Which two organization level insights can you derive from the Regulatory Compliance dashboard of Azure security Center?

Are you preparing for the MS-900 exam? – This blog post provides you with 25 Free questions for your MS-900 certification exam preparation. To learn the exam objectives clearly, our subject matter experts crafted these free questions to help you understand the core concepts through exhaustive explanations to every question.

MS-900 certification exam validates the candidate’s proficiency in Microsoft 365 Cloud service, Azure, and Dynamics 365. Also, one should be aware of the cloud adoption, SaaS model, and MS 365 implementation. If you have basic experience in working with Microsoft 365 cloud environment, then you can take up this certification exam. The exam questions cover the below topics:

• Basic Cloud concepts
• Core Microsoft 365 Services and Concepts
• Security, Compliance, Privacy, and Trust in Microsoft 365
• Microsoft 365 Pricing and Support

Let’s start learning these MS-900 practice exam questions!

Domain : Describe cloud concepts

Q1 : You have an application that resides in a private cloud. You have an online festival offer event planned in the upcoming days. Which of the following is better preparation for this event considering the sudden spike in demand which might cause an overload of capacity?

A. Use Hybrid cloud so that you can tap into additional cloud computing resources in the public cloud
B. Change the Application’s user interface
C. Set the Limitation for user access
D. Limit user access so that the user can access only necessary features

Correct Answer: A

Explanation:

You need to choose Hybrid Cloud. Hence Option A is correct.
Options B and C are not the right approaches.
The advantage of the hybrid cloud is to achieve global scale, increased reliability, AI-enabled security, and cost savings offered by the public cloud.

If an application resides on-premises or in a private cloud, sudden spikes in demand may overload the capacity (events like online shopping or tax filing). When demand spikes, organizations can tap into additional computing resources in the public cloud where the hybrid cloud environment allows the on-premises infrastructure to “burst through” to the public cloud.

Reference: Public Cloud vs Private Cloud vs Hybrid Cloud | Microsoft Azure

Domain : Describe Microsoft 365 pricing and support

Q2 : Your Organization needs Azure Information Protection to be included with your Microsoft 365 Business Plan. Which of the following Plan/Plans will you choose?

A. Microsoft 365 Business Basic
B. Microsoft 365 Business Standard
C. Microsoft 365 Business Premium
D. Any of the above

Correct Answer: C

Explanation:

Only Microsoft 365 Business Premium includes Azure Information Protection. Microsoft 365 Business basic and Standard plans do not include Azure Information Protection. Option C is correct.
Options A, B and D are incorrect.

Reference: Microsoft 365 for business

Domain : Describe core Microsoft 365 services and concepts

Q3 : Owners of traditional SharePoint sites can upgrade to modern sites by

A. Enabling the modern user interface in classic sites
B. Transforming classic site pages into modern pages
C. Connecting the site to an Office 365 group
D. All the above

Correct Answer: D

Explanation:

Owners of traditional SharePoint sites can upgrade to modern sites by using any one of the following methods.

Enabling the modern user interface in classic sites,
Connecting the site to an Office 365 group
Switching to a modern tenant-scoped branding
Transforming classic site pages into modern page

Reference: Redefining the intranet site experience with SharePoint in Office 365 (microsoft.com)

Domain : Describe Microsoft 365 pricing and support

Q4 : You have a small business with less than 100 users. Which of the following Microsoft 365 Plan is better suited?

A. Microsoft 365 Business plan
B. Microsoft 365 Personal Plan
C. Microsoft 365 Family Plan
D. None of the above

Correct Answer: A

Explanation:

The most interesting plans for a small business with less than 300 users are the Microsoft 365 Business plans. Large organizations will have to look at the Office 365 Enterprise and Microsoft 365 plans.

Microsoft 365 Personal Plan is suitable for a single person.

Microsoft 365 Home Plan is suitable for 2-6 people.

