You have a Microsoft 365 subscription that contains the users shown in the following table.
You have the named locations shown in the following table.
You create a conditional access policy that has the following configurations:
• Users or workload identities:
o Include: Group1
o Exclude: Group2
• Cloud apps or actions: Include all cloud apps
• Conditions:
o Include: Any location
o Exclude: Montreal
• Access control: Grant access, Require multi-factor authentication
User1 is on the multi-factor authentication (MFA) blocked users list.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant that contains a Windows 10 device named Device1 and the Microsoft Endpoint Manager policies shown in the following table.
The policies are assigned to Device1.
Which policy settings will be applied to Device1?
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint.
You plan to perform device discovery and authenticated scans of network devices.
You install and register the network scanner on a device named Device1.
What should you do next?
You have a Microsoft 365 subscription that contains two groups named Group1 and Group2.
You need to configure tenant notifications to meet the following requirements:
Group1: Receive email notifications when major service updates occur.
Group2: Receive email alerts when Microsoft 365 maintenance events occur.
Which type of notification should you configure for each group?
You have a Microsoft 365 E5 subscription and use Microsoft Defender for Cloud Apps. The subscription contains users that have Windows 11 devices.
You need to use the Cloud Discovery snapshot report to analyze cloud app usage on the devices. What should you do before generating a report?
You have a Microsoft 365 E5 tenant.
You need to ensure that administrators are notified when a user receives an email message that contains malware. The solution must use the principle of least privilege.
Which type of policy should you create and which Microsoft 365 compliance center role is required to create the pokey? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
Al users have Mac computers. ATI the computers are enrolled in Microsoft Endpoint Manager and onboarded to Microsoft Defender for Endpoint.
You need to configure Microsoft Defender for Endpoint on the computers.
What should you create from the Endpoint Management admin center?
HOTSPOT
You have a Microsoft 365 E5 subscription that contains a user named User1.
Microsoft Entra ID Password Protection is configured as shown in the following exhibit.
User1 attempts to update their password to the following passwords:
F@lcon
Project22
T4il$pin45dg4
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription. You have a user named User1.
You need to ensure that Used can place a hold on all mailbox content.
What permission should you assign to User1?
You have a Microsoft 365 E5 subscription.
You plan to implement Microsoft Purview policies to meet the following requirements:
Identify documents that are stored in Microsoft Teams and SharePoint that contain Personally Identifiable Information (PII).
Report on shared documents that contain PII.
What should you create?
TESTED 03 Jun 2026
