Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsMS-900Exam Questions

Microsoft · Free Practice Questions · Last reviewed May 2026

MS-900 Exam Questions and Answers

30real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

50 exam questions
60 min time limit
Pass: 700/1000 / 1000
5 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. Describe Microsoft 365 apps and services2. Describe Microsoft 365 pricing, licensing, and support3. Describe cloud concepts4. Describe security, compliance, privacy, and trust in Microsoft 3655. Describe Microsoft 365 pricing and support
1

Domain 1: Describe Microsoft 365 apps and services

All Describe Microsoft 365 apps and services questions
Q1
easyFull explanation →

A marketing team needs to collaboratively create and edit documents in real time, share files securely, and track version history. Which Microsoft 365 service should they primarily use?

A

Microsoft Teams

B

OneDrive for Business

C

SharePoint Online

SharePoint provides team sites, document libraries, versioning, and co-authoring for collaborative work.

D

Microsoft Viva Engage

Why: SharePoint Online is the correct choice because it is designed for team collaboration with real-time co-authoring, granular permission-based file sharing, and built-in version history that tracks every change. Unlike OneDrive, which is optimized for individual file storage and sharing, SharePoint provides a centralized team site where multiple users can simultaneously edit documents and manage versions at the site or library level.
Q2
mediumFull explanation →

A global sales team uses Microsoft Teams for communication. They need to automate business workflows such as sending approval requests when a new lead is created in Dynamics 365. Which Microsoft 365 service should they integrate with Teams?

A

Power Apps

B

Power Automate

Power Automate allows you to create automated workflows that integrate Dynamics 365 with Teams for approvals.

C

Power BI

D

Power Virtual Agents

Why: Power Automate (Option B) is the correct service because it is designed specifically for automating business workflows across Microsoft 365 and third-party services. When a new lead is created in Dynamics 365, a Power Automate flow can trigger an approval request in Teams, enabling seamless process automation without custom code.
Q3
mediumFull explanation →

A multinational organization wants a central hub for employee communication that includes company-wide announcements, topic-based communities, and the ability to integrate with SharePoint and Power BI dashboards. Which Microsoft 365 service is designed specifically for this purpose?

A

Microsoft Teams

B

Microsoft Viva Engage

Microsoft Viva Engage is an enterprise social network that allows organizations to create company-wide announcements, topic-based communities, and integrate with other apps like SharePoint and Power BI. It is the intended service for broad employee communication.

C

SharePoint Online

D

Outlook

Why: Microsoft Viva Engage (formerly Yammer) is designed as a social networking and employee communication hub that provides company-wide announcements, topic-based communities, and seamless integration with SharePoint and Power BI dashboards. It focuses on fostering open communication across the organization, unlike collaboration tools that are team-centric.
Q4
easyFull explanation →

A sales manager wants to track customer interactions, manage leads, and automate follow-up emails from a single platform. Which Microsoft 365 service is specifically designed for customer relationship management (CRM)?

A

Microsoft Bookings

B

Microsoft Dynamics 365 Sales

Dynamics 365 Sales provides a comprehensive CRM platform for tracking interactions, managing leads, and automating sales processes including follow-up emails. It meets the manager's requirements.

C

Microsoft Power Automate

D

Microsoft To Do

Why: Microsoft Dynamics 365 Sales is the dedicated CRM service within the Microsoft 365 ecosystem, purpose-built for tracking customer interactions, managing leads, and automating follow-up emails. Unlike general productivity tools, it provides a unified platform with lead scoring, opportunity management, and workflow automation specifically for sales processes.
Q5
mediumFull explanation →

A project manager wants a shared workspace where team members can create and track tasks, set deadlines, and collaborate on documents. This workspace should integrate with Microsoft Teams for quick access. Which Microsoft 365 service is best suited for this purpose?

A

Microsoft Lists

B

Microsoft Planner

Planner offers a visual task board with assignments, due dates, and file attachments, and it integrates natively with Microsoft Teams.