References:
Microsoft 365 and Office 365 plan options – Service Descriptions | Microsoft Docs
Compare All Microsoft 365 Plans (Formerly Office 365) – Microsoft Store
Compare All Microsoft 365 Plans | Microsoft

Domain : Describe Microsoft 365 pricing and support

Q5 : You have opted for Services from Microsoft for your organization. You would like to Submit feedback about Microsoft 365 services performance and user experience. Which of the following forum should you use to share your feedback with Microsoft?

A. MS Stream
B. UserVoice
C. Dynamic 365
D. SharePoint

Correct Answer: B

Explanation:

Microsoft has partnered with UserVoice, a third-party service, to communicate with customers and collect feedback.

Note: – Microsoft will be moving away from UserVoice feedback sites throughout the 2021 calendar year on a product-by-product basis and will leverage 1st party solutions.

Reference: Communicate and share ideas with UserVoice – Learn | Microsoft Docs

Domain : Describe core Microsoft 365 services and concepts

Q6 : In which of the following are Business intelligence (BI) capabilities available?

A. Power BI
B. SharePoint Online
C. Microsoft Excel
D. All the Above

Correct Answer: D

Explanation:

In Office 365 Enterprise, you have BI capabilities available in Excel and SharePoint Online. These services enable you to gather data, visualize data, and share information with people in your organization across multiple devices.

However, Power BI gives even more BI capabilities than what you get in Excel and SharePoint Online.
Hence all three options A, B and C are valid.

Reference: BI capabilities in Excel and Office 365 (microsoft.com)

Domain : Describe Microsoft 365 pricing and support

Q7 : Your Company requires Privileged identity management (PIM) in Azure AD. As an administrator, which of the following plan you need to choose?

A. Azure AD premium P1
B. Azure AD premium P2
C. Azure AD free
D. Microsoft 365 apps

Correct Answer: B

Explanation:

Azure AD has several tiers of service such as Free, Microsoft 365, and Premium editions P1 & P2.

Azure AD Premium P1 Includes free, Office 365, and premium features including Conditional access, Microsoft Cloud App Discovery, Advanced security and usage reports, advanced group access management, and hybrid identities.
Hence Option A is incorrect.
Azure AD Premium P2 includes all the above included within Premium P1 along with Azure Identity protection. Privileged Identity Management (PIM) is part of the Azure Identity Protection.
Hence Option B is correct.
Azure AD Free includes single sign-on, self-service password change, multi-factor authentication, basic security/usage reports, and business-to-business collaboration.
Hence Option C is incorrect.
Microsoft 365 apps include all the free features plus identity, self-service password reset, and device write-back.
Hence Option D is incorrect.

Reference: Manage identities and access in Microsoft 365 with Azure Active Directory – Learn | Microsoft Docs

Domain : Describe Microsoft 365 pricing and support

Q8 : You need to choose Defender for Office 365 subscription which provides an option to scan documents and files that are opened in a protected view. Which of the following plans do you choose to meet this requirement?

A. Defender for Office 365 Plan 1
B. Defender for Office 365 Plan 2
C. Microsoft 365 E5/ A5 security
D. Exchange Online Protection(EOP)

Correct Answer: C

Explanation:

Scan documents and files that are opened in a protected view using MS defender for Endpoint are called the “Safe Documents” feature. This feature is only available to users with the Microsoft 365 E5/ A5 Security license.

Hence Option C is correct.
Exchange Online Protection is present in subscriptions where Exchange Online mailboxes can be found, which prevents broad, known attacks. It does not have the Safe Documents feature.
Hence Option D is incorrect.
Microsoft Defender for Office 365 P1 contains EOP in it. Defender for Office 365 P2 contains features of P1 along with features of EOP. However, Microsoft defender for office 365 plans does not have the “Safe Documents” feature. 
Hence Options A and B are incorrect.

References:
Microsoft Defender for Office 365 service description – Service Descriptions | Microsoft Docs
Microsoft Defender for Office 365 Features service description – Service Descriptions | Microsoft Docs

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q9 : New college graduates join the corporate. They are asked to use their own phones to access Outlook and MS Teams. Which service can help to secure the corporate data used in Office apps, which involves personal data too?

