If you are looking for real Microsoft 365 Fundamentals exam questions, I have many free questions and answers available on my website, with even more available if you register. There are also excellent resources on LinkedIn Learning, Udemy, and YouTube, so be sure to use those to strengthen your understanding.
The bottom line is that Generative AI is transforming the IT landscape, and professionals must keep up with the pace of change. One of the best ways to stay relevant is to continue learning and earning certifications.
Get learning, get certified, and stay up to date with the latest developments. Your future self will thank you for staying trained, employable, and knowledgeable about how to apply modern cloud and productivity technologies.
MS-900 Microsoft 365 Fundamentals Sample Questions
Question 1
You lead the security operations center at Meridian Systems which recently enabled Microsoft Defender for Office 365 Plan 2 and several staff members reported a suspicious message that may be malicious. You need to run an automated investigation and carry out response actions using the features in your plan. Which Microsoft Defender for Office 365 Plan 2 feature should you use to automatically investigate and remediate this email threat?
-
❏ A. Secure presets and policies
-
❏ B. Security reports and dashboards
-
❏ C. Automated investigation and response engine
-
❏ D. Threat Explorer and hunting
Question 2
Which cloud deployment model provides the greatest security and administrative control while requiring the highest upfront capital investment?
-
❏ A. On premises
-
❏ B. Private cloud
-
❏ C. Public cloud
Question 3
A regional law firm uses Microsoft 365 Insights and it wants staff to block up to 90 minutes each workday for top priority tasks and to silence Microsoft Teams chats during those blocks. Which Microsoft feature should the firm use?
-
❏ A. Digests
-
❏ B. Viva Connections
-
❏ C. Insights add-ins
-
❏ D. Work patterns
-
❏ E. Focus plans
Question 4
Which capabilities does Microsoft Sentinel provide to handle security events and alerts? (Choose 3)
-
❏ A. Orchestrating security operations with automated playbooks
-
❏ B. Real time packet capture
-
❏ C. Providing enriched incident summaries with contextual details for triage
-
❏ D. Collecting telemetry at cloud scale from diverse sources
Question 5
A regional consulting firm named Meridian Solutions plans to deploy Microsoft 365 and has not previously implemented any Microsoft products. The organization wants to buy a user subscription license that keeps licensing costs as low as possible while delivering the full product capabilities. Which license should they choose?
-
❏ A. Step Up USL
-
❏ B. Add-on USL
-
❏ C. From SA USL
-
❏ D. Full USL
Question 6
Which filters are available on the Microsoft 365 Roadmap to narrow the displayed entries? (Choose 3)
-
❏ A. Product
-
❏ B. Release status
-
❏ C. Cloud deployment
-
❏ D. Platform
Question 7
Which capability in the Microsoft 365 Defender portal provides a unified dashboard to assess and raise the security posture of Microsoft 365 identities applications and devices?
-
❏ A. Threat Intelligence
-
❏ B. Advanced hunting
-
❏ C. Incidents and alerts
-
❏ D. Secure Score
Question 8
Which role based access control system manages access to Azure resources through Azure Resource Manager?
-
❏ A. Azure Active Directory roles
-
❏ B. Azure RBAC
-
❏ C. Azure Policy
Question 9
Which statement correctly describes Contoso 365 Apps for Enterprise?
-
❏ A. Includes 1 TB of OneDrive storage per user
-
❏ B. Enables real time co authoring in Office applications
-
❏ C. Can be deployed and serviced with Configuration Manager or Intune
-
❏ D. Intune
-
❏ E. Google Workspace
Question 10
Which type of Azure managed identity can you create once and then assign to multiple resources?
-
❏ A. Service principal
-
❏ B. System-assigned managed identity
-
❏ C. User-assigned managed identity
Question 11
Do Contoso Teams shared channels permit collaboration with participants who are both members of the organization and external partners without requiring them to be added to the whole team?
Question 12
Which option represents Infrastructure as a Service where the customer is responsible for managing the operating system and the applications running on the instance?
