Defending Exchange Online

Question 1

Your organization has a Microsoft 365 tenant with all users hosted in Exchange Online. It's a new tenant and all the defaults are still in place. You manage email security. Where do suspicious emails go?

Question 2

Your organization has a hybrid Microsoft 365 tenant with an Exchange on-premises server. 📷 User1 has an on-premises mailbox and MFA is required. User2 has an on-premises mailbox and MFA is disabled. User3 has an Exchange Online mailbox and MFA is required. User4 has an Exchange Online mailbox and MFA is disabled. You've been asked to implement Microsoft 365 Attack Simulator but before you do your manager needs to know who can receive the fake threats. Which users should you tell your boss can receive the attack simulation fake threats?

Question 3

All user users have a Microsoft 365 E5 license. You have a hybrid Microsoft Exchange Server. Some of your user's mailboxes are located in Microsoft 365 while others are located in the on-premises Exchange server You are tasked with setting up and configuring Microsoft Defender for Office 365 anti-phishing policy. Management has asked you to enable mailbox intelligence for all users. What do you need to do to verify all mailboxes have mailbox intelligence enabled and working?

Question 4

Your organization has a Microsoft 365 tenant with a primary domain of gitbit.org Your organization has the following safe links policy. 📷 Which URL can users access from Microsoft Office Online?

Question 5

You've been tasked with updating the safe links policy. Your manager gives you the following 2 requirements: Block any access to the GitBit.org domain Track user clicks on any links to gitbit.org. What steps need to be completed to fulfill the requirements?

Question 6

Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses. You've just implemented a Defender for Office 365 safe attachments policy for your entire organization. Your help desk is getting calls that emails containing attachments are taking a long to be received. You need to reconfigure the safe attachments policy so emails are received more quickly but the attachments still need to be scanned for malware and any attachments with malware must be blocked. How should you reconfigure the safe attachment policy?

Question 7

Several users in your organization have called in reporting they received an email that should have had an attachment but there was no attachment. You've been tasked with tracking down why the email attachment has been removed. As far as you know there haven't been any recent changes to your environment. What two places can you go to review the missing attachments?

Question 8

Your organization has recently been breached because a user clicked a link in an email. Your manager has set up a fake phishing site at NotARealSite.com. Your manager wants to track anyone that clicks the link but he doesn't want to block them from accessing the site. You've been tasked with updating the safe links policy. Your manager gives you the following requirement: Track user clicks on any links to NotARealSite.com. What steps need to be completed to fulfill the requirements?

Question 9

You have a Microsoft 365 Enterprise E5 subscription. You use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). You plan to use Microsoft Office 365 Attack simulator. What is a prerequisite for running an Attack simulator?

Question 10

Your organization has a Microsoft 365 tenant and you've already created a Microsoft Defender Safe Attachments policy. You've configured the policy to quarantine malware. Some users have complained that they go to check their quarantine but the emails are already deleted. Your manager has asked you to change the retention duration for the attachments that end up in quarantine. He needs you to extend the amount of time the emails will be in quarantine. Which threat management policy should you update from the Microsoft Defender admin center?

Question 11

You need to protect your organization against phishing attacks. The solution must meet the following requirements: Phishing email messages must be quarantined if the messages are sent from a spoofed domain. As many phishing email messages as possible must be identified. The solution must apply to the current SMTP domain names and any domain names added later. What steps should you take to complete the task?

Question 12

Your manager has asked you to block any access to the site malware.gitbit.org. He wants to ensure you block the site from being opened from within an email or any Microsoft Office application. How can you fulfill his request?

Question 13

Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses. Your manager has asked you to reconfigure the email filter to deliver any emails that contain malware without the attachment. What two options do you need to configure?

Defending Exchange Online

Questions for this test