A. Microsoft Power BI
B. Microsoft Intune
C. Microsoft Excel
D. Microsoft Access

Correct Answer: B

Explanation:

Microsoft Intune offers an alternative BYOD approach of simply managing the apps that contain corporate data. It protects corporate data from any data leakage used in mobile devices.

Option A is incorrect because Power BI is a Business Intelligence tool and is not used for Endpoint Management by Microsoft.
Option B is correct because Microsoft Intune serves another BYOD approach of simply managing the apps that contain corporate data and personal data in mobile devices.
Option C is incorrect because Excel is a spreadsheet tool for storing various reports and is not used for Endpoint Management by Microsoft.
Option D is incorrect because Access is a database management system and doesn’t help in securing the corporate data in Office applications.

Reference: https://docs.microsoft.com/en-us/mem/intune/fundamentals/common-scenarios

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q10 : Robin has just migrated from a different tech stack to M365 based project. He watches the dashboard with various data security recommendations and compliance threads. This dashboard also highlights the compliance score. What is the portal that is being discussed here?

A. Service Trust Portal
B. Compliance Manager
C. Microsoft Power BI
D. Microsoft Intune

Correct Answer: B

Explanation:

Compliance Manager is the dashboard that consists of the compliance score and the relevant data security and compliance recommendations. This makes it easy to perform risk assessments of Microsoft’s cloud services.

Option A is incorrect because Service Trust Portal is a service feature present in M365 that provides insights into the company’s security, privacy, and compliance threads. It encloses other tools like regional compliance, trust documents etc. It’s not specific to the description in the question.
Option B is correct because the description and features appropriately correspond to the Compliance Manager.
Option C is incorrect because Power BI is the business analytics tool mainly used for data analytics and visualizations. This portal doesn’t highlight the compliance score or data security recommendations.
Option D is incorrect because Intune neither shows any compliance score nor suggests any compliance recommendations.

Reference: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/use-compliance-manager-and-service-trust-portal-to-enhance-your/ba-p/196965

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q11 : M365 is HIPAA Compliant.

A. Yes and adheres to the Security Rule requirements of HIPAA
B. Yes but doesn’t adhere to the Security Rule requirements of HIPAA
C. No and doesn’t adhere to the Security Rule requirements of HIPAA
D. No but adheres to the Security Rule requirements of HIPAA

Correct Answer: D

Explanation:

As per the current documentation, there is currently no certification standard that the Department approves of Health and Human Services to demonstrate compliance with HIPAA by a business associate.

Option A is incorrect because there is no proof of evidence yet that M365 is HIPAA compliant.
Option B is incorrect because there is no proof of evidence yet that M365 is HIPAA compliant.
Option C is incorrect because it adheres to the security requirements of HIPAA.
Option D is correct because it adheres to the HIPAA security regulations as a business associate, although there is still no documented proof that M365 is HIPAA compliant.

Reference: https://docs.microsoft.com/en-us/compliance/regulatory/offering-hipaa-hitech

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q12 : What are the significant principles of the Zero Trust Security Model?

A. Explicit verification
B. Use least privileged access
C. Assume breach
D. All of these

Correct Answer: D

Explanation:

Zero Trust Security Model, the major security framework followed by Microsoft, encompasses explicit verification, the least usage of privileged access, minimizing the breach, and segment access.

Option A is incorrect because there are other important principles of the Zero Trust Security Model which the organization needs to abide by, although verification and not trust, is a major principle.
Option B is incorrect because it is only a subset of principles in this model, limiting user access with just-in-time and just-enough-access.
Option C is incorrect because it is only a subset of principles in this model, though verifying end-to-end encryption to minimize breach is significant.
Option D is correct because it covers all the relevant options mentioned above.