-
❏ A. Cloud SQL
-
❏ B. App Engine
-
❏ C. Compute Engine VMs
Question 13
If an administrator turns on external sharing in the Acme 365 admin portal what effect does that setting have on how users can share content with people outside the company?
-
❏ A. Files become available to anyone without requiring sign in
-
❏ B. Azure Active Directory B2B collaboration is automatically enabled for guest invitations
-
❏ C. Users can invite specific external people to access particular files or folders
-
❏ D. The Everyone identity is applied to every shared item and granted full control
Question 14
Which Microsoft 365 app serves as a personal information manager for email and also provides calendar scheduling, task tracking, and contact management?
-
❏ A. Teams
-
❏ B. Outlook
-
❏ C. Excel
Question 15
You are the administrator for Acadia Consulting and leadership requires that whenever an employee opens Outlook on a mobile device they must be asked to enter a PIN before the app will open. Which Intune policy should you configure to require a PIN each time Outlook is launched on a mobile device?
-
❏ A. Device Compliance
-
❏ B. Device Configuration
-
❏ C. App Protection
-
❏ D. Device Protection
Question 16
Do authorized cloud resellers typically offer volume discounts on Microsoft 365 licenses?
-
❏ A. Only for enterprise agreements
-
❏ B. Yes
Question 17
A regional retailer named Northpoint is preparing to manage its inventory of Windows 10 desktops and laptops. Some systems are located on the corporate LAN and others are remote with only internet access. The IT team requires a management solution that can deploy a full operating system image to devices join them to the on premises Active Directory domain and deliver Windows updates to all endpoints. Which solution should they choose?
-
❏ A. Microsoft Intune
-
❏ B. Windows Autopilot
-
❏ C. Microsoft Endpoint Manager
-
❏ D. Configuration Manager
Question 18
What is the primary purpose of an enterprise video platform when it is used to support collaboration?
-
❏ A. Live event streaming
-
❏ B. Enterprise video hosting
-
❏ C. Real-time document co-editing
Question 19
A regional legal firm uses Microsoft Teams for collaboration and wants staff to work in Teams shared channels with partner organizations that use different Microsoft Entra tenants without having to switch tenants or sign in with a separate account. What feature or configuration should they enable to allow this seamless cross-tenant collaboration?
-
❏ A. Microsoft Entra B2B collaboration
-
❏ B. Azure AD External Identities
-
❏ C. B2B direct connect
-
❏ D. Hybrid identity
Question 20
Which Microsoft 365 service provides meeting activity analytics that show how participants join meetings and which device types they use?
-
❏ A. Microsoft Endpoint Manager
-
❏ B. Microsoft Teams
-
❏ C. Azure Active Directory
Question 21
Can an organization allow employees to bypass a Data Loss Prevention rule by providing a business justification and have that override recorded?
-
❏ A. Only global administrators can approve overrides in the compliance center
-
❏ B. No staff are allowed to override a DLP rule
-
❏ C. Yes staff can override a DLP rule after supplying a business justification and the override can be audited
Question 22
Which Cloud Monitoring capability detects anomalies in metrics and notifies developers about performance degradations or unusual failures?
-
❏ A. Cloud Trace
-
❏ B. Alerting policies
-
❏ C. Cloud Monitoring anomaly detection
-
❏ D. Cloud Error Reporting
Question 23
How did Office 365 transition into Microsoft 365 and what distinctions should larger organizations consider when choosing between the two? (Choose 3)
-
❏ A. Office 365 was launched exclusively for corporate accounts and did not offer personal cloud storage
-
❏ B. Microsoft 365 includes the same Office applications and cloud services as Office 365 and also adds Windows licensing and Enterprise Mobility and Security
-
❏ C. Microsoft 365 represents an expansion of capabilities beyond the core Office applications and hosted services
-
❏ D. Large organizations can select between Office 365 and Microsoft 365 based on requirements for enhanced security and centralized device management
Question 24
Which report in the Microsoft 365 admin portal displays adoption progress and provides metrics and recommendations for user experiences and technical reliability?
