Microsoft 365 Administrator · Difficulty

Hard MS-102 practice questions

Challenge — multi-step scenarios, trade-offs, and subtle distinctions. 5 hard questions available — no sign-up, always free.

Question 1 of 5

Contoso currently enforces multifactor authentication for all users by enabling per-user MFA (the legacy per-user setting on each account). The security team wants to move to a modern, policy-based approach that allows conditions such as trusted locations and specific applications to influence when MFA is required, while retaining reporting on authentication methods. What should the administrator do to transition users off per-user MFA correctly?

Reviewed for accuracy · Report an issue
Question 2 of 5

Contoso uses Microsoft Defender for Office 365 Plan 2. The security team has enabled the built-in Standard preset security policy for all users. Separately, an administrator created a custom Anti-phishing policy scoped to the finance department with a higher spoof-intelligence threshold. A finance user reports that a phishing email that should have matched the custom finance policy was instead evaluated by different settings. What is the most likely reason the custom policy did not apply?

Reviewed for accuracy · Report an issue
Question 3 of 5

Your organization has deployed Endpoint DLP to onboarded Windows 10 devices. A DLP policy blocks copying files that contain credit card numbers to USB removable storage. Users report that files are sometimes copied to USB drives before the policy classifies them, because classification occurs after the file has already left the device. You need to ensure that files are evaluated and blocked at the moment of the egress activity, even for content that has not yet been classified. What should you configure?

Reviewed for accuracy · Report an issue
Question 4 of 5

Your organization assigns Microsoft 365 E5 licenses through a dynamic security group named 'All-Staff'. A user, Priya, is a member of both 'All-Staff' and a second group 'Contractors' that assigns Microsoft 365 E3. Priya reports that some of her E5 service plans are showing as errors in the Microsoft 365 admin center under her license assignment. What is the most likely cause and the recommended way to resolve it?

Reviewed for accuracy · Report an issue
Question 5 of 5

Contoso has a retention policy applied to all SharePoint sites that retains content for 5 years, then deletes it. The compliance team also publishes a retention label that retains matching contracts for 10 years, then deletes them, and configures it to auto-apply to any document containing specific contract keywords. A contract document stored in SharePoint matches both. How long will the contract be retained before deletion?

Reviewed for accuracy · Report an issue