Reference: https://www.microsoft.com/en-in/security/business/zero-trust

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q13 : Which M365 Enterprise subscription is required for detecting and investigating advanced threats and malicious actions across on-premises and cloud environments?

A. M365 E3
B. M365 E5
C. M365 F3
D. O365 E1

Correct Answer: B

Explanation:

Microsoft 365 E5 provides the functionality to detect and investigate advanced threats and malicious activities in both on-prem and cloud environments.

Option A is incorrect because advanced threat protection is not included in M365 E3.
Option B is correct because M365 E5 provides advanced threat protection facilities to the users.
Option C is incorrect because advanced threat protection is not included in M365 F3.
Option D is incorrect because advanced threat protection is not included in O365 E1.

Reference: https://www.microsoft.com/en-in/microsoft-365/compare-microsoft-365-enterprise-plans

Domain : Describe core Microsoft 365 services and concepts

Q14 : What is the release frequency of the Current channel?

A. Twice a year
B. Once a month
C. Once a week
D. At least once a month

Correct Answer: D

Explanation:

The release frequency is set to at least once a month for the current channel.

Option A is incorrect because Semi-Annual Enterprise Channel has a release frequency twice a year.
Option B is incorrect because Monthly Enterprise Channel has the release frequency twice a year.
Option C is incorrect because there is no such weekly release frequency for any update channel.
Option D is correct because the release frequency is set to at least once a month for the Current Channel. It may be more as well.

Reference: https://docs.microsoft.com/en-us/deployoffice/overview-update-channels

Domain : Describe core Microsoft 365 services and concepts

Q15 : Which of the following needs to be checked to support Azure Virtual Desktop from an infrastructure perspective?

A. A Windows Server Active Directory in sync with Azure Active Directory
B. An Azure Active Directory
C. An Azure subscription parented to the same Azure AD tenant
D. All of these

Correct Answer: D

Explanation:

To support Azure Virtual Desktop, the infrastructure needs to have AAD, Windows server Active Directory synced with AAD and Azure subscription of the same AD tenant.

Option A is incorrect because only Windows Server Active Directory synced with AAD will not serve the purpose.
Option B is incorrect because only the Azure Active Directory will not support Azure Virtual Desktop.
Option C is incorrect because only an Azure subscription from the same AC tenant will not serve the purpose.
Option D is correct because all of the above will be required to support Azure Virtual Desktop from the infrastructure end.

Reference: https://docs.microsoft.com/en-us/azure/virtual-desktop/overview

Domain : Describe core Microsoft 365 services and concepts

Q16 : In which of the following packages Microsoft Viva Learning is completely included?

A. Microsoft Viva Insights
B. Microsoft 365 E3
C. Microsoft Viva Suite
D. O365 E1

Correct Answer: C

Explanation:

Course recommendations and progress tracking and integration with other partners are only present in Microsoft Viva Suite.

Option A is incorrect because Microsoft Viva Insights doesn’t contain all the integrations with learning management systems, course recommendations, and progress tracking features.
Option B is incorrect because Microsoft 365 E3 doesn’t contain all the integrations with learning management systems, course recommendations, and progress tracking features.
Option C is correct because Microsoft Viva Suite encompasses all the facilities of Microsoft Learning, which is yet not present in other packages.
Option D is incorrect because O365 E1 doesn’t contain all the integrations with learning management systems, course recommendations and progress tracking features.

Reference: https://www.microsoft.com/en-in/microsoft-viva/insights

Domain : Describe cloud concepts

Q17 : Cloud consumption model is based on:

A. OpEx
B. CapEx
C. Maintenance Expenditures
D. Fixed Expenditures

Correct Answer: A

Explanation:

Operational Expenditures( OpEx)  doesn’t include any up-front cost, as you pay for a service or product as you use it. Whatever the use, the user pays accordingly.