-
❏ A. Security reports
-
❏ B. Adoption score report
-
❏ C. Usage reports
Question 25
A mid sized company named Meridian Retail is assessing which payment types can be used for Microsoft 365 subscriptions that are managed across several administrative profiles. Which payment methods are supported for an account that has multiple profiles? (Choose 2)
-
❏ A. PayPal
-
❏ B. Bank debit card
-
❏ C. Purchase order
-
❏ D. Corporate credit card
Question 26
Which Microsoft 365 workload replaces the chat and presence functionality of on-premises Skype for Business?
-
❏ A. Exchange Online
-
❏ B. Yammer
-
❏ C. Microsoft Teams
-
❏ D. Skype for Business Online
Question 27
Does the Service Level Agreement for Contoso Online Services outline Contoso uptime commitments for its hosted services and does the SLA also describe the support arrangements available for managed service providers?
-
❏ A. No, Yes
-
❏ B. Yes, Yes
-
❏ C. No, No
-
❏ D. Yes, No
Question 28
Can Conditional Access be used to require multi factor authentication for administrators who perform cloud management tasks?
-
❏ A. Only via security defaults
-
❏ B. Yes
-
❏ C. No
Question 29
Inside Microsoft Teams which built in application provides a single branded gateway where staff can view personalized news join relevant conversations and quickly get to the tools and content they need for their roles?
-
❏ A. Microsoft SharePoint Home
-
❏ B. Microsoft Viva Connections
-
❏ C. Microsoft MyCompany Portal
-
❏ D. Microsoft Viva Engage
Question 30
Which area of the Microsoft 365 admin center is used to add a new user account?
-
❏ A. Microsoft Entra then All users
-
❏ B. Users then Active users then Add a user
-
❏ C. Billing then Licenses
Question 31
Which capability creates synchronization between a Configuration Manager site and an Intune tenant and provides a consolidated view of managed devices from the Contoso Endpoint Manager console while serving as a core element of cloud attach together with co management and Endpoint analytics?
-
❏ A. Cloud Sync
-
❏ B. Consolidated Device View
-
❏ C. Co management
-
❏ D. Tenant Attach
Question 32
Which Microsoft 365 application contains the WorkSense Insights add-in that provides meeting suggestions and helps manage focus time and time off?
-
❏ A. Teams
-
❏ B. Outlook
-
❏ C. OneNote
Question 33
Which capabilities does a user assigned the Global Administrator role in Contoso Directory have when managing the directory and tenant settings?
-
❏ A. Manage only subscription billing and submit support requests
-
❏ B. Control all tenant wide administrative settings and manage every directory object in Contoso Directory
-
❏ C. Create and manage users and groups without access to global administrative controls
-
❏ D. Manage only service specific administrator roles such as Mail Administrator or Site Collection Administrator
Question 34
Which Microsoft Office application is primarily used to compose, edit, and format text documents and provides collaborative editing, grammar suggestions, and templates?
-
❏ A. PowerPoint
-
❏ B. Excel
-
❏ C. OneNote
-
❏ D. Word
Question 35
HarborTech uses Microsoft 365 and requires that staff who remain on site can perform self-service password resets. The company plans to acquire Azure Active Directory licensing. Which Azure AD license editions will enable this capability? (Choose 2)
-
❏ A. Azure AD Premium P2
-
❏ B. Microsoft 365 Apps for enterprise
-
❏ C. Azure AD Free
-
❏ D. Azure AD Premium P1
Question 36
Which aspect of a directory is measured by Identity Secure Score?
-
❏ A. Displays consolidated sign-in logs
-
❏ B. Measures adherence to recommended security practices
-
❏ C. Monitors users connecting to external apps
Question 37
True or False are workload identities in the Contoso Identity platform applications service principals and managed identities?
Question 38
Is Microsoft Planner able to automatically send appointment confirmations and SMS reminders to clients?
