by revoking keys, and supports compliance requirements for customer-managed encryption. Customer Key applies to Exchange Online, SharePoint Online, OneDrive for Business, Teams, and other services. Organizations with regulatory requirements mandating customer-controlled encryption, extreme data sensitivity, or data sovereignty obligations use Customer Key to maintain cryptographic control ensuring data cannot be accessed without their keys even by Microsoft.
Option C is incorrect as car key duplication involves creating physical copies of vehicle keys. Customer Key refers to encryption key management for cloud data rather than automotive keys. These represent completely unrelated key concepts.
Option D is incorrect because building access cards provide physical access control for facilities. Customer Key manages cryptographic keys for data encryption rather than physical access credentials. These serve different security purposes.
Question 116:
Which Microsoft 365 service helps organizations manage third-party app risk?
A) Microsoft Defender for Cloud Apps
B) Microsoft Word
C) Microsoft Excel
D) Microsoft PowerPoint
Answer: A
Explanation:
Organizations authorize numerous third-party applications accessing corporate data creating risks if apps have excessive permissions, become compromised, or maliciously exfiltrate data requiring comprehensive app governance.
Option A is correct as Microsoft Defender for Cloud Apps helps organizations manage third-party application risk through comprehensive app discovery, risk assessment, and governance capabilities. The service discovers all cloud applications employees use including unsanctioned shadow IT apps, catalogs apps with OAuth permissions accessing Microsoft 365 data, assesses app risk scores based on security practices and compliance certifications, monitors app behavior detecting anomalous data access patterns, enforces app policies restricting high-risk applications, detects compromised apps through behavioral analysis, and enables rapid response by revoking app permissions or blocking access. Organizations use Defender for Cloud Apps to gain visibility into third-party apps accessing corporate data, prevent data exfiltration through malicious apps, ensure apps meet security standards, detect and respond to compromised applications, and enforce policies controlling which apps employees can authorize.
Option B refers to Microsoft Word for document creation. Word is a productivity application without app risk management capabilities. Document editing and security governance represent completely different application purposes.
Option C represents Microsoft Excel for spreadsheet calculations. Excel does not provide app governance or risk assessment capabilities. Spreadsheet creation and security management serve entirely different purposes.
Option D refers to Microsoft PowerPoint for presentations. PowerPoint creates presentations without app risk management features. Presentation creation and security governance are unrelated capabilities.
Question 117:
What is the maximum retention period for audit logs with Advanced Audit?
A) 90 days
B) 1 year
C) 10 years
D) Unlimited
Answer: C
Explanation:
Organizations with stringent compliance requirements or those in highly regulated industries need extended audit log retention for investigations, compliance demonstrations, and historical analysis beyond standard retention periods.
Option A suggesting 90 days represents standard audit log retention for basic Microsoft 365 licenses. While sufficient for many scenarios, 90 days is inadequate for organizations with extended compliance obligations or those needing historical analysis for sophisticated threat investigations.
Option B indicating 1 year represents the default Advanced Audit retention for most audit events. While Advanced Audit extends retention beyond the standard 90 days, organizations can configure even longer retention for specific scenarios requiring extended historical data.
Option C is correct as Microsoft 365 Advanced Audit supports audit log retention up to 10 years through custom retention policies. Organizations can configure retention policies specifying which audit events to retain and for how long up to 10 years. Extended retention supports regulatory requirements demanding long-term audit trails, complex investigations requiring historical analysis, litigation holds preserving evidence over extended periods, and compliance demonstrations to auditors requiring multi-year audit data. Ten-year retention ensures organizations maintain comprehensive audit trails throughout typical regulatory retention periods. Organizations requiring 10-year retention must configure custom audit log retention policies and have appropriate licensing. The extended retention capability makes Microsoft 365 suitable for highly regulated industries with stringent audit requirements.
Option D suggesting unlimited retention is incorrect as Microsoft implements defined maximum retention periods. While 10 years is extensive, unlimited retention would create storage and performance challenges. The 10-year maximum balances comprehensive retention with practical system constraints.
Question 118:
Which Microsoft 365 feature provides protection for sensitive data on mobile devices?
A) Mobile Application Management policies in Intune
B) Microsoft Paint
C) Microsoft Notepad
D) Windows Calculator
Answer: A
Explanation:
Organizations need to protect corporate data on mobile devices particularly personal devices where IT cannot control entire device configuration, requiring app-level protections separating corporate and personal data.
