From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit.

You need to reduce the likelihood that the sign-ins are identified as risky.
What should you do?

• A.From the Security & Compliance admin center, add the users to the Security Readers role group.
• B.From the Conditional access blade in the Azure Active Directory admin center, create named locations.
• C.From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.
• D.From the Security & Compliance admin center, create a classification label.

Comment: *

Name: *

Email: *

Verification: *

You have three devices enrolled in Microsoft Intune as shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Device 1:
No because Device1 is in group3 which has Policy1 assigned which requires BitLocker.
Device 2:
No because Device2 is in group3 which has Policy1 assigned which requires BitLocker. Device2 is also in Group2 which has Policy2 assigned but the BitLocker requirement is not configured in Policy2.
Device3:
Yes because Device3 is in Group2 which has Policy2 assigned but the BitLocker requirement is not configured in Policy2.
Reference:
https://blogs.technet.microsoft.com/cbernier/2017/07/11/windows-10-intune-windows-bitlocker-management-ye

Comment: *

Name: *

Email: *

Verification: *

You use Microsoft System Center Configuration manager (Current Branch) to manage devices.
Your company uses the following types of devices:
* Windows 10
* Windows 8.1
* Android
* iOS
Which devices can be managed by using co-management?

• A.Windows 10 and Windows 8.1 only
• B.Windows 10, Android, and iOS only
• C.Windows 10 only
• D.Windows 10, Windows 8.1, Android, and iOS

Comment: *

Name: *

Email: *

Verification: *

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains the users shown in the following table.

You need to identify which users can perform the following administrative tasks:
* Reset the password of User4.
* Modify the value for the manager attribute of User4.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1:
A Password Administrator or a User Administrator can reset the password non-administrative users.
Box 2: A User Administrator can configure other attributes such as the Manager attribute of non-administrative users.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft 365 subscription that uses a default named contoso.com.
Three files were created on February 1, 2019, as shown in the following table.

On March 1, 2019, you create two retention labels named Label1 and label2.
The settings for Label1 are configured as shown in the Label1 exhibit. (Click the Label1 tab.) Label 1

The settings for Label2 are configured as shown in the Label1 exhibit. (Click the Label2 tab.) Label 2

You apply the retention labels to Exchange email, SharePoint sites, and OneDrive accounts.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Correct Answer:

Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/labels
https://docs.microsoft.com/en-us/office365/securitycompliance/disposition-reviews

Comment: *

Name: *

Email: *

Verification: *