-
❏ A. Microsoft Bookings
-
❏ B. No
-
❏ C. Yes
Question 39
A regional accounting firm wants to detect insiders who may try to steal credentials and to reduce the risk of account takeover. Which Microsoft 365 service detects risky sign in behavior and flags potentially compromised user accounts?
-
❏ A. Microsoft Defender for Cloud Apps
-
❏ B. Microsoft Exchange Online Protection
-
❏ C. Microsoft Defender for Identity
-
❏ D. Azure Active Directory Identity Protection
Question 40
How does Planner organize tasks and alert users about upcoming deadlines?
-
❏ A. No integrations with other productivity apps
-
❏ B. Kanban board and deadline reminders
-
❏ C. Desktop only without web or mobile access
Question 41
A mid sized online retailer called Harbor Retail is planning capacity for peak shopping periods and wants to understand how cloud resources can adapt to load while controlling expenses. Which statements about cloud resource scalability are accurate? (Choose 2)
-
❏ A. Horizontal scaling refers to changing the capacity such as adding more CPU or memory to an existing server
-
❏ B. Scalability means adjusting computing and storage resources to match varying demand
-
❏ C. Vertical scaling means provisioning additional virtual machines or container instances
-
❏ D. Being able to scale resources helps avoid paying for capacity that is not used
Question 42
When an organization subscribes to cloud services, who is automatically granted access to the organization’s identity directory?
-
❏ A. Tenant administrators
-
❏ B. Service subscribers
-
❏ C. External guests
Question 43
A regional bookstore chain named Harbor Books wants to gather customer opinions using short polls and longer surveys and they also need an easy way to view and export the collected responses. Which Microsoft product should they choose?
-
❏ A. Power BI
-
❏ B. Microsoft Forms
-
❏ C. Microsoft Teams
-
❏ D. Microsoft 365 Apps for Enterprise
Question 44
Which billing account classification applies when an organization opens a billing account under a volume licensing contract to purchase software licenses and online services?
-
❏ A. Cloud Solution Provider
-
❏ B. Microsoft Products and Services Agreement (MPSA)
-
❏ C. Enterprise Agreement
Question 45
You are the network administrator at Aurora Financial and the Microsoft 365 tenant you oversee stores confidential records. Company staff must verify their identity when they sign in to Microsoft 365 by providing information in addition to their Entra ID password. Which tools can employees use to verify their identity when signing in? (Choose 2)
-
❏ A. Azure AD Identity Protection
-
❏ B. Customer Lockbox for Microsoft 365
-
❏ C. Microsoft Authenticator
-
❏ D. Windows Hello for Business
Question 46
Which Microsoft resource provides a list of planned and launched Microsoft 365 features along with their timelines?
-
❏ A. Microsoft Tech Community
-
❏ B. Microsoft 365 Roadmap
-
❏ C. Microsoft 365 admin center
-
❏ D. Message center
Question 47
A technology firm called BlueRidge Systems plans to migrate its on-site data center to a cloud provider. What advantages can the company gain by moving workloads and services to the cloud? (Choose 3)
-
❏ A. Cloud CDN
-
❏ B. Scale application resources on demand
-
❏ C. Reduce configuration requirements for employee desktops
-
❏ D. Remove capital expense of buying physical servers
-
❏ E. Automate backup and disaster recovery with cloud services
Question 48
Can administrators use the Label Activity Explorer to review label activity and can they create inactive mailboxes to retain mailbox data indefinitely?
-
❏ A. No for both statements
-
❏ B. Label activity via audit logs only
-
❏ C. Affirmative for both statements
-
❏ D. Label activity yes only
Question 49
Which capability provides meeting hosts with tailored feedback to refine their meeting routines and enables collection of participant feedback?
-
❏ A. Viva Insights
-
❏ B. Wellbeing insights
-
❏ C. Protect time
-
❏ D. Effective meetings
Question 50
What query language is used to retrieve telemetry data from an Application Insights workspace?
