Microsoft 365 Fundamentals MS-900 (MS-900) — Questions 451525

985 questions total · 14pages · All types, answers revealed

Page 6

Page 7 of 14

Page 8
451
MCQeasy

A public relations team needs to create an interactive, visually rich newsletter that includes embedded video and dynamic content from a SharePoint list. Which app should they use?

A.Sway
B.PowerPoint
C.SharePoint News
D.Microsoft Stream
AnswerA

Sway allows users to create interactive and responsive newsletters with embedded video and can integrate dynamic content from SharePoint through its card-based design.

Why this answer

Sway is the correct choice because it is designed specifically for creating interactive, visually rich newsletters that can embed videos and dynamically pull content from SharePoint lists using its integration with Microsoft 365. Unlike other apps, Sway offers a responsive design canvas that adapts to different devices and allows embedding of multimedia elements directly, making it ideal for a public relations team's needs.

Exam trap

The trap here is that candidates often confuse SharePoint News with Sway because both can display news and embed videos, but SharePoint News is a site-level feature for internal communications, not a standalone app for creating interactive, visually rich newsletters with dynamic content from SharePoint lists.

How to eliminate wrong answers

Option B (PowerPoint) is wrong because it is a presentation tool focused on slide-based content, not a newsletter format, and lacks native support for dynamically pulling content from SharePoint lists without complex add-ins. Option C (SharePoint News) is wrong because while it can display news posts and embed videos, it does not provide the same level of interactive, visually rich design flexibility as Sway and is more suited for internal communications within a SharePoint site. Option D (Microsoft Stream) is wrong because it is a video hosting and management platform, not a content creation tool for newsletters, and cannot generate interactive documents with embedded dynamic content from SharePoint lists.

452
MCQeasy

A sales team wants to maintain a shared list of high-priority leads with custom columns for company name, contact person, deal value, and stage. Team members need to update the list in real time and view the change history. Which Microsoft 365 app should they use?

A.Microsoft Lists
B.Microsoft Excel
C.Microsoft SharePoint
D.Microsoft Teams
AnswerA

Correct. Microsoft Lists provides a rich list management experience with custom columns, real-time collaboration, and version history.

Why this answer

Microsoft Lists is designed for creating and sharing flexible lists with custom columns, real-time collaboration, and version history. Excel can be shared but is not as purpose-built for list management. SharePoint can host lists, but Microsoft Lists is the dedicated app.

Teams can display a list as a tab, but the underlying app is Lists.

453
Multi-Selecthard

A healthcare organization must protect patient health information (PHI) from being accidentally shared externally via email. They need to automatically block emails containing medical record numbers from being sent outside the organization and also encrypt any email that does contain PHI when it is allowed. Which two Microsoft Purview solutions should they combine? (Choose two.)

Select 2 answers
A.Microsoft Purview Data Loss Prevention (DLP)
B.Microsoft Purview eDiscovery
C.Microsoft Purview Message Encryption
D.Microsoft Purview Audit (Standard)
AnswersA, C

DLP policies can scan emails and documents for sensitive data (e.g., medical record numbers) and automatically block sharing or show policy tips. This is the correct solution for blocking external sharing of PHI.

Why this answer

Microsoft Purview Data Loss Prevention (DLP) is correct because it can automatically detect sensitive data, such as medical record numbers (PHI), in emails and apply policy actions like blocking external transmission. This directly addresses the requirement to prevent accidental sharing of PHI via email.

Exam trap

The trap here is that candidates often confuse eDiscovery or Audit with real-time enforcement capabilities, forgetting that DLP is the only option that can actively block or encrypt outbound emails based on content inspection.

454
MCQmedium

A company uses Microsoft Purview to monitor for potential data security incidents. They want to automatically detect and remediate activities like downloading large amounts of data to a personal device. Which solution should they configure?

A.Data Loss Prevention (DLP)
B.Insider Risk Management
C.Audit
D.eDiscovery
AnswerB

Insider Risk Management uses risk indicators to identify and automatically respond to risky user actions such as unusual data downloads.

Why this answer

Insider Risk Management is the correct solution because it is specifically designed to detect and remediate risky user activities that could lead to data security incidents, such as downloading large amounts of data to a personal device. It uses machine learning and behavioral analytics to identify anomalous patterns and can trigger automated remediation actions like blocking the activity or notifying the user.

Exam trap

The trap here is that candidates often confuse Data Loss Prevention (DLP) with Insider Risk Management, assuming DLP handles all data security incidents, but DLP focuses on content-based policies (e.g., credit card numbers) rather than behavioral detection of risky user actions like bulk downloads to personal devices.

How to eliminate wrong answers

Option A is wrong because Data Loss Prevention (DLP) is focused on preventing data exfiltration by enforcing policies on data in use, in transit, or at rest, but it does not natively detect or remediate behavioral patterns like downloading large volumes to a personal device; it typically blocks or alerts on policy violations based on content inspection. Option C is wrong because Audit (Microsoft Purview Audit) is a logging and investigation tool that records user and admin activities for compliance and forensic analysis, but it does not automatically detect or remediate risky behaviors in real time. Option D is wrong because eDiscovery is used for legal and regulatory discovery of electronic content, such as searching and exporting data for litigation or investigations, and has no capability to automatically detect or remediate data security incidents.

455
MCQmedium

An administrator is reviewing a request from users who need to protect users from phishing, unsafe links, and malicious attachments. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Defender for Office 365
B.Microsoft Stream
C.Microsoft Forms
D.Microsoft Planner
AnswerA

Defender for Office 365 provides advanced protection for email and collaboration threats.

Why this answer

Microsoft Defender for Office 365 is the correct choice because it provides advanced threat protection specifically designed to safeguard users against phishing, unsafe links, and malicious attachments. It includes features like Safe Links, Safe Attachments, and anti-phishing policies that scan and detonate URLs and attachments in real-time, leveraging threat intelligence from the Microsoft Intelligent Security Graph.

Exam trap

The trap here is that candidates may confuse general Microsoft 365 productivity apps (Stream, Forms, Planner) with security services, assuming any Microsoft tool can provide protection, but only Defender for Office 365 is purpose-built for phishing and malware defense.

How to eliminate wrong answers

Option B is wrong because Microsoft Stream is a video hosting and sharing service, not a security tool; it cannot protect against phishing, unsafe links, or malicious attachments. Option C is wrong because Microsoft Forms is a survey and quiz creation tool that lacks any built-in threat protection capabilities for email or links. Option D is wrong because Microsoft Planner is a task management and project planning application, with no security features to defend against phishing or malicious content.

456
MCQmedium

A customer reports that their Microsoft 365 Business Basic subscription is about to expire. They want to ensure uninterrupted service. What should they do?

A.Cancel the subscription immediately
B.Wait for the grace period to expire
C.Ensure recurring billing is enabled
D.Purchase an additional add-on license
AnswerC

With recurring billing enabled, the subscription will automatically renew on the expiration date, ensuring continuity.

Why this answer

Enabling recurring billing ensures that the subscription automatically renews before the expiration date, preventing any lapse in service. Without recurring billing, the subscription will expire at the end of the billing period, and the customer would lose access to Microsoft 365 services after a short grace period. This is the direct mechanism to maintain uninterrupted service for a Microsoft 365 Business Basic subscription.

Exam trap

The trap here is that candidates may confuse add-on licenses with subscription renewal, thinking that purchasing more licenses extends the subscription term, when in fact add-ons only increase the number of users or add features without affecting the subscription's expiration date.

How to eliminate wrong answers

Option A is wrong because canceling the subscription immediately would terminate service right away, causing an outage rather than ensuring continuity. Option B is wrong because waiting for the grace period to expire would result in the subscription being disabled and data potentially being deleted after the grace period ends, which does not ensure uninterrupted service. Option D is wrong because purchasing an additional add-on license does not affect the renewal or expiration of the base subscription; it only adds extra features or capacity, not extending the subscription term.

457
MCQhard

A multinational organization with 500 users currently has Microsoft 365 E3 licenses. They need to perform advanced threat hunting using queries across email, endpoints, and identities to investigate a security incident. They also need the ability to automatically isolate infected endpoints. What is the most cost-effective licensing addition?

A.Microsoft 365 E5 Security
B.Microsoft 365 E5
C.Microsoft 365 E5 Compliance
D.Enterprise Mobility + Security (EMS) E5
AnswerA

Correct. The E5 Security add-on provides Microsoft 365 Defender for advanced threat hunting across multiple domains and includes automated endpoint isolation.

Why this answer

Microsoft 365 E5 Security is the most cost-effective addition because it provides advanced threat hunting via Microsoft 365 Defender (including queries across email, endpoints, and identities) and automated endpoint isolation through Microsoft Defender for Endpoint. This add-on delivers the required capabilities without the full cost of upgrading all users to Microsoft 365 E5, which would also include unnecessary features like advanced compliance and analytics.

Exam trap

The trap here is that candidates often confuse Microsoft 365 E5 Security with the full Microsoft 365 E5 license, assuming the full E5 is required for security features, when in fact the Security add-on provides the specific threat hunting and isolation capabilities at a lower cost.

How to eliminate wrong answers

Option B (Microsoft 365 E5) is wrong because it includes the full suite of E5 features (e.g., advanced compliance, analytics, and voice capabilities) at a higher per-user cost, making it less cost-effective than just adding the Security add-on. Option C (Microsoft 365 E5 Compliance) is wrong because it focuses on eDiscovery, data loss prevention, and information protection, not on advanced threat hunting with queries across email, endpoints, and identities or automated endpoint isolation. Option D (Enterprise Mobility + Security (EMS) E5) is wrong because it provides identity and access management (e.g., Azure AD P2, Intune) and mobile device management, but lacks the advanced threat hunting and automated endpoint isolation capabilities found in Microsoft 365 Defender.

458
MCQhard

You are configuring a Communication Compliance policy to detect workplace harassment. The policy currently includes conditions for sensitive information types (credit card numbers, SSN) and keywords. After deployment, the policy generates many irrelevant alerts for routine HR communications that contain the keywords but no harassment. What should you modify to improve detection accuracy?

A.Expand the keyword list to include more terms
B.Add more sensitive information types
C.Enable audit logging for all communications
D.Use a trainable classifier for 'harassment' instead of keyword matching
AnswerD

Trainable classifiers use machine learning to detect harassment more accurately.

Why this answer

The policy should use a trainable classifier specifically for harassment (Option B) instead of broad sensitive info types and keywords. Sensitive info types (A) do not detect harassment. Option C (audit log is not relevant).

Option D (expanding keywords would increase false positives).

459
MCQmedium

A company has a mix of full-time employees and seasonal contractors. They want to provide email and file storage to contractors without purchasing full licenses. Which licensing option should they use?

A.Exchange Online Kiosk
B.Microsoft 365 F3
C.Microsoft 365 Business Basic
D.Microsoft 365 Enterprise E1
AnswerA

Provides basic email and calendar access at a low cost, suitable for contractors.

Why this answer

Exchange Online Kiosk is the correct choice because it provides email-only access (2 GB mailbox) and basic file storage via OneDrive for Business (2 GB) at a low per-user cost, specifically designed for users who need limited functionality without a full license. This meets the requirement for seasonal contractors who need email and file storage but do not require the full suite of Office apps or advanced features.

Exam trap

The trap here is that candidates often confuse Exchange Online Kiosk with Microsoft 365 F3 or Business Basic, assuming contractors need the full suite of apps, when the question specifically limits requirements to email and file storage only.

How to eliminate wrong answers

Option B (Microsoft 365 F3) is wrong because it is a full-featured license for frontline workers that includes Exchange Online, SharePoint, Teams, and Office web apps, which is overkill and more expensive than needed for contractors requiring only email and basic file storage. Option C (Microsoft 365 Business Basic) is wrong because it includes Exchange Online, SharePoint, Teams, and Office web apps, providing more functionality than necessary and costing more than the Kiosk option. Option D (Microsoft 365 Enterprise E1) is wrong because it is an enterprise-grade license with full Exchange Online, SharePoint, Teams, and compliance features, designed for full-time employees and significantly more expensive than the Kiosk option.

