[Dec 17, 2021] PassTestking MS-500 dumps & Microsoft 365 sure practice dumps [Q20-Q45]

[Dec 17, 2021] PassTestking MS-500 dumps & Microsoft 365 sure practice dumps

Microsoft MS-500 Actual Questions and Braindumps

How to book the MS-500 Exam

These are following steps for registering the MS-500 exam. Step 1: Visit to Microsoft Exam Registration Step 2: Signup/Login to MICROSOFT account Step 3: Search for MICROSOFT MS-500 Certifications Exam Step 4: Select Date and Center of examination and confirm with payment value of $165

NEW QUESTION 20
You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.
What should you include in the recommendation?

A. a device compliance policy
B. a user risk policy
C. an access review
D. a sign-in risk policy

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy
Topic 2, Litware, Inc
Overview
Litware, Inc. is a financial company that has 1,000 users in its main office in Chicago and 100 users in a branch office in San Francisco.
Existing Environment
Internal Network Infrastructure
The network contains a single domain forest. The forest functional level is Windows Server 2016.
Users are subject to sign-in hour restrictions as defined in Active Directory.
The network has the IP address range shown in the following table.

The offices connect by using Multiprotocol Label Switching (MPLS).
The following operating systems are used on the network:
* Windows Server 2016
* Windows 10 Enterprise
* Windows 8.1 Enterprise
The internal network contains the systems shown in the following table.
Litware uses a third-party email system.
Cloud Infrastructure
Litware recently purchased Microsoft 365 subscription licenses for all users.
Microsoft Azure Active Directory (Azure AD) Connect is installed and uses the default authentication settings. User accounts are not yet synced to Azure AD.
You have the Microsoft 365 users and groups shown in the following table.

Planned Changes
Litware plans to implement the following changes:
* Migrate the email system to Microsoft Exchange Online
* Implement Azure AD Privileged Identity Management
Security Requirements
Litware identities the following security requirements:
* Create a group named Group2 that will include all the Azure AD user accounts. Group2 will be used to provide limited access to Windows Analytics
* Create a group named Group3 that will be used to apply Azure Information Protection policies to pilot users. Group3 must only contain user accounts
* Use Azure Advanced Threat Protection (ATP) to detect any security threats that target the forest
* Prevent users locked out of Active Directory from signing in to Azure AD and Active Directory
* Implement a permanent eligible assignment of the Compliance administrator role for User1
* Integrate Windows Defender and Windows Defender ATP on domain-joined servers
* Prevent access to Azure resources for the guest user accounts by default
* Ensure that all domain-joined computers are registered to Azure AD
Multi-factor authentication (MFA) Requirements
Security features of Microsoft Office 365 and Azure will be tested by using pilot Azure user accounts.
You identify the following requirements for testing MFA.
* Pilot users must use MFA unless they are signing in from the internal network of the Chicago office. MFA must NOT be used on the Chicago office internal network.
* If an authentication attempt is suspicious, MFA must be used, regardless of the user location
* Any disruption of legitimate authentication attempts must be minimized General Requirements Litware want to minimize the deployment of additional servers and services in the Active Directory forest.

NEW QUESTION 21
You have a Microsoft 365 subscription that include three users named User1, User2, and User3.
A file named File1.docx is stored in Microsoft OneDrive. An automated process updates File1.docx every minute.
You create an alert policy named Policy1 as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies

NEW QUESTION 22
Your company has a Microsoft 365 subscription.
The company does not permit users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.
The users must be prevented from backing up the app's data to iCloud.
What should you create?

A. an app protection policy in Microsoft Intune
B. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition
C. a device compliance policy in Microsoft Intune
D. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition

Answer: A

NEW QUESTION 23
You have a Microsoft 365 Tenant.
A conditional access policy is configured for the tenant as shown in the Policy exhibit. (Click the Policy tab.)

The User Administrator role a configured as shown in the Hole setting exhibit (Click the Role setting tab.)

The User Administrator role has the assignments shown in the Assignments exhibit (Click the Assignments tab.)

For each of the following statements, select yes If the statement is true. Otherwise select No.
NOTE Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 24
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an on-premises Active Directory domain named contoso.com.
You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
You use the Directory Service event log on Server1.
Does that meet the goal?

A. No
B. Yes

Answer: A

Explanation:
Explanation/Reference:
References:
https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-Instance

NEW QUESTION 25
You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. All the devices in the tenant are managed by using Microsoft Intune.
You purchase a cloud app named App1 that supports session controls.
You need to ensure that access to App can be reviewed in real time.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/cloud-app-security/access-policy-aad

NEW QUESTION 26
You need to ensure that administrators can publish a label that adds afooter to email messages and documents.
To complete this task, sign in to the Microsoft Office 365 portal.