-
❏ A. PromQL
-
❏ B. SQL
-
❏ C. KQL
Question 51
An IT specialist at Harbor Publishing tries to submit a support ticket from the Microsoft 365 Admin Center and receives an error that reads “You don’t have permission to access this page or perform this action.” What is the most likely reason for this error?
-
❏ A. Your sign in password has expired
-
❏ B. Your user account is configured as a guest in the tenant
-
❏ C. The organization does not have a Microsoft Unified Support plan
-
❏ D. Your account is not assigned the Global Administrator role
Question 52
When you @mention someone in a comment on a Word document stored in a shared library does the email notification include a document snippet and can the recipient reply directly from the email?
-
❏ A. Yes and Yes
-
❏ B. No and No
-
❏ C. Yes and No
-
❏ D. No and Respond in Teams
Question 53
Which CloudWorks 365 support tier offers round the clock phone and online assistance?
-
❏ A. Standard Support
-
❏ B. Premier Support
-
❏ C. Google Cloud Support
-
❏ D. Basic Support
Question 54
Which Microsoft Defender for Cloud Apps feature offers visibility into SaaS application usage and helps detect risky or suspicious app activity?
-
❏ A. SaaS Security Posture Management
-
❏ B. Discover SaaS Applications
-
❏ C. Conditional Access App Control
Question 55
Can a Contoso Media tab be added to a Contoso Chat channel?
Question 56
Which Application Insights feature displays the relationship between page load times and other performance metrics and conversion rates?
-
❏ A. Metrics Explorer
-
❏ B. Impact
-
❏ C. Funnels
Question 57
Which Zero Trust capability controls access to resources by evaluating user identity location and device health status?
-
❏ A. Threat Protection
-
❏ B. Policy Optimization
-
❏ C. Adaptive Access Controls
Question 58
Which Microsoft Viva application is used to manage objectives and key results and to track progress toward goals?
-
❏ A. Viva Insights
-
❏ B. Viva Goals
-
❏ C. Viva Topics
-
❏ D. Microsoft Planner
Question 59
A regional retailer operates an on premise Exchange Server and plans to migrate its email to the cloud. The business wants to modernize its messaging platform and lower the burden of maintaining servers and application software. Which cloud service model should it choose?
-
❏ A. Infrastructure as a service IaaS
-
❏ B. Platform as a service PaaS
-
❏ C. Google Workspace
-
❏ D. Software as a service SaaS
Question 60
What native capabilities does External Identities provide for customers?
-
❏ A. Single sign on using social and enterprise identities
-
❏ B. All listed capabilities
-
❏ C. Hosted and branded registration and sign in pages
-
❏ D. Self service account management and password reset
Question 61
Which update channel receives yearly feature releases and is intended for pilot rollouts and validation testing while allowing administrators to decide when to deploy updates after the pilot and is suitable for users such as developers who want the newest capabilities?
-
❏ A. Feature Preview Channel
-
❏ B. Early Access Channel
-
❏ C. General Availability Channel
-
❏ D. Targeted Release Channel
Question 62
If the Microsoft 365 Apps license is deactivated on a desktop computer what action can still be performed on that computer?
-
❏ A. Create a new document
-
❏ B. Open and view a document
-
❏ C. Edit a document
Question 63
Which Microsoft 365 service enables organizations to create intranet portals and team sites while storing organizing and sharing documents with built in version history coauthoring and workflow capabilities that can be accessed from any device?
-
❏ A. Microsoft OneDrive
-
❏ B. Microsoft Dynamics 365
-
❏ C. Microsoft SharePoint
-
❏ D. Microsoft Power BI
Question 64
You need to prevent employees from transferring corporate files into their personal OneDrive accounts. Is Intune App Protection the appropriate control to use?
-
❏ A. Microsoft Purview Information Protection
-
❏ B. Microsoft Defender for Cloud Apps
-
❏ C. No modification is needed
Question 65
Which cloud deployment type assigns compute and storage exclusively for use by a single enterprise?