460
MCQmedium

A growing company with 120 users currently holds Microsoft 365 Business Basic licenses. They need to add endpoint management (Microsoft Intune) and advanced threat protection (Microsoft Defender for Office 365 Plan 1). They also want to keep their existing Business Basic subscriptions. What is the most cost-effective way to add these capabilities?

A.Upgrade all users to Microsoft 365 Business Premium
B.Add Microsoft 365 Business Premium licenses as a standalone for all users
C.Purchase add-on subscriptions for Microsoft Intune Plan 1 and Microsoft Defender for Office 365 Plan 1
D.Switch to Microsoft 365 E3 and drop Business Basic
AnswerC

These add-ons provide exactly the required capabilities without upgrading the base plan, offering the most cost-effective solution.

Why this answer

Option C is correct because Microsoft 365 Business Basic supports add-on subscriptions for Microsoft Intune Plan 1 and Microsoft Defender for Office 365 Plan 1, allowing the company to retain their existing licenses while adding endpoint management and advanced threat protection. This is the most cost-effective approach as it avoids the higher per-user cost of upgrading to Business Premium or switching to E3, which would include unnecessary features like desktop Office apps.

Exam trap

The trap here is that candidates often assume they must upgrade to a higher-tier plan (like Business Premium or E3) to get Intune and Defender, overlooking that Microsoft 365 Business Basic supports targeted add-on subscriptions for specific capabilities, which is the most cost-effective path.

How to eliminate wrong answers

Option A is wrong because upgrading all users to Microsoft 365 Business Premium would include features like desktop Office apps and other capabilities not required, resulting in unnecessary cost per user compared to purchasing only the needed add-ons. Option B is wrong because adding Business Premium as a standalone license for all users is redundant and more expensive than using add-ons, as it would duplicate the Business Basic subscription and include unneeded features. Option D is wrong because switching to Microsoft 365 E3 would drop the existing Business Basic subscriptions and introduce a higher per-user cost with features like advanced compliance and eDiscovery that are not required, making it less cost-effective than add-ons.

461
MCQmedium

A company has 100 Microsoft 365 E3 users. They need to add advanced threat protection (Microsoft Defender for Microsoft 365 Plan 2) and advanced compliance (eDiscovery Premium) for all users. They want to minimize additional costs while keeping their existing E3 subscriptions. What is the most cost-effective licensing strategy?

A.Purchase both the Microsoft 365 E5 Compliance add-on and the Microsoft 365 E5 Security add-on
B.Upgrade all users to Microsoft 365 E5
C.Purchase only the Microsoft 365 E5 Compliance add-on
D.Purchase only the Microsoft 365 E5 Security add-on
AnswerA

These add-ons provide exactly the advanced compliance and security features needed without upgrading to E5.

Why this answer

The Microsoft 365 E5 Security add-on provides Microsoft Defender for Office 365 Plan 2, and the Microsoft 365 E5 Compliance add-on provides eDiscovery Premium. Purchasing both add-ons for existing E3 users delivers the required advanced threat protection and advanced compliance capabilities without the full cost of upgrading to E5, making it the most cost-effective strategy.

Exam trap

The trap here is that candidates may assume upgrading to E5 is the only way to get both advanced security and compliance features, overlooking the cost-saving option of purchasing the specific E5 add-ons for existing E3 users.

How to eliminate wrong answers

Option B is wrong because upgrading all users to Microsoft 365 E5 includes both the security and compliance features but at a higher per-user cost than purchasing the two add-ons separately, which is unnecessary when E3 licenses are already in place. Option C is wrong because purchasing only the E5 Compliance add-on provides eDiscovery Premium but does not include Microsoft Defender for Office 365 Plan 2, leaving the advanced threat protection requirement unmet. Option D is wrong because purchasing only the E5 Security add-on provides Microsoft Defender for Office 365 Plan 2 but does not include eDiscovery Premium, failing to address the advanced compliance requirement.

462
MCQeasy

A company is deploying Microsoft 365 and wants to ensure that customer financial data remains within the European Union. Which Microsoft 365 feature should the administrator configure?

A.Apply sensitivity labels using Microsoft Purview.
B.Configure Data Location settings in the Microsoft 365 admin center.
C.Set up Conditional Access policies in Microsoft Entra ID.
D.Implement Data Loss Prevention (DLP) policies.
AnswerB

Data Location controls data residency at rest.

Why this answer

Option A is correct because Data Location (or data residency) is a Microsoft 365 feature that allows organizations to specify where their data is stored at rest, ensuring compliance with regional regulations like GDPR. Option B is incorrect because DLP prevents data loss but does not control storage location. Option C is incorrect because Conditional Access controls access, not storage.

Option D is incorrect because sensitivity labels classify data but do not enforce storage location.

463
MCQeasy

A company wants to prevent employees from forwarding sensitive emails outside the organization. Which Microsoft Purview feature should they use?

A.Microsoft Intune Mobile Application Management
B.Microsoft Entra ID Conditional Access
C.Microsoft Defender for Office 365 Anti-Phishing
D.Microsoft Purview Message Encryption
AnswerD

Message Encryption can enforce policies like 'Do Not Forward'.

Why this answer

Microsoft Purview Message Encryption allows encryption and rights protection, including preventing forwarding. Option A is correct. The other options do not specifically prevent forwarding.

464
MCQeasy

A hospital needs to ensure patient data remains in a specific geographic region due to regulatory requirements. Which cloud deployment model should they consider?

A.Community cloud
B.Private cloud
C.Hybrid cloud
D.Public cloud
AnswerB

Private cloud is dedicated to a single organization, allowing full control over data location and compliance.

Why this answer

Option C is correct because a private cloud is dedicated to a single organization and can be deployed on-premises or in a datacenter, ensuring data residency and compliance. Option A (Public cloud) may store data across regions. Option B (Hybrid cloud) combines public and private but doesn't guarantee data stays in one region.

Option D (Community cloud) is shared by several organizations, not ideal for strict data residency.

465
MCQmedium

A compliance administrator needs to assess compliance posture against standards and improvement actions. Which Microsoft 365 capability is the best fit? The design must avoid adding custom operational scripts.

A.OneDrive sync client
B.Microsoft Teams live events
C.Microsoft Purview Compliance Manager
D.Microsoft Bookings
AnswerC

Compliance Manager provides assessments, improvement actions, and compliance scoring.

Why this answer

Microsoft Purview Compliance Manager is the correct choice because it provides a built-in, no-code solution for assessing compliance posture against standards (e.g., ISO 27001, NIST) and generates actionable improvement actions. It eliminates the need for custom operational scripts by offering pre-configured assessments and automated tracking of controls.

Exam trap

The trap here is that candidates may confuse Microsoft Purview Compliance Manager with broader security tools like Microsoft Secure Score or Defender for Cloud, but the question specifically requires a compliance posture assessment tool that avoids custom scripts, which Compliance Manager uniquely fulfills.

How to eliminate wrong answers

Option A is wrong because the OneDrive sync client is a file synchronization tool for local and cloud storage, not a compliance assessment or improvement action tool. Option B is wrong because Microsoft Teams live events is a broadcasting feature for real-time virtual events, with no capability to evaluate compliance posture or generate improvement actions. Option D is wrong because Microsoft Bookings is a scheduling and appointment management app, entirely unrelated to compliance assessments or standards-based posture analysis.

466
MCQmedium

A company has a mix of full-time employees and contractors. Full-time employees need Microsoft 365 desktop apps, email, and cloud storage. Contractors only need email and cloud storage. Which licensing approach is the most cost-effective?

A.Assign Microsoft 365 Business Standard to both groups
B.Assign Microsoft 365 Business Basic to contractors and Microsoft 365 Business Standard to full-time employees
C.Assign Microsoft 365 Apps for business to contractors and Microsoft 365 Business Standard to full-time employees
D.Assign Microsoft 365 Business Premium to full-time employees and Microsoft 365 Business Basic to contractors
AnswerB

Contractors get only the email and storage they need (Business Basic), and full-time employees get the additional desktop apps (Business Standard), minimizing total licensing cost.

Why this answer

Microsoft 365 Business Basic provides web and mobile versions of Office apps, email (Exchange Online), and cloud storage (OneDrive/SharePoint) — sufficient for contractors who don't need desktop apps. Microsoft 365 Business Standard includes the full desktop Office suite plus the same email and storage, meeting the needs of full-time employees. This pairing avoids paying for desktop app licenses for contractors, making it the most cost-effective approach.

Exam trap

The trap here is that candidates may assume contractors need desktop apps or overlook that Microsoft 365 Apps for business lacks email and cloud storage, leading them to choose option C instead of the correct B.

How to eliminate wrong answers

Option A is wrong because assigning Business Standard to both groups wastes money on desktop app licenses for contractors who don't need them. Option C is wrong because Microsoft 365 Apps for business provides only desktop Office apps and lacks Exchange Online email and SharePoint/OneDrive cloud storage, so contractors would not get the required email and storage. Option D is wrong because Business Premium includes advanced security and device management features (e.g., Microsoft Defender, Intune) that are not required for full-time employees based on the stated needs, leading to unnecessary cost.

467
MCQeasy

An organization wants to use Microsoft 365 to automatically classify and protect sensitive data in emails and documents. Which service should they use?

A.Microsoft Purview Information Protection
B.Microsoft Intune
C.Microsoft Defender for Office 365
D.Microsoft Entra ID
AnswerA

This service provides automatic classification and protection of sensitive data.

Why this answer

Microsoft Purview Information Protection (formerly Azure Information Protection) is the correct service because it provides data classification, labeling, and protection capabilities directly within Microsoft 365. It uses sensitivity labels to automatically classify emails and documents based on conditions like content patterns or custom keywords, and then applies encryption, rights management, or visual markings (e.g., headers/footers) to protect sensitive data both at rest and in transit.

Exam trap

The trap here is that candidates often confuse Microsoft Defender for Office 365 (which protects against threats) with Purview Information Protection (which classifies and protects data), leading them to select Option C because they associate 'protect' with security rather than data governance.

How to eliminate wrong answers

Option B (Microsoft Intune) is wrong because it is a mobile device management (MDM) and mobile application management (MAM) service focused on managing devices and apps, not on classifying or protecting data content within emails and documents. Option C (Microsoft Defender for Office 365) is wrong because it is a security service that protects against threats like phishing, malware, and malicious links in email and collaboration tools, but it does not perform automatic data classification or sensitivity labeling. Option D (Microsoft Entra ID) is wrong because it is an identity and access management (IAM) service that handles authentication, single sign-on, and conditional access policies, not data classification or protection of content.

468
MCQeasy

A company wants to use a cloud service where they only manage their data and user access, while the cloud provider handles everything from the physical infrastructure to the applications. Which cloud service model is this?

A.Infrastructure as a Service (IaaS)
B.Platform as a Service (PaaS)
C.Software as a Service (SaaS)
D.On-premises deployment
AnswerC

Correct. The provider manages everything from infrastructure to the application, and the customer only manages data and user access.

Why this answer

This scenario describes Software as a Service (SaaS), where the cloud provider manages the entire stack—physical infrastructure, operating system, middleware, runtime, data, and applications—while the customer only manages their data and user access. In SaaS, the provider delivers fully functional applications over the internet, such as Microsoft 365, where users simply log in and use the software without any infrastructure or platform management responsibilities.

Exam trap

The trap here is that candidates often confuse PaaS with SaaS because both abstract infrastructure, but PaaS still requires the customer to manage their own applications and data, whereas SaaS offloads even application management to the provider.

How to eliminate wrong answers

Option A is wrong because Infrastructure as a Service (IaaS) provides only virtualized computing resources (e.g., VMs, storage, networks), and the customer must manage the operating systems, middleware, runtime, data, and applications themselves. Option B is wrong because Platform as a Service (PaaS) abstracts the underlying infrastructure and middleware, but the customer still manages their own applications and data, not just user access and data. Option D is wrong because an on-premises deployment means the company manages everything—from physical hardware to applications—which is the opposite of the described model where the provider handles all layers.