Answer:

Explanation:
See explanation below.
Explanation
You need to configure a Sensitivity label.
Go to the Security & Compliance Admin Center.
Navigate toClassification>Sensitivity labels.
Click on+ Create a labelto create a new label.
Give the label a name and description then click
Leave the Encryption option as
On the Content Marking page, tick the checkbox
Click theCustomize Textlink and add the footer text and click (for the question, it doesn't matter what text you add).
ClickNext.
Leave theAuto-labeling for Office apps
Click theSubmitbutton to save your changes.
The label is now ready to be published. Click the button to exit the page and create the label.

NEW QUESTION 27
You have a Microsoft 365 subscription that contains 1,000 user mailboxes.
An administrator named Admin1 must be able to search for the name of a competing company in the mailbox of a user named User5.
You need to ensure that Admin1 can search the mailbox of User5 successfully. The solution must prevent Admin1 from sending User5.
Solution: You start a message trace, and then create a Data Subject request (DSR) case.
Does this meet the goal?

A. No
B. Yes

Answer: B

NEW QUESTION 28
You view Compliance Manager as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/meet-data-protection-and-regulatory-reqs-using-m

NEW QUESTION 29
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
Four Windows 10 devices are joined to the tenant as shown in the following table.

On which devices can you use BitLocker To Go and on which devices can you turn on auto-unlock? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 30
Which policies apply to which devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 31
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308

You need to ensure that all the email messages in the mailbox of a user named Allan Deyoung are retained for a period of 90 days, even if the messages are deleted.
To complete this task, sign in to the Microsoft 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
1. Navigate to the Exchange Admin Center
2. Navigate to Compliance management > Retention tags, and then click Add +
3. Select the Applied automatically to entire mailbox (default) option.
4. The New retention tag page title and options will vary depending on the type of tag you selected. Complete the following fields:
Name: Enter a name for the retention tag.
Retention action: Select Delete and Allow Recovery option.
Retention period: Select When the item reaches the following age (in days) option.
Comment: User this optional field to enter any administrative notes or comments. The field isn't displayed to users.
5. Navigate to Compliance management Retention policies, and then click Add +
6. In New Retention Policy, complete the following fields:
Name: Enter a name for the retention policy.
Retention tags: Click Add + to select the tags you want to add to this retention policy.
After you create a retention policy, you must apply it.
1. Navigate to Recipients > Mailboxes
2. In the list view, select the mailbox to which you want to apply the retention policy, and then click Edit.
3. In User Mailbox, click Mailbox features
4. In the Retention policy list, select the policy you want to apply to the mailbox, and then click Save.
Reference:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/create-a-re
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/apply-reten

NEW QUESTION 32
You recently created and published several labels policies in a Microsoft 365 subscription.
You need to view which labels were applied by users manually and which labels were applied automatically.
What should you do from the Security & Compliance admin center?

A. From Reports, select Dashboard
B. From Search & investigation, select eDiscovery
C. From Data governance, select Events
D. From Search & investigation, select Content search

Answer: A

Explanation:
Explanation
https://docs.microsoft.com/en-us/microsoft-365/compliance/view-label-activity-for-documents

NEW QUESTION 33
You have a Microsoft 365 subscription that uses a default name of litwareinc.com.
You configure the Sharing settings in Microsoft OneDrive as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/onedrive/manage-sharing

NEW QUESTION 34
You have a Microsoft 365 subscription.
You identify the following data loss prevention (DLP) requirements:
* Send notifications to users if they attempt to send attachments that contain EU social security numbers
* Prevent any email messages that contain credit card numbers from being sent outside your organization
* Block the external sharing of Microsoft OneDrive content that contains EU passport numbers
* Send administrators email alerts if any rule matches occur.
What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 35
You have a Microsoft 365 subscription.
You have a site collection named SiteCollection1 that contains a site named Site2. Site2 contains a document library named Customers.
Customers contains a document named Litware.docx. You need to remove Litware.docx permanently.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

NEW QUESTION 36
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that [email protected] receives an alert when a user establishes a sync relationship to a document library from a computer that is a member of an Active Directory (AD) domain.
To complete this task, sign in to the Microsoft Office 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
1. Navigate to Manage Alerts in the Security & Compliance Center.
2. On the Activity alerts page, click
The flyout page to create an activity alert is displayed.

3. Complete the following fields to create an activity alert:
a. Name - Type a name for the alert. Alert names must be unique within your organization.
b. Description (Optional) - Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins.
c. Alert type - Make sure the Custom option is selected.
d. Send this alert when - Click Send this alert when and then configure these two fields:
* Activities - Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that's displayed when you search the Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For
* a description of these activities, see the "Audited activities" section in Search the audit log. When a user performs any of the activities that you've added to the alert, an email notification is sent.
* Users - Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert.
e. Send this alert to - Click Send this alert, and then click in the Recipients box and type a name to add a user's who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.
4. Click Save to create the alert.
The new alert is displayed in the list on the

The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide

NEW QUESTION 37
You have a Microsoft 365 subscription that uses a default domain name of contoso.com.
Microsoft Azure Active Directory (Azure AD) contains the users shown in the following table.