C

Microsoft To Do

D

Microsoft Project Online

Why: Microsoft Planner is the correct choice because it provides a shared workspace (Plan) where team members can create and track tasks, set deadlines, and collaborate on documents. It integrates natively with Microsoft Teams via the Planner tab, allowing quick access within a Teams channel, and supports file attachments from SharePoint/OneDrive for collaboration.
Q6
hardFull explanation →

A company uses a third-party Human Resources (HR) system. Whenever a new employee is added to the HR system, they want to automatically create a user account in Microsoft 365, assign the appropriate license, and send a welcome email. Which Microsoft 365 service should be used to orchestrate this automation?

A

Microsoft Power Automate

Power Automate provides triggers and actions to automate workflows across services, perfect for HR-driven user provisioning.

B

Microsoft Identity Manager

C

Microsoft Entra ID Connect

D

Microsoft Graph API

Why: Microsoft Power Automate is the correct service because it provides a low-code workflow automation platform that can trigger actions based on events in external systems (e.g., a new employee record in a third-party HR system) and then orchestrate a sequence of tasks in Microsoft 365, such as creating a user account via the Microsoft Graph API, assigning a license, and sending a welcome email. It integrates seamlessly with hundreds of connectors, including HR systems and Microsoft 365 services, making it the ideal tool for this cross-system automation scenario.

Want more Describe Microsoft 365 apps and services practice?

Practice this domain
2

Domain 2: Describe Microsoft 365 pricing, licensing, and support

All Describe Microsoft 365 pricing, licensing, and support questions
Q1
mediumFull explanation →

Your organization has 500 users with Microsoft 365 E3 licenses. You want to add security features such as Microsoft Defender for Office 365 (Plan 1) and Microsoft Purview Information Protection. Which licensing approach should you recommend?

A

Keep E3 and add Microsoft 365 E5 Compliance add-on

B

Keep E3 and add Microsoft 365 E5 Security add-on

C

Upgrade all users to Microsoft 365 E5

Microsoft 365 E5 includes both Defender for Office 365 Plan 1 and Microsoft Purview Information Protection, meeting the requirements.

D

Keep E3 and use the Security & Compliance Center for E3

Why: Microsoft 365 E5 includes both Defender for Office 365 (Plan 1) and Purview Information Protection (formerly Azure Information Protection P2) natively, whereas E3 requires separate add-ons. Upgrading all users to E5 is the simplest and most cost-effective licensing approach when both security features are needed for all 500 users, as it avoids the complexity and potential per-user cost of stacking multiple add-on SKUs.
Q2
easyFull explanation →

A company with 200 employees needs to deploy Microsoft 365 Apps for Enterprise. They want to pay monthly and have no annual commitment. Which licensing program should they use?

A

Microsoft 365 Enterprise Agreement

B

Microsoft 365 Business Basic

C

Microsoft 365 Business Premium

Business Premium includes Microsoft 365 Apps for Enterprise (desktop apps) and can be paid monthly with no annual commitment through the Microsoft 365 Admin Center.

D

Microsoft 365 E3

Why: Microsoft 365 Business Premium is the correct choice because it includes Microsoft 365 Apps for Enterprise (e.g., Word, Excel, PowerPoint) and is available as a monthly subscription with no annual commitment for organizations with up to 300 users. This aligns with the company's requirement of 200 employees and the desire for flexible, month-to-month billing.
Q3
hardFull explanation →

Your organization is a non-profit with 1000 users. You want to minimize costs while providing email, file storage, and Microsoft Teams. Which licensing strategy should you use?

A

Apply for Microsoft 365 Nonprofit Business Basic

Nonprofits are eligible for donated or discounted Microsoft 365 Business Basic licenses, which provide the required services at minimal cost.