469
MCQmedium

A compliance-aware administrator is selecting the right Microsoft 365 capability to follow a logical Microsoft 365 subscription planning sequence. Microsoft 365 licensing, admin, or support concept is most relevant?

A.Microsoft Forms
B.Assess needs, choose plan, purchase licenses, assign licenses
C.Microsoft Stream
D.Microsoft Whiteboard
AnswerB

Requirements should drive plan choice before purchase and assignment.

Why this answer

Option B is correct because the question explicitly asks for the concept most relevant to a logical Microsoft 365 subscription planning sequence. The sequence 'Assess needs, choose plan, purchase licenses, assign licenses' is the standard, documented Microsoft 365 planning lifecycle. This directly aligns with the 'Describe Microsoft 365 pricing and support' domain, which covers subscription planning, licensing models, and administrative steps.

The other options (Forms, Stream, Whiteboard) are individual productivity applications, not licensing, admin, or support concepts.

Exam trap

The trap here is that candidates often confuse individual Microsoft 365 applications (like Forms, Stream, or Whiteboard) with the administrative and licensing concepts that govern subscription planning, leading them to select a product name instead of the correct process sequence.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a survey and data-collection application within Microsoft 365, not a licensing, admin, or support concept; it does not represent a subscription planning sequence. Option C is wrong because Microsoft Stream is a video management and sharing service, not a licensing, admin, or support concept; it is a workload, not a planning step. Option D is wrong because Microsoft Whiteboard is a digital canvas collaboration tool, not a licensing, admin, or support concept; it is an end-user application, unrelated to subscription planning.

470
Multi-Selecthard

Which THREE of the following are capabilities of Microsoft Entra ID that support identity security? (Choose three.)

Select 3 answers
A.Microsoft Defender XDR
B.Microsoft Intune
C.Privileged Identity Management (PIM)
D.Conditional Access
E.Identity Protection
AnswersC, D, E

PIM is part of Entra ID for managing privileged access.

Why this answer

Option A is correct: Conditional Access enforces access policies. Option C is correct: Identity Protection detects risks. Option D is correct: Privileged Identity Management (PIM) manages privileged roles.

Option B is wrong because Microsoft Defender XDR is a separate security product. Option E is wrong because Microsoft Intune is for device management.

471
MCQhard

A multinational company uses Microsoft 365 and wants to ensure that data stored in SharePoint Online is only accessible from specific geographic regions. The company has offices in the US, EU, and Asia. You need to implement a solution that restricts access based on the user's physical location. Which feature should you configure?

A.Data Residency in Microsoft Purview
B.Conditional Access policies in Microsoft Entra ID
C.Geofencing in Microsoft Intune
D.Location-Based Policies in SharePoint Admin Center
AnswerB

Conditional Access policies can block or allow access based on location via IP ranges.

Why this answer

Option C is correct because Conditional Access policies can enforce location-based controls using IP addresses. Location-Based Policies (A) are not a built-in feature. Data Residency (B) is about data storage location, not access control.

Geofencing (D) is a general concept but not a specific Microsoft 365 feature.

472
MCQhard

A large enterprise needs to enforce that all documents containing financial data are automatically classified and encrypted when shared externally. Which combination of Microsoft 365 services should be used?

A.Microsoft Forms and Microsoft Stream
B.Microsoft Sentinel and Microsoft Defender XDR
C.Microsoft Purview Information Protection and Microsoft Defender for Cloud Apps
D.Microsoft Intune and Microsoft Entra ID
AnswerC

Information Protection labels and Cloud App Security broker enforce classification and encryption.

Why this answer

Option C is correct because Microsoft Purview Information Protection provides the classification and labeling capabilities to automatically identify documents containing financial data, while Microsoft Defender for Cloud Apps enables policy-based encryption and protection controls when those documents are shared externally. Together, they enforce data loss prevention (DLP) by applying sensitivity labels that trigger encryption upon external sharing, meeting the enterprise requirement.

Exam trap

The trap here is that candidates confuse security monitoring tools (Sentinel, Defender XDR) with data classification and encryption tools, or they mistakenly think device management (Intune) or identity (Entra ID) can enforce content-level encryption on documents shared externally.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a survey tool and Microsoft Stream is a video platform; neither provides document classification, encryption, or external sharing controls. Option B is wrong because Microsoft Sentinel is a SIEM/SOAR for security incident detection and Microsoft Defender XDR is for endpoint, email, and identity threat protection; they do not classify or encrypt documents based on content. Option D is wrong because Microsoft Intune is a mobile device management (MDM) and mobile application management (MAM) solution, and Microsoft Entra ID is an identity and access management service; neither directly classifies or encrypts document content for external sharing.

473
MCQmedium

A project manager wants a shared workspace where team members can create and track tasks, set deadlines, and collaborate on documents. This workspace should integrate with Microsoft Teams for quick access. Which Microsoft 365 service is best suited for this purpose?

A.Microsoft Lists
B.Microsoft Planner
C.Microsoft To Do
D.Microsoft Project Online
AnswerB

Planner offers a visual task board with assignments, due dates, and file attachments, and it integrates natively with Microsoft Teams.

Why this answer

Microsoft Planner is the correct choice because it provides a shared workspace (Plan) where team members can create and track tasks, set deadlines, and collaborate on documents. It integrates natively with Microsoft Teams via the Planner tab, allowing quick access within a Teams channel, and supports file attachments from SharePoint/OneDrive for collaboration.

Exam trap

The trap here is that candidates often confuse Microsoft Lists with Planner because both involve tracking items, but Lists is for static data collection (like a spreadsheet) while Planner is for dynamic task management with assignments and deadlines.

How to eliminate wrong answers

Option A is wrong because Microsoft Lists is a data-tracking app for creating custom lists (e.g., issue trackers, inventories) but lacks built-in task assignment, deadline tracking, and Kanban-style task management that Planner offers. Option C is wrong because Microsoft To Do is a personal task management tool for individual users, not designed for team collaboration or shared workspaces with document collaboration. Option D is wrong because Microsoft Project Online is a full-featured project management solution for complex scheduling, resource management, and Gantt charts, which is overkill for a simple shared workspace and does not integrate as seamlessly with Teams for quick task tracking.

474
MCQmedium

A company with 300 users is choosing between Microsoft 365 Business Premium and Microsoft 365 E3. They need desktop Office apps, email, Teams, and basic device management (including Microsoft Intune). They do not need advanced compliance or analytics. Which plan is more cost-effective?

A.Microsoft 365 Business Premium
B.Microsoft 365 E3
C.Microsoft 365 Business Standard
D.Microsoft 365 F3
AnswerA

Correct. It includes all needed capabilities (office apps, email, Teams, Intune) at a lower per-user cost than E3, suitable for up to 300 users.

Why this answer

Microsoft 365 Business Premium is the most cost-effective choice because it includes desktop Office apps, Exchange Online email, Teams, and Microsoft Intune for basic device management, all for a lower per-user price than E3. The company's stated needs (no advanced compliance or analytics) align perfectly with Business Premium's feature set, making E3's additional capabilities unnecessary and more expensive.

Exam trap

The trap here is that candidates often assume E3 is always 'better' for larger organizations, but the MS-900 exam tests whether you can match specific feature requirements (especially Intune and desktop apps) to the most cost-effective plan, not just the highest-tier one.

How to eliminate wrong answers

Option B is wrong because Microsoft 365 E3 includes advanced compliance (e.g., eDiscovery, retention policies) and analytics (e.g., Power BI Pro) that the company does not need, making it a more expensive plan for the same required features. Option C is wrong because Microsoft 365 Business Standard lacks Microsoft Intune for device management, which is explicitly required by the company. Option D is wrong because Microsoft 365 F3 is designed for frontline workers and does not include desktop Office apps (only web and mobile versions), failing the requirement for desktop Office apps.

475
MCQmedium

A service owner is comparing Microsoft 365 capabilities and needs to block emails containing credit card numbers from being sent externally. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Planner
B.Data Loss Prevention (DLP)
C.Microsoft Stream
D.Microsoft Forms
AnswerB

DLP detects sensitive information and can block or warn on sharing actions.

Why this answer

Data Loss Prevention (DLP) in Microsoft 365 is the correct capability because it is specifically designed to detect and protect sensitive information, such as credit card numbers, by scanning email content and attachments. DLP policies can be configured to block external transmission of emails containing sensitive data, using built-in sensitive information types like the Credit Card Number rule that matches patterns based on Luhn checksum validation. This directly addresses the service owner's requirement to prevent credit card numbers from being sent externally.

Exam trap

The trap here is that candidates may confuse Microsoft 365 compliance tools with unrelated productivity apps, assuming any 'Microsoft' tool can handle security tasks, but only DLP is purpose-built for content-based email restrictions.

How to eliminate wrong answers

Option A is wrong because Microsoft Planner is a task management and project planning tool, not a security or compliance feature; it cannot inspect or block email content. Option C is wrong because Microsoft Stream is a video hosting and sharing platform, with no capability to scan or enforce policies on email transmissions. Option D is wrong because Microsoft Forms is a survey and data collection tool, lacking any data loss prevention or email filtering functionality.

476
Matchingmedium

Match each Microsoft 365 security feature to its function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Protects against malicious links and attachments in email

Identity and access management service

Policy-based controls to enforce MFA or block access

Mobile device and application management

Why these pairings

These features secure identities, devices, and data in Microsoft 365.

477
MCQhard

An organization needs to prevent users from sharing documents that contain credit card numbers via email and Microsoft Teams. When a user attempts to share such a document, they should see a policy tip explaining the restriction. Which Microsoft Purview solution should the compliance team configure?

A.Microsoft Purview Information Barriers
B.Microsoft Purview Data Loss Prevention (DLP)
C.Microsoft Purview Retention Policies
D.Microsoft Purview Sensitivity Labels
AnswerB

DLP policies can detect credit card numbers and other sensitive data in Exchange, SharePoint, OneDrive, and Teams. They can block the action and display a policy tip to inform the user.

Why this answer

Microsoft Purview Data Loss Prevention (DLP) is the correct solution because it is specifically designed to detect sensitive information types—such as credit card numbers—in documents and communications. DLP policies can be configured to block or warn users via policy tips when they attempt to share such content through email or Microsoft Teams, enforcing compliance without disrupting legitimate work.

Exam trap

The trap here is that candidates often confuse Sensitivity Labels (which classify data) with DLP (which enforces actions based on that classification or on sensitive data patterns), leading them to choose D when the question specifically asks for a solution that scans for credit card numbers and shows policy tips.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Information Barriers restrict communication and collaboration between specific user groups (e.g., to prevent conflicts of interest), but they do not inspect content for sensitive data like credit card numbers or provide policy tips. Option C is wrong because Microsoft Purview Retention Policies manage how long content is kept or deleted for legal or regulatory purposes, not to prevent sharing of sensitive data in real time. Option D is wrong because Microsoft Purview Sensitivity Labels classify and protect content based on sensitivity (e.g., 'Confidential'), but they do not natively scan for specific data patterns like credit card numbers or trigger policy tips on their own; they require integration with DLP for such enforcement.

478
MCQmedium

A marketing manager needs to create a modern intranet site that publishes news, important announcements, and upcoming events. The site must be responsive on mobile devices and allow employees to like, comment, and share articles. Which Microsoft 365 service should they use?

A.Microsoft Teams
B.SharePoint Communication site
C.Microsoft Viva Engage
D.Microsoft Viva Connections
AnswerB

Communication sites are ideal for publishing news, events, and announcements with engagement features and mobile responsiveness.

Why this answer

A SharePoint Communication site is designed for broadcasting news, announcements, and events to a broad audience, with built-in support for responsive mobile rendering and social features like likes, comments, and sharing. This makes it the correct choice for a modern intranet that needs to engage employees across devices.

Exam trap

The trap here is that candidates often confuse Microsoft Viva Connections (a dashboard) with the underlying content source (SharePoint Communication site), leading them to select D when the question explicitly asks for the service used to create the intranet site.

