Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.

After you answer a question in this section, you will NOT be able to return. As a result these questions do not appear on the Review Screen.

You have a Microsoft 365 E5 subscription.

You integrate Microsoft Defender for Endpoint with Microsoft Intune.

You need to ensure that devices automatically onboard to Defender for Endpoint when they are enrolled in Intune.

Solution: You configure a device configuration profile.

Does this meet the goal?

Correct Answer: A 🗳️

You have a Microsoft 365 E5 subscription that contains a user named User1.

You have a Conditional Access policy applied to a cloud-based app named App1. App1 has Conditional Access App Control deployed.

You need to create a Microsoft Defender for Cloud Apps policy to block User1 from printing from App1.

Which type of policy should you create?

Correct Answer: B 🗳️

You have a Microsoft 365 E5 subscription and use Microsoft Defender for Cloud Apps.

You plan to perform a security audit of all the apps detected by Cloud Discovery.

You need to track which apps were audited. The solution must ensure that the list of audited apps can be displayed in the cloud app catalog.

What should you do?

Correct Answer: E 🗳️

You use Microsoft Defender for Office 365.

You plan to automate an attack simulation campaign.

Any users that fail the simulation must take additional training based on the simulation results.

What is the maximum number of days the training will be available to the users after the simulation?

Correct Answer: C 🗳️

HOTSPOT
-

You have a Microsoft 365 E5 subscription.

The subscription contains users that have devices onboarded to Microsoft Defender for Endpoint. Defender for Endpoint is configured to forward signals to Microsoft Defender for Cloud Apps.

Cloud Discovery identifies a risky web app named App1.

You need to block users from connecting to Appl from Microsoft Edge. Users must be able to bypass the restriction.

Which type of app tag should you use. and what should you configure to integrate Defender for Endpoint with Defender for Cloud Apps? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Correct Answer:

You have a Microsoft 365 E5 subscription.

You need to assign a Microsoft Defender for Endpoint baseline.

Which portal should you use?

Correct Answer: A 🗳️

You have a Microsoft 365 E5 subscription.

You need to create a mail-enabled contact.

Which portal should you use?

Correct Answer: B 🗳️

You have a Microsoft 365 E5 subscription.

You need to be alerted when Microsoft Defender XDR detects high-severity incidents.

What should you use?

Correct Answer: C 🗳️

HOTSPOT
-

You have a Microsoft 365 E5 subscription that contains the identities shown in the following table.



From the Microsoft Defender portal, you create an anti-spam inbound policy named Policy1 that has the following settings:

• Include these users, groups and domains
o Users: User3
o Groups: Group 1
• Exclude these users, groups and domains
o Users: User1

Policy1 has the following Bulk email threshold & spam properties settings:

• Mark as spam
о Empty messages: On
о Object tags in HTML On
о Sensitive words: Off
о Backscatter: On

Policy1 has the following Actions settings:

• Message actions
o Spam: Move message to Junk Email folder
o High confidence spam: Move message to Junk Email folder

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Correct Answer:

Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.

After you answer a question in this section, you will NOT be able to return. As a result these questions do not appear on the Review Screen.

You have a Microsoft 365 E5 subscription.

You integrate Microsoft Defender for Endpoint with Microsoft Intune.

You need to ensure that devices automatically onboard to Defender for Endpoint when they are enrolled in Intune.

Solution: You configure a compliance policy.

Does this meet the goal?

Correct Answer: B 🗳️