Microsoft Intune has two devices enrolled as shown in the following table:

Both devices have three apps named App1, App2, and App3 installed.
You create an app protection policy named ProtectionPolicy1 that has the following settings:
* Protected apps: App1
* Exempt apps: App2
* Windows Information Protection mode: Block
You apply ProtectionPolicy1 to Group1 and Group3. You exclude Group2 from ProtectionPolicy1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 38
You have a Microsoft 365 subscription that uses a default domain nameof contoso.com.
Microsoft Azure Active Directory (Azure AD) contains the users shown in the following table.

Microsoft Intune has two devices enrolled as shown in the following table:

Both devices have three apps named App1, App2, and App3installed.
You create an app protection policy named ProtectionPolicy1 that has the following settings:
Protected apps: App1
Exempt apps: App2
Windows Information Protection mode: Block
You apply ProtectionPolicy1 to Group1 and Group3. You exclude Group2 from ProtectionPolicy1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 39
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You create and enforce an Azure AD Identity Protection user risk policy that has the following settings:
* Assignments: Include Group1, Exclude Group2
* Conditions: Sign in risk of Low and above
* Access: Allow access, Require password change
You need to identify how the policy affects User1 and User2.
What occurs when User1 and User2 sign in from an unfamiliar location? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 40
You have a Microsoft 365 subscription that includes a user named Admin1.
You need to ensure that Admin1 can retain all the mailbox content of users, including their deleted items.
The solution must use the principle of least privilege.
What should you do?

A. From the Exchange admin center, assign the Recipient Management admin role to Admin1.
B. From the Azure Active Directory admin center, assign the Service administrator role to Admin1.
C. From the Exchange admin center, assign the Security Administrator role to Admin1.
D. From the Microsoft 365 admin center, assign the Exchange administrator role to Admin1.

Answer: D

NEW QUESTION 41
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a user named Alex Wilber can register for multifactor authentication (MFA).
To complete this task, sign in to the Microsoft Office 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
Enable Modern authentication for your organization
1. To enable modern authentication, from the admin center, select Settings and then in the Services tab, choose Modern authentication
2. Check the Enable modern authentication Modern authentication panel.

Enable multi-factor authentication for your organization
1. In the admin center, select Users and Active Users.
2. In the Active Users section, Click on multi-factor authentication.
3. On the Multi-factor authentication page, select user if you are enabling this for one user or select Bulk Update to enable multiple users.
4. Click on Enable under Quick Steps.
5. In the Pop-up window, Click on Enable Multi-Factor Authentication.
After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authenticatio

NEW QUESTION 42
How should you configure Group3? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 43
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308

You plan to create a script to automate user mailbox searches. The script will search the mailbox of a user named Allan Deyoung for messages that contain the word injunction.
You need to create the search that will be included in the script.
To complete this task, sign in to the Microsoft 365 admin center.

Answer:

Explanation:
Step 1: Create a CSV file that contains information about the searches you want to run The comma separated value (CSV) file that you create in this step contains a row for each user that want to search. You can search the user's Exchange Online mailbox (which includes the archive mailbox, if it's enabled) and their OneDrive for Business site. Or you can search just the mailbox or the OneDrive for Business site. You can also search any site in your SharePoint Online organization. The script that you run in Step 3 will create a separate search for each row in the CSV file.
1. Copy and paste the following text into a .txt file using NotePad. Save this file to a folder on your local computer. You'll save the other scripts to this folder as well.
ExchangeLocation,SharePointLocation,ContentMatchQuery,StartDate,EndDate [email protected],https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,( OR legal),1/1/2000,12/31/2005 [email protected],https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,( OR legal),1/1/2006,12/31/2010 [email protected],https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,( OR legal),1/1/2011,3/21/2016
,https://contoso.sharepoint.com/sites/contoso,,,3/21/2016
,https://contoso-my.sharepoint.com/personal/davidl_contoso_onmicrosoft_com,,1/1/2015,
,https://contoso-my.sharepoint.com/personal/janets_contoso_onmicrosoft_com,,1/1/2015, The first row, or header row, of the file lists the parameters that will be used by New-ComplianceSearch cmdlet to create a new Content Searches. Each parameter name is separated by a comma. Make sure there aren't any spaces in the header row. Each row under the header row represents the parameter values for each search. Be sure to replace the placeholder data in the CSV file with your actual data.
2. Open the .txt file in Excel, and then use the information in the following table to edit the file with information for each search.