-
❏ A. Community cloud
-
❏ B. Private cloud
-
❏ C. Public cloud
-
❏ D. Hybrid cloud
MS-900 Microsoft 365 Fundamentals Sample Questions Answered
Question 1
You lead the security operations center at Meridian Systems which recently enabled Microsoft Defender for Office 365 Plan 2 and several staff members reported a suspicious message that may be malicious. You need to run an automated investigation and carry out response actions using the features in your plan. Which Microsoft Defender for Office 365 Plan 2 feature should you use to automatically investigate and remediate this email threat?
-
✓ C. Automated investigation and response engine
The correct option is Automated investigation and response engine.
The Automated investigation and response engine in Microsoft Defender for Office 365 Plan 2 automatically investigates suspicious messages by correlating alerts and email signals and it can take remediation actions such as deleting messages, moving them to quarantine, revoking delivered messages, and blocking malicious senders. This feature uses built in playbooks to reduce manual triage and to speed up response for security operations teams.
Secure presets and policies are templates and policy configurations that help prevent or reduce exposure to threats but they do not perform automated investigations or orchestrated remediation of individual incidents.
Security reports and dashboards provide visibility into security trends and alerts and they help analysts monitor and prioritize work but they do not themselves run investigations or take automated response actions.
Threat Explorer and hunting are interactive tools for manual investigation and threat hunting that allow analysts to query email telemetry and trace campaigns but they require human driven actions and do not perform automatic remediation.
Cameron’s MS Azure Exam Tip
When a question mentions automated investigation and remediation look for features whose name or description explicitly includes both investigation and response as part of their capability.
Question 2
Which cloud deployment model provides the greatest security and administrative control while requiring the highest upfront capital investment?
Private cloud is correct because it provides the highest security and administrative control while requiring the greatest upfront capital investment.
Private cloud deployments dedicate infrastructure to a single organization so administrators can enforce strict configuration settings and access controls and meet demanding compliance requirements. Building or dedicating hardware and implementing the management tooling and staffing needed for a private cloud leads to high initial capital expenditures even if some operational costs are lower later on.
On premises is incorrect because the phrase describes the physical location and ownership of hardware rather than a specific cloud deployment model. On premises systems can require large capital investment but they are not necessarily implemented as a cloud model with the management and automation characteristics that define a private cloud.
Public cloud is incorrect because public cloud services share multi tenant infrastructure and shift most capital costs to the provider which lowers upfront investment for customers. Public clouds trade some administrative control for scalability and lower initial cost even though they can still provide strong security features.
Cameron’s MS Azure Exam Tip
When a question contrasts security and administrative control with cost think about whether the environment is dedicated to a single tenant. Private models typically indicate more control and higher upfront capital requirements.
Question 3
A regional law firm uses Microsoft 365 Insights and it wants staff to block up to 90 minutes each workday for top priority tasks and to silence Microsoft Teams chats during those blocks. Which Microsoft feature should the firm use?
The correct option is Focus plans.
Focus plans is a feature in Microsoft Viva Insights that lets individuals block recurring focus time each workday and automatically set presence and quiet notifications during those sessions. It supports scheduling protected blocks such as 90 minutes and it can silence Microsoft Teams chats by setting Do not disturb and routing notifications so the staff can work on top priority tasks without interruptions.
Digests is incorrect because digests provide summary notifications or highlights rather than scheduling protected focus time or muting Teams chats.
Viva Connections is incorrect because Connections delivers an intranet and employee experience dashboard rather than personal productivity features that schedule focus sessions or silence chat notifications.
Insights add-ins is incorrect because add-ins surface insights and suggestions inside apps such as Outlook but they do not create recurring focus plans that automatically set Teams to quiet during blocked time.
Work patterns is incorrect because work patterns are analytical reports about collaboration and time use for managers and admins rather than a tool for individuals to reserve uninterrupted focus time and silence Teams messages.