B

Purchase Microsoft 365 Business Premium licenses

C

Purchase Microsoft 365 E5 licenses

D

Purchase Microsoft 365 E3 licenses at full price

Why: The correct answer is D: Apply for Microsoft 365 Nonprofit Business Basic. Nonprofits can get discounted or donated plans. Microsoft 365 Business Basic includes Exchange Online, SharePoint, OneDrive, and Teams. Option A (E3) is too expensive. Option B (Business Premium) includes more features than needed. Option C (E5) is overkill. Option D is the most cost-effective.
Q4
easyFull explanation →

A user is unable to send emails with attachments larger than 25 MB. The organization has Microsoft 365 Business Standard. What should you do to increase the attachment limit?

A

Modify the maximum message size in the Exchange admin center

An admin can increase the maximum send/receive message size up to 150 MB via the Exchange admin center.

B

Instruct the user to compress the file

C

Purchase an Exchange Online Kiosk add-on

D

Have the user upload the file to OneDrive and share a link

Why: In Microsoft 365 Business Standard, the default maximum message size for email attachments is 25 MB. To increase this limit, you must modify the maximum message size setting in the Exchange admin center (EAC), which controls the transport limits for the organization. This is the correct administrative action to raise the attachment size threshold beyond the default.
Q5
mediumFull explanation →

Your organization uses Microsoft 365 E5 and wants to implement Microsoft Copilot for Microsoft 365. Which licensing prerequisite must be met?

A

Microsoft 365 E5 or E3

Copilot for Microsoft 365 requires an eligible Microsoft 365 plan (E3, E5, Business Standard, or Business Premium) as a base license.

B

An active Azure subscription

C

A Power Automate Premium license

D

Microsoft 365 Business Basic

Why: Microsoft Copilot for Microsoft 365 requires a qualifying Microsoft 365 plan that includes the necessary AI and security features. Microsoft 365 E5 or E3 (with specific add-ons) are the minimum licensing prerequisites because they provide the underlying Microsoft Graph data, Microsoft 365 Apps, and enterprise-grade security (e.g., Microsoft Purview) that Copilot relies on for contextual AI responses. Without an E5 or E3 license, the Copilot service cannot integrate with the user's mailbox, documents, and calendar data.
Q6
hardFull explanation →

Your company has a mix of on-premises and cloud users. You plan to move to Microsoft 365 and need to support hybrid identity with password hash synchronization. Which licensing is minimally required?

A

Microsoft Entra ID P1

B

Microsoft 365 E3

Microsoft 365 E3 includes Entra ID P1, which supports password hash synchronization, and provides the needed Microsoft 365 services.

C

Microsoft Entra ID P2

D

Microsoft Entra ID Free

Why: Microsoft 365 E3 includes Microsoft Entra ID P1, which provides the necessary features for hybrid identity with password hash synchronization (PHS). PHS is a core feature of Entra ID P1, enabling synchronization of password hashes from on-premises Active Directory to Azure AD for seamless authentication. Microsoft 365 E3 is the minimum licensing tier that bundles Entra ID P1, making it the correct choice for this scenario.

Want more Describe Microsoft 365 pricing, licensing, and support practice?

Practice this domain
3

Domain 3: Describe cloud concepts

All Describe cloud concepts questions
Q1
easyFull explanation →

A company is evaluating moving its on-premises infrastructure to a cloud environment. They want a service that provides virtual machines, storage, and networking capabilities while retaining full control over the operating system and applications. Which cloud service model best meets this requirement?

A

Software as a Service (SaaS)

B

Platform as a Service (PaaS)

C

Infrastructure as a Service (IaaS)

IaaS offers virtualized infrastructure like VMs and storage with full user control over OS and applications.

D

Private Cloud

Why: Infrastructure as a Service (IaaS) provides virtualized computing resources, including virtual machines, storage, and networking, over the internet. The customer retains full administrative control over the operating system, applications, and middleware, while the cloud provider manages the underlying physical hardware. This matches the requirement for full OS and application control.
Q2
easyFull explanation →

Which characteristic of cloud computing allows a user to provision resources automatically without requiring human interaction with the service provider?