3. Save the Excel file as a CSV file to a folder on your local computer. The script that you create in Step 3 will use the information in this CSV file to create the searches.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-report-on-and-delete-multiple-content-searche Keyword queries and search conditions for Content Search
https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365

NEW QUESTION 44
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that email messages in Exchange Online and documents in SharePoint Online are retained for eight years.
To complete this task, sign in to the Microsoft Office 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
NB: For our purposes, the retention period will be 8 years.
For retaining email messages in Exchange Online:
Step 1: Create a retention tag
1. Navigate to the Exchange Admin Center
2. Navigate to Compliance management +
3. Select one of the following options:
* Applied automatically to entire mailbox (default): Select this option to create a default policy tag (DPT). You can use DPTs to create a default deletion policy and a default archive policy, which applies to all items in the mailbox.
* Applied automatically to a specific folder: Select this option to create a retention policy tag (RPT) for a default folder such as Inbox or Deleted Items.
* Applied by users to items and folders (Personal): Select this option to create personal tags. These tags allow Outlook and Outlook on the web (formerly known as Outlook Web App) users to apply archive or deletion settings to a message or folders that are different from the settings applied to the parent folder or the entire mailbox.
4. The New retention tag page title and options will vary depending on the type of tag you selected. Complete the following fields:
* Name: Enter a name for the retention tag. The tag name is for display purposes and doesn't have any impact on the folder or item a tag is applied to. Consider that the personal tags you provision for users are available in Outlook and Outlook on the web.
* Apply this tag to the following default folder: This option is available only if you selected Applied automatically to a specific folder.
* Retention action: Select one of the following actions to be taken after the item reaches its retention period:
* Delete and Allow Recovery: Select this action to delete items but allow users to recover them using the Recover Deleted Items option in Outlook or Outlook on the web. Items are retained until the deleted item retention period configured for the mailbox database or the mailbox user is reached.
* Permanently Delete: Select this option to permanently delete the item from the mailbox database.
* Move to Archive: This action is available only if you're creating a DPT or a personal tag. Select this action to move items to the user's In-Place Archive.
* Retention period: Select one of the following options:
* Never: Select this option to specify that items should never be deleted or moved to the archive.
* When the item reaches the following age (in days): Select this option and specify the number of days to retain items before they're moved or deleted. The retention age for all supported items except Calendar and Tasks is calculated from the date an item is received or created. Retention age for Calendar and Tasks items is calculated from the end date.
* Comment: User this optional field to enter any administrative notes or comments. The field isn't displayed to users.
Step 2: Create a retention policy
1. Navigate to Compliance management Add +
2. In New Retention Policy, complete the following fields:
* Name: Enter a name for the retention policy.
* Retention tags: Click Add + to select the tags you want to add to this retention policy.
A retention policy can contain the following tags:
* One DPT with the Move to Archive action.
* One DPT with the Delete and Allow Recovery or Permanently Delete actions.
* One DPT for voice mail messages with the Delete and Allow Recovery or Permanently Delete actions.
* One RPT per default folder such as Inbox to delete items.
* Any number of personal tags.
Step 3: Apply a retention policy to mailbox users
After you create a retention policy, you must apply it to mailbox users. You can apply different retention policies to different set of users.
* Navigate to Recipients > Mailboxes.
* In the list view, use the Shift or Ctrl keys to select multiple mailboxes.
* In the details pane, click More options.
* Under Retention Policy, click Update.
* In Bulk Assign Retention Policy, select the retention policy you want to apply to the mailboxes, and then click Save.
For retaining documents in SharePoint Online
Access Security & Compliance Admin Center
1. Navigate to the Office 365 Admin Centers

2. From the list of available Admin Centers, click on Security & Compliance

How to create and publish a Retention Policy on a SharePoint site
Now that we are in the Security & Compliance Admin Center, we are ready to create and publish a Retention Policy on a SharePoint site.Under

1. Hit Create button to create new Retention Policy

2. Give your policy a name and description.

3. On the next screen is where you set up the logic. You can configure how many days, months, or years to retain the content for, specify whether you want the math (retention period) to be calculated from the Created Date or Last Modified Date. Lastly, you can also specify whether you want to keep or delete content after the Retention period expires. Hit Next

4. On the next screen, you get to choose where to apply the policy. You can apply it to email (Exchange), SharePoint sites, OneDrive accounts as well as Office 365 Groups.

5. In my case, I applied a policy to a single Office 365 Group Site

6. On a final screen, you need to review and confirm the settings and click Create this policy button. It is imperative to note the message you get to see at the bottom. It warns you that content might be deleted as soon as the policy takes effect according to the logic you set up in previous steps.

References:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/create-a-re
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/apply-reten
https://sharepointmaven.com/how-to-set-a-retention-policy-on-a-sharepoint-site/