Your company has a Microsoft Entra tenant that contains the users shown in the following table.

The tenant includes a security group named Admin1. Admin1 will be used to manage administrative accounts.
External collaboration settings have default configuration.
You need to identify which users can perform the following administrative tasks:

Correct Answer:

Explanation:
Create guest user accounts: User1, User2, and User3 only
* User1: Privileged Role Administrator role has the ability to manage role assignments in Azure AD, including creating guest accounts.
* User2: User Administrator role can manage user accounts, including creating guest accounts.
* User3: Security Administrator role does not typically include permissions for creating guest accounts, but in some configurations, they might have limited guest user management capabilities.
Add User3 to Admin1: User2 only
* User2: User Administrator role has the permissions to add users to security groups like Admin1.

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft 365 E5 subscription that contains a user named User1.
User1 exceeds the default daily limit of allowed email messages and is on the Restricted entities list.
You need to remove User1 from the Restricted entities list.
What should you use?

• A.the Exchange admin center
• B.the Microsoft Purview compliance portal
• C.the Microsoft 365 admin center
• D.the Microsoft 365 Defender portal
• E.the Microsoft Entra admin center

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft 365 tenant that contains the groups shown in the following table.

You plan to create a new Windows 10 Security Baseline profile.
To which groups can you assign to the profile?

• A.Group3 only
• B.Group1 and Group3 only
• C.Group2 and Group3 only
• D.Group1. Group2. and Group3

Comment: *

Name: *

Email: *

Verification: *

HOTSPOT
You have a Microsoft 365 subscription.
You are planning a threat management solution for your organization.
You need to minimize the likelihood that users will be affected by the following threats:
Opening files in Microsoft SharePoint that contain malicious content
Impersonation and spoofing attacks in email messages
Which policies should you create in Microsoft 365 Defender? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft 365 E3 subscription that uses Microsoft Defender for Endpoint Plan 1.
Which two Defender for Endpoint features are available to the subscription? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A.advanced hunting
• B.security reports
• C.digital certificate assessment
• D.device discovery
• E.attack surface reduction (ASR)

Correct Answer: B,E

Explanation
B: Overview of Microsoft Defender for Endpoint Plan 1, Reporting
The Microsoft 365 Defender portal (https://security.microsoft.com) provides easy access to information about detected threats and actions to address those threats.
The Home page includes cards to show at a glance which users or devices are at risk, how many threats were detected, and what alerts/incidents were created.
The Incidents & alerts section lists any incidents that were created as a result of triggered alerts. Alerts and incidents are generated as threats are detected across devices.
The Action center lists remediation actions that were taken. For example, if a file is sent to quarantine, or a URL is blocked, each action is listed in the Action center on the History tab.
The Reports section includes reports that show threats detected and their status.
E: What can you expect from Microsoft Defender for Endpoint P1?
Microsoft Defender for Endpoint P1 is focused on prevention/EPP including:
Next-generation antimalware that is cloud-based with built-in AI that helps to stop ransomware, known and unknown malware, and other threats in their tracks.
(E) Attack surface reduction capabilities that harden the device, prevent zero days, and offer granular control over access and behaviors on the endpoint.
Device based conditional access that offers an additional layer of data protection and breach prevention and enables a Zero Trust approach.
The below table offers a comparison of capabilities are offered in Plan 1 versus Plan 2.

Incorrect:
Not A: P2 is by far the best fit for enterprises that need an EDR solution including automated investigation and remediation tools, advanced threat prevention and threat and vulnerability management (TVM), and hunting capabilities.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-

Comment: *

Name: *

Email: *

Verification: *