How to eliminate wrong answers

Option A is wrong because Microsoft Teams is a chat-based collaboration hub focused on persistent conversations and channel-based teamwork, not a publishing platform for news and announcements with like/comment/share capabilities. Option C is wrong because Microsoft Viva Engage (formerly Yammer) is an enterprise social network for community discussions and knowledge sharing, but it lacks the structured page publishing and modern intranet site features required for news and events. Option D is wrong because Microsoft Viva Connections is a personalized dashboard that aggregates content from SharePoint, Teams, and other sources, but it is not a site creation service itself—it depends on a SharePoint Communication site as its underlying content source.

479
Multi-Selecteasy

A company wants to ensure that their cloud resources can automatically increase during peak traffic and decrease during low usage. They also want to be billed only for the resources they consume. Which two cloud characteristics are described? (Choose two.)

Select 2 answers
A.Elasticity and Measured service
B.High availability and Disaster recovery
C.Scalability and Fault tolerance
D.Agility and Resource pooling
AnswersA, C

Elasticity enables automatic scaling; measured service enables pay-per-use billing.

Why this answer

Elasticity refers to the ability of cloud resources to automatically scale out (increase capacity) during peak traffic and scale in (decrease capacity) during low usage, matching demand in real time. Measured service means that cloud resource usage is metered, and customers are billed only for the resources they actually consume, typically on a pay-per-use basis. These two characteristics directly address the company's requirements for automatic scaling and consumption-based billing.

Exam trap

The trap here is that candidates confuse scalability (which can be manual or planned) with elasticity (which is automatic and dynamic), and they overlook that measured service is the specific characteristic for consumption-based billing, not resource pooling or agility.

480
Multi-Selecthard

Which THREE conditions must be met for a Microsoft 365 tenant to use Customer Lockbox?

Select 3 answers
A.An authorized admin must submit a support request to Microsoft.
B.The tenant must be on a Microsoft 365 E3 plan.
C.Microsoft engineers must require access to customer data for troubleshooting.
D.Internal administrators must request access to user mailboxes.
E.The organization must have a Microsoft 365 E5 or G5 license.
AnswersA, C, E

The admin initiates the lockbox request through support.

Why this answer

Options A, C, and E are correct: Customer Lockbox requires an E5 license, the admin must initiate a support request, and it applies only when Microsoft engineers need access. Option B is incorrect because Customer Lockbox is not available in E3. Option D is incorrect because it is for Microsoft engineer access, not internal admin access.

481
MCQhard

A healthcare provider must ensure that patient health information (PHI) is not accidentally shared outside the organization. They want to automatically detect if an email contains PHI (such as diagnosis codes) and block it from being sent externally. Additionally, the sender should receive a notification explaining the block. Which Microsoft Purview solution should be configured?

A.Microsoft Purview Information Protection
B.Microsoft Purview Data Loss Prevention (DLP)
C.Microsoft Purview Insider Risk Management
D.Microsoft Purview Audit
AnswerB

Correct. DLP policies can identify sensitive information types (e.g., health records) and enforce actions like blocking the email and sending a policy tip to the sender.

Why this answer

Microsoft Purview Data Loss Prevention (DLP) is the correct solution because it is specifically designed to detect sensitive information—such as patient health information (PHI) with diagnosis codes—in emails and automatically block external transmission while sending a notification to the sender. DLP policies can be configured with sensitive information types (e.g., HIPAA-defined PHI patterns) and rules to enforce actions like blocking and policy tips.

Exam trap

The trap here is that candidates often confuse Information Protection (labeling) with DLP (enforcement), assuming that applying a sensitivity label alone will block external sharing, when in fact DLP is required to enforce the block and notification action.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Information Protection focuses on classifying and labeling sensitive data (e.g., applying sensitivity labels) but does not inherently enforce real-time blocking of email transmission or send sender notifications; it requires integration with DLP for such actions. Option C is wrong because Microsoft Purview Insider Risk Management is designed to detect and investigate risky user activities (e.g., data exfiltration by insiders) using analytics and alerts, not to automatically block outbound emails containing specific content. Option D is wrong because Microsoft Purview Audit provides logging and investigation of past activities (e.g., who accessed what), but it cannot proactively block emails or notify senders in real time.

482
MCQeasy

A company needs to meet GDPR compliance requirements for data subject requests. Which Microsoft Purview tool should they use to manage these requests?

A.eDiscovery (Premium)
B.Compliance Manager
C.Audit (Premium)
D.Data Lifecycle Management
AnswerB

Compliance Manager helps assess and manage compliance posture, including GDPR.

Why this answer

Option C is correct. Microsoft Purview Compliance Manager helps manage compliance activities, including GDPR requests. Option A is wrong because Data Lifecycle Management focuses on retention.

Option B is wrong because Audit logs record activities. Option D is wrong because eDiscovery is for legal discovery.

483
Multi-Selectmedium

Which three of the following are core components of Microsoft’s Zero Trust security model as implemented in Microsoft 365? (Choose three.)

Select 3 answers
.Verify explicitly
.Use least privileged access
.Assume breach
.Encrypt all data at rest only
.Deploy a single firewall for all traffic
.Require on-premises identity provider

Why this answer

The Zero Trust security model is built on three foundational principles: verify explicitly, use least privileged access, and assume breach. In Microsoft 365, 'verify explicitly' means authenticating and authorizing every access request based on all available data points (user identity, device health, location, etc.). 'Use least privileged access' limits user permissions to only what is necessary, enforced through tools like Privileged Identity Management (PIM) and Conditional Access. 'Assume breach' designs the environment to minimize blast radius and segment access, assuming an attacker is already present, which drives practices like micro-segmentation and continuous monitoring.

Exam trap

The trap here is that candidates often confuse security best practices (like encryption or firewalls) with the core Zero Trust principles, or mistakenly think Zero Trust requires on-premises identity, when in fact it is designed to work with cloud-native identity providers like Azure AD.

484
MCQhard

A multinational corporation wants to provide a single sign-on experience for employees accessing third-party SaaS applications alongside Microsoft 365. Which Microsoft Entra ID feature should they use?

A.Password hash synchronization
B.Microsoft Entra ID as identity provider with SSO integration
C.Multifactor authentication
D.Seamless single sign-on
AnswerB

Entra ID provides SSO for SaaS apps.

Why this answer

Microsoft Entra ID as an identity provider with SSO integration (Option B) is correct because it allows the organization to act as the central identity source for both Microsoft 365 and third-party SaaS applications. By configuring federated SSO (using SAML 2.0 or OpenID Connect), users authenticate once against Entra ID and gain seamless access to all integrated apps, eliminating the need for separate credentials.

Exam trap

The trap here is that candidates confuse 'Seamless SSO' (Option D) with full SSO federation, but Seamless SSO only handles the initial sign-in experience on domain-joined devices and does not extend SSO to third-party SaaS applications.

How to eliminate wrong answers

Option A is wrong because password hash synchronization only syncs user password hashes from on-premises AD to Entra ID for authentication; it does not provide SSO to third-party SaaS apps on its own. Option C is wrong because multifactor authentication is a security feature that adds a second verification step, not an SSO mechanism; it can be used alongside SSO but does not enable single sign-on. Option D is wrong because Seamless SSO is a feature that automatically signs users in when they are on a domain-joined device connected to the corporate network, but it only works for Microsoft 365 and other Entra ID-integrated apps, not for third-party SaaS applications that require explicit federation.

485
Multi-Selectmedium

A corporate IT department is planning to use Microsoft 365 services to improve employee productivity with AI-powered features. Which TWO services provide AI-generated content suggestions in real-time?

Select 2 answers
A.Copilot in Power Platform
B.Microsoft Copilot for Microsoft 365
C.Microsoft Viva Insights
D.Microsoft Forms
E.Microsoft Stream
AnswersA, B

Copilot in Power Platform helps create apps and automations with AI.

Why this answer

Copilot in Power Platform provides AI-generated content suggestions in real-time by enabling users to describe their requirements in natural language, which then generates Power Apps, Power Automate flows, or Power BI reports. This real-time AI assistance directly improves employee productivity by automating the creation of business solutions.

Exam trap

Microsoft often tests the distinction between AI-powered content generation (Copilot) and analytics/insights tools (Viva Insights), leading candidates to mistakenly select Viva Insights for its 'insights' label rather than recognizing it lacks real-time content suggestion capabilities.

486
MCQhard

Fabrikam Inc. has 5,000 users and is currently using Microsoft 365 E3. They want to enable Microsoft Copilot for Microsoft 365 for all users. The finance team is concerned about the additional cost and wants to explore if any existing licenses include Copilot or if they can use a lower-cost option. The IT team has determined that Copilot requires a qualifying license such as E3 or E5. Fabrikam also needs to maintain their current level of service for Exchange, SharePoint, Teams, and OneDrive. They do not need any additional security or compliance features beyond what E3 provides. Which licensing strategy should they implement to enable Copilot for all users while minimizing total cost?

A.Switch to Microsoft 365 Business Premium and add Copilot
B.Upgrade all users to Microsoft 365 E5
C.Keep Microsoft 365 E3 and purchase Copilot add-on licenses for all users
D.Purchase standalone Copilot licenses without changing the base plan
AnswerC

E3 qualifies for Copilot add-on, meeting requirements at minimal additional cost.

Why this answer

Option C is correct because Microsoft 365 E3 is a qualifying base license for Copilot for Microsoft 365, and the Copilot add-on can be purchased per user without changing the existing plan. This allows Fabrikam to retain their current E3 service levels for Exchange, SharePoint, Teams, and OneDrive while adding Copilot functionality at the lowest incremental cost, as they do not need the extra security or compliance features of E5.

Exam trap

The trap here is that candidates may assume Copilot requires an E5 license or that a Business Premium license can support 5,000 users, but Microsoft explicitly limits Business Premium to 300 users and requires a qualifying base license for Copilot, making the add-on on E3 the only cost-effective and technically valid option.

How to eliminate wrong answers

Option A is wrong because Microsoft 365 Business Premium is designed for organizations with up to 300 users, not 5,000 users, and it lacks the enterprise-level features for Exchange, SharePoint, Teams, and OneDrive that E3 provides; switching would break their current service level requirements. Option B is wrong because upgrading all users to Microsoft 365 E5 adds significant cost for advanced security and compliance features (e.g., Microsoft Defender for Office 365, eDiscovery, and Advanced Audit) that Fabrikam explicitly does not need, making it an unnecessarily expensive solution. Option D is wrong because standalone Copilot licenses cannot be purchased without a qualifying base license such as E3 or E5; Microsoft requires an active subscription to a qualifying plan before adding Copilot, so this option is technically invalid.

487
MCQmedium

A tenant administrator is advising a department that wants to use persistent chat, online meetings, channels, and shared files organized by project. Microsoft 365 app or service is the best fit?

A.Microsoft Forms
B.Microsoft Teams
C.Microsoft Planner
D.Microsoft Purview Audit
AnswerB

Teams provides chat, meetings, channels, and file collaboration for groups.

Why this answer

Microsoft Teams is the best fit because it provides persistent chat, online meetings, channels, and shared files organized by project. Teams integrates with SharePoint for file storage and OneNote for notes, allowing each channel to have its own file repository and meeting scheduling, directly matching the department's requirements.

Exam trap

The trap here is that candidates may confuse Microsoft Planner's task boards with project organization, but Planner lacks the persistent chat, meetings, and channel-based file sharing that Teams provides for project collaboration.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a survey and quiz tool, not designed for persistent chat, meetings, channels, or shared file organization. Option C is wrong because Microsoft Planner is a task management and lightweight project tracking tool that lacks persistent chat, online meetings, and channel-based file sharing. Option D is wrong because Microsoft Purview Audit is a compliance and auditing solution for tracking user activities, not a collaboration platform for chat, meetings, or file organization.

488
MCQeasy

A company wants to use a cloud service where they can deploy their own custom applications without managing the underlying operating system or hardware. The cloud provider handles the runtime, middleware, and infrastructure. Which cloud service model best fits this requirement?

A.Infrastructure as a Service (IaaS)
B.Platform as a Service (PaaS)
C.Software as a Service (SaaS)
D.Desktop as a Service (DaaS)
AnswerB

PaaS offers a managed platform including runtime, middleware, and infrastructure, enabling developers to deploy custom applications without managing the underlying OS or hardware.