Option A is correct as Mobile Application Management policies in Microsoft Intune provide protection for sensitive data on mobile devices without requiring full device management. MAM policies protect data within managed applications including Office apps, Outlook, OneDrive, and line-of-business apps by preventing copy-paste to unmanaged apps, requiring PINs to access protected apps, encrypting app data, preventing backups of corporate data to personal cloud services, remotely wiping corporate data without affecting personal content, and restricting screen capture of sensitive content. MAM enables organizations to protect corporate data on personal devices in bring-your-own-device scenarios without controlling the entire device respecting employee privacy. Employees access corporate resources through protected apps while maintaining full control over personal device usage. Organizations use MAM to secure mobile workforces, implement BYOD programs, protect data on devices IT doesn’t fully manage, and meet compliance requirements for data protection.
Option B refers to Microsoft Paint for basic image editing. Paint provides drawing capabilities without mobile data protection features. Image editing and mobile security represent completely different capabilities.
Option C represents Microsoft Notepad for plain text editing. Notepad creates text files without any mobile device management or data protection capabilities. Text editing and mobile security serve entirely different purposes.
Option D refers to Windows Calculator for arithmetic operations. Calculator performs calculations without mobile data protection features. Mathematical operations and mobile security are completely unrelated capabilities.
Question 119:
What is the purpose of Microsoft 365 Communication Compliance policies?
A) Improving network speed
B) Detecting regulatory violations and inappropriate content in communications
C) Managing phone bills
D) Organizing office supplies
Answer: B
Explanation:
Regulated industries face requirements to monitor communications for violations while all organizations need capabilities detecting harassment, discrimination, and policy violations balancing monitoring with employee privacy.
Option A is incorrect as improving network speed involves infrastructure optimization, bandwidth management, and network engineering. Communication Compliance analyzes message content for policy violations rather than optimizing network performance. These represent different IT concerns.
Option B is correct as Microsoft 365 Communication Compliance policies detect regulatory violations and inappropriate content in communications across Teams, Exchange, Yammer, and integrated third-party platforms. Policies use machine learning and keyword detection to identify potential violations including financial services regulatory violations, insider trading communications, harassment and discrimination, adult content, profanity, threats and violence, sharing confidential information inappropriately, and custom-defined policy violations. Designated reviewers investigate flagged communications, take remediation actions, and document compliance activities. Communication Compliance supports industries like financial services with specific monitoring requirements, helps organizations prevent harassment and create safe workplaces, detects policy violations early enabling intervention, and provides audit trails demonstrating compliance monitoring. The service balances effective monitoring with privacy considerations limiting reviewer access to only flagged communications.
Option C is incorrect because managing phone bills involves telecommunications expense management and financial tracking. Communication Compliance monitors message content rather than managing communication costs. These serve different organizational functions.
Option D is incorrect as organizing office supplies involves procurement and inventory management. Communication Compliance detects policy violations in digital communications rather than managing physical supplies. These represent completely unrelated organizational activities.
Question 120:
Which Microsoft 365 service provides centralized identity management?
A) Azure Active Directory
B) Microsoft Word
C) Microsoft Excel
D) Microsoft PowerPoint
Answer: A
Explanation:
Organizations need centralized identity management providing single sign-on, authentication, authorization, and user lifecycle management across cloud and on-premises applications from unified platforms.
Option A is correct as Azure Active Directory provides centralized identity management for Microsoft 365 and integrated applications. Azure AD manages user identities and authentication, provides single sign-on across cloud and on-premises applications, implements multi-factor authentication for enhanced security, manages group memberships and role assignments, synchronizes with on-premises Active Directory for hybrid identity, enforces Conditional Access policies controlling access based on conditions, manages application access through enterprise application gallery, and provides self-service password reset reducing help desk burden. Azure AD serves as the identity foundation for Microsoft 365 enabling users to authenticate once and access all subscribed services. Organizations use Azure AD to centralize identity management, implement modern authentication, reduce password-related support costs, enforce consistent security policies, and integrate cloud and on-premises identity infrastructure.
Option B refers to Microsoft Word for document creation. Word is a productivity application without identity management capabilities. Document editing and identity management represent completely different application purposes.
Option C represents Microsoft Excel for spreadsheet calculations. Excel does not provide identity or authentication services. Spreadsheet creation and identity management serve entirely different purposes.
Option D refers to Microsoft PowerPoint for presentations. PowerPoint creates presentations without identity management features. Presentation creation and identity management are unrelated capabilities.
