ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-900 All Questions

View all questions & answers for the MS-900 exam
Go to Exam

Exam MS-900 topic 1 question 270 discussion

Actual exam question from Microsoft's MS-900
Question #: 270
Topic #: 1
[All MS-900 Questions]

An organization uses Microsoft 365 Business to secure their data.
Many users install the organization's data on their personal tablets and phones.
You need to protect the organization's data stored on users' devices.
Which three features support device security? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Remotely wiping company data
  • B. Enabling Advanced Threat Protection for users
  • C. Disabling the device remotely
  • D. Automatically deleting files after 90 days of inactivity
  • E. Requiring users to have a PIN on their device
Show Suggested Answer Hide Answer
Suggested Answer: ABE 🗳️
by zlert at March 19, 2021, 3:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
dlwPieter
2 months, 3 weeks ago
Selected Answer: ABE
Answer is correct
upvoted 1 times
...
Sergio_G_S
4 months ago
Selected Answer: ADE
Do experts really review the answers?
upvoted 1 times
...
alessandro2039
7 months, 2 weeks ago
Selected Answer: ADE
Pin is specifically required because you can enable app protection policies that require the phone pin when accessing certain apps. E.g. Opening the business outlook or one drive will require the phone pin to launch the app. This is managed via App policy in O365
upvoted 1 times
...
Murtuza
1 year, 5 months ago
Agree it A, D and E
upvoted 2 times
...
youngjanpawel
1 year, 6 months ago
Selected Answer: ABE
A. Remotely wiping company data: This feature allows administrators to remotely wipe company data from a device that is lost or stolen to prevent unauthorized access. E. Requiring users to have a PIN on their device: This feature ensures that the device is protected by a password or PIN, making it harder for unauthorized users to access data on the device. B. Enabling Advanced Threat Protection for users: This feature provides an additional layer of security against advanced threats such as phishing attacks, malware, and ransomware.
upvoted 3 times
TypeRR
1 year, 4 months ago
I think B is secure for the user, not for the device. So the answer should be ADE.
upvoted 2 times
...
...
JayLearn2022
1 year, 7 months ago
A. Remotely wiping company data: • "Wipe a mobile device in Intune": https://docs.microsoft.com/en-us/mem/intune/protect/wipe-device C. Disabling the device remotely: • "Disable or delete a mobile device in Intune": https://docs.microsoft.com/en-us/mem/intune/protect/disable-delete-device E. Requiring users to have a PIN on their device: • "Device compliance settings in Microsoft Intune": https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started
upvoted 1 times
JayLearn2022
1 year, 7 months ago
Overall, the most relevant features for protecting the organization's data stored on users' devices are A, C, and E. A. Remotely wiping company data: This feature is a part of Microsoft Intune, which is a mobile device management (MDM) solution included in Microsoft 365 Business. It allows an organization to wipe company data from a user's device remotely. C. Disabling the device remotely: This feature is also a part of Microsoft Intune, which allows an organization to remotely disable a user's device if it is lost or stolen. E. Requiring users to have a PIN on their device: This feature can be enforced using Microsoft Intune's device compliance policies. It allows an organization to enforce a password or PIN requirement on a user's device, which can help protect company data if the device is lost or stolen.
upvoted 2 times
JayLearn2022
1 year, 7 months ago
B. Enabling Advanced Threat Protection for users: This feature is not directly related to device security, but it can help protect against malware and other threats that could potentially compromise a user's device. D. Automatically deleting files after 90 days of inactivity: This feature can be enforced using Microsoft 365 retention policies, which are used to automatically delete or retain content based on certain criteria. However, it does not directly relate to device security.
upvoted 1 times
JayLearn2022
1 year, 7 months ago
My Mistake, The answer ADE is correct because these three features support device security in Microsoft 365 Business: For Employee owned devices Disabling a device would not be valid A. Remotely wiping company data - this feature allows administrators to remotely wipe company data from a device in case the device is lost, stolen, or if an employee leaves the organization. D. Automatically deleting files after 90 days of inactivity - this feature allows administrators to set a policy for automatically deleting files after a specified period of inactivity. This ensures that sensitive company data is not left on an unattended device for extended periods. E. Requiring users to have a PIN on their device - this feature enforces a security policy that requires users to set a PIN or password on their devices. This adds an extra layer of security to the device, making it more difficult for unauthorized users to access company data.
upvoted 3 times
...
...
...
NoursBear
6 months, 3 weeks ago
I don't think you'd want to disable personally owned devices remotely lol. Wiping company data yes for sure
upvoted 1 times
...
...
KakTak
1 year, 11 months ago
Selected Answer: ADE
I would go for A, D and E because disabling is not an option and ATP is not an option as well. You cannot disable private device and ATP is just protection against malware etc...
upvoted 1 times
...
KakTak
1 year, 11 months ago
ABE is the right one.
upvoted 3 times
...
msstanci_111
2 years, 2 months ago
https://techcommunity.microsoft.com/t5/small-and-medium-business-blog/protecting-devices-with-microsoft-365-business/ba-p/1264877
upvoted 1 times
...
Zergio
2 years, 10 months ago
A.C.E. Option D would not provide any protection for the company files on a recently stolen device. I would rather choose option C as the disabling device will stop a suspected user from authentification under corporate credentials.
upvoted 2 times
Mikmok
2 years, 9 months ago
My friend, the question is about Personal Devices. This is key in the question you cannot wipe personal devices that are not registered in INtune.
upvoted 6 times
jcgm1990
2 years, 3 months ago
My friend, personal devices are registered, otherwise you cannot do any of those actions
upvoted 1 times
...
...
...
syu31svc
3 years, 4 months ago
https://docs.microsoft.com/en-us/microsoft-365/business/security-features?view=o365-worldwide: "These settings include deleting files from an inactive device after a set period, encrypting work files, requiring that users set a PIN, and so on." ADE
upvoted 3 times
...
spainvasion
3 years, 6 months ago
can you not disable the device from intune as well???
upvoted 2 times
tobbba
2 years, 9 months ago
cant disable personal devices
upvoted 1 times
...
...
Gerardo1971
3 years, 6 months ago
Correct A,D,E
upvoted 1 times
...
Rezerestibeiro27
3 years, 7 months ago
Il go with given answer looks fine.
upvoted 2 times
...
TMW
3 years, 7 months ago
I think this one is correct. you can remotely wipe the data, you can request users have a PIN Answers A and E "Advanced Threat Protection is a security solution that defends against complex malware or hacking attacks that target sensitive data within an organization" - Ans B is out https://docs.microsoft.com/en-us/defender-for-identity/what-is "These settings include deleting files from an inactive device after a set period, encrypting work files, requiring that users set a PIN, and so on" https://docs.microsoft.com/en-us/microsoft-365/business/security-features?view=o365-worldwide A,D, and E
upvoted 4 times
...
zlert
3 years, 7 months ago
BDE, A is not a feature...
upvoted 1 times
maaten
3 years, 6 months ago
Yes it is, with Intune
upvoted 2 times
wando5000
2 years, 5 months ago
If the device is registered with Intune; The Wipe action restores a device to its factory default settings. The user data is kept if you choose the Retain enrollment state and user account checkbox. Otherwise, all data, apps, and settings will be removed. Wipes all MDM Policies. Keeps user accounts and data. Resets user settings back to default. Resets the operating system to its default state and settings. I dont think you want to do this with a personal device? A wipe is useful for resetting a device before you give the device to a new user, or when the device has been lost or stolen. Be careful about selecting Wipe. Data on the device cannot be recovered. This level of device wipe follows a standard file delete process, rather than a low-level delete.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago