01. You have a Microsoft 365 E5 subscription that uses Endpoint security. You need to create a group and assign the Endpoint Security Manager role to the group. Which type of group can you use?
a) Microsoft 365 only
b) security only
c) mail-enabled security and security only
d) mail-enabled security, Microsoft 365, and security only
e) distribution, mail-enabled security, Microsoft 365, and security
02. You have a Microsoft 365 subscription. An administrator accidentally deletes a user account. How many days do you have to recover the account before it is permanently deleted?
a) 14
b) 30
c) 93
d) 365
03. You have a Microsoft 365 E3 subscription that uses Microsoft Defender for Endpoint Plan 1. Which two Defender for Endpoint features are available to the subscription?
Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
a) security reports
b) advanced hunting
c) digital certificate assessment
d) device discovery
e) attack surface reduction (ASR)
04. You plan to delete several user accounts that are assigned Microsoft 365 licenses. How soon after deleting the accounts will you be able to re-assign the licenses to other users?
a) 24 hours
b) 7 days
c) 30 days
d) immediately
05. Your company has digitally signed applications. You need to ensure that Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) considers the digitally signed applications safe and never analyzes them.
What should you create in the Microsoft Defender Security Center?
a) a custom detection rule
b) an allowed/blocked list rule
c) an indicator
d) an alert suppression rule
06. You have a Microsoft 365 E5 tenant that uses Microsoft Intune. You need to ensure that users can select a department when they enroll their device in Intune. What should you create?
a) scope tags
b) device configuration profiles
c) device categories
d) device compliance policies
07. You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. You need to be notified when a user shares a file or folder from Site1. What should you do?
a) From the Microsoft Purview compliance portal, create a data loss prevention (DLP) policy.
b) From the Microsoft Purview compliance portal, create an alert policy.
c) From the SharePoint admin center, modify the sharing settings.
d) From Site1, create an alert.
08. You have a Microsoft 365 E5 subscription that contains a user named User1. You need to ensure that User1 can send a maximum of 50 email messages per day. What should you configure in the Microsoft 365 Defender portal?
a) anti-spam policy
b) anti-phishing policy
c) advanced delivery rule
d) Tenant Allow/Block List rule
09. You have a Microsoft 365 E5 subscription that contains a user named Admin1. You need to ensure that Admin1 can turn on role-based access control (RBAC) in Microsoft Defender for Endpoint. The solution must follow the principle of least privilege.
Which role should you assign to Admin1?
a) Global Administrator
b) Privileged Role Administrator
c) Security Administrator
d) Security Operator
10. You have a Microsoft 365 E5 subscription. You need to set the default privacy setting of a Microsoft SharePoint Online site to Private. What should you use?
a) a data loss prevention (DLP) policy
b) a retention policy
c) an information barrier (IB) policy
d) a sensitivity label
The purpose of this Sample Question Set is to provide you with information about the Microsoft 365 Administrator exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the MS-102 certification test. To get familiar with real exam environment, we suggest you try our Sample Microsoft 365 Administrator Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual Microsoft 365 Certified - Administrator Expert certification exam.