ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 3 question 9 discussion

Actual exam question from Microsoft's MS-100
Question #: 9
Topic #: 3
[All MS-100 Questions]

You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
In the tenant, you create a user named User1.
You need to ensure that User1 can publish retention labels from the Security & Compliance admin center. The solution must use the principle of least privilege.
To which role group should you add User1?

  • A. Security Administrator
  • B. Records Management
  • C. Compliance Administrator
  • D. eDiscovery Manager
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by ZakS at Dec. 9, 2019, 2:07 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
examxe
Highly Voted 5 years, 5 months ago
The answer is correct and the ref should be https://docs.microsoft.com/en-gb/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-to-assigned-roles Records Management Role Group has the role Retention Management and is less priviliged than compliance admin so the correct answer
upvoted 36 times
...
[Removed]
Highly Voted 4 years, 10 months ago
Answer: C Explanation Members of your compliance team who will create retention labels need permissions to the Security & Compliance Center. By default, your tenant admin has access to this location and can give compliance officers and other people access to the Security & Compliance Center, without giving them all of the permissions of a tenant admin. To do this, we recommend that you go to the Permissions page of the Security & Compliance Center, edit the Compliance Administrator role group, and add members to that role group. Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/labels#permissions
upvoted 18 times
donathon
4 years, 7 months ago
I went into the SCC and confirmed that Records Management only have the RecordManagement role and does not have the permissions to modify labels.
upvoted 1 times
Requi3m
3 years, 9 months ago
The question only asks what role is neede to PUBLISH retention labels, not create or modify them. Members of Records Management can configure retention labels, so surely publishing them should be possible.
upvoted 2 times
...
...
...
DeLoc
Most Recent 2 years, 3 months ago
Selected Answer: B
The "Records Management" role allows users to create, configure, and manage retention labels and policies.
upvoted 3 times
...
Startkabels
2 years, 5 months ago
Selected Answer: B
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-worldwide#role-groups-in-the-defender-and-compliance-portals Members can configure all aspects of records management, including retention labels and disposition reviews.
upvoted 2 times
...
Partylad
2 years, 7 months ago
States Which Role Group, there is no Records Management Role group, can create a new Role group and just add this Role but that's not what is asked so the given answer appears correct to me
upvoted 1 times
Partylad
2 years, 7 months ago
ignore this just found the role group for records management
upvoted 3 times
...
...
JhonnyBe
2 years, 7 months ago
Selected Answer: C
Correct answer
upvoted 1 times
...
mmraouf
2 years, 8 months ago
The Answer is correct: C https://learn.microsoft.com/en-us/microsoft-365/compliance/get-started-with-data-lifecycle-management?view=o365-worldwide#permissions-for-retention-policies-and-retention-labels
upvoted 1 times
...
Debadatta
2 years, 8 months ago
Selected Answer: B
Records Management Members can configure all aspects of records management, including retention labels and disposition reviews. https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-worldwide
upvoted 2 times
...
ovd
2 years, 8 months ago
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-data-lifecycle-management?view=o365-worldwide - Compliance Administrator admin role group (Ok) - new role group and add the Retention Management role to this group (not Ok)
upvoted 1 times
...
Cebsiej_28
2 years, 8 months ago
least privilege is Records Management, so the answer is B.
upvoted 2 times
...
Sweethaven
2 years, 10 months ago
Do your research, Answer is C! There is no specific ‘records manager’ role in Microsoft 365. The closest in terms of functionality is the Compliance admin role that includes several several sub-roles including ‘RecordManagement’, ‘Disposition Management’ and ‘Retention Management’. Answer C, you cannot assign a records management role to a user so there :)
upvoted 1 times
RenegadeOrange
2 years, 9 months ago
Uhm, did you read the article below? The answer is B = Records Management. Records Management: Members can configure all aspects of records management, including retention labels and disposition reviews. I just went into the Microsoft Purview portal and added a user as a member of the Records Management role. So There :)
upvoted 2 times
...
...
RazielLycas
3 years, 3 months ago
Selected Answer: B
Records Management is the ones with less privilege "Members can configure all aspects of records management, including retention labels and disposition reviews." ref: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-worldwide
upvoted 4 times
...
VictorPCS
3 years, 3 months ago
Selected Answer: B
Least privilege so should be B
upvoted 2 times
...
davem90
3 years, 6 months ago
I tested this and a user assigned to Records Management role has the necessary permissions to create and publish retention labels. So answer is B, following the least privilege principle.
upvoted 3 times
...
tejb
3 years, 8 months ago
o grant permissions for this limited administration, we recommend that you add users to the Compliance Administrator admin role group. Alternatively to using this default role, you can create a new role group and add the Retention Management role to this group. For a read-only role, use View-Only Retention Management. Source: https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-retention?view=o365-worldwide#permissions-required-to-create-and-manage-retention-policies-and-retention-labels
upvoted 1 times
...
Rlcky
3 years, 8 months ago
The solution must use the principle of least privilege, B is the answer.
upvoted 3 times
...
Vizsgazo1
3 years, 8 months ago
records management: Additionally, retention labels support records management for email and documents across Microsoft 365 apps and services. You can use a retention label to mark items as a record. https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide#permissions
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel