Microsoft 365 Fundamentals MS-900 (MS-900) — Questions 226300

985 questions total · 14pages · All types, answers revealed

Page 3

Page 4 of 14

Page 5
226
MCQmedium

A non-profit organization with 200 employees needs to equip their staff with Microsoft 365 Business Premium, which includes desktop Office apps, Microsoft Intune, Microsoft Entra ID Premium P1, and Microsoft Defender for Office 365 Plan 1. They are eligible for non-profit pricing. What is the most cost-effective way to obtain these capabilities?

A.Microsoft 365 Business Premium (non-profit pricing)
B.Microsoft 365 Business Basic (non-profit) plus separate add-ons for Intune and Defender for Office 365
C.Microsoft 365 E3 (non-profit pricing)
D.Microsoft 365 Business Standard (non-profit) plus add-ons for Intune and Defender for Office 365
AnswerA

Correct. Business Premium includes all required features in one plan, and non-profit pricing provides a significant discount.

Why this answer

Microsoft 365 Business Premium (non-profit pricing) is the most cost-effective option because it bundles all required capabilities—desktop Office apps, Microsoft Intune, Microsoft Entra ID Premium P1, and Microsoft Defender for Office 365 Plan 1—into a single per-user license at a significantly reduced non-profit rate. Purchasing separate add-ons or a higher-tier plan like E3 would incur unnecessary costs without providing additional needed features.

Exam trap

The trap here is that candidates may assume a lower-tier plan like Business Standard or Basic plus add-ons is cheaper, but they overlook that the bundled Business Premium license includes all required services at a discounted non-profit rate, making it the most cost-effective single SKU.

How to eliminate wrong answers

Option B is wrong because Microsoft 365 Business Basic does not include desktop Office apps, and adding Intune and Defender for Office 365 as separate add-ons would cost more than the bundled Business Premium license. Option C is wrong because Microsoft 365 E3 (non-profit pricing) is a more expensive enterprise-grade plan that includes capabilities beyond the organization's needs, such as advanced compliance and eDiscovery features, making it less cost-effective. Option D is wrong because Microsoft 365 Business Standard lacks Intune and Defender for Office 365, and purchasing those as add-ons would exceed the cost of the all-inclusive Business Premium license.

227
MCQeasy

A department head asks which Microsoft 365 option should be used to meter compute and storage usage for consumption-based billing. Cloud concept or benefit best matches this requirement?

A.Sensitivity labels
B.Microsoft Planner
C.Data Loss Prevention (DLP)
D.Measured service
AnswerD

Measured service tracks usage so customers can be charged according to consumption.

Why this answer

Measured service is a core cloud computing concept where resource usage (compute, storage, network) is metered and billed based on actual consumption. In Microsoft 365, this aligns with consumption-based billing models like pay-as-you-go for Azure services or per-user licensing adjustments, enabling cost transparency and optimization.

Exam trap

The trap here is that candidates confuse operational tools (like DLP or Planner) with cloud service models, failing to recognize that 'measured service' is a fundamental characteristic of cloud computing defined by NIST SP 800-145, not a specific Microsoft 365 feature.

How to eliminate wrong answers

Option A is wrong because sensitivity labels are used for classification and protection of data (e.g., encryption, marking) and have no role in metering compute or storage usage. Option B is wrong because Microsoft Planner is a task management and collaboration tool for organizing work, not a billing or metering mechanism. Option C is wrong because Data Loss Prevention (DLP) policies prevent unauthorized sharing of sensitive data and do not track or bill for resource consumption.

228
MCQhard

A company has 50 users with Microsoft 365 Business Basic licenses. They require the desktop versions of Office apps (Word, Excel, PowerPoint) for all 50 users. Additionally, 20 of those users need device management capabilities via Microsoft Intune. The company wants to minimize total licensing costs. Which licensing strategy is most cost-effective?

A.Upgrade all 50 users to Microsoft 365 Business Premium.
B.Upgrade all 50 users to Microsoft 365 Business Standard and purchase Microsoft Intune standalone licenses for the 20 users.
C.Upgrade 20 users to Microsoft 365 Business Premium and keep 30 users on Business Basic.
D.Upgrade all 50 users to Microsoft 365 Business Standard and purchase Microsoft Intune standalone licenses for all 50 users.
AnswerB

Correct. Business Standard provides desktop apps for all users; adding Intune for the 20 users that need it is the cheapest way to meet both requirements.

Why this answer

Option B is correct because Microsoft 365 Business Standard includes the desktop versions of Office apps, fulfilling the requirement for all 50 users. For the 20 users needing device management, purchasing standalone Microsoft Intune licenses is the most cost-effective approach, as it avoids the higher cost of upgrading all users to Business Premium, which includes Intune but also additional security features not required here.

Exam trap

The trap here is that candidates may assume Business Premium is the only way to get Intune, overlooking the option to purchase Intune standalone licenses separately, or they may forget that Business Basic does not include desktop Office apps, leading them to choose an option that fails the core requirement.

How to eliminate wrong answers

Option A is wrong because upgrading all 50 users to Microsoft 365 Business Premium is unnecessarily expensive; it includes Intune and advanced security features for all users, but only 20 users need device management. Option C is wrong because upgrading only 20 users to Business Premium leaves the remaining 30 users on Business Basic, which lacks the desktop versions of Office apps required by all 50 users. Option D is wrong because purchasing Microsoft Intune standalone licenses for all 50 users is wasteful; only 20 users need device management, so buying Intune for the other 30 users incurs unnecessary cost.

229
MCQmedium

Your organization uses Microsoft 365 E5 licenses and wants to implement a data loss prevention (DLP) policy that blocks sharing of credit card numbers in email. Which Microsoft 365 admin center should you use to create and manage this DLP policy?

A.Microsoft Security Center
B.Microsoft Entra admin center
C.Microsoft Purview compliance portal
D.Microsoft 365 admin center
AnswerC

Centrally manages compliance policies including DLP.

Why this answer

The Microsoft Purview compliance portal is the correct admin center for creating and managing Data Loss Prevention (DLP) policies because it provides the unified compliance management interface for data protection, including DLP for Exchange Online email. DLP policies that block sharing of sensitive information like credit card numbers are configured under the 'Data loss prevention' section within the Purview portal, which leverages built-in sensitive information types and rules to enforce actions such as blocking email transmission.

Exam trap

The trap here is that candidates often confuse the Microsoft 365 admin center (general admin tasks) with the Purview compliance portal (compliance-specific tasks), leading them to select the wrong portal for DLP policy management.

How to eliminate wrong answers

Option A is wrong because the Microsoft Security Center focuses on threat protection, security posture management, and incident response (e.g., Microsoft Defender for Cloud), not on compliance-based data loss prevention policies for email. Option B is wrong because the Microsoft Entra admin center is used for identity and access management (e.g., user accounts, groups, conditional access policies), not for configuring DLP rules that govern data in transit. Option D is wrong because the Microsoft 365 admin center is for general tenant administration (e.g., user licensing, service health, billing) and does not include the compliance-specific tools needed to create or manage DLP policies.

230
MCQeasy

A company wants to use a cloud service where they can develop and run applications without managing the underlying infrastructure, including servers, operating systems, or storage. They only need to upload their code and the provider handles scaling and availability. Which cloud service model best describes this approach?

A.Infrastructure as a Service (IaaS)
B.Platform as a Service (PaaS)
C.Software as a Service (SaaS)
D.On-premises deployment
AnswerB

Correct. PaaS abstracts the infrastructure, allowing developers to focus on code while the provider handles scaling, patching, and availability.

Why this answer

Platform as a Service (PaaS) provides a managed hosting environment where developers can deploy applications without worrying about the underlying infrastructure. The provider automatically handles server provisioning, OS patching, storage management, and scaling based on demand. In this scenario, the company only needs to upload code, which is the defining characteristic of PaaS.

Exam trap

The trap here is that candidates confuse PaaS with IaaS because both involve deploying applications, but IaaS requires manual OS and runtime management, whereas PaaS abstracts all infrastructure away.

How to eliminate wrong answers

Option A is wrong because Infrastructure as a Service (IaaS) still requires the user to manage the operating system, middleware, and runtime; the provider only supplies virtualized hardware like compute, storage, and networking. Option C is wrong because Software as a Service (SaaS) delivers fully functional applications to end users over the internet, not a platform for developing and running custom code. Option D is wrong because on-premises deployment means the company owns and manages all hardware and software locally, which is the opposite of a cloud service where the provider handles infrastructure.

231
MCQeasy

Which cloud computing characteristic allows a company to access resources like storage and databases from any device with an internet connection without needing to manage the physical infrastructure?

A.Rapid elasticity
B.Measured service
C.Broad network access
D.Resource pooling
AnswerC

Broad network access ensures resources are available over the network from any device with internet connectivity.

Why this answer

Broad network access is the correct answer because it describes the ability to access cloud resources (such as storage and databases) over the network via standard protocols (e.g., HTTP/HTTPS, SMB, NFS) from any device (laptop, smartphone, tablet) with an internet connection, without requiring the customer to manage the underlying physical infrastructure. This characteristic is defined by NIST SP 800-145 as 'capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms.'

Exam trap

The trap here is that candidates often confuse 'broad network access' with 'resource pooling' because both involve multi-device scenarios, but resource pooling is about the provider's internal multi-tenant architecture, not the customer's ability to connect from any device.

How to eliminate wrong answers

Option A is wrong because rapid elasticity refers to the ability to automatically scale resources up or down quickly in response to demand, not to the network-based accessibility from any device. Option B is wrong because measured service involves metering and monitoring resource usage for billing and optimization (e.g., pay-per-use), not the capability to access resources from any device. Option D is wrong because resource pooling means the provider's computing resources are pooled to serve multiple customers using a multi-tenant model, with physical and virtual resources dynamically assigned and reassigned according to consumer demand; it does not describe device-independent network access.

232
MCQeasy

A company wants to enable employees to securely access work files and collaborate in real-time from any device. Which Microsoft 365 service should the company use?

A.Microsoft Teams
B.Exchange Online
C.SharePoint Online
D.OneDrive for Business
AnswerA

Microsoft Teams provides real-time collaboration, file sharing, and integration with other Microsoft 365 services.

Why this answer

Microsoft Teams is the correct choice because it provides a unified platform for real-time collaboration, including chat, video conferencing, and file sharing, with integrated security and compliance features. It allows employees to access and co-author work files from any device while leveraging Azure Active Directory for conditional access and data encryption in transit and at rest.

Exam trap

The trap here is that candidates often confuse SharePoint Online's document management capabilities with real-time collaboration, overlooking that Teams is the primary service for synchronous teamwork and integrated file access from any device.

How to eliminate wrong answers

Option B (Exchange Online) is wrong because it is primarily an email and calendaring service, not designed for real-time file collaboration or secure file access from any device. Option C (SharePoint Online) is wrong because while it enables file storage and sharing, it lacks native real-time collaboration features like persistent chat and video meetings that Teams provides. Option D (OneDrive for Business) is wrong because it is a personal cloud storage service for individual file sync and sharing, not a team-based collaboration hub with integrated real-time communication.

233
Multi-Selectmedium

Which TWO of the following are features of Microsoft Purview Information Protection?

Select 2 answers
A.Sensitivity labels
B.Data Loss Prevention (DLP) policies
C.Encryption for emails and documents
D.eDiscovery (Premium)
E.Azure Information Protection (AIP) scanner
AnswersA, C

Sensitivity labels are a core part of Information Protection.

Why this answer

Information Protection includes sensitivity labels and encryption. AIP scanner is for on-premises, DLP is separate, and eDiscovery is also separate.

234
MCQmedium

A company with 200 users has Microsoft 365 Business Standard licenses. They need to add Microsoft 365 Defender for Office 365 (Plan 2) for increased protection against advanced threats. What should they purchase?

A.Upgrade each user to Microsoft 365 Business Premium
B.Purchase the Microsoft 365 Defender for Office 365 Plan 2 add-on
C.Purchase Microsoft 365 E3 licenses
D.Install the Microsoft Defender for Endpoint standalone subscription
AnswerB

This add-on can be purchased per user for existing Business Standard subscribers to gain advanced threat protection features.

Why this answer

Microsoft 365 Business Standard licenses include basic email security but lack advanced threat protection features like automated investigation, threat hunting, and simulation training. Purchasing the Microsoft 365 Defender for Office 365 Plan 2 add-on directly adds these capabilities to existing Business Standard users without requiring a license upgrade, making it the most cost-effective and targeted solution.

Exam trap

The trap here is that candidates often confuse the licensing tiers and assume that upgrading to Business Premium is the only way to get advanced security, when in fact Microsoft offers targeted add-ons like Defender for Office 365 Plan 2 that can be layered onto existing Business Standard subscriptions without a full suite upgrade.

How to eliminate wrong answers

Option A is wrong because upgrading to Microsoft 365 Business Premium would replace the existing Business Standard licenses with a more expensive suite that includes Defender for Office 365 Plan 1 (not Plan 2) plus other features like Intune and Azure AD P1, which are unnecessary for the stated requirement. Option C is wrong because Microsoft 365 E3 licenses are a different licensing plan intended for enterprise customers, not a direct upgrade path from Business Standard, and they would require a full license migration and higher per-user cost without specifically adding Defender for Office 365 Plan 2. Option D is wrong because Microsoft Defender for Endpoint is a separate product focused on endpoint device protection (antivirus, EDR), not email and collaboration security, and does not provide the advanced threat protection for Exchange Online, SharePoint, and Teams that Defender for Office 365 Plan 2 delivers.

235
MCQeasy

Refer to the exhibit. You have a Conditional Access policy as shown. A user reports they cannot access Exchange Online from a non-compliant device. What is the most likely reason?

A.The device is not marked as compliant
B.The policy only applies to administrators
C.The user has not registered for MFA
D.The policy is disabled
AnswerA

The grant control requires a compliant device.

Why this answer

The Conditional Access policy shown requires device compliance for Exchange Online access. When a device is non-compliant, the policy blocks access regardless of user identity or MFA status. The most likely reason for the user's inability to access Exchange Online is that the device is not marked as compliant, which is the condition explicitly enforced by the policy.

Exam trap

The trap here is that candidates may assume MFA or admin-only scoping is the issue, but the policy explicitly targets device compliance, which is the direct cause of the block.

How to eliminate wrong answers

Option B is wrong because the policy does not specify 'Only apply to administrators' — it applies to all users or a specific user group, not just admins. Option C is wrong because MFA registration is not the blocking factor; the policy targets device compliance, not authentication strength. Option D is wrong because if the policy were disabled, it would not enforce any restrictions, and the user would not be blocked.

236
MCQeasy

A sales manager wants to track customer interactions, manage leads, and automate follow-up emails from a single platform. Which Microsoft 365 service is specifically designed for customer relationship management (CRM)?

A.Microsoft Bookings
B.Microsoft Dynamics 365 Sales
C.Microsoft Power Automate
D.Microsoft To Do
AnswerB

Dynamics 365 Sales provides a comprehensive CRM platform for tracking interactions, managing leads, and automating sales processes including follow-up emails. It meets the manager's requirements.

Why this answer

Microsoft Dynamics 365 Sales is the dedicated CRM service within the Microsoft 365 ecosystem, purpose-built for tracking customer interactions, managing leads, and automating follow-up emails. Unlike general productivity tools, it provides a unified platform with lead scoring, opportunity management, and workflow automation specifically for sales processes.

Exam trap

The trap here is that candidates often confuse Microsoft Bookings (a scheduling tool) or Power Automate (an automation tool) with a full CRM solution, failing to recognize that Dynamics 365 Sales is the only option specifically designed for end-to-end customer relationship management.

How to eliminate wrong answers

Option A is wrong because Microsoft Bookings is a scheduling and appointment management tool, not a CRM platform; it lacks lead management and automated follow-up email capabilities. Option C is wrong because Microsoft Power Automate is a workflow automation service that can integrate with CRM systems but is not itself a CRM platform; it does not provide native lead tracking or customer interaction management. Option D is wrong because Microsoft To Do is a personal task management app with no CRM features such as lead tracking, customer history, or automated email sequences.

237
MCQhard

A compliance officer wants to proactively prevent users from sending emails that contain sensitive personal data (e.g., credit card numbers) to external recipients. When a user attempts to send such an email, they should see a policy tip explaining the restriction and be blocked from sending. Which Microsoft Purview feature should be configured?

A.Microsoft Purview Data Loss Prevention (DLP) policy
B.Microsoft Purview Information Barriers
C.Microsoft Purview Records Management
D.Microsoft Purview Communication Compliance
AnswerA

DLP policies can scan email content for sensitive information (e.g., credit card numbers), block the message from being sent, and display a customizable policy tip to educate the user. This matches the requirement exactly.

Why this answer

Microsoft Purview Data Loss Prevention (DLP) policy is the correct feature because it is specifically designed to detect sensitive data (e.g., credit card numbers) in transit and enforce actions such as showing a policy tip and blocking the email. DLP policies use sensitive information types (e.g., Credit Card Number) and conditions to inspect email content in Exchange Online, triggering a block action with an end-user notification when a match occurs.

Exam trap

The trap here is that candidates often confuse Communication Compliance (which reviews messages after they are sent) with DLP (which proactively blocks messages in transit), leading them to select Communication Compliance when the question explicitly requires proactive blocking with a policy tip.

How to eliminate wrong answers

Option B (Microsoft Purview Information Barriers) is wrong because Information Barriers are used to prevent communication between specific groups or users (e.g., to avoid conflicts of interest), not to scan for sensitive data patterns like credit card numbers. Option C (Microsoft Purview Records Management) is wrong because Records Management focuses on classifying, retaining, and disposing of records based on regulatory requirements, not on real-time content inspection and blocking of outbound emails. Option D (Microsoft Purview Communication Compliance) is wrong because Communication Compliance is designed to detect policy violations in communications (e.g., harassment, insider trading) by reviewing messages after they are sent, not to proactively block emails based on sensitive data patterns.

238
MCQeasy

A small business with 10 users needs the fully installed desktop versions of Office apps (Word, Excel, PowerPoint), business-class email, and 1 TB of cloud storage per user. They do not require advanced security or compliance features. Which Microsoft 365 plan is the most cost-effective choice?

A.Microsoft 365 Business Basic
B.Microsoft 365 Business Standard
C.Microsoft 365 E3
D.Office 365 E1
AnswerB

Business Standard includes desktop Office apps, Exchange Online mail, and 1 TB storage per user, matching all stated needs at a lower cost than enterprise plans.

Why this answer

Microsoft 365 Business Standard is the most cost-effective plan for this small business because it includes the fully installed desktop versions of Office apps (Word, Excel, PowerPoint), business-class email (Exchange Online), and 1 TB of OneDrive cloud storage per user. It meets all stated requirements without the higher cost of E3 or the lack of desktop apps in Business Basic or Office 365 E1.

Exam trap

The trap here is that candidates often confuse 'Business Basic' (which has web-only apps) with 'Business Standard' (which includes desktop apps), or assume that 'E3' is always the best choice for any business due to its enterprise branding, overlooking the cost and feature overkill for small businesses without advanced security needs.

How to eliminate wrong answers

Option A is wrong because Microsoft 365 Business Basic provides only web and mobile versions of Office apps, not the fully installed desktop versions required. Option C is wrong because Microsoft 365 E3 includes advanced security and compliance features (e.g., Data Loss Prevention, eDiscovery) that the customer does not need, making it unnecessarily expensive for a 10-user business. Option D is wrong because Office 365 E1 lacks the desktop Office apps entirely, offering only web-based versions, and also includes advanced compliance features not required.

239
MCQmedium

A company with 120 users needs desktop Office apps, Intune device management, and enhanced security. Which option best matches the requirement?

A.Microsoft Defender for Cloud only
B.Azure Virtual Desktop only
C.A free personal Microsoft account only
D.Microsoft 365 Business Premium
AnswerD

Business Premium combines productivity apps with Intune and enhanced security features for SMBs.

Why this answer

Microsoft 365 Business Premium includes desktop Office apps (Office 365 E3 equivalent), Intune for device management, and advanced security features such as Microsoft Defender for Office 365, Azure Information Protection, and Conditional Access. This bundle directly satisfies all three requirements for a 120-user organization without needing separate subscriptions.

Exam trap

The trap here is that candidates often confuse Microsoft Defender for Cloud (a security monitoring tool for cloud infrastructure) with Microsoft Defender for Office 365 (an email and collaboration security service), leading them to incorrectly select Option A when they see 'enhanced security' without recognizing the missing Office apps and device management.

How to eliminate wrong answers

Option A is wrong because Microsoft Defender for Cloud is a cloud workload protection platform (CWPP) for securing Azure, on-premises, and multi-cloud resources; it does not include desktop Office apps or Intune device management. Option B is wrong because Azure Virtual Desktop provides virtualized Windows desktops and apps, but it does not include Intune device management or the specific enhanced security features like Defender for Office 365; it also requires separate licensing for Office apps. Option C is wrong because a free personal Microsoft account offers no enterprise-grade desktop Office apps, no Intune device management, and no enhanced security controls; it is intended for individual consumer use only.

240
MCQmedium

A department asks for the Microsoft 365 service best suited for personal work files that follow a user across devices. Which service should they use?

A.Microsoft Entra Privileged Identity Management
B.OneDrive for Business
C.Microsoft Defender for Endpoint
D.Microsoft Purview Compliance Manager
AnswerB

OneDrive is intended for individual file storage and sync.

Why this answer

OneDrive for Business is the correct service because it provides personal cloud storage for work files that sync across a user's devices, enabling access from anywhere. Unlike SharePoint or Teams, which are team-based, OneDrive is designed for individual file storage and synchronization, making it ideal for files that follow the user.

Exam trap

The trap here is that candidates may confuse OneDrive for Business with SharePoint Online, but the key distinction is that OneDrive is for personal files that follow the user across devices, while SharePoint is for team collaboration and shared document libraries.

How to eliminate wrong answers

Option A is wrong because Microsoft Entra Privileged Identity Management is an identity governance service for managing, controlling, and monitoring access to privileged roles, not for storing personal work files. Option C is wrong because Microsoft Defender for Endpoint is a security solution for endpoint protection, detection, and response, not a file storage or synchronization service. Option D is wrong because Microsoft Purview Compliance Manager is a compliance management tool for assessing and managing regulatory compliance risks, not for personal file storage.

241
MCQmedium

A company with 300 Microsoft 365 E3 users needs to add advanced identity protection features: Microsoft Entra ID Premium P2 and Microsoft Defender for Identity. They want to add these capabilities without upgrading all users to E5. What is the most cost-effective licensing strategy?

A.Upgrade all users to Microsoft 365 E5.
B.Add Microsoft Entra ID Premium P2 and Microsoft Defender for Identity as standalone add-ons.
C.Add the Microsoft 365 E5 Security add-on for each user.
D.Add Enterprise Mobility + Security E5 add-on.
AnswerC

The E5 Security add-on is specifically designed to add Microsoft Entra ID P2, Defender for Identity, and other security capabilities to E3 licenses at a lower cost than upgrading to E5.

Why this answer

Option C is correct because the Microsoft 365 E5 Security add-on bundles Microsoft Entra ID Premium P2 and Microsoft Defender for Identity (along with other security features) at a lower per-user cost than purchasing them separately, and it can be added to an existing E3 subscription without upgrading the entire license. This provides the required identity protection capabilities cost-effectively for all 300 users.

Exam trap

The trap here is that candidates often confuse the Enterprise Mobility + Security E5 add-on with the E5 Security add-on, not realizing that EMS E5 lacks Microsoft Defender for Identity and is therefore insufficient for the stated requirements.

How to eliminate wrong answers

Option A is wrong because upgrading all users to Microsoft 365 E5 would be significantly more expensive than adding the E5 Security add-on, as E5 includes many additional features (e.g., advanced compliance, analytics) not required by the company. Option B is wrong because purchasing Microsoft Entra ID Premium P2 and Microsoft Defender for Identity as standalone add-ons would cost more per user than the bundled E5 Security add-on, which includes both plus additional security services like Microsoft Purview Information Protection and Microsoft 365 Defender. Option D is wrong because Enterprise Mobility + Security E5 includes Microsoft Entra ID Premium P2 and Microsoft Intune but does not include Microsoft Defender for Identity; it would require an additional purchase for that capability, making it less cost-effective than the E5 Security add-on.

242
MCQmedium

An administrator is reviewing a request from users who need to allocate Microsoft 365 license costs by department. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Forms
B.User department attributes and license assignment records
C.Microsoft Stream
D.Microsoft Whiteboard
AnswerB

Accurate user metadata and license records support departmental cost allocation.

Why this answer

Option B is correct because user department attributes (e.g., the 'Department' field in Microsoft Entra ID) combined with license assignment records allow administrators to filter and report on license consumption by department. This is the standard method for cost allocation, as Microsoft 365 does not natively track license costs per department without custom reporting or PowerShell scripts that query the Get-AzureADUser and Get-MsolUser cmdlets.

Exam trap

The trap here is that candidates may confuse collaboration tools (Forms, Stream, Whiteboard) with administrative reporting features, assuming they have built-in cost allocation capabilities when they do not.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a survey and quiz tool, not a licensing or cost allocation feature; it has no capability to track or report license costs by department. Option C is wrong because Microsoft Stream is a video hosting and sharing service, unrelated to license cost allocation or department-based reporting. Option D is wrong because Microsoft Whiteboard is a digital canvas for collaboration, with no functionality for managing or attributing license costs to departments.

243
MCQmedium

A company is preparing for a merger and wants to prevent communication between the Human Resources and Research departments regarding sensitive salary data during the due diligence period. They need a Microsoft Purview solution that can block all email and chat between users in these two groups, as well as prevent file sharing in Teams and SharePoint. Which solution should they configure?

A.Information Barriers
B.Data Loss Prevention (DLP)
C.Sensitivity Labels
D.eDiscovery (Premium)
AnswerA

Correct. Information Barriers enforce policies to prevent communication and collaboration between defined segments, covering email, Teams chat, file sharing, and more.

Why this answer

Information Barriers (IB) in Microsoft Purview are specifically designed to prevent communication and collaboration between defined user groups, such as HR and Research, by blocking email, Teams chat, and SharePoint/OneDrive file sharing. This solution enforces policies at the transport and service level, ensuring that sensitive salary data is not inadvertently shared during the merger due diligence period.

Exam trap

The trap here is that candidates often confuse Information Barriers with DLP, assuming that blocking sensitive data patterns is equivalent to blocking all communication between groups, but DLP cannot enforce department-wide communication restrictions—it only acts on content matches.

How to eliminate wrong answers

Option B (Data Loss Prevention) is wrong because DLP policies monitor and prevent the sharing of sensitive data (e.g., credit card numbers) based on content inspection, but they do not block all communication between two entire departments—they only act on specific data patterns. Option C (Sensitivity Labels) is wrong because labels classify and protect data with encryption or visual markings, but they do not enforce communication blocks between groups; they require users to apply them and do not prevent chat or email between departments. Option D (eDiscovery Premium) is wrong because eDiscovery is used for searching, preserving, and exporting content for legal or investigative purposes, not for proactively blocking real-time communication or file sharing.

244
MCQmedium

A user reports that they cannot access their work email on their mobile device. The admin confirms the user has an Exchange Online license. What is the most likely cause?

A.The user is using the Outlook mobile app
B.The user is trying to access Outlook on the web
C.Exchange ActiveSync is disabled for the user
D.A Conditional Access policy requires app protection policies
AnswerD

Conditional Access may block access if the device is not compliant.

Why this answer

Option D is correct because Conditional Access policies can require app protection policies (e.g., Intune MAM) to enforce data security on mobile devices. If the user's device does not have the required app protection policies applied, access to Exchange Online via mobile apps (including Outlook) will be blocked, even though the user has a valid Exchange Online license. This is a common scenario where licensing alone does not guarantee access when additional security controls are in place.

Exam trap

The trap here is that candidates often assume a valid license (Exchange Online) guarantees access, but Microsoft 365 security features like Conditional Access can override licensing and block access based on policy requirements, especially on mobile devices.

How to eliminate wrong answers

Option A is wrong because using the Outlook mobile app is not a cause of access failure; it is the intended client for mobile email access. Option B is wrong because accessing Outlook on the web (OWA) is a browser-based method, not a mobile device issue, and the question specifically states the user is on a mobile device. Option C is wrong because if Exchange ActiveSync were disabled for the user, the admin would typically see a specific error or setting in the Exchange admin center, and this is less likely than a Conditional Access policy blocking access due to missing app protection policies.

245
MCQeasy

A sales team uses Microsoft Copilot for Sales to draft emails. To ensure Copilot uses the most relevant customer data from Dynamics 365, what must be configured?

A.Microsoft Teams channels
B.Dynamics 365 records
C.Exchange Online mailboxes
D.Microsoft Viva Topics
AnswerB

Copilot for Sales uses Dynamics 365 records to personalize emails.

Why this answer

Copilot for Sales relies on Dynamics 365 records to access customer data such as contacts, accounts, and opportunities. By configuring the appropriate Dynamics 365 records, Copilot can retrieve the most relevant information to draft personalized emails. Without this configuration, Copilot lacks the necessary data source to generate context-aware content.

Exam trap

The trap here is that candidates may confuse the general data sources available in Microsoft 365 (like Exchange or Teams) with the specific structured CRM data required by Copilot for Sales, leading them to select a broad but incorrect option.

How to eliminate wrong answers

Option A is wrong because Microsoft Teams channels are used for collaboration and communication, not as a data source for Copilot to pull customer records from Dynamics 365. Option C is wrong because Exchange Online mailboxes store email messages and calendar items, but they do not contain structured customer relationship data like Dynamics 365 records. Option D is wrong because Microsoft Viva Topics uses AI to organize knowledge and content from across Microsoft 365, but it does not directly provide the specific customer data from Dynamics 365 that Copilot for Sales requires.

246
MCQmedium

A company wants to deploy a cloud solution where they have the maximum control over the operating system, installed software, and security configurations, but they do not want to manage physical servers or data center facilities. Which cloud service model best meets this requirement?

A.Infrastructure as a Service (IaaS)
B.Platform as a Service (PaaS)
C.Software as a Service (SaaS)
D.Hybrid cloud
AnswerA

IaaS gives the customer full control over the OS and applications while the provider manages the hardware.

Why this answer

Infrastructure as a Service (IaaS) provides virtualized computing resources over the internet, giving the customer full administrative control over the operating system, installed software, and security configurations (e.g., firewall rules, patch management) while the cloud provider manages the physical servers, storage, and networking hardware. This model aligns with the requirement for maximum control without managing physical infrastructure.

Exam trap

The trap here is that candidates often confuse the deployment model (Hybrid cloud) with the service model, or they assume PaaS offers more control than it actually does because they overlook the provider-managed OS layer in PaaS.

How to eliminate wrong answers

Option B (PaaS) is wrong because it abstracts the underlying OS and runtime environment, limiting the customer's control over OS-level configurations, installed software, and security settings—the provider manages the OS and middleware. Option C (SaaS) is wrong because the customer has no control over the OS, software stack, or security configurations; they only use the application as provided. Option D (Hybrid cloud) is wrong because it is a deployment model (combining public and private clouds), not a service model, and does not inherently grant maximum control over OS and software—it describes where resources are located, not the level of control.

247
Drag & Dropmedium

Drag and drop the steps to set up a Microsoft Teams meeting with external participants into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Creating a Teams meeting involves scheduling, adding attendees, setting options, and sending the invite.

248
MCQeasy

A company has 10 users who need only Exchange Online mailboxes and Microsoft Teams. They do not need desktop versions of Office apps. What is the most cost-effective Microsoft 365 plan for this requirement?

A.Microsoft 365 Business Basic
B.Microsoft 365 Apps for Business
C.Microsoft 365 Business Standard
D.Office 365 E1
AnswerA

Correct. This plan includes Exchange Online and Teams, and is the cheapest option for just email and Teams.

Why this answer

Microsoft 365 Business Basic provides Exchange Online mailboxes and Microsoft Teams, along with web and mobile versions of Office apps, without including desktop Office installations. This makes it the most cost-effective plan for the 10 users who need only email and Teams, as it offers the required services at the lowest per-user price among the options.

Exam trap

The trap here is that candidates often confuse 'Office 365 E1' as the cheapest option due to its 'E' enterprise branding, but Microsoft 365 Business Basic is actually the lowest-cost plan that includes both Exchange Online and Teams, and the exam tests the distinction between business and enterprise pricing tiers.

How to eliminate wrong answers

Option B (Microsoft 365 Apps for Business) is wrong because it includes only the desktop versions of Office apps (e.g., Word, Excel, PowerPoint) and does not include Exchange Online mailboxes or Microsoft Teams, so it fails to meet the core requirements. Option C (Microsoft 365 Business Standard) is wrong because it includes desktop Office apps, which are not needed, making it more expensive than necessary for the stated needs. Option D (Office 365 E1) is wrong because, while it provides Exchange Online and Teams, it is an enterprise plan with a higher per-user cost than Business Basic, and it is not the most cost-effective choice for a small group of 10 users who do not require enterprise-grade compliance or advanced features.

249
MCQmedium

A sales team frequently collaborates on proposals stored in Microsoft 365. They want to use an AI-powered tool to draft sections based on previous winning proposals. Which Microsoft 365 app should they use?

A.Microsoft Copilot for Microsoft 365
B.Microsoft Syntex
C.Microsoft Viva Topics
D.Microsoft Power Automate
AnswerA

Copilot uses AI to draft content based on existing files in Microsoft 365.

Why this answer

Microsoft Copilot for Microsoft 365 is the correct choice because it integrates large language models directly into the Microsoft 365 productivity apps, including Word, Excel, and PowerPoint. It can analyze existing content—such as previous winning proposals stored in SharePoint or OneDrive—and generate new draft sections based on that data, using natural language prompts. This makes it the ideal AI-powered tool for collaborative proposal writing.

Exam trap

The trap here is that candidates may confuse Microsoft Syntex's content understanding and classification capabilities with generative AI, leading them to select Syntex instead of recognizing that Copilot is the dedicated generative AI assistant for content creation in Microsoft 365.

How to eliminate wrong answers

Option B (Microsoft Syntex) is wrong because Syntex is a content AI service focused on content understanding, classification, and extraction of metadata from documents, not on generating new draft content based on prior examples. Option C (Microsoft Viva Topics) is wrong because Viva Topics is a knowledge discovery tool that automatically organizes content into topic pages and surfaces relevant information, but it does not generate new text or draft sections. Option D (Microsoft Power Automate) is wrong because Power Automate is a workflow automation platform for creating automated processes and integrations, not an AI content generation tool.

250
Multi-Selectmedium

Which TWO of the following are features of Microsoft Purview that help organizations meet compliance requirements for data lifecycle management? (Choose two.)

Select 2 answers
A.Retention policies
B.eDiscovery (Premium)
C.Records management
D.Insider Risk Management
E.Data Loss Prevention (DLP) policies
AnswersA, C

Retention policies define how long data is kept.

Why this answer

Option A is correct: Retention policies manage data lifecycle. Option D is correct: Records management helps manage records retention. Option B is wrong because DLP is for data loss prevention, not lifecycle.

Option C is wrong because eDiscovery is for search and export. Option E is wrong because Insider Risk Management is for risk detection.

251
MCQmedium

A service owner is comparing Microsoft 365 capabilities and needs to provide desktop Office apps when email is hosted elsewhere. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Forms
B.Microsoft Whiteboard
C.Microsoft Stream
D.Microsoft 365 Apps plan
AnswerD

Microsoft 365 Apps plans provide Office apps without the full business email bundle.

Why this answer

The Microsoft 365 Apps plan (formerly Office 365 ProPlus) is a subscription-based licensing model that provides the full desktop versions of Office applications (Word, Excel, PowerPoint, etc.) without requiring email hosting from Microsoft. This makes it the correct choice for a service owner who needs desktop Office apps while email is hosted elsewhere, as it decouples Office from Exchange Online.

Exam trap

The trap here is that candidates often assume all Microsoft 365 plans require Exchange Online for email, but the Microsoft 365 Apps plan specifically separates desktop Office licensing from email hosting, making it the correct answer for this scenario.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a web-based survey and quiz tool, not a desktop Office application, and it requires a Microsoft 365 subscription that typically includes Exchange Online for email. Option B is wrong because Microsoft Whiteboard is a digital canvas app for collaboration, not a desktop Office suite, and it does not provide Word, Excel, or PowerPoint. Option C is wrong because Microsoft Stream is a video management and sharing service, not a desktop Office application, and it relies on Azure AD and SharePoint, not standalone Office licensing.

252
MCQeasy

A company uses a cloud service where they can provision virtual machines, install any operating system, and manage all software on those machines. The cloud provider is responsible for the physical hardware, data center security, and network infrastructure. Which cloud service model does this represent?

A.IaaS (Infrastructure as a Service)
B.PaaS (Platform as a Service)
C.SaaS (Software as a Service)
D.FaaS (Function as a Service)
AnswerA

IaaS gives the customer flexibility to manage OS and software while the provider handles hardware and networking.

Why this answer

This scenario describes Infrastructure as a Service (IaaS) because the customer has full control over virtual machines, including the operating system and all installed software, while the cloud provider manages the underlying physical hardware, data center security, and network infrastructure. In IaaS, the provider offers virtualized computing resources over the internet, and the customer is responsible for everything above the hypervisor layer, such as OS patches, application configuration, and middleware.

Exam trap

The trap here is that candidates often confuse IaaS with PaaS because both involve virtual machines, but the key differentiator is whether the customer manages the operating system and software stack (IaaS) or the provider manages them (PaaS).

How to eliminate wrong answers

Option B is wrong because PaaS (Platform as a Service) provides a managed platform where the provider handles the runtime, middleware, and OS, and the customer only deploys code; the customer cannot install or manage an arbitrary operating system on virtual machines. Option C is wrong because SaaS (Software as a Service) delivers fully managed applications accessed via a web browser or client, with no customer control over the underlying infrastructure, OS, or virtual machines. Option D is wrong because FaaS (Function as a Service) is a serverless compute model where customers deploy individual functions that execute in response to events, and they have no visibility or control over virtual machines or operating systems.

253
MCQhard

A company uses Microsoft 365 E5 and wants to implement a solution that automatically detects and remediates security incidents across endpoints, email, and identities. Which service should they use?

A.Microsoft Defender XDR
B.Microsoft Purview
C.Microsoft Defender for Cloud
D.Microsoft Sentinel
AnswerA

Defender XDR provides cross-domain detection and automated response.

Why this answer

Microsoft Defender XDR (Extended Detection and Response) is the correct choice because it provides a unified, cross-domain security solution that automatically detects, investigates, and remediates threats across endpoints, email, and identities. It leverages AI and automation to correlate signals from Microsoft Defender for Endpoint, Defender for Office 365, and Defender for Identity, enabling coordinated incident response without manual intervention.

Exam trap

The trap here is that candidates often confuse Microsoft Defender for Cloud (a cloud workload protection tool) with Microsoft Defender XDR, or mistakenly think Microsoft Sentinel (a SIEM) is the primary automated remediation tool, when in fact Sentinel requires custom playbooks and is not designed for cross-domain automated remediation out of the box.

How to eliminate wrong answers

Option B is wrong because Microsoft Purview is a data governance, compliance, and risk management solution, not a security incident detection and remediation tool; it focuses on data classification, retention, and eDiscovery. Option C is wrong because Microsoft Defender for Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) for multi-cloud environments (Azure, AWS, GCP), not for endpoint, email, and identity incident response. Option D is wrong because Microsoft Sentinel is a cloud-native SIEM (Security Information and Event Management) that ingests logs and requires custom analytics rules and manual or semi-automated playbooks for remediation, whereas Defender XDR provides built-in, automated detection and remediation across the specified domains.

254
Multi-Selectmedium

An organisation wants to identify documents containing credit card numbers and prevent users from sharing them externally from SharePoint Online and Exchange Online. Which two Microsoft Purview capabilities are most relevant? (Choose 2.)

Select 2 answers
A.Sensitive information types.
B.Data Loss Prevention policies.
C.Microsoft Bookings.
D.Windows Autopilot.
AnswersA, B

They detect patterns such as credit card numbers.

Why this answer

Sensitive information types (A) are predefined or custom patterns that detect sensitive data like credit card numbers using regex and checksum validation. Data Loss Prevention policies (B) use these sensitive information types to enforce rules that block external sharing of documents containing credit card numbers in SharePoint Online and Exchange Online. Together, they identify the sensitive content and prevent its unauthorized external distribution.

Exam trap

The trap here is that candidates may confuse Microsoft Purview capabilities with unrelated Microsoft 365 services like Bookings or Autopilot, failing to recognize that only sensitive information types and DLP policies directly address content inspection and sharing controls for compliance scenarios.

255
MCQeasy

A project manager needs to assign tasks to team members, set deadlines, and track progress in a shared workspace. The workspace should integrate with Outlook and Teams. Which Microsoft 365 app is best suited for this requirement?

A.Microsoft To Do
B.Microsoft Planner
C.SharePoint
D.Microsoft Lists
AnswerB

Planner offers team-based task boards, assignment, due dates, and integration with Teams and Outlook.

Why this answer

Microsoft Planner is best suited because it provides a shared workspace with task assignment, deadline setting, and progress tracking via Kanban boards, and it integrates natively with Outlook for task synchronization and with Teams as a tab app for collaborative access.

Exam trap

Microsoft often tests the distinction between personal task tools (To Do), collaborative task management (Planner), and data tracking (Lists), where candidates may confuse Lists' custom fields with Planner's task assignment capabilities.

How to eliminate wrong answers

Option A is wrong because Microsoft To Do is a personal task management app focused on individual to-do lists, lacking shared workspaces, team assignment, and progress tracking features. Option C is wrong because SharePoint is a document management and collaboration platform for sites and libraries, not designed for task assignment, deadline tracking, or Kanban-style progress views. Option D is wrong because Microsoft Lists is a data tracking app for creating custom lists (e.g., issue trackers, inventories), but it does not provide built-in task assignment, deadline management, or the integrated Kanban boards that Planner offers.

256
MCQmedium

A marketing team needs to collaborate on a presentation that will be updated frequently by multiple team members, and they want to ensure everyone always has the latest version without manual tracking. Which Microsoft 365 service should they use?

A.Exchange Online
B.SharePoint Online
C.Microsoft Teams
D.OneDrive for Business
AnswerB

SharePoint provides co-authoring and version control.

Why this answer

SharePoint Online is the correct choice because it provides a centralized document library with version history, co-authoring, and metadata management, ensuring all team members always access the latest version without manual tracking. Unlike OneDrive for Business, which is designed for individual use, SharePoint Online supports structured collaboration across a team with granular permissions and automated sync.

Exam trap

The trap here is that candidates often confuse Microsoft Teams as the collaboration service itself, but Teams relies on SharePoint Online for file storage and versioning, so the correct underlying service is SharePoint.

How to eliminate wrong answers

Option A is wrong because Exchange Online is an email and calendaring service, not a document collaboration platform; it lacks version control and co-authoring for files. Option C is wrong because Microsoft Teams is a chat-based workspace that integrates with SharePoint for file storage, but it is not the primary service for managing and versioning shared documents; files in Teams are stored in SharePoint, so the underlying service is SharePoint. Option D is wrong because OneDrive for Business is optimized for personal file storage and sharing, not for team-based collaboration with multiple simultaneous editors and automated version tracking across a group; it lacks team-level metadata and permissions management.

257
MCQmedium

An administrator is reviewing a request from users who need to enterprise licensing options for an organization with more complex or larger-scale requirements. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Whiteboard
B.Microsoft Forms
C.Microsoft 365 Enterprise plans
D.Microsoft Stream
AnswerC

Enterprise plans such as E3 and E5 are intended for larger and more complex organizations.

Why this answer

Microsoft 365 Enterprise plans (E3, E5) are designed for organizations with complex or large-scale requirements, offering advanced security, compliance, analytics, and voice capabilities beyond the Business plans. The question specifically asks about enterprise licensing options, making C the most relevant concept.

Exam trap

The trap here is that candidates may confuse a specific application (like Whiteboard, Forms, or Stream) with a licensing plan, when the question explicitly asks for the 'licensing, admin, or support concept' relevant to enterprise-scale requirements.

How to eliminate wrong answers

Option A is wrong because Microsoft Whiteboard is a collaboration app, not an enterprise licensing plan or support concept. Option B is wrong because Microsoft Forms is a survey and data collection tool, not a licensing or support offering. Option D is wrong because Microsoft Stream is a video service, not an enterprise licensing plan or support concept.

258
MCQhard

Your company has a mix of on-premises and cloud users. You plan to move to Microsoft 365 and need to support hybrid identity with password hash synchronization. Which licensing is minimally required?

A.Microsoft Entra ID P1
B.Microsoft 365 E3
C.Microsoft Entra ID P2
D.Microsoft Entra ID Free
AnswerB

Microsoft 365 E3 includes Entra ID P1, which supports password hash synchronization, and provides the needed Microsoft 365 services.

Why this answer

Microsoft 365 E3 includes Microsoft Entra ID P1, which provides the necessary features for hybrid identity with password hash synchronization (PHS). PHS is a core feature of Entra ID P1, enabling synchronization of password hashes from on-premises Active Directory to Azure AD for seamless authentication. Microsoft 365 E3 is the minimum licensing tier that bundles Entra ID P1, making it the correct choice for this scenario.

Exam trap

The trap here is that candidates often assume Microsoft Entra ID P1 is a separate add-on license, but Microsoft 365 E3 already includes it, making the bundled plan the minimal licensing requirement for hybrid identity with PHS.

How to eliminate wrong answers

Option A is wrong because Microsoft Entra ID P1 is a standalone license, but the question asks for the minimally required licensing to support hybrid identity with PHS in a Microsoft 365 plan; Entra ID P1 alone does not include Microsoft 365 services like Exchange Online or SharePoint, which are typically part of the migration plan. Option C is wrong because Microsoft Entra ID P2 includes advanced features like Identity Protection and Privileged Identity Management, which are not required for basic PHS hybrid identity; it is overkill and not the minimal license. Option D is wrong because Microsoft Entra ID Free does not support password hash synchronization; PHS requires at least Entra ID P1, which is not included in the Free tier.

259
MCQmedium

A business stakeholder asks how Microsoft 365 can help them explain why an organization may choose E5 over E3. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Stream
B.Microsoft 365 E5 generally includes more advanced capabilities than E3
C.Microsoft Forms
D.Microsoft Whiteboard
AnswerB

E5 is positioned above E3 with additional enterprise capabilities depending on plan details.

Why this answer

Microsoft 365 E5 is the correct answer because it directly addresses the stakeholder's question about why an organization might choose E5 over E3. E5 includes all E3 features plus advanced security (e.g., Microsoft Defender for Office 365, Microsoft 365 Defender), compliance (e.g., eDiscovery, Advanced Audit), and analytics (e.g., Power BI Pro, Viva Insights). This distinction is core to Microsoft 365 licensing and pricing discussions, which fall under the 'Describe Microsoft 365 pricing and support' domain.

Exam trap

The trap here is that candidates may confuse a specific application (like Stream or Forms) with a licensing differentiator, when in fact the key distinction between E3 and E5 lies in the bundled security, compliance, and analytics suites, not individual apps.

How to eliminate wrong answers

Option A is wrong because Microsoft Stream is a video service included in both E3 and E5, not a licensing differentiator; the advanced Stream features (e.g., live events) are available in E3, so it does not explain the E5 upgrade decision. Option C is wrong because Microsoft Forms is a simple survey tool included in all Microsoft 365 plans, including E3 and E5, and has no advanced capabilities exclusive to E5. Option D is wrong because Microsoft Whiteboard is a collaborative canvas app available in both E3 and E5, with no premium features that justify the E5 upgrade.

260
MCQeasy

Refer to the exhibit. A SharePoint admin views site properties in JSON format. What type of site is this?

A.Communication site
B.Classic team site
C.Hub site
D.Team site (group-connected)
AnswerD

'GROUP#0' indicates a group-connected team site.

Why this answer

The JSON output includes the 'GroupId' property, which is a GUID that uniquely identifies the Microsoft 365 Group associated with the site. This property is only present on team sites that are connected to a Microsoft 365 Group (group-connected team sites). Communication sites and classic team sites do not have a GroupId, and hub sites are a site association feature, not a site template.

Exam trap

The trap here is that candidates may confuse the presence of a 'GroupId' with a hub site's association ID, or assume that any modern site (including communication sites) would have a group ID, when in fact only group-connected team sites include this property in their JSON output.

How to eliminate wrong answers

Option A is wrong because communication sites do not have a 'GroupId' property in their JSON representation; they are designed for broadcasting information and are not group-connected. Option B is wrong because classic team sites (without a Microsoft 365 Group) lack the 'GroupId' property; they use SharePoint-specific permissions and are not backed by a Microsoft 365 Group. Option C is wrong because a hub site is a site that has been designated as a hub for navigation and search aggregation, but it is not a distinct site template; the JSON shown does not include a 'HubSiteId' or 'IsHubSite' property, and hub sites can be either communication sites or group-connected team sites.

261
MCQmedium

A compliance administrator needs to retain mailbox content for legal investigation. Which Microsoft 365 capability is the best fit?

A.Microsoft Teams live events
B.Microsoft Bookings
C.OneDrive sync client
D.eDiscovery and retention capabilities in Microsoft Purview
AnswerD

Purview eDiscovery and retention help preserve and search content for investigations.

Why this answer

eDiscovery and retention capabilities in Microsoft Purview are designed specifically for legal investigations, allowing compliance administrators to preserve mailbox content via legal holds, search across mailboxes, and export data for litigation. This directly meets the requirement to retain mailbox content for legal investigation, unlike the other options which serve unrelated business functions.

Exam trap

The trap here is that candidates may confuse general data storage or communication tools (like OneDrive or Teams) with compliance-specific features, overlooking that only Purview provides the legal hold and search capabilities required for retaining mailbox content in investigations.

How to eliminate wrong answers

Option A is wrong because Microsoft Teams live events is a broadcast and meeting feature for large audiences, not a compliance tool for retaining mailbox content. Option B is wrong because Microsoft Bookings is a scheduling and appointment management app, lacking any data retention or eDiscovery functionality. Option C is wrong because the OneDrive sync client is for synchronizing files between a local device and cloud storage, not for preserving or searching mailbox content for legal purposes.

262
MCQeasy

A company uses Microsoft SharePoint Online for intranet and wants to display important company announcements on the home page. Which SharePoint feature should they use?

A.Pages
B.Document libraries
C.Lists
D.News posts
AnswerD

Designed for announcements.

Why this answer

News posts are the correct feature because they are specifically designed to display timely, engaging announcements on a SharePoint intranet home page. They support rich formatting, images, and web parts that surface news content prominently, making them ideal for company-wide communications. Unlike other options, News posts are optimized for visibility and user engagement on the home page.

Exam trap

The trap here is that candidates confuse 'Pages' (option A) with 'News posts' because both use the same underlying page infrastructure, but News posts are a distinct feature with specific properties for announcements, not general-purpose pages.

How to eliminate wrong answers

Option A is wrong because Pages are used for creating static, structured content like landing pages or detailed information, not for dynamic, time-sensitive announcements. Option B is wrong because Document libraries store files and documents, not announcements, and lack the formatting and visibility features needed for home page news. Option C is wrong because Lists are for structured data (e.g., tasks, contacts) and require custom formatting or web parts to display as announcements, making them less suitable for immediate, engaging news.

263
MCQmedium

A compliance officer needs to automatically detect when an employee attempts to send an email containing a social security number (SSN) to an external recipient. The solution should block the email from being sent and notify the employee with a policy tip. Which Microsoft Purview solution should be configured?

A.Microsoft Purview Data Loss Prevention (DLP)
B.Microsoft Purview Information Protection
C.Microsoft Purview eDiscovery
D.Microsoft Purview Audit
AnswerA

DLP policies can identify sensitive data like SSNs and block the email, providing a policy tip to the user.

Why this answer

Microsoft Purview Data Loss Prevention (DLP) is the correct solution because it is specifically designed to detect sensitive information (such as social security numbers) in emails and other data in transit. When a DLP policy is configured with a rule that matches the SSN condition and an action to block the message, it automatically prevents the email from being sent and displays a policy tip to the user, notifying them of the violation. This aligns directly with the requirement to both block the email and provide real-time user notification.

Exam trap

The trap here is that candidates often confuse Information Protection (labeling) with Data Loss Prevention (enforcement), assuming that applying a sensitivity label automatically blocks data exfiltration, when in fact DLP policies are required to enforce actions like blocking and policy tips.

How to eliminate wrong answers

Option B (Microsoft Purview Information Protection) is wrong because it focuses on classifying and labeling sensitive data (e.g., applying sensitivity labels) but does not include the ability to block email transmission or enforce real-time actions like policy tips; it is a classification and protection layer, not a blocking enforcement mechanism. Option C (Microsoft Purview eDiscovery) is wrong because it is used for searching and exporting content for legal or investigative purposes, not for preventing data exfiltration or providing user notifications during email composition. Option D (Microsoft Purview Audit) is wrong because it logs user and admin activities for forensic review but cannot block emails or display policy tips; it is a passive logging tool, not an active enforcement solution.

264
MCQmedium

A legal firm needs to send a confidential document to a client via email. The firm requires that the client cannot forward or print the email and that the email expires after seven days. Which Microsoft Purview solution should they use?

A.Microsoft Purview Message Encryption
B.Data Loss Prevention (DLP) policies
C.Sensitivity labels
D.eDiscovery (Premium)
AnswerA

Correct. Message Encryption with IRM enables restrictions like preventing forwarding/printing and setting an expiration date on email messages.

Why this answer

Microsoft Purview Message Encryption (A) is the correct solution because it allows the legal firm to apply usage restrictions such as preventing forwarding and printing, and to set an expiration period of seven days on the email. This is achieved through Azure Rights Management (Azure RMS) templates that enforce these controls directly on the encrypted message, ensuring the client cannot bypass the restrictions.

Exam trap

The trap here is that candidates often confuse sensitivity labels with Message Encryption, not realizing that while labels can apply encryption, they do not natively support per-message expiration or granular usage restrictions like 'do not forward' and 'do not print' without additional configuration via Azure RMS templates, which is exactly what Message Encryption provides out-of-the-box.

How to eliminate wrong answers

Option B (Data Loss Prevention (DLP) policies) is wrong because DLP policies are designed to detect and prevent the accidental sharing of sensitive information (e.g., credit card numbers) by blocking or warning users, but they do not provide granular post-delivery controls like 'do not forward' or 'expire after 7 days'. Option C (Sensitivity labels) is wrong because while sensitivity labels can apply encryption and visual markings, they do not natively support per-message expiration or specific usage restrictions like 'do not forward' or 'do not print' without being combined with Azure RMS templates; the question asks for a solution that directly provides these controls, which is Message Encryption. Option D (eDiscovery Premium) is wrong because eDiscovery is used for legal hold, search, and export of content for litigation or investigation, not for controlling how an email is used after it is sent.

265
Multi-Selectmedium

Which four of the following are key components of the Microsoft 365 defense-in-depth security strategy? (Choose all that apply. There are four correct answers.)

Select 4 answers
.Physical security of datacenters, including biometric access controls and 24/7 monitoring.
.User identity protection via Azure AD Multi-Factor Authentication (MFA) and Conditional Access.
.Data encryption at rest and in transit, using technologies like BitLocker and TLS.
.Automated rollback of all user changes to previous versions within 24 hours.
.Advanced Threat Protection (ATP) for email, SharePoint, and Teams, including anti-malware and anti-phishing.
.Unrestricted access for Microsoft engineers to all customer data for continuous security scanning.

Why this answer

The Microsoft 365 defense-in-depth strategy relies on multiple layers of security controls. Physical security of datacenters (biometric access, 24/7 monitoring) is the foundational layer. User identity protection via Azure AD MFA and Conditional Access secures the authentication layer.

Data encryption at rest (BitLocker) and in transit (TLS) protects data confidentiality. Advanced Threat Protection (ATP) for email, SharePoint, and Teams defends against malware and phishing at the workload layer. These four components collectively implement a layered security model.

Exam trap

The trap here is that candidates may confuse operational features like versioning or backup with core security layers, or mistakenly believe Microsoft has unrestricted access to customer data, when in fact the shared responsibility model and strict access controls are fundamental to the defense-in-depth strategy.

266
MCQmedium

An administrator needs to restrict access to Microsoft 365 admin centers based on user location. Which Microsoft Entra ID feature should they configure?

A.Conditional Access
B.Identity Protection
C.Entra ID Governance
D.Privileged Identity Management (PIM)
AnswerA

Conditional Access policies can include location conditions to restrict access.

Why this answer

Conditional Access is the correct feature because it allows administrators to enforce policies that grant or block access to Microsoft 365 admin centers based on conditions such as user location (IP address ranges or countries). By configuring a Conditional Access policy with a location condition, you can restrict access to sensitive admin portals like the Microsoft 365 admin center or Exchange admin center to trusted networks only.

Exam trap

The trap here is that candidates often confuse Identity Protection (which also uses location signals for risk detection) with Conditional Access, but Identity Protection does not enforce access policies—it only provides risk assessments that Conditional Access can consume.

How to eliminate wrong answers

Option B (Identity Protection) is wrong because it focuses on detecting and responding to identity-based risks (e.g., leaked credentials, sign-ins from anonymous IPs) but does not directly restrict access to admin centers based on location. Option C (Entra ID Governance) is wrong because it manages identity lifecycle, access reviews, and entitlement management, not real-time location-based access control. Option D (Privileged Identity Management) is wrong because it provides just-in-time privileged access and approval workflows for roles, but does not enforce location-based restrictions on accessing admin centers.

267
MCQmedium

During a Microsoft 365 planning workshop, allow access to Exchange Online only from compliant devices. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Forms
B.Microsoft Intune compliance policies with Conditional Access
C.Microsoft Stream
D.Microsoft Planner
AnswerB

Intune evaluates compliance and Conditional Access enforces access decisions.

Why this answer

Microsoft Intune compliance policies define the security requirements (e.g., device encryption, jailbreak detection, minimum OS version) that a device must meet. When combined with Conditional Access in Azure AD, you can create a policy that blocks access to Exchange Online unless the device is marked as compliant by Intune. This ensures only compliant devices can connect, directly meeting the requirement.

Exam trap

The trap here is that candidates confuse productivity apps (Forms, Stream, Planner) with security services, failing to recognize that only Intune compliance policies combined with Conditional Access can enforce device-based access controls for Exchange Online.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a survey and data collection tool, not a security or compliance capability—it cannot enforce device compliance or control access to Exchange Online. Option C is wrong because Microsoft Stream is a video hosting and sharing service; it has no role in device compliance enforcement or Conditional Access policies. Option D is wrong because Microsoft Planner is a task management and project planning tool; it provides no security controls for device-based access restrictions.

268
MCQmedium

A service owner is comparing Microsoft 365 capabilities and needs to prevent communication and collaboration between two business groups. Microsoft security, identity, or compliance capability should it use?

A.Information Barriers
B.Microsoft Forms
C.Microsoft Planner
D.Microsoft Stream
AnswerA

Information Barriers restrict communication and collaboration between defined groups.

Why this answer

Information Barriers (IB) in Microsoft 365 are specifically designed to prevent communication and collaboration between defined user groups, such as two business groups that must not interact. IB policies use segment-based rules to block chat, email, and file sharing across groups, enforced at the Exchange Online, Teams, and SharePoint levels. This directly meets the service owner's requirement to isolate groups, unlike the other options which are general-purpose tools without such isolation capabilities.

Exam trap

The trap here is that candidates may confuse Information Barriers with other compliance features like Data Loss Prevention (DLP) or sensitivity labels, but the question specifically asks for a capability that prevents communication and collaboration between groups, which is the exact purpose of Information Barriers, not data protection or classification.

How to eliminate wrong answers

Option B (Microsoft Forms) is wrong because it is a survey and data collection tool, not a security or compliance feature for blocking communication between groups. Option C (Microsoft Planner) is wrong because it is a task management and project planning tool, lacking any capability to enforce communication barriers. Option D (Microsoft Stream) is wrong because it is a video hosting and sharing platform, not designed for access control between business groups; it does not provide the required segmentation or policy enforcement.

269
MCQhard

An administrator configures the SharePoint Online sharing policy as shown in the exhibit. What is the result of this configuration?

A.External users from any domain can access content without accepting an invitation.
B.Only guests from any domain can access, but external users must be added manually.
C.External users and guests from fabrikam.com can access content after accepting an invitation.
D.External sharing is blocked for all domains except fabrikam.com.
AnswerC

The policy allows external user and guest sharing, restricts to fabrikam.com, and requires acceptance.

Why this answer

Option D is correct. The policy allows sharing with external users and guests, but only from fabrikam.com, and requires them to accept the sharing invitation. Option A is wrong because the capability is ExternalUserAndGuestSharing, not just guest sharing.

Option B is wrong because the allowed domain list permits fabrikam.com. Option C is wrong because the blocked domain list is empty.

270
MCQmedium

A security administrator needs to ensure that all guest users who access Microsoft Teams are required to accept a terms of use agreement before accessing any company resources. Which Microsoft 365 identity protection feature should they configure?

A.Conditional Access policy with session control
B.Microsoft Entra ID Identity Protection
C.Terms of Use in Microsoft Entra ID
D.Privileged Identity Management
AnswerC

Microsoft Entra ID Terms of Use allows you to create and enforce agreements that users must accept before accessing applications, including Microsoft Teams for guest users.

Why this answer

Option C is correct because Microsoft Entra ID Terms of Use is the specific feature designed to present a terms-of-use agreement to users before they can access resources. When combined with a Conditional Access policy that targets guest users and requires acceptance of the terms, it ensures that guests must accept the agreement before accessing Microsoft Teams or any other company resource.

Exam trap

The trap here is confusing the general concept of 'Conditional Access' (which is the policy engine) with the specific grant control 'Terms of Use' that must be configured within it, leading candidates to pick Option A instead of C.

How to eliminate wrong answers

Option A is wrong because a Conditional Access policy with session control enforces restrictions like sign-in frequency or app control, not the presentation and acceptance of a terms-of-use agreement. Option B is wrong because Microsoft Entra ID Identity Protection is focused on detecting and responding to identity risks (e.g., leaked credentials, anomalous sign-ins), not on requiring user acceptance of legal agreements. Option D is wrong because Privileged Identity Management (PIM) manages just-in-time privileged role assignments and access reviews, not the enforcement of terms-of-use acceptance for guest users.

271
MCQeasy

A company's e-commerce website experiences a sudden surge in traffic during a promotional event. The cloud infrastructure automatically adds additional virtual servers to handle the load and removes them when traffic subsides, without any manual intervention from the IT team. Which cloud computing characteristic does this demonstrate?

A.Rapid elasticity
B.On-demand self-service
C.Resource pooling
D.Measured service
AnswerA

Correct. Rapid elasticity allows automatic scaling of resources to meet fluctuating demand, as described in the scenario.

Why this answer

The scenario describes the cloud infrastructure automatically scaling virtual servers up and down in response to traffic changes, which is the defining characteristic of rapid elasticity. This capability allows resources to be provisioned and released elastically, often automatically, to match demand at any given time, as defined by NIST SP 800-145.

Exam trap

The trap here is that candidates confuse 'on-demand self-service' (manual provisioning by a user) with 'rapid elasticity' (automatic scaling by the cloud platform), but the key differentiator is the lack of manual intervention in the scenario.

How to eliminate wrong answers

Option B is wrong because on-demand self-service refers to a user's ability to provision computing resources (e.g., spinning up a VM) without human interaction with the provider, not the automatic scaling of resources based on load. Option C is wrong because resource pooling describes the provider's multi-tenant model where physical and virtual resources are dynamically assigned to serve multiple customers, not the automatic scaling behavior. Option D is wrong because measured service involves metering and reporting resource usage for billing and optimization (e.g., pay-per-use), not the automatic addition or removal of servers in response to demand.

272
Multi-Selecthard

Which THREE of the following are included in Microsoft 365 E5 compliance features? (Choose three.)

Select 3 answers
A.Privileged Access Management
B.Microsoft Intune
C.Customer Key
D.Basic audit log search
E.Communication Compliance
AnswersA, C, E

E5 feature to control privileged administrative access.

Why this answer

E5 includes advanced compliance features such as Communication Compliance, Customer Key, and Privileged Access Management. Options A, B, and D are correct. Option C is an E3 feature; option E is not specific to compliance.

273
MCQhard

Your company has 10,000 users across multiple regions and uses Microsoft 365 E5. You need to ensure that all users have access to Microsoft Copilot for Microsoft 365 to boost productivity. However, due to licensing costs, management wants to minimize expenses by only assigning Copilot licenses to users who will actively use it. They also want to track usage to make informed renewal decisions. What should you do?

A.Assign Copilot licenses to a pilot group and use Microsoft 365 usage reports to identify active users before expanding.
B.Disable Copilot by default and allow users to request it via a helpdesk ticket.
C.Assign Copilot licenses to all users via group-based licensing in Microsoft Entra ID.
D.Use Power Automate to automatically assign Copilot licenses to users who send more than 50 emails per day.
AnswerA

This approach controls cost and uses data to make decisions.

Why this answer

Option A is correct because it aligns with the management's goal of minimizing costs by first assigning Copilot licenses to a pilot group, then using Microsoft 365 usage reports (which track Copilot-specific metrics like active users, sessions, and feature adoption) to identify active users before expanding license assignment. This approach ensures only engaged users receive licenses, optimizing spend while providing data for renewal decisions.

Exam trap

The trap here is that candidates may assume group-based licensing (Option C) is the most efficient method for large-scale deployment, but the question explicitly prioritizes cost minimization and usage tracking, making a pilot group with usage reports the correct choice over blanket assignment.

How to eliminate wrong answers

Option B is wrong because disabling Copilot by default and requiring helpdesk tickets creates administrative overhead and delays user access, failing to leverage Microsoft's built-in license management and usage analytics for cost-effective scaling. Option C is wrong because assigning Copilot licenses to all 10,000 users via group-based licensing contradicts the requirement to minimize expenses, as it would pay for inactive users without any usage tracking. Option D is wrong because using Power Automate to assign licenses based on email volume (e.g., >50 emails/day) is an arbitrary, unsupported metric that does not correlate with Copilot usage; Microsoft 365 usage reports are the correct tool for tracking actual Copilot adoption.

274
Drag & Dropmedium

Drag and drop the steps to configure Microsoft 365 Multi-Factor Authentication (MFA) for a user into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

MFA is enabled per user from the admin center, then the user must register their verification methods.

275
MCQhard

A company is deploying a cloud solution where they have the ability to quickly scale up resources during peak demand and scale down during off-peak hours, paying only for what they use. They also need the provider to automatically manage the underlying platform, including patching the operating system. Which combination of cloud characteristics and service model best describes this scenario?

A.Elasticity and PaaS
B.Scalability and IaaS
C.Rapid elasticity and SaaS
D.Measured service and PaaS
AnswerA

Elasticity allows rapid scaling based on demand; PaaS manages the OS and platform, matching the provider responsibilities described.

Why this answer

Option A is correct because the scenario describes elasticity (the ability to scale resources up and down automatically based on demand) and Platform as a Service (PaaS), where the provider manages the underlying platform, including OS patching. Elasticity is a key cloud characteristic that enables dynamic scaling, and PaaS abstracts infrastructure management, aligning perfectly with the requirement for automatic platform maintenance.

Exam trap

The trap here is confusing scalability (a general capability) with elasticity (dynamic, automated scaling), and assuming IaaS includes platform management like patching, which it does not—IaaS only provides virtual machines where the customer handles the OS.

How to eliminate wrong answers

Option B is wrong because IaaS (Infrastructure as a Service) does not include automatic OS patching; the customer is responsible for managing the operating system and middleware. Option C is wrong because SaaS (Software as a Service) delivers fully managed applications, not a platform for deploying custom code, and the scenario requires platform-level control, not just application usage. Option D is wrong because measured service (metering and billing) is a cloud characteristic that applies to all service models, but it does not describe the automatic scaling or platform management mentioned in the scenario.

276
MCQmedium

A service owner is comparing Microsoft 365 capabilities and needs to reset user passwords without assigning Global Administrator. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Whiteboard
B.Password Administrator
C.Microsoft Forms
D.Microsoft Stream
AnswerB

Password Administrator can reset passwords for many users without full tenant-wide rights.

Why this answer

The Password Administrator role in Azure AD allows a service owner to reset user passwords without needing the highly privileged Global Administrator role. This aligns with the principle of least privilege, as it grants only the specific permissions required for password management while avoiding broader administrative access.

Exam trap

The trap here is that candidates may assume only Global Administrator can reset passwords, overlooking the existence of the Password Administrator role, which is specifically designed for delegated password management without full admin privileges.

How to eliminate wrong answers

Option A is wrong because Microsoft Whiteboard is a digital canvas collaboration tool, not an administrative role or licensing concept for password management. Option C is wrong because Microsoft Forms is a survey and data collection tool, unrelated to user administration or password reset capabilities. Option D is wrong because Microsoft Stream is a video management service, not an admin role or licensing feature for resetting passwords.

277
MCQhard

Refer to the exhibit. The JSON shows a device compliance policy assignment in Microsoft Intune. Based on the exhibit, what is the current compliance status of the devices in the target group?

A.Not compliant, only because the password setting is missing
B.Compliant, because both settings are compliant
C.Not compliant, because the encryption setting is not compliant
D.Compliant, because the password setting is compliant
AnswerC

Encryption is required but not compliant, making the device non-compliant.

Why this answer

The exhibit shows a device compliance policy in Microsoft Intune with two settings: 'require device encryption' set to 'Required' and 'minimum password length' set to '6'. The compliance status for the target group is 'Not compliant, because the encryption setting is not compliant'. This is because the JSON indicates that the encryption requirement is not being met by the devices in the group, likely due to BitLocker or device encryption not being enabled.

The password setting alone does not override the encryption non-compliance, as all required settings must be satisfied for a device to be marked compliant.

Exam trap

The trap here is that candidates may focus on the password setting being present and compliant, overlooking that the encryption setting is explicitly non-compliant, and assume partial compliance is sufficient for an overall 'Compliant' status.

How to eliminate wrong answers

Option A is wrong because the password setting is present and configured (minimum length of 6), so the non-compliance is not due to a missing password setting; it is due to the encryption setting. Option B is wrong because both settings are not compliant; the encryption setting is explicitly non-compliant, as shown in the exhibit. Option D is wrong because compliance requires all settings to be compliant; even if the password setting is compliant, the encryption non-compliance makes the device not compliant overall.

278
MCQeasy

A user is unable to access Microsoft Teams because the tenant's subscription has expired. The administrator wants to restore access as quickly as possible while minimizing costs. What should the administrator do?

A.Extend the trial period for 30 additional days
B.Wait for the subscription to automatically renew within 30 days
C.Reactivate the expired subscription in the Microsoft 365 admin center
D.Purchase a new subscription and assign licenses to users
AnswerC

Reactivating restores service quickly without purchasing a new subscription.

Why this answer

Reactivating the subscription in the admin center restores service quickly, usually within minutes to hours. Purchasing a new subscription requires re-assigning licenses and may take longer. Waiting is not proactive.

Extending the trial is not possible after expiration.

279
MCQmedium

A department head asks which Microsoft 365 option should be used to provide a cloud identity platform for Microsoft 365 and approved SaaS applications. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Planner
B.Microsoft Forms
C.Microsoft Entra ID
D.Microsoft Stream
AnswerC

Microsoft Entra ID is Microsoft’s cloud identity and access management service.

Why this answer

Microsoft Entra ID (formerly Azure Active Directory) is the correct choice because it is the cloud-based identity and access management service that provides authentication, single sign-on (SSO), and conditional access for Microsoft 365 and thousands of pre-integrated SaaS applications. It acts as the identity platform, managing user identities and controlling access to resources, which directly aligns with the department head's requirement for a cloud identity platform.

Exam trap

The trap here is that candidates often confuse productivity tools (like Planner, Forms, or Stream) with security or identity services, mistakenly thinking any Microsoft 365 app can serve as an identity platform, when only Microsoft Entra ID provides the required cloud identity and access management capabilities.

How to eliminate wrong answers

Option A is wrong because Microsoft Planner is a task management and planning tool within Microsoft 365, not an identity platform; it cannot provide authentication or access control for SaaS applications. Option B is wrong because Microsoft Forms is a survey and data collection tool, used for creating forms and quizzes, with no identity or access management capabilities. Option D is wrong because Microsoft Stream is a video hosting and sharing service for enterprise video content, lacking any identity or security features for managing access to SaaS applications.

280
Multi-Selectmedium

Which TWO Microsoft 365 services can be used to create and manage custom business processes without writing code?

Select 2 answers
A.SharePoint Designer
B.Microsoft Power Automate
C.Microsoft Flow
D.Microsoft Lists
E.Microsoft Power Apps
AnswersB, E

Power Automate enables creating automated workflows with triggers and actions.

Why this answer

Microsoft Power Automate is a low-code automation platform that enables users to create custom workflows and business processes by connecting various applications and services through pre-built connectors. It allows the design of automated processes without writing code, using a visual designer to define triggers, conditions, and actions.

Exam trap

The trap here is that candidates may confuse Microsoft Flow as a separate service when it is simply the former name of Power Automate, leading them to select both B and C as correct answers, but only Power Automate (B) is the current and valid service.

281
MCQmedium

A help desk lead is documenting the correct Microsoft 365 approach to build a simple mobile app for field workers to submit inspection results. Microsoft 365 app or service is the best fit?

A.Power Apps
B.Microsoft Planner
C.Microsoft Purview Audit
D.Microsoft Forms
AnswerA

Power Apps builds low-code business applications for web and mobile use.

Why this answer

Power Apps is the correct choice because it is a low-code platform specifically designed for building custom mobile apps that integrate with Microsoft 365 data sources, such as SharePoint, Dataverse, or SQL. Field workers can submit inspection results through a tailored app with forms, business logic, and offline capabilities, making it ideal for this scenario.

Exam trap

The trap here is that candidates often confuse Microsoft Forms (a simple survey tool) with Power Apps (a full app builder), assuming Forms can be used for mobile app development when it lacks the necessary customization, offline, and integration capabilities.

How to eliminate wrong answers

Option B (Microsoft Planner) is wrong because it is a task management tool for organizing work, not a platform for building custom mobile apps with data submission capabilities. Option C (Microsoft Purview Audit) is wrong because it is a compliance and auditing solution for tracking user activities, not an app development service. Option D (Microsoft Forms) is wrong because it creates simple surveys and quizzes with limited customization and no ability to build a full mobile app with offline support or complex business logic.

282
MCQmedium

A service owner is comparing Microsoft 365 capabilities and needs to enterprise licensing options for an organization with more complex or larger-scale requirements. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Whiteboard
B.Microsoft Forms
C.Microsoft 365 Enterprise plans
D.Microsoft Stream
AnswerC

Enterprise plans such as E3 and E5 are intended for larger and more complex organizations.

Why this answer

Microsoft 365 Enterprise plans (E3, E5) are designed for organizations with complex or large-scale requirements, offering advanced security, compliance, analytics, and voice capabilities. The question explicitly asks for the licensing option most relevant to such needs, making Enterprise plans the correct choice over individual productivity tools.

Exam trap

The trap here is that candidates may confuse individual productivity tools (like Whiteboard, Forms, or Stream) with enterprise licensing concepts, failing to recognize that the question specifically asks for the licensing option that addresses complex, large-scale organizational needs.

How to eliminate wrong answers

Option A is wrong because Microsoft Whiteboard is a collaborative digital canvas tool included in many Microsoft 365 plans, not a licensing or support concept for enterprise-scale requirements. Option B is wrong because Microsoft Forms is a survey and quiz creation tool, not an enterprise licensing plan or support offering. Option D is wrong because Microsoft Stream is a video service for recording and sharing content, not a licensing or support concept for complex organizational needs.

283
MCQmedium

An administrator runs the above PowerShell command and receives output of '14'. What does this value indicate?

A.Inbox rules are retained for 14 days after deletion.
B.Items in the Deleted Items folder are permanently deleted after 14 days.
C.The mailbox has a litigation hold for 14 days.
D.Calendar items are retained for 14 days after the meeting end.
AnswerB

RetainDeletedItemsFor defines the retention period for deleted items.

Why this answer

The PowerShell command `Get-MailboxFolderStatistics -Identity user@contoso.com -FolderScope DeletedItems | Select-Object -ExpandProperty RetentionPolicy` returns '14', indicating that the retention policy applied to the Deleted Items folder permanently deletes items after 14 days. This is controlled by the `RetentionPolicy` property, which reflects the number of days items are kept before being purged from the Deleted Items folder.

Exam trap

The trap here is confusing the Deleted Items folder retention policy (which permanently deletes items after a set number of days) with the `RetainDeletedItemsFor` setting (which controls how long items are kept in the recoverable items folder after deletion).

How to eliminate wrong answers

Option A is wrong because inbox rules are retained for a default of 30 days after deletion (configurable via `RetainDeletedItemsFor`), not 14 days. Option C is wrong because litigation hold places an indefinite hold on all mailbox content, not a fixed 14-day retention period. Option D is wrong because calendar item retention after the meeting end is managed by the `CalendarRetention` property, which defaults to 30 days, not 14 days.

284
MCQhard

An administrator is assigned the Global Reader role in Microsoft Entra ID as shown in the exhibit. What can this administrator do?

A.View all user and group properties in the directory
B.Reset user passwords
C.Assign administrative roles to other users
D.Create new users in the directory
AnswerA

The Global Reader role grants read permissions to directory objects.

Why this answer

Option A is correct. Global Reader has read-only access to all Azure AD configuration. Option B is wrong because Global Reader cannot create users.

Option C is wrong because Global Reader cannot assign roles. Option D is wrong because the role does not include write permissions.

285
MCQmedium

A company uses Microsoft 365 Business Premium. A user reports that when they try to access a file in SharePoint Online, they receive an error that the file is blocked by policy. The IT admin needs to identify which policy is blocking the file. Which tool should the admin use?

A.Microsoft Intune compliance policies
B.Microsoft Entra ID Conditional Access policies
C.Microsoft Defender for Cloud Apps session policies
D.Microsoft Purview Data Loss Prevention policies
AnswerD

DLP policies in Purview can block files in SharePoint based on sensitive content.

Why this answer

Microsoft Purview Data Loss Prevention (DLP) policies are specifically designed to detect and block the sharing or access of sensitive information, such as credit card numbers or personally identifiable information, in Microsoft 365 services like SharePoint Online. When a file is blocked with a 'blocked by policy' error, it is typically because a DLP rule has matched the file's content and applied an action to restrict access. The admin can use the Microsoft Purview compliance portal to review DLP policy matches and identify the exact rule that triggered the block.

Exam trap

The trap here is that candidates often confuse Microsoft Defender for Cloud Apps session policies (which control user actions in real-time) with SharePoint's native DLP enforcement, but the 'blocked by policy' error is a direct result of a DLP policy applied at the SharePoint level, not a session-level control.

How to eliminate wrong answers

Option A is wrong because Microsoft Intune compliance policies are used to enforce device configuration and security requirements (e.g., requiring a PIN or encryption) for managed devices, not to block specific files based on content in SharePoint Online. Option B is wrong because Microsoft Entra ID Conditional Access policies control access at the authentication and authorization level (e.g., requiring MFA or blocking sign-ins from untrusted locations), not the content-level blocking of individual files. Option C is wrong because Microsoft Defender for Cloud Apps session policies monitor and control user actions in real-time via reverse proxy (e.g., blocking downloads of sensitive data), but they do not produce a 'blocked by policy' error on the file itself; that error originates from SharePoint's native DLP enforcement.

286
MCQeasy

Refer to the exhibit. The PowerShell script retrieves compliance tags from Microsoft Purview. What does the script do?

A.Changes the retention action from Delete to Archive
B.Deletes compliance tags that have a Delete retention action
C.Outputs the name and retention duration for compliance tags that delete data
D.Lists all compliance tags and their retention actions
AnswerC

The script filters tags with Delete action and outputs name and duration.

Why this answer

The script uses Get-ComplianceTag to retrieve all compliance tags, then filters with Where-Object to select only those where the RetentionAction property equals 'Delete'. For each matching tag, it outputs the Name and RetentionDuration. This directly matches option C: it outputs the name and retention duration for compliance tags that delete data.

Exam trap

The trap here is that candidates may assume the script deletes the tags (option B) because of the word 'Delete' in the filter, but the script only retrieves and displays information—it does not perform any deletion of tags or data.

How to eliminate wrong answers

Option A is wrong because the script only retrieves and outputs information; it does not perform any modification actions like changing retention actions. Option B is wrong because the script uses a filter to select tags with a Delete retention action but does not include any cmdlet or logic to delete the tags themselves. Option D is wrong because the script filters to only tags with a Delete retention action, not all compliance tags, so it does not list all tags and their retention actions.

287
MCQmedium

Which cloud deployment model provides the highest level of control over resources and infrastructure?

A.Public cloud
B.Private cloud
C.Hybrid cloud
D.Community cloud
AnswerB

Private cloud is dedicated to a single organization, offering full control over the infrastructure, networking, and security.

Why this answer

The private cloud deployment model provides the highest level of control over resources and infrastructure because it is dedicated to a single organization, allowing full customization of hardware, networking, and security policies. Unlike public or hybrid models, the organization retains exclusive administrative access and can enforce strict compliance requirements without sharing underlying physical resources with other tenants.

Exam trap

The trap here is that candidates often confuse 'control' with 'scalability' or 'cost efficiency,' assuming hybrid cloud offers the best of both worlds, but the question specifically asks for the highest level of control, which only a private cloud provides due to its single-tenant, fully customizable nature.

How to eliminate wrong answers

Option A is wrong because the public cloud model shares infrastructure across multiple tenants via a multi-tenant architecture, limiting control over underlying hardware and network configurations. Option C is wrong because the hybrid cloud model combines public and private clouds, but the public cloud portion inherently reduces overall control due to shared infrastructure and provider-managed services. Option D is wrong because the community cloud model is shared among several organizations with common concerns, which dilutes individual control compared to a dedicated private cloud.

288
MCQmedium

A company is deploying Microsoft 365 and needs to ensure that external sharing of sensitive documents is blocked. Which Microsoft Purview feature should they configure?

A.Data Loss Prevention (DLP) policies
B.Sensitivity labels
C.Information Barriers
D.Retention policies
AnswerA

DLP policies can detect and block sharing of sensitive information.

Why this answer

Information Barriers prevent communication and collaboration between specific groups, but DLP policies detect and block sharing of sensitive content. Sensitivity labels and retention policies do not block sharing. Option B is correct because DLP can block sharing of sensitive data.

289
MCQeasy

A cloud provider uses a multi-tenant model where physical and virtual resources are dynamically assigned and reassigned according to consumer demand. This is an example of which cloud computing characteristic?

A.Rapid elasticity
B.Resource pooling
C.On-demand self-service
D.Measured service
AnswerB

Resource pooling allows the provider to serve multiple customers using a shared pool of resources, which are dynamically allocated.

Why this answer

Resource pooling is the correct answer because the multi-tenant model described involves the cloud provider pooling physical and virtual resources (e.g., compute, storage, network) to serve multiple consumers, with resources dynamically assigned and reassigned based on demand. This is a core characteristic of cloud computing as defined by NIST SP 800-145, where the provider's resources are pooled to achieve economies of scale while maintaining logical isolation between tenants.

Exam trap

The trap here is that candidates often confuse resource pooling with rapid elasticity because both involve dynamic resource assignment, but resource pooling specifically focuses on the multi-tenant sharing of a provider's resource pool, not the speed or automation of scaling.

How to eliminate wrong answers

Option A is wrong because rapid elasticity refers to the ability to quickly scale resources up or down, often automatically, to meet demand, not the pooling of resources across multiple tenants. Option C is wrong because on-demand self-service allows a consumer to provision computing capabilities unilaterally without requiring human interaction with the provider, which is a separate characteristic from resource pooling. Option D is wrong because measured service involves metering and monitoring resource usage (e.g., CPU hours, bandwidth) for billing and optimization, not the dynamic assignment of pooled resources to tenants.

290
MCQmedium

A user reports that they cannot access a SharePoint site that contains sensitive data. The administrator confirms the user is licensed and the site permissions are correct. What should the administrator check next?

A.Microsoft Defender for Office 365 Safe Attachments
B.Microsoft Purview retention policies
C.Microsoft Intune device compliance policies
D.Conditional Access policies in Microsoft Entra ID
AnswerD

Conditional Access can block access to SharePoint based on policy conditions.

Why this answer

Conditional Access policies in Microsoft Entra ID can block access based on conditions like device compliance or location. Option D is correct. The other options are less likely given the scenario.

291
Multi-Selectmedium

A project team needs to collaborate on forms-based surveys and quizzes and co-author related Office files. Which two Microsoft 365 capabilities are most relevant?

Select 2 answers
A.Exchange anti-malware policy
B.SharePoint Online document storage
C.Microsoft Forms
D.Microsoft Purview eDiscovery case
AnswersB, C

SharePoint stores many Teams files and supports co-authoring, permissions, and version history.

Why this answer

SharePoint Online provides document storage and co-authoring capabilities, enabling team members to simultaneously edit Office files (e.g., Word, Excel, PowerPoint) stored in document libraries. Microsoft Forms allows the team to create forms-based surveys and quizzes, with responses automatically collected and easily exportable to Excel for analysis.

Exam trap

The trap here is that candidates may confuse Microsoft Forms with other survey tools like Excel Online or Microsoft Lists, or mistakenly think Exchange anti-malware policy is relevant for collaboration, when it is solely an email security control.

292
MCQhard

A global organization relies on Microsoft 365 for critical business operations. They require guaranteed response times for support incidents: critical severity issues must receive an initial response within 15 minutes, and high severity within 1 hour. They also need proactive monitoring and advice from a designated support account manager. Which support plan should they purchase?

A.Microsoft 365 Standard Support (included with subscription)
B.Microsoft ProDirect Support
C.Microsoft Unified Support
D.Microsoft Premier Support
AnswerB

ProDirect offers 15-minute response for critical and 1-hour for high severity, plus a dedicated support account manager for proactive services.

Why this answer

ProDirect Support is the correct choice because it offers guaranteed response times of 15 minutes for critical severity incidents and 1 hour for high severity incidents, along with proactive monitoring and a designated support account manager. This plan is specifically designed for organizations that require rapid, managed support for critical business operations, unlike the standard or legacy plans.

Exam trap

The trap here is that candidates often confuse ProDirect Support with Premier Support, assuming Premier is the only premium option, but ProDirect is the correct modern plan for cloud-focused organizations needing guaranteed response times and a designated account manager.

