Question 1
Where can you find the sign-in logs for Azure AD when using Microsoft 365 Defender?
A. Threat protection dashboard
B. Security & Compliance Center
C. Microsoft 365 Defender Threat Hunting
D. Azure AD Identity Protection
Answer: C. Microsoft 365 Defender Threat Hunting
(Found in Task 1: Obtain Your Microsoft 365 Credentials)
Question 2
What is the primary purpose of applying preset security policies in Microsoft Defender
for Office 365?
A. To configure user permissions
B. To enforce device compliance
C. To protect against email threats
D. To manage software updates
Answer: C. To protect against email threats
(Found in Lab Scenario)
Question 3
What action should you take if you receive the message "The operation could not be
completed" while signing in?
A. Contact Microsoft support immediately
B. Click OK to continue
C. Restart the virtual machine
D. Reset the tenant password
�Answer: B. Click OK to continue
(Found in Task 2: Apply Microsoft Defender for Office 365 preset security policies)
Question 4
What are the recommended actions if you receive an error about the hydration status of
your tenant while managing preset security policies?
A. Ignore the error
B. Refresh the browser using Ctrl+F5
C. Reboot the WIN1 virtual machine
D. Wait for the hydration status to enable by default
Answer: B. Refresh the browser using Ctrl+F5
(Found in Task 2: Apply Microsoft Defender for Office 365 preset security policies)
Question 5
What type of protection does DMARC/DKIM/SPF provide in the Microsoft Defender for
Office 365 email filtering stack?
A. Malware protection
B. Ransomware protection
C. Email authentication to prevent spoofing
D. Data loss prevention
Answer: C. Email authentication to prevent spoofing
(Found in Microsoft Defender for Office 365 filtering stack explained)
Question 6
When configuring the 'Standard protection' in Microsoft Defender for Office 365, which
type of policies are applied?
A. Anti-virus and device control policies
�B. Anti-spam, anti-malware, and anti-phishing policies
C. Data retention and eDiscovery policies
D. Identity and access management policies
Answer: B. Anti-spam, anti-malware, and anti-phishing policies
(Found in Task 2: Apply Microsoft Defender for Office 365 preset security policies)
Question 7
What is the password for the Admin user on the WIN1 virtual machine?
A. [email protected]
B. Pa55w.rd
C. u^5aUJ2B=2x4%%Pg
D. Admin@1234
Answer: B. Pa55w.rd
(Found in Task 2: Apply Microsoft Defender for Office 365 preset security policies)
Question 8
What should you do if you see a coffee mug image and a message indicating that new
spaces for your data are being prepared?
A. Close the browser and start over
B. Wait approximately 5 minutes for the process to finish
C. Immediately turn off the virtual machine
D. Click on 'Turn new features on' again
Answer: B. Wait approximately 5 minutes for the process to finish
(Found in Task 3: Preparing the Microsoft 365 Defender workspace)
Question 9
�Who owns the tenants provided as part of the Microsoft 365 Defender lab?
A. The student using the tenant
B. The instructor-led training provider
C. Microsoft Corporation
D. The Authorized Lab Hosting provider
Answer: C. Microsoft Corporation
(Found in Lab Scenario)
Question 10
What should you select under 'Preset Security Policies' to manage protection settings
for 'Standard protection'?
A. Strict protection
B. Manage service settings
C. Threat policy settings
D. Manage protection settings
Answer: D. Manage protection settings
(Found in Task 2: Apply Microsoft Defender for Office 365 preset security policies)
