Control permissions and access through admin roles

Question 1

You have a Microsoft 365 tenant that contains a user named John Gruber. You have already created an eDiscovery case named CaseA. You need to allow John Gruber to export CaseA. Your organization requires you to use the principle of least privilege. Which role should you grant to John Gruber to fulfill the request above?

Question 2

Your organization has hired a new admin named John Gruber. Your manager has asked you to give John Gruber the ability to enable and configure Azure AD Privileged Identity Management. Your organization adheres to the principle of least privilege What role should you assign to John Gruber?

Question 3

You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. The tenant contains the following users. 📷 You've been tasked with implementing Azure Active Directory (Azure AD) Identity Protection. Before you can implement it your manager has asked you which users can perform the following actions: Configure a user risk policy. View the risky users' report. Which users can perform the tasks listed below?

Question 4

Your organization has a Microsoft 365 tenant that contains 5,000 mailboxes. Another admin, named John Gruber, has been tasked with searching every mailbox for emails going to a competing company. You need to configure Microsoft 365 so that John Gruber can search through the mailboxes. The solution should not give John Gruber the ability to send emails from any mailbox. What do you need to do to fulfill the request?

Question 5

Your organization has a Microsoft 365 tenant with auditing enabled. You've been asked to grant John Gruber the ability to review audit logs in your Microsoft 365 tenant. You give John Gruber the Global administrator role. A few days later and learn John Gruber disabled auditing. You re-enable auditing and then remove John Gruber's user account from the Global administrator role. You need to give John Gruber the ability to review audit logs but he can't be given permission to disable auditing. Your organization adheres to the principle of least privilege. Which role should you give to John Gruber?

Question 6

You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription. You need to allow a user named User1 to view ATP reports from the Threat management dashboard. Which role provides User1 with the required role permissions?

Question 7

Your manager asks you to give John Gruber the ability to assign the reports reader role to other users. Your organization adheres to the principle of least privilege. Which role should you assign to John Gruber?

Question 8

Your organization has a Microsoft 365 tenant with many Microsoft Defender for Office 365 policies configured. Your manager has asked you to grant John Gruber the ability to view Microsoft Defender for Office 365 reports through the dashboard. Which role should you assign to John Gruber?

Question 9

Your organization is using a Microsoft 365 tenant. From the Microsoft 365 admin center, you create a new user named John Gruber. You were requested to assign the User Administrator role to John Gruber but before you do your boss wants to know everything the role will give John access to. Which admin centers could you use to view the permissions of an administrator role?

Question 10

You have a Microsoft 365 tenant with the following user accounts configured. 📷 User1 is a member, has a city of Seattle, and has no admin roles. User2 is a member, has a city of Sea, and has the password administrator role User3 is a guest, has a city of SEATTLE, and has no admin roles. User4 is a member, has a city of SEAm, and has no admin roles. User5 is a member, has a city of London, and has no admin roles. User6 is a member, has a city of Londer, and has the Customer LockBox Access Approver role. User7 is a member, has a city of Sydney, and has the reports reader role. User8 is a member has a city of Sydney, and has the User administrator role. User9 is a member, has a city of Montreal, and has no admin roles. On what user accounts would User2 be unable to reset passwords?

Question 11

Your organization has Microsoft 365 tenant with Microsoft 365 E5 licenses. The tenant contains the following users. Your manager has asked you which admins can enable Microsoft Defender for Endpoint roles. Click the check box next to each user that can enable Microsoft Defender for Endpoint roles.

Question 12

Your organization hires a new compliance officer named Joe Gruber. Your manager has asked you to configure Joe's access. He'll need to be able to place mailboxes on hold, and perform compliance searches in OneDrive for Business, and SharePoint Online. Your organization adheres to the principle of least privilege. Answer the questions below

Question 13

A new admin has started with your organization the new admin will need to manage Exchange Online. You've been asked to grant the new user the required permissions. What steps should you take to complete the task?

Question 14

Your organization has a Microsoft 365 tenant with Microsoft Defender for Endpoint configured with multiple policies. Your organization has recently hired a new person named John Gruber. Your manager has informed you that John Gruber will need to view the Microsoft Defender for Endpoint reports in the Microsoft 365 Defender dashboard. Which role should you assign John Gruber to grant him the ability to view the Microsoft Defender for Endpoint reports?

Question 15

Your organization has a Microsoft 365 tenant. You've hired a new employee named John Gruber. You manager has asked you to assign John a role in Microsoft 365. John is required to monitor the service health in Microsoft 365 and create service requests. Your organization adheres to the principle of least privilege. What steps do you need to perform?

Question 16

Your organization has a Microsoft 365 tenant with Exchange Online and all mailboxes are housed in Exchange Online. Your organization hires a new admin named John Gruber. You've been tasked with assigning John his Microsoft 365 admin roles. Your manager informs you John will need to configure the retention of all the mailboxes including their deleted items. Your organization adheres to the principle of least privilege.

Question 17

You have a Microsoft 365 subscription that contains a user named User1. You plan to use Compliance Manager. You need to ensure that User1 can assign Compliance Manager roles to users. The solution must use the principle of least privilege. Which role should you assign to User1?

Question 18

Your organization has a Microsoft 365 tenant with Microsoft Defender for Endpoint configured with multiple policies. Your organization has recently hired a new person named John Gruber. Your manager has informed you that John Gruber will need to view the Microsoft Defender for Endpoint reports in the Microsoft 365 Defender dashboard. Which role should you assign John Gruber to grant him the ability to view the Microsoft Defender for Endpoint reports?

GitBit

Control permissions and access through admin roles

Questions for this test