Why this answer

Platform as a Service (PaaS) is the correct model because it provides a managed environment where the company can deploy custom applications without managing the underlying OS, hardware, runtime, or middleware. The cloud provider handles all infrastructure and platform layers, allowing developers to focus solely on code and application logic.

Exam trap

The trap here is that candidates often confuse PaaS with IaaS because both allow custom application deployment, but IaaS requires managing the OS and middleware, whereas PaaS abstracts those layers entirely.

How to eliminate wrong answers

Option A is wrong because Infrastructure as a Service (IaaS) provides virtualized hardware resources (e.g., VMs, storage, networking) but requires the customer to manage the operating system, runtime, middleware, and applications, which contradicts the requirement of not managing the OS or hardware. Option C is wrong because Software as a Service (SaaS) delivers ready-to-use applications accessed via a browser or API, not a platform for deploying custom applications; the customer cannot control or deploy their own code. Option D is wrong because Desktop as a Service (DaaS) provides virtual desktop environments, not a platform for deploying custom applications; it focuses on delivering desktop experiences rather than application hosting and development.

489
MCQmedium

A department head asks which Microsoft 365 option should be used to review file access, sharing changes, and administrator actions during an investigation. Microsoft security, identity, or compliance capability should it use?

A.Microsoft Forms
B.Microsoft Planner
C.Microsoft Purview Audit
D.Microsoft Stream
AnswerC

Purview Audit provides searchable audit records of user and admin activities.

Why this answer

Microsoft Purview Audit (formerly Office 365 Audit Log) is the correct choice because it provides a unified audit log that captures file access, sharing changes, and administrator actions across Microsoft 365 services. This capability is essential for security investigations, as it allows administrators to search and export detailed records of user and admin activities, meeting the department head's requirement for reviewing historical actions.

Exam trap

The trap here is that candidates may confuse Microsoft Purview Audit with other Microsoft 365 tools that have 'audit' in their name (e.g., Azure AD audit logs) or mistakenly think that a general productivity tool like Planner or Forms can provide security investigation capabilities, when only Purview Audit is designed for this purpose.

How to eliminate wrong answers

Option A is wrong because Microsoft Forms is a survey and quiz creation tool, not a security or compliance capability; it does not log file access, sharing changes, or admin actions. Option B is wrong because Microsoft Planner is a task management and project planning application, lacking any audit logging or security investigation features. Option D is wrong because Microsoft Stream is a video hosting and sharing service, which does not provide audit logs for file access, sharing changes, or administrator actions.

490
MCQmedium

A project team needs to create a central workspace where they can store project documents, assign tasks, track a shared calendar of milestones, and have threaded discussions about each item. The solution must integrate directly with Microsoft Teams. Which Microsoft 365 service provides this out-of-the-box?

A.SharePoint Online
B.Microsoft Lists
C.Planner
D.Project Online
AnswerA

SharePoint Online team sites include document libraries, lists for tasks, calendar web parts, and discussion capabilities, all of which can be integrated into Teams.

Why this answer

SharePoint Online provides a central workspace with document libraries for storing project documents, task lists for assignment, shared calendars for milestones, and discussion boards for threaded conversations. It integrates natively with Microsoft Teams via the SharePoint tab, allowing the team to access all these features directly within the Teams interface without additional configuration.

Exam trap

The trap here is that candidates often confuse Planner or Microsoft Lists as a complete workspace solution, but they lack the document storage, calendar, and threaded discussion capabilities that SharePoint Online provides out-of-the-box.

How to eliminate wrong answers

Option B (Microsoft Lists) is wrong because it is a data-tracking app for creating simple lists (e.g., issue trackers, inventories) but does not include document storage, shared calendars, or threaded discussions out-of-the-box. Option C (Planner) is wrong because it focuses solely on task management with Kanban boards and charts, lacking document libraries, calendars, and threaded discussions. Option D (Project Online) is wrong because it is a premium project management solution for complex scheduling and resource management, not a lightweight central workspace, and its integration with Teams requires additional connectors or third-party tools.

491
MCQmedium

A business stakeholder asks how Microsoft 365 can help them support organization-wide communities, leadership announcements, and broad employee conversations. Microsoft 365 app or service is the best fit?

A.Microsoft Viva Engage
B.Microsoft Planner
C.Microsoft Forms
D.Microsoft Purview Audit
AnswerA

Viva Engage supports communities, announcements, and employee engagement.

Why this answer

Microsoft Viva Engage (formerly Yammer) is the correct choice because it is specifically designed for organization-wide social networking, enabling communities, leadership announcements, and broad employee conversations. It provides a dedicated platform for posts, polls, and threaded discussions that can reach the entire organization, unlike other Microsoft 365 tools that focus on task management, surveys, or compliance auditing.

Exam trap

The trap here is that candidates may confuse Microsoft Viva Engage with Microsoft Teams, but Teams is primarily for team-based chat and collaboration, not for organization-wide communities and leadership announcements, which is the specific use case Viva Engage addresses.

How to eliminate wrong answers

Option B (Microsoft Planner) is wrong because it is a task and project management tool for organizing work among team members, not for broadcasting announcements or fostering broad conversations. Option C (Microsoft Forms) is wrong because it is used to create surveys, quizzes, and polls for data collection, not for ongoing community discussions or leadership broadcasts. Option D (Microsoft Purview Audit) is wrong because it is a compliance and auditing solution that logs user and admin activities for security and legal purposes, not a communication or community platform.

492
MCQmedium

Northwind Traders is a legal firm that uses Microsoft 365 E5. They have strict regulatory requirements to retain all email communications for 7 years. Additionally, they need to ensure that employees cannot permanently delete emails before the retention period ends. The IT team has implemented a retention policy in Microsoft Purview to retain all Exchange Online mailboxes for 7 years after creation. However, users are still able to delete emails and permanently delete them from the Recoverable Items folder. You need to ensure that emails are preserved even if users try to delete them. What should you do?

A.Enable Litigation Hold for all mailboxes.
B.Place an In-Place Hold on all mailboxes.
C.Configure an eDiscovery hold for all mailboxes.
D.Create a new retention tag in the default MRM policy to prevent deletion.
AnswerA

Litigation Hold preserves all mailbox content, including deleted items, preventing permanent deletion.

Why this answer

Option A is correct. Litigation Hold preserves all mailbox content indefinitely, preventing any permanent deletion. Retention policies alone do not prevent deletion; they only retain deleted items for the specified period.

Option B (MRM policy) is for managing mailbox storage, not preservation. Option C (in-place hold) is similar but requires targeting specific mailboxes. Option D (eDiscovery hold) is for legal cases, not broad retention.

493
MCQeasy

Your company uses Microsoft 365 Business Premium and wants to enable remote wipe of company data on employees' personal mobile devices if they are lost or stolen. Which service provides this capability?

A.Microsoft Intune Mobile Application Management (MAM)
B.Microsoft Entra ID
C.Microsoft Defender for Cloud Apps
D.Microsoft Purview Compliance Manager
AnswerA

MAM enables selective wipe of corporate data from apps on personal devices.

Why this answer

Microsoft Intune Mobile Application Management (MAM) enables selective remote wipe of company data from personal mobile devices without wiping personal data. This is achieved through app-level policies that can remove corporate data from managed apps (e.g., Outlook, Teams) when a device is lost or stolen, using the Intune company portal or a wipe command triggered by an administrator.

Exam trap

The trap here is that candidates often confuse Intune Mobile Device Management (MDM) with Mobile Application Management (MAM), assuming full device wipe is required, but the question specifically asks for selective wipe of company data on personal devices, which is a MAM capability.

How to eliminate wrong answers

Option B (Microsoft Entra ID) is wrong because it is an identity and access management service that handles authentication and authorization, not device or app data wipe capabilities. Option C (Microsoft Defender for Cloud Apps) is wrong because it focuses on cloud app discovery, data loss prevention, and threat detection, not remote wipe of company data from mobile devices. Option D (Microsoft Purview Compliance Manager) is wrong because it is a compliance management tool that helps assess and manage regulatory compliance posture, not a device management or data wipe service.

494
Multi-Selecthard

Which THREE Microsoft 365 services are part of the Microsoft Defender XDR suite?

Select 3 answers
A.Microsoft Defender for Endpoint
B.Microsoft Defender for Cloud Apps
C.Microsoft Sentinel
D.Microsoft Defender for Office 365
E.Microsoft Defender for Identity
AnswersB, D, E

Defender for Cloud Apps is part of Microsoft Defender XDR.

Why this answer

Microsoft Defender XDR (Extended Detection and Response) is a unified security suite that correlates signals across endpoints, identities, email, and cloud apps. Microsoft Defender for Cloud Apps is a core component of this suite, providing visibility and control over cloud application usage, threat detection, and data protection across SaaS and PaaS environments. It integrates directly with other Defender components to enable cross-domain incident correlation and automated response.

Exam trap

The trap here is that candidates often confuse Microsoft Sentinel (a SIEM) with a component of the Defender XDR suite, when in fact Sentinel is a separate analytics service that can consume data from Defender XDR but is not part of the suite itself.

495
Multi-Selectmedium

Which TWO Microsoft 365 services can be used to create and manage custom forms for data collection, such as employee feedback surveys?

Select 2 answers
A.SharePoint Online
B.Microsoft Lists
C.Microsoft Forms
D.Excel Online
E.Microsoft Power Apps
AnswersC, E

Microsoft Forms is designed for surveys and forms.

Why this answer

Microsoft Forms is purpose-built for creating custom forms, surveys, and quizzes, with automatic data collection into Excel Online. It provides a simple interface for designing feedback forms and viewing responses in real-time, making it the correct choice for employee feedback surveys.

Exam trap

The trap here is that candidates may confuse Microsoft Lists or SharePoint Online as form-building tools because they can display or store form data, but they lack the native form creation and response management capabilities of Microsoft Forms.

496
MCQmedium

A tenant administrator needs help from Microsoft for a service issue affecting Exchange Online. Which option best matches the requirement?

A.Microsoft Defender for Cloud only
B.Azure Virtual Desktop only
C.Microsoft 365 admin center support request
D.A free personal Microsoft account only
AnswerC

Admins can create support requests from the Microsoft 365 admin center.

Why this answer

The Microsoft 365 admin center is the correct portal for tenant administrators to submit support requests for service issues affecting Exchange Online. It provides direct access to Microsoft's support team, including options for severity-based tickets and service health monitoring, which are essential for resolving production-impacting issues.

Exam trap

The trap here is that candidates may confuse Microsoft Defender for Cloud or Azure Virtual Desktop as support portals, but only the Microsoft 365 admin center provides the specific support request workflow for Exchange Online service issues.

How to eliminate wrong answers

Option A is wrong because Microsoft Defender for Cloud is a security management tool for hybrid cloud workloads, not a support channel for Exchange Online service issues. Option B is wrong because Azure Virtual Desktop is a desktop and app virtualization service, unrelated to submitting support requests for Exchange Online. Option D is wrong because a free personal Microsoft account (e.g., Outlook.com) cannot access tenant-level support; only a work or school account with appropriate admin roles can create support requests in the Microsoft 365 admin center.

497
MCQeasy

A company uses a cloud provider and is billed monthly based only on the exact amount of storage used and the number of compute hours consumed. They can increase or decrease usage at any time without upfront commitments. Which cloud computing characteristic does this billing model primarily demonstrate?

A.On-demand self-service
B.Rapid elasticity
C.Measured service
D.Resource pooling
AnswerC

Measured service is the characteristic where cloud resource usage is metered, and customers are billed accordingly. The pay-per-use model is a key expression of measured service.

Why this answer

The billing model charges only for actual storage used and compute hours consumed, with no upfront commitments and the ability to adjust usage at any time. This directly aligns with the 'measured service' characteristic, where cloud resource usage is metered, monitored, and billed based on consumption. The key is that the provider tracks and reports usage transparently, enabling a pay-per-use model.

Exam trap

The trap here is that candidates confuse 'measured service' with 'rapid elasticity' because both involve scaling, but measured service is specifically about metering and billing, not the speed of scaling.