Option A is correct because Operational Expenditures( OpEx) accumulate only those costs which are on usage basis. Unlike CapEx, it doesn’t consist of any up-front costs.
Option B is incorrect because CapEx consists of huge up-front costs which is not followed by cloud architecture.
Option C is incorrect because Maintenance expenditures are only done for systems which are only used at the fullest. There is no need to purchase and manage costly infrastructure.
Option D is incorrect because Cloud follows a pay-as-per use model and not fixed expenses.

Reference: https://docs.microsoft.com/en-us/learn/modules/fundamental-azure-concepts/benefits-of-cloud-computing

Domain : Describe core Microsoft 365 services and concepts

Q18 : Viva Insights and Power BI Pro are available in

A. M365 E1
B. M365 E5
C. M365 E3
D. M365 F3

Correct Answer: B

Explanation:

M365 E5 consists and provides the Viva Insights and Power BI pro services to its customers.

Option A is incorrect because M365 E1 doesn’t provide the above services.
Option B is correct because M365 E5 provides the above advanced analytics services to its customers.
Option C is incorrect because M365 E3 doesn’t provide the above advanced analytics services.
Option D is incorrect because M365 F3 doesn’t provide the above advanced analytics services.

Reference: https://www.microsoft.com/en-in/microsoft-365/compare-microsoft-365-enterprise-plans

Domain : Describe core Microsoft 365 services and concepts

Q19 : M365 Admin Center helps the customers to

A. Create and manage users in your organization
B. Provide Billing Support
C. Manage existing domains, admin access, and migrate user mailboxes to M365
D. All of these

Correct Answer: D

Explanation:

M365 Admin center helps in creating and managing users, viewing and purchasing subscriptions, and also manages existing domains by providing admin access and other admin-oriented tasks.

Option A is incorrect because the M365 Admin center helps to create and manage users in your organization. The permission level or password reset requests are also executed. But this is not the only correct choice.
Option B is incorrect because the M365 Admin center provides Billing Support to the customers in viewing, purchasing and cancelling subscriptions. But this is not the only correct choice.
Option C is incorrect because the management of existing domains, providing admin access to new individuals and migration of email boxes are features of the M365 Admin Center. But this is not the only correct choice.
Option D is correct because all the above options are features of the M365 Admin center.

Reference: https://docs.microsoft.com/en-us/microsoft-365/admin/admin-overview/about-the-admin-center

Domain : Describe Microsoft 365 pricing and support

Q20 : As a Global Administrator in your organization, you need to provide a list of email accounts that should receive the following.
Automated billing notification for Microsoft 365 Subscription
Renewal Reminder for Microsoft 365 Subscription
What is the best way to achieve the above requirement?

A. Raise a Support Request with Microsoft Support
B. Navigate to MS 365 admin Center where you can find the options
C. Write an email to the technical account manager of Microsoft support
D. This can be achieved using Microsoft Teams UserVoice Site

Correct Answer: B

Explanation:

You can review and modify all billing aspects in the Microsoft 365 admin center including Billing notifications, where you can provide a list of email accounts of who should receive automated billing notifications and renewal reminders for the Microsoft 365 subscription.

Hence Option B is Correct. 
Global administrators will be able to achieve this using M 365 Admin center, hence reaching out to the MS Support team is not a suitable option. Hence Option A is Incorrect. 
Technical Account Manager (TAM) is a Business advisor from Microsoft to improve and manage service delivery to Microsoft’s clients. Reaching out to TAM is not a suitable option. Hence Option C is Incorrect.
UserVoice is used to improve services and submit feedback. Hence Option D is Incorrect. 

Reference: Explore bill management options – Learn | Microsoft Docs

Domain : Describe core Microsoft 365 services and concepts

Q21 : Employees need to connect with their team for shared content and resources. Also, employees need to
Track and stay updated on project status
Organize and co-author shared content
Connect to a Microsoft 365 group to access team resources
Which of the following is best suited?