A

Rapid elasticity

B

Resource pooling

C

On-demand self-service

On-demand self-service allows users to automatically get resources as needed without manual intervention.

D

Measured service

Why: Option C is correct because on-demand self-service is a fundamental characteristic of cloud computing defined by NIST (SP 800-145) that allows a user to unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider. This is typically implemented through a web portal or API (e.g., AWS Console, Azure Portal, or RESTful APIs) that enables instant resource creation and configuration.
Q3
mediumFull explanation →

A company runs a critical application on-premises but wants to extend capacity to the cloud during peak demand without purchasing additional hardware. Which cloud deployment model best describes this strategy?

A

Public cloud

B

Private cloud

C

Hybrid cloud

Hybrid cloud connects on-premises with public cloud, enabling cloud bursting during peak loads.

D

Multi-cloud

Why: A hybrid cloud model combines on-premises infrastructure (private cloud) with public cloud resources, enabling a company to 'burst' into the public cloud during peak demand without purchasing additional hardware. This strategy, often called cloud bursting, allows the critical application to run locally under normal conditions and seamlessly extend capacity to a public cloud provider like Azure during spikes.
Q4
easyFull explanation →

A company's CFO is pleased that they only pay for the compute and storage resources consumed each month, with no upfront hardware costs. This billing model is a direct result of which cloud computing characteristic?

A

On-demand self-service

B

Broad network access

C

Measured service

Measured service is the cloud characteristic that provides metering and billing based on usage. This allows customers to pay only for what they consume, with no upfront costs.

D

Resource pooling

Why: The CFO's observation that the company only pays for consumed compute and storage resources with no upfront hardware costs directly reflects the 'measured service' characteristic of cloud computing. Measured service means cloud providers meter resource usage (e.g., CPU hours, GB-months of storage) and bill based on actual consumption, typically using a pay-as-you-go model. This eliminates the need for capital expenditure on hardware, as costs are operational and tied to usage metrics.
Q5
easyFull explanation →

A startup wants to focus only on developing and deploying its application code without managing underlying servers or operating systems. Which cloud service model best fits this need?

A

Infrastructure as a Service (IaaS)

B

Platform as a Service (PaaS)

PaaS provides a complete platform including OS, runtime, and tools, so the startup can deploy and manage applications without server-level maintenance.

C

Software as a Service (SaaS)

D

On-premises deployment

Why: Platform as a Service (PaaS) is the correct choice because it abstracts the underlying infrastructure, including servers, operating systems, and runtime environments, allowing the startup to focus solely on developing and deploying application code. With PaaS, the cloud provider manages the OS patching, hardware scaling, and middleware, while the customer only manages the application and data. This directly matches the requirement of not managing servers or operating systems.
Q6
mediumFull explanation →

An e-commerce application runs in the cloud and automatically adjusts the number of virtual machines based on real-time traffic. When traffic spikes, more VMs are added; when traffic drops, VMs are removed. Which cloud computing characteristic does this behavior exemplify?

A

Rapid elasticity

Elasticity allows resources to be automatically scaled out (added) and scaled in (removed) to match workload changes.

B

Measured service

C

Resource pooling

D

On-demand self-service

Why: Rapid elasticity is the cloud characteristic that enables resources to scale out (add VMs) and scale in (remove VMs) automatically in response to real-time demand. In this e-commerce scenario, the application adjusts VM count based on traffic spikes and drops, which directly matches the definition of rapid elasticity as defined by NIST SP 800-145.

Want more Describe cloud concepts practice?

Practice this domain
4

Domain 4: Describe security, compliance, privacy, and trust in Microsoft 365

All Describe security, compliance, privacy, and trust in Microsoft 365 questions
Q1
mediumFull explanation →

An organization is concerned about data leakage from sensitive emails. They want to enforce encryption on emails containing financial information automatically. Which Microsoft 365 solution should they configure?