How to eliminate wrong answers

Option A is wrong because on-demand self-service refers to a user's ability to provision resources automatically without human interaction, not the billing mechanism. Option B is wrong because rapid elasticity describes the ability to quickly scale resources up or down, which is a separate characteristic from how usage is metered and billed. Option D is wrong because resource pooling refers to the provider's multi-tenant model where physical and virtual resources are shared among customers, not the consumption-based billing approach.

498
Multi-Selectmedium

A company is expanding globally and needs to meet data residency and compliance requirements in multiple regions. Which three Microsoft 365 compliance and privacy features should they consider? (Choose three.)

Select 3 answers
.Data Loss Prevention (DLP) policies
.Compliance Manager
.Customer Lockbox
.Azure Active Directory (Azure AD) Connect
.Microsoft 365 Copilot
.Exchange Online archival mailboxes

Why this answer

Data Loss Prevention (DLP) policies help organizations identify, monitor, and protect sensitive data across Microsoft 365 services, ensuring compliance with regional data residency requirements by preventing unauthorized sharing or leakage. Compliance Manager provides a centralized dashboard to assess compliance posture against regulations like GDPR, ISO 27001, and local data residency laws, offering actionable recommendations. Customer Lockbox ensures that Microsoft support engineers cannot access customer data without explicit approval, addressing privacy and data sovereignty concerns in multi-region deployments.

Exam trap

The trap here is that candidates confuse Azure AD Connect as a compliance feature because it involves identity management, but it is purely an identity synchronization tool with no direct role in data residency or privacy compliance.

499
MCQeasy

A company wants to ensure that employees can access corporate email on personal mobile devices without the company being able to wipe the entire device. What should you use?

A.Microsoft Intune Mobile Device Management (MDM)
B.Conditional Access policies in Microsoft Entra ID
C.Microsoft Intune Mobile Application Management (MAM)
D.Microsoft Intune App Protection Policies (APP)
AnswerD

APP protects app data and allows selective wipe of corporate data.

Why this answer

Intune App Protection Policies (APP) (B) protect data at the app level and allow selective wipe. Option A (MDM) can wipe the whole device. Option C (CA) controls access.

Option D (MAM) is essentially APP.

500
MCQhard

A company is evaluating cloud service models for running custom line-of-business applications. They need full control over the operating system and applications, but want to avoid managing physical hardware. Which cloud service model should they choose?

A.Software as a Service (SaaS)
B.Infrastructure as a Service (IaaS)
C.Platform as a Service (PaaS)
D.Function as a Service (FaaS)
AnswerB

IaaS provides virtual machines with full control over OS and applications.

Why this answer

Option C is correct because IaaS provides virtual machines with control over OS and applications. Option A is wrong because SaaS provides pre-built applications. Option B is wrong because PaaS abstracts the OS.

Option D is wrong because FaaS is for running functions without managing servers.

501
MCQmedium

A non-profit organization with 150 employees needs business-grade email, online and desktop versions of Office apps, 1 TB cloud storage per user, and the ability to manage user permissions on mobile devices. They are eligible for non-profit licensing. Which plan should they choose to meet all requirements most cost-effectively?

A.Microsoft 365 Business Basic (Nonprofit)
B.Microsoft 365 Business Standard (Nonprofit)
C.Microsoft 365 Business Premium (Nonprofit)
D.Microsoft 365 E3 (Nonprofit)
AnswerC

Business Premium provides desktop apps, cloud storage, and advanced device management, meeting all requirements.

Why this answer

Microsoft 365 Business Premium (Nonprofit) is the correct choice because it includes business-grade email (Exchange Online), desktop and online Office apps, 1 TB OneDrive storage per user, and Microsoft Intune for mobile device management (MDM) to manage user permissions on mobile devices. This plan provides all required capabilities at the lowest cost among options that include desktop apps and MDM, leveraging the nonprofit discount.

Exam trap

The trap here is that candidates often confuse Business Standard (which has desktop apps but no MDM) with Business Premium (which adds MDM), or assume E3 is necessary for mobile device management when Business Premium already includes Intune at a lower cost.

How to eliminate wrong answers

Option A is wrong because Microsoft 365 Business Basic (Nonprofit) provides only web and mobile versions of Office apps, not the desktop versions required. Option B is wrong because Microsoft 365 Business Standard (Nonprofit) includes desktop apps but lacks mobile device management (MDM) capabilities needed to manage user permissions on mobile devices. Option D is wrong because Microsoft 365 E3 (Nonprofit) includes all features but is significantly more expensive than Business Premium, making it not the most cost-effective choice for a 150-employee organization.

502
MCQeasy

A small business with 10 employees needs the desktop versions of Microsoft 365 apps (Word, Excel, PowerPoint) and 1 TB of cloud storage per user. They do not need business email because they use a separate provider. Which Microsoft 365 plan should they purchase?

A.Microsoft 365 Business Basic
B.Microsoft 365 Business Standard
C.Microsoft 365 Apps for Business
D.Microsoft 365 Business Premium
AnswerC

This plan provides the desktop Office apps and 1 TB OneDrive storage per user, without including Exchange Online, meeting the requirement at the lowest cost.

Why this answer

Microsoft 365 Apps for Business is the correct plan because it provides the desktop versions of Word, Excel, and PowerPoint along with 1 TB of OneDrive cloud storage per user, but does not include Exchange Online (business email). This matches the requirement exactly, as the customer uses a separate email provider and only needs the Office apps and storage.

Exam trap

The trap here is that candidates often assume Business Standard is the minimum for desktop apps, forgetting that Microsoft 365 Apps for Business is a separate, lower-cost plan that excludes Exchange Online and is specifically designed for organizations that do not need Microsoft-hosted email.

How to eliminate wrong answers

Option A is wrong because Microsoft 365 Business Basic includes only web and mobile versions of the Office apps (no desktop apps) and includes Exchange Online email, which the customer does not need. Option B is wrong because Microsoft 365 Business Standard includes desktop apps and 1 TB storage but also includes Exchange Online email, making it an unnecessary expense for a customer who already has a separate email provider. Option D is wrong because Microsoft 365 Business Premium includes everything in Business Standard plus advanced security and device management features (e.g., Microsoft Defender, Intune), which are not required and add cost without benefit.

503
MCQmedium

A compliance officer needs to automatically classify and protect documents stored in SharePoint Online that contain personal data such as passport numbers. The classification should happen without user intervention and must apply encryption and access restrictions. Which Microsoft Purview solution should be configured?

A.Data Loss Prevention (DLP) policy
B.Sensitivity labels with auto-labeling
C.eDiscovery (Standard)
D.Communication Compliance
AnswerB

Auto-labeling policies can scan documents for sensitive data types and automatically apply a sensitivity label that enforces encryption and access restrictions.

Why this answer

Sensitivity labels with auto-labeling (Option B) are the correct solution because they can automatically classify documents based on patterns like passport numbers using trainable classifiers or exact data match (EDM), and then apply encryption and access restrictions via the label's protection settings—all without user intervention. This meets the compliance officer's requirement for automatic classification and protection of personal data in SharePoint Online.

Exam trap

The trap here is that candidates often confuse DLP policies with auto-labeling, but DLP only monitors and blocks sharing actions, while auto-labeling applies persistent protection (encryption and access restrictions) directly to the document content.

How to eliminate wrong answers

Option A is wrong because a Data Loss Prevention (DLP) policy detects and blocks sharing of sensitive data but does not automatically classify or apply persistent encryption and access restrictions to documents; it only triggers alerts or blocks actions. Option C is wrong because eDiscovery (Standard) is used for searching and exporting content for legal or investigative purposes, not for automatic classification or protection of documents. Option D is wrong because Communication Compliance is designed to monitor and detect policy violations in communications like email and Teams, not to classify or protect documents stored in SharePoint Online.

504
MCQmedium

A medium-sized business uses Microsoft 365 Business Premium. The HR department needs a secure way to collect employee feedback anonymously. They also need to store the results in a structured format that can be analyzed later. They are considering using Microsoft Forms and Excel. However, the IT department is concerned about data retention and wants to ensure that responses are automatically deleted after 90 days. What should the IT department configure?

A.Create a Power Automate flow that deletes responses after 90 days.
B.Apply a Microsoft Purview retention label to the folder storing the Excel responses with a 90-day retention period.
C.Manually delete the responses every 90 days using the Forms interface.
D.Set the Forms settings to automatically delete responses after 90 days.
AnswerB

Retention labels can enforce automatic deletion after a specified period.

Why this answer

Option B is correct because Microsoft Purview retention labels can be applied to the folder in SharePoint or OneDrive where the Excel responses are stored, enforcing a 90-day retention period that automatically deletes the data after that time. This meets the IT department's data retention requirement without manual intervention or complex automation, and it integrates directly with the storage location of the structured results.

Exam trap

The trap here is that candidates may assume Microsoft Forms has a built-in auto-delete feature for responses, but it does not; instead, the correct approach involves applying a retention label to the storage location (Excel file in SharePoint/OneDrive) where the structured results are saved.

How to eliminate wrong answers

Option A is wrong because creating a Power Automate flow to delete responses after 90 days is an overly complex, custom solution that is not native to the data retention policy framework; it also requires ongoing maintenance and could fail if the flow is disabled or modified. Option C is wrong because manually deleting responses every 90 days using the Forms interface is error-prone, not automated, and does not scale for a medium-sized business; it also does not address the structured storage in Excel. Option D is wrong because Microsoft Forms does not have a native setting to automatically delete responses after a specific number of days; Forms only allows manual deletion or export, not time-based auto-deletion.

505
MCQeasy

A user reports that they cannot access their email on their mobile device. The IT administrator suspects a device compliance issue. Which Microsoft 365 service can the administrator use to check the device's compliance status?

A.Microsoft Purview compliance portal
B.Microsoft Intune
C.Microsoft Exchange admin center
D.Microsoft Defender for Cloud Apps
AnswerB

Microsoft Intune provides device compliance monitoring and management.

Why this answer

Microsoft Intune is the correct tool because it is the mobile device management (MDM) and mobile application management (MAM) component of Microsoft 365. It allows administrators to define compliance policies (e.g., requiring encryption, a minimum OS version, or a healthy device attestation) and then check a device's compliance status in real time. When a device is non-compliant, Intune can block access to corporate resources like email, which matches the user's reported issue.

Exam trap

The trap here is that candidates confuse the Microsoft Purview compliance portal (which handles regulatory compliance and data protection) with device compliance (which is a mobile device management function handled exclusively by Intune).

How to eliminate wrong answers

Option A is wrong because the Microsoft Purview compliance portal focuses on data governance, eDiscovery, and compliance management (e.g., retention policies, audit logs), not on checking device compliance status for mobile access. Option C is wrong because the Microsoft Exchange admin center manages mailboxes, transport rules, and mailbox permissions, but it does not have native device compliance checking; it relies on Intune for conditional access decisions. Option D is wrong because Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that provides visibility into cloud app usage and threat protection, not a device compliance checker for mobile email access.

506
Multi-Selectmedium

Which THREE of the following are benefits of using Microsoft Viva?

Select 3 answers
A.Detects and blocks phishing attacks.
B.Connects employees with company news and resources.
C.Improves employee engagement and well-being.
D.Provides personalized learning and skill development.
E.Backs up user data automatically.
AnswersB, C, D

Viva Connections provides a dashboard.

Why this answer

Microsoft Viva Connections provides a personalized dashboard that aggregates company news, resources, and communications from SharePoint, Yammer, and Stream, enabling employees to stay informed and engaged directly within Microsoft Teams. This integration reduces information silos and ensures timely access to relevant organizational content.

Exam trap

The trap here is that candidates may confuse Microsoft Viva's employee experience modules (Connections, Insights, Learning) with security or backup features that belong to other Microsoft 365 services like Defender or OneDrive.

507
Multi-Selectmedium

Which TWO Microsoft 365 services can be used to provide secure remote access to on-premises applications without requiring a VPN?