A. Microsoft Yammer
B. Microsoft Intune
C. SharePoint Communication Site
D. SharePoint Team Site

Correct Answer: D

Explanation:

A SharePoint team site connects you and your team to shared content and resources. It also helps to track and stay updated about the project status, co-authoring of shared content, connection to M 365 group to access team resources etc. Hence Option D is Correct.
MS Yammer is an enterprise social networking service used for private communication within organizations. Hence Option A is Incorrect.
Intune is a cloud based service that lets you manage mobile devices, PCs, Apps Hence option B is Incorrect.
A SharePoint communication site used for broadcasting information to engage and inform broad audiences. Hence option C is Incorrect.

Reference: Use the SharePoint Team collaboration site template (microsoft.com)

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q22 : When you create an Azure AD tenant which of the following roles is assigned to you automatically?

A. Account Administrator
B. Azure AD Global Administrator
C. Service Administrator
D. Owner

Correct Answer: B

Explanation:

Azure AD Global Administrator role is automatically assigned to whoever created the Azure AD tenant. Global administrators can do all of the administrative functions. Hence option B is correct.
This classic subscription administrator role is conceptually the billing owner of a subscription and is not assigned automatically for the creator of the Azure AD tenant. Hence Option A is Incorrect.
Service Administrator roles also do not get assigned automatically and this role has the equivalent access of a user who is assigned the Owner role at the subscription scope. Hence Option C is Incorrect.
The owner role helps you manage all Azure resources, including access and this is not assigned for a Tenant creator automatically. Hence Option D is Incorrect.

Reference: What is Azure Active Directory? – Azure Active Directory | Microsoft Docs

Domain : Explain security, compliance, privacy, and trust in Microsoft 365

Q23 : Intune is available as

A. Standalone Azure service
B. M365 and M365 government
C. MDM in M365 with limited features
D. All of these

Correct Answer: D

Explanation:

Intune is available to the corporates or governments in the above ways possible with full or limited features.

Option A is incorrect because Intune can be available as a standalone Azure service.
Option B is incorrect because Intune can be available in M365 and government agencies.
Option C is incorrect because existing users in M365 can use it as part of Mobile Device management with limited features.
Option D is correct because Intune is available to the consumers and government agencies in the above ways, hence all of the above options are correct.

Reference: https://docs.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune

Domain : Describe Microsoft 365 pricing and support

Q24 : Under Fixed Lifecycle Policy, Non-security updates are not available during

A. Mainstream Support
B. Extended Support
C. Beyond End of Support
D. Extended Security Updates Program

Correct Answer: C

Explanation:

Non-security updates are not available after the end of support as part of the Fixed Lifecycle Policy.

Option A is incorrect because they are available during mainstream support.
Option B is incorrect because they are available during extended support.
Option C is correct because non-security updates are not available after the end of support as part of the Fixed Lifecycle Policy.
Option D is incorrect because they are not related to the ESU program, as it pertains to certain legacy Microsoft products past the end of support, including critical or important security updates.

Reference: https://docs.microsoft.com/en-us/lifecycle/policies/fixed

Domain : Describe core Microsoft 365 services and concepts

Q25 : Choose the option that has the ability to export logs in Yammer?

A. Network Administrators
B. Any member of Yammer
C. M 365 Global Administrators
D. SharePoint Administrator

Correct Answers: A and C

Explanation:

Option A is CORRECT because Network Administrators can export logs in yammer.
Option B is Incorrect because members cannot export logs as it is restricted to network administrators.
Option C is CORRECT because all Microsoft 365 global administrators are Yammer network administrators and network administrators can Export Logs in yammer.
Option D is Incorrect because SharePoint administrators do not have the ability to export logs in Yammer, they are dedicated to SharePoint related admin activities.

Reference: Microsoft 365 reporting features – Microsoft Service Assurance | Microsoft Docs

Summary

This MS-900 practice exam is designed for candidates who can demonstrate their knowledge on adopting cloud services and Software as a Service (SaaS) by implementing the Microsoft 365 cloud services. Hope you have enjoyed this blog post and learned the exam objectives through detailed explanations given for every question. Stay tuned for more updates on MS-900 exam!