Hard MS-102 practice questions
Challenge — multi-step scenarios, trade-offs, and subtle distinctions. 5 hard questions available — no sign-up, always free.
Contoso currently enforces multifactor authentication for all users by enabling per-user MFA (the legacy per-user setting on each account). The security team wants to move to a modern, policy-based approach that allows conditions such as trusted locations and specific applications to influence when MFA is required, while retaining reporting on authentication methods. What should the administrator do to transition users off per-user MFA correctly?
Contoso uses Microsoft Defender for Office 365 Plan 2. The security team has enabled the built-in Standard preset security policy for all users. Separately, an administrator created a custom Anti-phishing policy scoped to the finance department with a higher spoof-intelligence threshold. A finance user reports that a phishing email that should have matched the custom finance policy was instead evaluated by different settings. What is the most likely reason the custom policy did not apply?
Your organization has deployed Endpoint DLP to onboarded Windows 10 devices. A DLP policy blocks copying files that contain credit card numbers to USB removable storage. Users report that files are sometimes copied to USB drives before the policy classifies them, because classification occurs after the file has already left the device. You need to ensure that files are evaluated and blocked at the moment of the egress activity, even for content that has not yet been classified. What should you configure?
Your organization assigns Microsoft 365 E5 licenses through a dynamic security group named 'All-Staff'. A user, Priya, is a member of both 'All-Staff' and a second group 'Contractors' that assigns Microsoft 365 E3. Priya reports that some of her E5 service plans are showing as errors in the Microsoft 365 admin center under her license assignment. What is the most likely cause and the recommended way to resolve it?
Contoso has a retention policy applied to all SharePoint sites that retains content for 5 years, then deletes it. The compliance team also publishes a retention label that retains matching contracts for 10 years, then deletes them, and configures it to auto-apply to any document containing specific contract keywords. A contract document stored in SharePoint matches both. How long will the contract be retained before deletion?