Cameron’s MS Azure Exam Tip
When you see a question about blocking time and silencing Teams look for Viva Insights features that manage personal productivity. Focus on terms like focus time or Do not disturb to identify the correct feature.
Question 4
Which capabilities does Microsoft Sentinel provide to handle security events and alerts? (Choose 3)
-
✓ A. Orchestrating security operations with automated playbooks
-
✓ C. Providing enriched incident summaries with contextual details for triage
-
✓ D. Collecting telemetry at cloud scale from diverse sources
The correct options are Orchestrating security operations with automated playbooks, Providing enriched incident summaries with contextual details for triage, and Collecting telemetry at cloud scale from diverse sources.
Collecting telemetry at cloud scale from diverse sources is a fundamental capability of Microsoft Sentinel because it ingests logs and events from Azure services, on premises systems, network and endpoint solutions, and third party providers so security teams can run analytics and threat hunting across large datasets.
Providing enriched incident summaries with contextual details for triage is supported since Sentinel correlates related alerts into incidents and surfaces contextual entities, bookmarks, and investigation graphs to help analysts prioritize and investigate more quickly.
Orchestrating security operations with automated playbooks is available through integration with Logic Apps so you can automate response actions like blocking malicious actors, sending notifications, or creating tickets to scale SOAR workflows.
Real time packet capture is not a primary feature of Microsoft Sentinel. Packet capture is typically performed by network capture appliances or specialized tools and while Sentinel can ingest network telemetry and logs it does not function as a raw packet capture appliance.
Cameron’s MS Azure Exam Tip
Focus on action words such as ingest, enrich, and orchestrate when attributing capabilities to Microsoft Sentinel. Pay attention to terms like packet capture as they often indicate specialized network tools rather than a cloud SIEM.
Question 5
A regional consulting firm named Meridian Solutions plans to deploy Microsoft 365 and has not previously implemented any Microsoft products. The organization wants to buy a user subscription license that keeps licensing costs as low as possible while delivering the full product capabilities. Which license should they choose?
The correct answer is Full USL.
The Full USL is intended for customers who have not previously purchased Microsoft products and it provides a complete, per user subscription that includes all product capabilities. For a first time Microsoft 365 deployment this option supplies the full feature set without requiring any existing on prem licenses or Software Assurance and it is the straightforward way to keep licensing costs predictable while delivering the full product.
Step Up USL is incorrect because step up licenses are used to upgrade an existing lower tier subscription to a higher tier and they assume you already have a qualifying base subscription. They are not meant for customers with no prior Microsoft licensing.
Add-on USL is incorrect because add on subscriptions require an underlying qualifying base license and they only provide additional features on top of that base. An add on cannot serve as the standalone license for a customer that has not implemented any Microsoft products.
From SA USL is incorrect because the From SA path is a conversion benefit for customers who already hold on prem licenses covered by Software Assurance. It provides discounted transition pricing but it is not available to organizations that have no existing Microsoft licenses or Software Assurance coverage.
Cameron’s MS Azure Exam Tip
When you see licensing questions first determine whether the customer already has qualifying licenses or Software Assurance. If they do not then choose the Full subscription option because add ons and From SA conversions require existing licenses.
Question 6
Which filters are available on the Microsoft 365 Roadmap to narrow the displayed entries? (Choose 3)
-
✓ A. Product
-
✓ C. Cloud deployment
-
✓ D. Platform
The correct options are Product, Cloud deployment, and Platform.
The Product filter lets you narrow roadmap entries to features that apply to a specific Microsoft 365 product so you can focus on items that matter to the product you manage.
The Cloud deployment filter allows you to limit entries by deployment environment so you only see features relevant to the cloud model your organization uses.
The Platform filter narrows entries to the target platform such as web, mobile, or desktop which helps you find items that affect particular client experiences.
The option Release status is incorrect because the roadmap does not present a filter under that exact name. Item states are shown in the roadmap entries, but the filtering controls use the specific labels like the ones above rather than a filter called Release status.
