SIMULATION -You need to configure your organization to automatically quarantine all phishing email messages.To complete this task, sign in to the Microsoft 365 portal.
You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription.You need to allow a user named User1 to view ATP reports in the Threat management dashboard.Which role provides User1 with the required role permissions?
You have a Microsoft 365 subscription and a Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) subscription.You have devices enrolled in Microsoft Endpoint Manager as shown in the following table:You integrate Microsoft Defender ATP and Endpoint Manager.You plan to evaluate the Microsoft Defender ATP risk level for the devices.You need to identify which devices can be evaluated.Which devices should you identify?
HOTSPOT -You have a Microsoft 365 E5 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.Azure AD Identity Protection alerts for contoso.com are configured as shown in the following exhibit.A user named User1 is configured to receive alerts from Azure AD Identity Protection.You create users in contoso.com as shown in the following table.The users perform the sign-ins shown in the following table.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point.Hot Area:
You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) connector and a Microsoft Office 365 connector.You need to assign built-in role-based access control (RBAC) roles to achieve the following tasks:✑ Create and run playbooks.✑ Manage incidents.The solution must use the principle of least privilege.Which two roles should you assign? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.
You have several Conditional Access policies that block noncompliant devices from connecting to services.You need to identify which devices are blocked by which policies.What should you use?