A

Data Loss Prevention (DLP) policies

B

Microsoft Purview Message Encryption

Message Encryption uses rules to encrypt emails based on conditions like sensitive content.

C

Microsoft Purview Information Protection (Microsoft Purview Information Protection)

D

Exchange Online Protection (EOP)

Why: Microsoft Purview Message Encryption (Option B) is the correct solution because it enables organizations to send and receive encrypted email messages, and it can be configured with mail flow rules to automatically encrypt emails containing sensitive financial information. This service leverages Azure Rights Management (Azure RMS) to provide persistent protection that follows the email, ensuring only authorized recipients can decrypt and read the content.
Q2
hardFull explanation →

A financial services company must prevent users from accidentally sharing sensitive customer data externally. They want to block sharing of any document containing a credit card number via email or SharePoint. What combination of Microsoft 365 compliance solutions should they use?

A

Sensitivity labels and Microsoft Purview Information Protection (Microsoft Purview Information Protection)

B

Data Loss Prevention (DLP) policies

DLP policies detect sensitive data and block sharing actions automatically across services.

C

Microsoft Purview Compliance Manager

D

Exchange Online Protection (EOP) and Microsoft Defender for Microsoft 365

Why: Data Loss Prevention (DLP) policies in Microsoft Purview are specifically designed to detect and block the sharing of sensitive information, such as credit card numbers, across email (Exchange Online) and SharePoint. By scanning content for predefined sensitive info types (e.g., credit card numbers using regex patterns from the DLP engine), DLP can automatically block or warn users before external sharing occurs, meeting the company's requirement.
Q3
easyFull explanation →

A company needs to ensure that all email and document content is preserved for legal purposes, even if users permanently delete items. This requirement demands that content be kept indefinitely until the legal hold is released. Which Microsoft 365 feature should they enable?

A

Retention policy

B

Litigation hold

Litigation hold preserves all data indefinitely (or until the hold is removed) even if users delete items. It is the correct feature for legal preservation requirements.

C

eDiscovery

D

Data Loss Prevention (DLP)

Why: Litigation hold is the correct feature because it preserves all mailbox and document content in its original state indefinitely until the hold is explicitly released. Unlike a retention policy, which can delete content after a specified period, Litigation hold ensures that even permanently deleted items are retained in the Recoverable Items folder, meeting the legal preservation requirement.
Q4
hardFull explanation →

A healthcare organization must protect patient health information (PHI) from being accidentally shared externally via email. They need to automatically block emails containing medical record numbers from being sent outside the organization and also encrypt any email that does contain PHI when it is allowed. Which two Microsoft Purview solutions should they combine? (Choose two.)

A

Microsoft Purview Data Loss Prevention (DLP)

DLP policies can scan emails and documents for sensitive data (e.g., medical record numbers) and automatically block sharing or show policy tips. This is the correct solution for blocking external sharing of PHI.

B

Microsoft Purview eDiscovery

C

Microsoft Purview Message Encryption

Message Encryption (OME) allows users to send encrypted emails, and can be automatically applied through DLP rules. When an email contains PHI, encryption ensures the content is protected in transit and at rest.

D

Microsoft Purview Audit (Standard)

Why: Microsoft Purview Data Loss Prevention (DLP) is correct because it can automatically detect sensitive data, such as medical record numbers (PHI), in emails and apply policy actions like blocking external transmission. This directly addresses the requirement to prevent accidental sharing of PHI via email.
Q5
easyFull explanation →

A healthcare organization stores patient records in SharePoint Online. They need to ensure that the data is encrypted at rest and in transit. Which statement is true regarding Microsoft 365 encryption?

A

Microsoft provides default encryption for data at rest and in transit.

Microsoft 365 encrypts all data at rest using disk and file encryption, and all data in transit using industry-standard protocols like TLS.

B

Customers must enable encryption at rest manually for each workload.

C

Encryption only applies to Exchange Online, not SharePoint or OneDrive.

D

Encryption is optional and can be turned off if a customer chooses.