Select 2 answers
A.Microsoft Entra Application Proxy
B.Microsoft Purview
C.Microsoft Sentinel
D.Microsoft Intune
E.Microsoft Defender for Cloud Apps
AnswersA, E

Provides secure remote access to on-premises web apps.

Why this answer

Microsoft Entra Application Proxy provides secure remote access to on-premises web applications by publishing them through an external endpoint in Azure AD, without requiring a VPN. It works by establishing outbound connections from the on-premises Application Proxy connector to the Azure AD service, which then proxies user requests. This eliminates the need to open inbound firewall ports or maintain VPN infrastructure, making it ideal for remote access to legacy apps.

Exam trap

The trap here is that candidates often confuse Microsoft Intune (device management) or Microsoft Defender for Cloud Apps (CASB) with remote access solutions, but only Entra Application Proxy (and Defender for Cloud Apps as a reverse proxy for SaaS apps) directly provides VPN-less remote access to on-premises applications.

508
MCQeasy

A training manager needs to create a simple video that includes screen recordings, webcam overlay, and transitions to announce a new compliance policy. The manager wants to use a Microsoft 365 app that is designed for video creation and editing. Which Microsoft 365 app should the manager use?

A.Microsoft Clipchamp
B.Microsoft Stream
C.Microsoft Teams
D.Microsoft PowerPoint
AnswerA

Correct. Clipchamp is the video creation and editing tool in Microsoft 365, perfect for making training videos with screen recordings and webcam.

Why this answer

Microsoft Clipchamp is the correct app because it is a dedicated video creation and editing tool included with Microsoft 365, specifically designed for tasks like combining screen recordings, webcam overlays, and transitions. Unlike other Microsoft 365 apps, Clipchamp provides a full timeline-based editor with built-in support for these features, making it ideal for producing a polished compliance policy announcement video.

Exam trap

The trap here is that candidates often confuse Microsoft Stream (a video hosting service) with a video editor, or assume PowerPoint's recording features are sufficient for multi-track video editing, when Clipchamp is the only Microsoft 365 app purpose-built for creating and editing videos with screen recordings, webcam overlays, and transitions.

How to eliminate wrong answers

Option B (Microsoft Stream) is wrong because Stream is a video hosting and sharing platform, not a video creation or editing tool; it lacks features like screen recording, webcam overlay, and transition editing. Option C (Microsoft Teams) is wrong because Teams is a collaboration and communication app focused on chat, meetings, and file sharing, not a video editor; while it can record meetings, it cannot edit or add transitions to existing recordings. Option D (Microsoft PowerPoint) is wrong because PowerPoint is a presentation software that can record slides with narration and webcam, but it does not support multi-track video editing, screen recording with overlay, or custom transitions between video clips; its video export is limited to slide-based recordings.

509
MCQhard

A multinational corporation needs to restrict access to Microsoft 365 services based on user location and device state. They have offices in countries with strict data sovereignty laws. Which combination of Microsoft Entra ID features should they use to enforce these policies?

A.Microsoft Entra ID Governance
B.Conditional Access with location policies and device compliance
C.Identity Protection and Privileged Identity Management
D.Conditional Access with device compliance policies only
E.Conditional Access with location policies only
AnswerB

Combining location and device compliance in Conditional Access meets both requirements.

Why this answer

Conditional Access policies can be configured to block or allow access based on location and device state. Option D is correct because it combines both location and device compliance. Option A misses device state, Option B misses location, Option C is not a specific feature, and Option E is for identity protection, not control.

510
MCQmedium

A user reports that they cannot schedule a meeting with external participants using Microsoft Teams. The administrator confirms that external access is enabled. What is the most likely cause?

A.The user's Exchange Online mailbox is full
B.The Teams client is outdated
C.Guest access is disabled
D.The user does not have a license that includes Microsoft Teams
AnswerD

A license is required to use Teams features.

Why this answer

Scheduling meetings with external participants in Microsoft Teams requires the user to have a license that includes Teams, such as Microsoft 365 Business Basic or Enterprise E3. Without this license, the user cannot initiate or organize meetings, even if external access is enabled. Option D is correct because licensing is a prerequisite for using Teams features, including meeting scheduling.

Exam trap

The trap here is that candidates often confuse 'external access' (federation) with 'guest access' and assume disabling one blocks all external collaboration, but the core issue is licensing, not access settings.

How to eliminate wrong answers

Option A is wrong because a full Exchange Online mailbox would prevent sending or receiving emails, but it does not directly block scheduling Teams meetings with external participants, as Teams uses Exchange for calendar resources but not mailbox capacity for meeting creation. Option B is wrong because an outdated Teams client may cause performance or feature issues, but it would not prevent scheduling with external participants if the user has a valid license and external access is enabled; the client update is not a prerequisite for basic meeting functionality. Option C is wrong because guest access controls the ability for external users to join as guests within a tenant, but the user is trying to schedule a meeting with external participants (who may be in other organizations), which relies on external access (federation), not guest access; disabling guest access does not block scheduling with federated external users.

511
MCQmedium

A compliance-aware administrator is selecting the right Microsoft 365 capability to explain why providers can lower unit costs by operating at large scale. Cloud concept or benefit best matches this requirement?

A.Sensitivity labels
B.Microsoft Planner
C.Economies of scale
D.Data Loss Prevention (DLP)
AnswerC

Cloud providers operate large shared infrastructure, enabling efficiencies that individual customers may not achieve.

Why this answer

Economies of scale is the correct answer because it directly describes the cost advantage that cloud providers achieve by operating at massive scale. By aggregating compute, storage, and network resources across millions of customers, providers like Microsoft can spread fixed costs (data centers, hardware, cooling, staffing) over a larger base, reducing the per-unit cost for each tenant. This is a foundational cloud concept, not a specific security or productivity feature.

Exam trap

Microsoft often tests the distinction between cloud economic concepts (like economies of scale) and specific security or productivity features, leading candidates to pick a familiar term like 'Data Loss Prevention' instead of the correct foundational principle.

How to eliminate wrong answers

Option A is wrong because sensitivity labels are a Microsoft Information Protection (MIP) feature used to classify and protect data based on sensitivity, not a cost or scale concept. Option B is wrong because Microsoft Planner is a task management and collaboration tool within Microsoft 365, unrelated to the economic principle of cost reduction through scale. Option D is wrong because Data Loss Prevention (DLP) is a security policy mechanism that prevents accidental sharing of sensitive data, not a cloud economics concept.

512
MCQmedium

A company wants to ensure that sensitive documents classified as 'Confidential' are automatically encrypted and have restricted access permissions applied when they are shared via email. The protection must persist even if the email is forwarded to external parties. Which Microsoft Purview solution should be used?

A.Microsoft Purview Information Protection
B.Microsoft Purview Data Loss Prevention (DLP)
C.Microsoft Purview Message Encryption
D.Microsoft Purview Compliance Manager
AnswerA

Correct. Sensitivity labels can enforce encryption and permissions that remain with the document even when forwarded externally.

Why this answer

Microsoft Purview Information Protection (A) is correct because it enables classification and labeling of documents (e.g., 'Confidential'), with built-in encryption and rights management that persists regardless of where the document is shared or forwarded. This is achieved through Azure Rights Management (Azure RMS), which enforces access restrictions even when the email is forwarded to external parties, ensuring the protection travels with the content.

Exam trap

The trap here is that candidates confuse Microsoft Purview Message Encryption (which encrypts the email transport) with Information Protection (which applies persistent rights management to the content itself), leading them to choose C when the question explicitly requires protection that persists after forwarding.

How to eliminate wrong answers

Option B (Microsoft Purview Data Loss Prevention) is wrong because DLP policies detect and prevent accidental sharing of sensitive data but do not apply persistent encryption or access restrictions that survive forwarding; they block or warn at the point of transmission. Option C (Microsoft Purview Message Encryption) is wrong because it encrypts the email message itself (using OME) but does not apply persistent rights management to attachments or documents; once decrypted, the content loses protection. Option D (Microsoft Purview Compliance Manager) is wrong because it is a risk assessment and compliance management tool that tracks regulatory posture, not a solution for applying encryption or access controls to content.

513
MCQmedium

Fabrikam Inc. is a legal firm with 500 users. They are deploying Microsoft 365 Business Premium. Requirements: (1) All sensitive emails must be automatically encrypted when sent to external recipients; (2) Users must be able to securely share files with external clients without requiring them to sign in; (3) The IT department must enforce multi-factor authentication (MFA) for all users but allow exceptions for a small group of executives; (4) All user actions in Exchange Online must be audited. Which services or features should Fabrikam use?

A.Microsoft Purview Double Key Encryption, Microsoft Teams, Microsoft Entra Conditional Access, Microsoft 365 audit log
B.Microsoft Purview Message Encryption, SharePoint Online, Microsoft Entra Conditional Access, Exchange mailbox auditing
C.Microsoft Purview Message Encryption, OneDrive, Microsoft Entra ID Protection, Microsoft 365 audit log
D.Azure Information Protection, SharePoint Online, Microsoft Entra ID Protection, Exchange mailbox auditing
AnswerB

Correct: Message Encryption for automatic encryption, SharePoint for anonymous sharing, Conditional Access for MFA with exceptions, mailbox auditing for audit.

Why this answer

Option B is correct because Microsoft Purview Message Encryption automatically encrypts sensitive emails sent to external recipients, SharePoint Online allows file sharing with external users without requiring them to sign in (via anonymous guest links), Microsoft Entra Conditional Access can enforce MFA with policy exclusions for executive groups, and Exchange mailbox auditing captures all user actions in Exchange Online. These four services directly map to the four requirements.

Exam trap

The trap here is that candidates often confuse Microsoft Entra ID Protection with Conditional Access for MFA enforcement, not realizing that ID Protection is a risk-based policy engine that requires Conditional Access to actually block or allow access, and that Exchange mailbox auditing is a distinct feature from the general Microsoft 365 audit log.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Double Key Encryption is designed for highly regulated data requiring two keys held by separate parties, not for automatic encryption of all sensitive emails to external recipients, and Microsoft Teams is not the correct service for sharing files with external clients without sign-in (SharePoint or OneDrive is needed). Option C is wrong because Microsoft Entra ID Protection is a risk-based conditional access tool, not a direct MFA enforcement mechanism with group-based exceptions (Conditional Access is required), and the Microsoft 365 audit log is a general audit log that does not specifically capture Exchange Online user actions (Exchange mailbox auditing is needed). Option D is wrong because Azure Information Protection is a classification and labeling solution, not an automatic email encryption service for external recipients (Message Encryption is required), and Microsoft Entra ID Protection again lacks the granular MFA exception capability that Conditional Access provides.

514
MCQeasy

A company with 200 users subscribes to Microsoft 365 Business Premium. They want to assign a license to a new employee. What is the most efficient way to assign the license?

A.Purchase an additional license and assign it via the Volume Licensing Service Center
B.Manually assign the license in the Microsoft 365 admin center to the user
C.Use Microsoft Graph PowerShell to assign the license
D.Use group-based licensing in the Microsoft 365 admin center to automatically assign licenses to the user's group
AnswerD

Group-based licensing automates assignment based on group membership.

Why this answer

Option D is correct because group-based licensing automates license assignment by linking a Microsoft Entra ID (formerly Azure AD) security group to a product license. Once the new employee is added to the designated group, the license is automatically assigned within minutes, eliminating manual steps and ensuring consistency across the organization.

Exam trap

The trap here is that candidates often choose manual assignment (Option B) because it seems simplest for one user, but the question asks for the 'most efficient' method, and group-based licensing is designed to reduce administrative overhead even for single-user scenarios by enabling automation and future scalability.

How to eliminate wrong answers

Option A is wrong because the Volume Licensing Service Center (VLSC) is used for managing volume license agreements and product keys, not for assigning Microsoft 365 Business Premium licenses; licenses are assigned directly in the Microsoft 365 admin center or via automated methods. Option B is wrong because manually assigning a license in the admin center is less efficient than group-based licensing, especially when the company plans to scale or add multiple users over time. Option C is wrong because while Microsoft Graph PowerShell can assign licenses, it requires scripting expertise and is not the most efficient method for a single new user when a simpler, automated group-based approach exists.