How to eliminate wrong answers

Option A is wrong because Microsoft 365 Standard Support (included with subscription) does not provide guaranteed response times or a designated account manager; it offers only basic reactive support with no service level agreements (SLAs) for initial response. Option C is wrong because Microsoft Unified Support is a legacy plan that has been retired and replaced by ProDirect and Premier; it does not offer the specific 15-minute critical response guarantee or a dedicated account manager in the same way. Option D is wrong because Microsoft Premier Support is a separate, higher-cost plan typically for on-premises and hybrid environments, and while it offers fast response times, it is not the standard plan for Microsoft 365 cloud services and does not include proactive monitoring as a core feature like ProDirect does.

293
MCQmedium

A company has 250 users with Microsoft 365 E3 licenses. They need to add Microsoft Defender for Microsoft 365 Plan 2 (for advanced threat protection and automated investigation) and Microsoft 365 E5 eDiscovery and Audit capabilities for legal investigations. They want to keep their existing E3 subscriptions and minimize additional costs. What is the most cost-effective licensing approach?

A.Upgrade all users to Microsoft 365 E5
B.Purchase the Microsoft 365 E5 Security add-on for all users
C.Purchase the Microsoft 365 E5 Compliance add-on for all users
D.Purchase the Microsoft Defender for Microsoft 365 Plan 2 add-on and the Microsoft 365 E5 eDiscovery and Audit add-on separately
AnswerD

Both add-ons are available for E3, providing exactly the needed capabilities without paying for unnecessary features.

Why this answer

Option D is correct because it allows the company to keep their existing Microsoft 365 E3 licenses and purchase only the specific add-ons needed: Microsoft Defender for Office 365 Plan 2 (for advanced threat protection and automated investigation) and the Microsoft 365 E5 eDiscovery and Audit add-on (which provides advanced eDiscovery and audit capabilities). This avoids the cost of upgrading all users to E5 or purchasing broader suites like E5 Security or E5 Compliance, which include features not required.

Exam trap

The trap here is that candidates often assume the E5 Security add-on covers all security and compliance needs, but it does not include advanced eDiscovery and audit capabilities, which require the E5 Compliance add-on or separate purchase.

How to eliminate wrong answers

Option A is wrong because upgrading all 250 users to Microsoft 365 E5 would be significantly more expensive than purchasing only the required add-ons, as E5 includes many features (e.g., advanced analytics, Power BI Pro) not needed here. Option B is wrong because the Microsoft 365 E5 Security add-on includes Defender for Office 365 Plan 2 but does not include the advanced eDiscovery and audit capabilities (those are part of the E5 Compliance add-on). Option C is wrong because the Microsoft 365 E5 Compliance add-on includes advanced eDiscovery and audit but does not include Defender for Office 365 Plan 2 (that is in the Security add-on).

294
MCQmedium

A compliance administrator needs to apply encryption and usage restrictions to confidential documents. Which Microsoft 365 capability is the best fit?

A.OneDrive sync client
B.Sensitivity labels
C.Microsoft Bookings
D.Microsoft Teams live events
AnswerB

Sensitivity labels classify and protect content, including encryption and access restrictions.

Why this answer

Sensitivity labels from Microsoft Purview Information Protection are the correct choice because they allow the compliance administrator to apply both encryption and usage restrictions (such as 'Do Not Forward' or custom permissions) directly to confidential documents. This capability integrates with Microsoft 365 apps to enforce protection persistently, even when the document is shared outside the organization.

Exam trap

The trap here is that candidates often confuse the OneDrive sync client's ability to sync encrypted files with the ability to apply encryption itself, or they mistakenly think Microsoft Teams live events can restrict document usage because it is a 'live' feature with attendee controls.

How to eliminate wrong answers

Option A is wrong because the OneDrive sync client is a file synchronization tool that syncs files between cloud and local devices; it does not apply encryption or usage restrictions to documents. Option C is wrong because Microsoft Bookings is a scheduling and appointment management tool, with no capability to enforce document-level encryption or usage restrictions. Option D is wrong because Microsoft Teams live events is a broadcast and streaming feature for large audiences; it does not provide document-level encryption or usage restriction controls.

295
Multi-Selecthard

Which TWO Microsoft 365 services are specifically designed to help organizations manage and monitor data compliance?

Select 2 answers
A.Microsoft Purview Communication Compliance
B.Microsoft Defender for Office 365
C.Microsoft Intune
D.Microsoft Sentinel
E.Microsoft Purview
AnswersA, E

This monitors communications for compliance.

Why this answer

Microsoft Purview (A) provides data governance and compliance solutions. Microsoft Purview Communication Compliance (C) monitors communications for policy violations. Microsoft Defender for Office 365 (B) is for threat protection.

Microsoft Intune (D) is for device management. Microsoft Sentinel (E) is a SIEM.

296
MCQmedium

An administrator is reviewing a request from users who need to detect risky users and suspicious sign-ins. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Entra ID Protection
B.Microsoft Planner
C.Microsoft Stream
D.Microsoft Forms
AnswerA

Microsoft Entra ID Protection detects identity risks such as risky users and risky sign-ins.

Why this answer

Microsoft Entra ID Protection is the correct choice because it is specifically designed to detect risky users and suspicious sign-ins by analyzing signals such as leaked credentials, anonymous IP addresses, and atypical travel patterns. It uses risk-based conditional access policies to automatically block or require multi-factor authentication for high-risk sign-ins, directly addressing the administrator's requirement.

Exam trap

The trap here is that candidates may confuse Microsoft Entra ID Protection with other Microsoft 365 security tools like Defender for Cloud Apps or Azure AD Identity Governance, but the question specifically asks for the capability that detects risky users and suspicious sign-ins, which is uniquely Entra ID Protection's core function.

How to eliminate wrong answers

Option B (Microsoft Planner) is wrong because it is a task management and project planning tool, not a security or identity capability; it cannot detect risky users or sign-ins. Option C (Microsoft Stream) is wrong because it is a video sharing and management service for enterprise content, lacking any identity protection or risk detection features. Option D (Microsoft Forms) is wrong because it is a survey and data collection tool, with no capability to analyze sign-in risks or user behavior for security purposes.

297
MCQhard

A multinational organization has a Microsoft 365 E5 subscription for 10,000 users. Some users in a subsidiary require only email and basic office apps. The IT department wants to reduce costs by reassigning licenses without losing any existing functionality for those users. What is the most cost-effective licensing strategy?

A.Keep all users on E5 but reduce the number of licenses
B.Downgrade those users to Microsoft 365 E3 licenses
C.Switch to Microsoft 365 E1 licenses for those users
D.Assign Microsoft 365 Business Basic licenses to those users
AnswerB

E3 provides email and Office apps at a lower cost than E5.

Why this answer

Option B is correct because Microsoft 365 E3 provides the same core functionality as E5—Exchange Online, SharePoint, Teams, and desktop Office apps—but lacks E5's advanced security and analytics features (e.g., Microsoft Defender for Office 365 Plan 2, Microsoft Purview, Power BI Pro). Downgrading users who need only email and basic Office apps to E3 reduces per-user licensing cost while preserving all required functionality, making it the most cost-effective strategy.

Exam trap

The trap here is that candidates may assume E1 is sufficient because it includes Exchange Online and web apps, but they overlook the explicit requirement for 'basic office apps'—which in Microsoft's licensing context means the desktop Office suite, available only in E3/E5 or Business versions, not in E1.

How to eliminate wrong answers

Option A is wrong because keeping all users on E5 but reducing the number of licenses does not address the subsidiary users' needs—they still require licenses, and reducing the total count would leave some users unlicensed, violating compliance. Option C is wrong because Microsoft 365 E1 lacks desktop Office apps (Word, Excel, PowerPoint), which the subsidiary users require per the scenario; E1 only includes web and mobile versions, not the full Office client. Option D is wrong because Microsoft 365 Business Basic is designed for organizations with up to 300 users, not for 10,000 users in an enterprise environment, and it also lacks desktop Office apps, failing the requirement for 'basic office apps.'

298
MCQmedium

A company is evaluating Microsoft 365 support plans. They need access to web-based support, the ability to submit an unlimited number of incidents, and a guaranteed response time of less than one hour for critical issues. They have fewer than 50 users. Which support plan should they choose?

A.Microsoft 365 Business Basic with Standard support
B.Microsoft 365 E3 with Professional Direct support
C.Microsoft 365 Business Premium
D.Microsoft 365 E5 with Premier support
AnswerC

Business Premium includes support with a 1-hour response for critical issues and unlimited incidents.

Why this answer

Microsoft 365 Business Premium includes 'Business Critical' support, which provides web-based support, unlimited incident submissions, and a guaranteed 1-hour response time for critical issues. This plan is designed for organizations with fewer than 300 users, making it suitable for the company with fewer than 50 users.

Exam trap

The trap here is that candidates often confuse the support tiers included with different subscription plans, assuming that higher-tier subscriptions like E3 or E5 automatically include faster response times and unlimited incidents, when in reality those features require additional support add-ons like Professional Direct or Premier.

How to eliminate wrong answers

Option A is wrong because Microsoft 365 Business Basic with Standard support does not include unlimited incident submissions or a guaranteed 1-hour response time for critical issues; Standard support offers only 8-hour response for critical issues. Option B is wrong because Microsoft 365 E3 with Professional Direct support, while offering faster response times, is designed for larger enterprises and does not include unlimited incident submissions as a standard feature; Professional Direct support has a 1-hour response for critical issues but requires a separate add-on for unlimited incidents. Option D is wrong because Microsoft 365 E5 with Premier support is an enterprise-level plan that includes unlimited incidents and 1-hour response for critical issues, but it is overkill for an organization with fewer than 50 users and typically requires a minimum of 500 licenses, making it cost-prohibitive and misaligned with the company's size.

299
MCQmedium

A tenant administrator is advising a department that wants to investigate incidents across identities, email, endpoints, and cloud apps in one experience. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Stream
B.Microsoft Defender XDR
C.Microsoft Forms
D.Microsoft Planner
AnswerB

Microsoft Defender XDR correlates alerts and incidents across multiple Defender workloads.

Why this answer

Microsoft Defender XDR (Extended Detection and Response) is the correct choice because it provides a unified, cross-domain security operations platform that correlates alerts and incidents across identities (Azure AD), email (Exchange Online), endpoints (Microsoft Defender for Endpoint), and cloud apps (Microsoft Defender for Cloud Apps). This single-pane-of-glass experience allows a tenant administrator to investigate incidents holistically without switching between separate consoles.

Exam trap

The trap here is that candidates often confuse Microsoft 365 compliance or productivity tools (like Stream, Forms, or Planner) with security investigation capabilities, failing to recognize that only Defender XDR provides the unified incident investigation experience across identities, email, endpoints, and cloud apps.

How to eliminate wrong answers

Option A is wrong because Microsoft Stream is a video management and sharing service within Microsoft 365, not a security investigation tool; it lacks any incident correlation or cross-domain detection capabilities. Option C is wrong because Microsoft Forms is a survey and data collection tool used for creating quizzes and forms, with no role in security incident investigation or threat detection. Option D is wrong because Microsoft Planner is a task management and project planning application integrated with Microsoft Teams and To Do, and it does not provide any security monitoring, alerting, or incident investigation features.

300
MCQeasy

A department asks for the Microsoft 365 service best suited for Teams channel conversations and meetings. Which service should they use?

A.Microsoft Entra Privileged Identity Management
B.Microsoft Defender for Endpoint
C.Microsoft Purview Compliance Manager
D.Microsoft Teams
AnswerD

Teams is the hub for chat, meetings, calls, and team collaboration.

Why this answer

Microsoft Teams is the correct service because it is specifically designed to host channel-based conversations and meetings within Microsoft 365. Teams provides persistent chat channels, audio/video conferencing, and meeting scheduling, directly fulfilling the department's request.

Exam trap

The trap here is that candidates may confuse Microsoft Teams with other Microsoft 365 services that have 'management' or 'compliance' in their names, assuming they support collaboration features, when in fact they are specialized for identity, security, or compliance tasks.

How to eliminate wrong answers

Option A is wrong because Microsoft Entra Privileged Identity Management is an identity governance tool for managing, controlling, and monitoring access to Azure AD roles, not for conversations or meetings. Option B is wrong because Microsoft Defender for Endpoint is a security solution for endpoint detection and response (EDR) and vulnerability management, not a collaboration platform. Option C is wrong because Microsoft Purview Compliance Manager is a compliance management solution for assessing and managing regulatory compliance risks, not for real-time communication.

Page 3

Page 4 of 14

Page 5