Why: Microsoft 365 provides default encryption for data at rest and in transit across all workloads, including SharePoint Online, Exchange Online, and OneDrive for Business. For data at rest, Microsoft uses BitLocker Drive Encryption and service-side encryption with per-file keys, while data in transit is secured using TLS 1.2+ and IPSec. This means the healthcare organization's patient records in SharePoint Online are automatically encrypted without any manual configuration.
Q6
mediumFull explanation →

A company uses Microsoft Purview to monitor for potential data security incidents. They want to automatically detect and remediate activities like downloading large amounts of data to a personal device. Which solution should they configure?

A

Data Loss Prevention (DLP)

B

Insider Risk Management

Insider Risk Management uses risk indicators to identify and automatically respond to risky user actions such as unusual data downloads.

C

Audit

D

eDiscovery

Why: Insider Risk Management is the correct solution because it is specifically designed to detect and remediate risky user activities that could lead to data security incidents, such as downloading large amounts of data to a personal device. It uses machine learning and behavioral analytics to identify anomalous patterns and can trigger automated remediation actions like blocking the activity or notifying the user.

Want more Describe security, compliance, privacy, and trust in Microsoft 365 practice?

Practice this domain
5

Domain 5: Describe Microsoft 365 pricing and support

All Describe Microsoft 365 pricing and support questions
Q1
hardFull explanation →

A non-profit organization with 250 employees is considering Microsoft 365. They want the most cost-effective plan that includes business-class email, web and mobile versions of Office apps, and 1 TB of cloud storage per user. Which subscription should they choose?

A

Microsoft 365 Business Premium

B

Microsoft 365 Business Basic

Business Basic provides email, web/mobile Office, and 1 TB storage at the lowest price point.

C

Microsoft 365 E1

D

Microsoft 365 Apps for Business

Why: Microsoft 365 Business Basic is the most cost-effective plan that includes business-class email (Exchange Online), web and mobile versions of Office apps, and 1 TB of OneDrive cloud storage per user. It meets all stated requirements without the higher cost of desktop app licenses or advanced security features found in other plans.
Q2
mediumFull explanation →

A company with 100 users currently has Microsoft 365 Business Standard. The IT department wants to add governance-level security features, including conditional access policies, Microsoft Defender for Microsoft 365, and compliance tools like litigation hold and eDiscovery. Which licensing upgrade should they consider?

A

Microsoft 365 Business Premium

Business Premium is the direct upgrade from Business Standard that adds the required security and compliance features while maintaining the same business-oriented licensing model. It is the most cost-effective choice for this scenario.

B

Microsoft 365 E3

C

Microsoft 365 F3

D

Microsoft 365 E1

Why: Microsoft 365 Business Premium is the correct upgrade because it includes all the requested governance-level security features—Conditional Access, Microsoft Defender for Business (which is the Defender for Microsoft 365 offering for the Business plan), and compliance tools like litigation hold and eDiscovery—while remaining within the Business suite. It is designed for organizations with up to 300 users that need enterprise-grade security and compliance without moving to the Enterprise (E) licensing tier.
Q3
mediumFull explanation →

A company is planning to purchase Microsoft 365 subscriptions. They want to follow the recommended process. Which of the following sequences correctly represents the order of steps from start to finish?

A

Choose subscription, Assess needs, Assign licenses, Add licenses

B

Assess needs, Choose subscription, Add licenses, Assign licenses

This order reflects the logical process: understand requirements, select a plan, purchase licenses, then allocate them to users.

C

Add licenses, Assign licenses, Assess needs, Choose subscription

D

Assess needs, Add licenses, Choose subscription, Assign licenses

Why: The recommended process begins with assessing organizational needs (e.g., number of users, required features), then choosing the appropriate subscription plan, adding the required number of licenses to the tenant, assigning those licenses to individual users, and finally provisioning the services (which happens automatically after license assignment). The correct order is: Assess needs, Choose subscription, Add licenses, Assign licenses.
Q4
hardFull explanation →

A company with 1,000 users has Microsoft 365 E3 subscriptions. They are experiencing a major outage affecting all users and need guaranteed 1-hour response time for a critical support issue. What should they purchase?