515
Multi-Selectmedium

A project team needs to collaborate on workflow approvals between Microsoft 365 and Dynamics 365 and co-author related Office files. Which two Microsoft 365 capabilities are most relevant?

Select 2 answers
A.Power Automate
B.Microsoft Purview eDiscovery case
C.Exchange anti-malware policy
D.SharePoint Online document storage
AnswersA, D

Power Automate creates cloud flows and business-process automation.

Why this answer

Power Automate is correct because it enables the creation of automated workflows that can integrate Microsoft 365 and Dynamics 365, handling approval processes across both platforms. It allows users to trigger flows from events in either system, such as when a record is created in Dynamics 365, and route approval requests through Microsoft 365 tools like Teams or Outlook.

Exam trap

The trap here is that candidates may confuse Power Automate with Power Apps or overlook SharePoint's role in co-authoring, instead selecting compliance or security options like eDiscovery or anti-malware policies that are unrelated to collaboration.

516
MCQeasy

A company is adopting Microsoft 365 and wants to ensure they can investigate security incidents across email, endpoints, and identities in a unified console. Which Microsoft 365 workload should they use?

A.Microsoft Intune
B.Microsoft Sentinel
C.Microsoft Purview Compliance Portal
D.Microsoft Defender XDR
AnswerD

Defender XDR integrates signals across email, endpoints, and identities.

Why this answer

Option B is correct because Microsoft Defender XDR (formerly Microsoft 365 Defender) provides a unified incident investigation experience across domains. Option A is incorrect because Microsoft Sentinel is a SIEM that aggregates logs but is not the unified console in Microsoft 365. Option C is incorrect because Microsoft Purview is for compliance and governance, not security investigation.

Option D is incorrect because Microsoft Intune is for device management.

517
MCQmedium

A retail company experiences sudden traffic spikes during holiday sales. Which cloud characteristic would best help them handle this without overprovisioning?

A.Broad network access
B.Measured service
C.Rapid elasticity
D.Resource pooling
AnswerC

Rapid elasticity allows resources to scale automatically in response to demand, handling traffic spikes.

Why this answer

Option B is correct because rapid elasticity allows cloud resources to automatically scale up or down based on demand. Option A (Resource pooling) is about multi-tenant sharing, not scaling. Option C (Measured service) is about metering usage.

Option D (Broad network access) is about accessibility over the network.

518
MCQeasy

A sales team needs to create a shared list of customer contact information with custom fields like company, email, phone, and deal stage. The list should be accessible from within Outlook and allow real-time updates by multiple users. Which Microsoft 365 app should they use?

A.Microsoft Lists
B.Microsoft To Do
C.Microsoft Planner
D.Microsoft Dynamics 365
AnswerA

Microsoft Lists is the correct choice because it provides a customisable list interface, integrates with Outlook, and supports real-time multi-user editing.

Why this answer

Microsoft Lists is the correct choice because it provides a customizable, shared list that supports custom columns (e.g., company, email, phone, deal stage) and real-time collaboration. It integrates directly with Outlook via the Lists app or by adding a list as a tab in Outlook, allowing the sales team to access and update the list without leaving their email client.

Exam trap

The trap here is that candidates may confuse Microsoft Lists with Microsoft To Do or Planner because both involve task tracking, but Lists is the only one that supports custom columns and real-time multi-user editing for structured data like contacts.

How to eliminate wrong answers

Option B is wrong because Microsoft To Do is a personal task management app that does not support custom fields or real-time multi-user editing of shared lists; it lacks the column customization and collaborative features needed. Option C is wrong because Microsoft Planner is designed for team task management with boards and buckets, not for creating a shared list of contacts with custom fields, and it does not integrate directly into Outlook for inline access. Option D is wrong because Microsoft Dynamics 365 is a full Customer Relationship Management (CRM) platform that is far more complex and costly than needed; it is not a simple list app and does not provide the lightweight, Outlook-integrated shared list functionality required.

519
MCQmedium

An organization wants to monitor and respond to security incidents across their Microsoft 365 environment, including email, endpoints, and cloud apps. Which solution should they deploy?

A.Microsoft Intune
B.Microsoft Defender XDR
C.Microsoft Sentinel
D.Microsoft Defender for Office 365
AnswerB

Defender XDR correlates signals across email, endpoints, identities, and apps for unified response.

Why this answer

Microsoft Defender XDR (formerly Microsoft 365 Defender) provides unified incident detection and response across email, endpoints, identities, and apps. Defender for Office 365 is email-specific. Sentinel is SIEM.

Intune is MDM.

520
MCQmedium

A healthcare organization uses Microsoft 365 and needs to prevent sensitive patient data from being emailed externally. They have enabled Microsoft Purview Data Loss Prevention (DLP). What additional step should they take to ensure that end users are educated when they attempt to send such data?

A.Enable auditing in Microsoft Purview Compliance Portal.
B.Deploy Microsoft Defender for Cloud Apps.
C.Apply a sensitivity label that blocks external sharing.
D.Configure a policy tip in the DLP policy.
AnswerD

Policy tips educate users when they violate a DLP rule.

Why this answer

Option B is correct because configuring a policy tip in DLP policies shows a notification to users when they attempt to send sensitive data, educating them about the policy. Option A is incorrect because sensitivity labels classify data but do not provide real-time user education. Option C is incorrect because auditing only logs events, it does not educate users.

Option D is incorrect because Microsoft Defender for Cloud Apps is for cloud access security, not inline user education.

521
MCQeasy

A project manager wants to schedule a meeting with team members to discuss project progress. They need to find a time that works for everyone based on their calendars. Which Microsoft 365 app should they use?

A.Microsoft Teams
B.Microsoft Outlook
C.Microsoft Bookings
D.Microsoft Shifts
AnswerB

Outlook's Scheduling Assistant displays attendees' calendars to identify overlapping free times, making it the best tool for scheduling internal meetings.

Why this answer

Microsoft Outlook includes a scheduling assistant that displays the free/busy information of attendees' calendars, allowing the project manager to find a mutually available time slot. This feature is specifically designed for coordinating meetings across an organization using Exchange Online calendar data.

Exam trap

The trap here is that candidates often associate meeting scheduling with Microsoft Teams because of its 'Meet Now' and calendar integration, but the core scheduling assistant that checks everyone's availability is a feature of Outlook, not Teams.

How to eliminate wrong answers

Option A is wrong because Microsoft Teams is a collaboration platform for chat, meetings, and file sharing, but it does not have a native calendar scheduling assistant that aggregates free/busy data from multiple users' calendars; it relies on Outlook for scheduling. Option C is wrong because Microsoft Bookings is a service for external customer appointment scheduling, not for internal team meeting coordination. Option D is wrong because Microsoft Shifts is a schedule management tool for frontline workers, focusing on shift assignments and time tracking, not on finding a meeting time based on calendar availability.

522
MCQmedium

A company has a mix of Microsoft 365 E3 and E5 licenses. They want to ensure that all users have access to Microsoft Defender for Office 365 (Plan 2) without upgrading everyone to E5. What is the most cost-effective approach?

A.Purchase a standalone Microsoft Defender for Office 365 Plan 2 subscription
B.Purchase Microsoft Defender for Office 365 (Plan 2) as an add-on for E3 users
C.Downgrade E5 users to E3 and purchase add-ons for all
D.Upgrade all E3 users to E5 to include Defender for Office 365 Plan 2
AnswerB

This grants the required capabilities at a lower cost than upgrading to E5.

Why this answer

Option B is correct because Microsoft Defender for Office 365 (Plan 2) is available as an add-on license for Microsoft 365 E3 users, allowing them to gain the same advanced security capabilities as E5 users without upgrading their base plan. This is the most cost-effective approach since it avoids the higher per-user cost of upgrading all E3 users to E5 or purchasing standalone subscriptions that may not integrate as seamlessly with the existing E3 tenant.

Exam trap

The trap here is that candidates may assume a standalone subscription is always the cheapest add-on option, but Microsoft specifically prices the E3 add-on lower than the standalone SKU to encourage upselling within the same licensing family, and the question tests awareness of this licensing hierarchy.

How to eliminate wrong answers

Option A is wrong because purchasing a standalone Microsoft Defender for Office 365 Plan 2 subscription is typically more expensive per user than the add-on SKU for E3, and it may require separate provisioning and management, making it less cost-effective. Option C is wrong because downgrading E5 users to E3 and then purchasing add-ons for all users would lose the built-in Defender for Office 365 Plan 2 capabilities that E5 already includes, increasing overall cost and complexity. Option D is wrong because upgrading all E3 users to E5 is the most expensive approach, as it forces unnecessary spending on other E5 features (e.g., advanced compliance, analytics) that the company may not need, whereas targeted add-ons address only the required security gap.

523
MCQmedium

An administrator is reviewing a request from users who need to reduce maintenance of power, cooling, and server replacement. Cloud concept or benefit best matches this requirement?

A.Reduced data center management
B.Microsoft Planner
C.Data Loss Prevention (DLP)
D.Sensitivity labels
AnswerA

Cloud providers manage physical data center facilities and hardware for cloud services.

Why this answer

The users' requirement to reduce maintenance of power, cooling, and server replacement directly maps to the cloud benefit of reduced data center management. By moving to a cloud model, the cloud provider assumes responsibility for the physical infrastructure, including hardware lifecycle, environmental controls, and facility upkeep, allowing the organization to offload these operational burdens.

Exam trap

The trap here is that candidates may confuse operational benefits like reduced maintenance with specific Microsoft 365 features (Planner, DLP, sensitivity labels), failing to recognize that the question is about fundamental cloud concepts and benefits, not individual product capabilities.

How to eliminate wrong answers

Option B is wrong because Microsoft Planner is a task management and planning application within Microsoft 365, not a cloud concept or benefit related to infrastructure maintenance. Option C is wrong because Data Loss Prevention (DLP) is a security policy technology that helps protect sensitive data from unauthorized sharing or leakage, not a benefit addressing physical data center maintenance. Option D is wrong because sensitivity labels are classification and protection tools applied to data and documents for governance and compliance, not a cloud concept that reduces power, cooling, or server replacement tasks.

524
MCQeasy

Tailwind Traders uses Microsoft 365 Business Premium. They have 200 users and want to ensure that company data on mobile devices is protected. They have implemented Microsoft Intune for mobile device management (MDM). Now they need to ensure that if a device is lost or stolen, the company data on the device can be removed without affecting personal data. The devices are personally owned (BYOD). What should you configure?

A.Configure an App Protection Policy to wipe managed apps when the device is reported lost.
B.Create a device compliance policy that requires a PIN to access the device.
C.Configure a selective wipe in Intune to remove corporate data.
D.Configure a full wipe in Intune for the device.
AnswerC

Selective wipe removes only managed corporate data and apps, preserving personal data.

Why this answer

Option B is correct. A selective wipe in Intune removes only corporate data from a device, leaving personal data intact. Option A (full wipe) removes all data, which is not desired.

Option C (device compliance policy) enforces compliance but does not wipe data. Option D (App Protection Policy) is for app-level data protection but does not provide a remote wipe for the whole device.

525
Multi-Selectmedium

A company uses Microsoft 365 E3 and wants to implement a collaboration solution that allows multiple users to co-author documents in real time, track version history, and set permissions at the document level. Which THREE Microsoft 365 services can fulfill these requirements?

Select 3 answers
A.SharePoint Online
B.OneDrive for Business
C.Microsoft Teams
D.Exchange Online
E.Yammer
AnswersA, B, C

SharePoint provides team collaboration with co-authoring and permissions.

Why this answer

SharePoint Online is correct because it provides document libraries that support real-time co-authoring, version history tracking, and granular permission settings at the document level. These features align directly with the requirements for collaborative document management in Microsoft 365 E3.

Exam trap

The trap here is that candidates often confuse Microsoft Teams as a separate collaboration tool, but Teams relies on SharePoint Online and OneDrive for its file storage and co-authoring capabilities, making it a valid answer when the question explicitly asks for services that fulfill the requirements directly.

Page 6

Page 7 of 14

Page 8