Cameron’s MS Azure Exam Tip
When you answer filter questions look for the exact filter labels used on the product page and use the live roadmap to confirm available filters.
Question 7
Which capability in the Microsoft 365 Defender portal provides a unified dashboard to assess and raise the security posture of Microsoft 365 identities applications and devices?
Secure Score provides a unified dashboard in the Microsoft 365 Defender portal to assess and raise the security posture of Microsoft 365 identities, applications, and devices.
Secure Score measures the current security posture across Microsoft 365 services and assigns a numeric score while listing improvement actions and their estimated impact so administrators can prioritize and implement recommendations to raise their security posture.
Threat Intelligence focuses on collecting and analyzing threat data and indicators to support investigations and detection and it does not provide the single aggregated posture score and improvement action dashboard.
Advanced hunting is an investigative query capability for searching raw telemetry across devices and identities and it is not a posture measurement tool with prioritized improvement actions.
Incidents and alerts provide event and security incident management so analysts can triage and respond and they do not offer the consolidated posture scoring and recommended improvement steps that Secure Score provides.
Cameron’s MS Azure Exam Tip
When a question asks which feature gives a unified view to assess and raise security posture look for the term that implies a measurable score and improvement actions, as that points to Secure Score.
Question 8
Which role based access control system manages access to Azure resources through Azure Resource Manager?
Azure RBAC is correct because it is the role based access control system that manages access to Azure resources through the Azure Resource Manager.
Azure RBAC assigns roles to users groups and service principals at subscription resource group and resource scope and it integrates with the Azure Resource Manager to grant fine grained permissions with built in and custom roles.
Azure Active Directory roles are incorrect because they apply to identity and directory level administration such as user and group management and they do not manage access to resource objects through ARM.
Azure Policy is incorrect because it is used to enforce organizational rules and compliance across resources and it evaluates and restricts resource properties rather than granting or assigning access permissions.
Cameron’s MS Azure Exam Tip
When you see a question about who can perform actions on Azure resources think Azure RBAC for permissions through ARM and think Azure AD roles for directory administration and Azure Policy for enforcement of rules.
Question 9
Which statement correctly describes Contoso 365 Apps for Enterprise?
-
✓ C. Can be deployed and serviced with Configuration Manager or Intune
Can be deployed and serviced with Configuration Manager or Intune is correct.
This choice correctly describes how Microsoft 365 Apps for enterprise are managed in organizations because the client apps can be deployed and updated by using on premises Configuration Manager or by using cloud based Intune management.
Includes 1 TB of OneDrive storage per user is incorrect because storage entitlements are provided by the broader Microsoft 365 service and OneDrive licensing rather than being a property of the standalone Apps for enterprise deployment statement.
Enables real time co authoring in Office applications is incorrect as stated because real time co authoring depends on cloud storage and collaboration services such as OneDrive or SharePoint and on service licensing, and it is not solely a description of how the apps are deployed and serviced.
Intune alone is incorrect because that option names a management product rather than describing Contoso 365 Apps for Enterprise itself.
Google Workspace is incorrect because it is a competing productivity suite from Google and it does not describe Microsoft 365 Apps for enterprise or how those apps are deployed.
Cameron’s MS Azure Exam Tip
Read each choice for whether it describes deployment and servicing or a separate service feature. Pay attention to management tools such as Configuration Manager and Intune when the question asks about how Microsoft 365 Apps are deployed and updated.
Question 10
Which type of Azure managed identity can you create once and then assign to multiple resources?
-
✓ C. User-assigned managed identity
The correct answer is User-assigned managed identity.
User-assigned managed identity is a standalone Azure resource that you create once and then assign to multiple Azure resources. It has its own lifecycle and credentials so you can manage or rotate it independently from the resources that use it.
Service principal is not correct because a service principal is an Azure AD identity object that represents an application or service and it is not the Azure managed identity type that is provisioned and shared the same way as a user assigned managed identity.
System-assigned managed identity is not correct because it is tied to a