A

Standard Support (included)

B

Professional Direct Support

Professional Direct is a paid support plan that offers a guaranteed 1-hour response for critical severity issues, along with proactive services.

C

Azure Support Basic

D

Partner support via a Microsoft CSP

Why: Professional Direct Support provides a guaranteed 1-hour response time for critical severity issues, which is required for the company's major outage affecting all 1,000 users. Standard Support, included with Microsoft 365 E3, offers a 1-hour response for critical issues only for Business-level subscriptions; for Enterprise subscriptions like E3, the critical response time is 2 hours. Professional Direct Support also includes proactive guidance and a named support engineer, making it the correct choice for guaranteed 1-hour response.
Q5
mediumFull explanation →

A company with 500 Microsoft 365 E3 users wants to add the highest level of threat protection and advanced investigation capabilities for their security team. Which licensing add-on should they purchase?

A

Microsoft 365 E5 Security

Microsoft 365 E5 Security is an add-on for E3 that includes advanced security features such as Microsoft 365 Defender, Defender for Microsoft 365 Plan 2, Defender for Identity, and more, providing the highest threat protection and investigation.

B

Microsoft 365 E5 Compliance

C

Microsoft 365 E5

D

Microsoft Defender for Microsoft 365 Plan 2 only

Why: Microsoft 365 E5 Security is the correct add-on because it bundles the highest level of threat protection (Microsoft Defender for Office 365 Plan 2, Microsoft Defender for Endpoint Plan 2, and Microsoft Defender for Identity) along with advanced investigation capabilities like automated investigation and response (AIR), threat analytics, and advanced hunting in Microsoft 365 Defender. This meets the requirement for top-tier threat protection and advanced investigation without upgrading the entire E3 base license to E5.
Q6
mediumFull explanation →

A company with 250 users has Microsoft 365 E3 licenses. They want to add advanced anti-phishing and anti-malware protection for email and also deploy endpoint detection and response (EDR) for all devices. What is the most cost-effective licensing add-on?

A

Microsoft 365 E5 Security add-on

This add-on bundles Defender for Microsoft 365 Plan 2 and Defender for Endpoint Plan 1 at a lower combined price than purchasing them individually.

B

Microsoft Defender for Microsoft 365 Plan 1 and Microsoft Defender for Endpoint Plan 1 add-ons

C

Microsoft 365 E5 Compliance add-on

D

Upgrade all users to Microsoft 365 E5

Why: Microsoft 365 E5 Security add-on provides advanced anti-phishing and anti-malware protection via Microsoft Defender for Office 365 Plan 2 and includes Microsoft Defender for Endpoint Plan 2 for EDR capabilities. This is the most cost-effective option because it adds exactly the required security features to existing E3 licenses without the higher cost of a full E5 upgrade or the redundancy of separate plan 1 add-ons.

Want more Describe Microsoft 365 pricing and support practice?

Practice this domain

Frequently asked questions

How many questions are on the MS-900 exam?

The MS-900 exam has 50 questions and must be completed in 60 minutes. The passing score is 700/1000.

What types of questions appear on the MS-900 exam?

Conceptual questions on Microsoft 365 services, cloud productivity, collaboration, security, compliance, and subscription management.

How are MS-900 questions organised by domain?

The exam covers 5 domains: Describe Microsoft 365 apps and services, Describe Microsoft 365 pricing, licensing, and support, Describe cloud concepts, Describe security, compliance, privacy, and trust in Microsoft 365, Describe Microsoft 365 pricing and support. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual MS-900 exam questions?

No. These are original exam-style practice questions written against the official Microsoft MS-900 exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice all 60 MS-900 questions?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all MS-900 questionsTake a timed practice test