ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-101 All Questions

View all questions & answers for the MS-101 exam
Go to Exam

Exam MS-101 topic 2 question 19 discussion

Actual exam question from Microsoft's MS-101
Question #: 19
Topic #: 2
[All MS-101 Questions]

You have a Microsoft 365 subscription.
You need to be notified if users receive email containing a file that has a virus.
What should you do?

  • A. From the Exchange admin center, create a spam filter policy.
  • B. From the Security & Compliance admin center, create a data governance event.
  • C. From the Security & Compliance admin center, create an alert policy.
  • D. From the Exchange admin center, create a mail flow rule.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
You can create alert policies to track malware activity and data loss incidents. We've also included several default alert policies that help you monitor activities such as assigning admin privileges in Exchange Online, malware attacks, phishing campaigns, and unusual levels of file deletions and external sharing.
The Email messages containing malware removed after delivery default alert generates an alert when any messages containing malware are delivered to mailboxes in your organization.
Incorrect answers:
A: A spam filter policy includes selecting the action to take on messages that are identified as spam. Spam filter policy settings are applied to inbound messages.
B: A data governance event commences when an administrator creates it, following which background processes look for content relating to the event and take the retention action defined in the label. The retention action can be to keep or remove items, or to mark them for manual disposition.
D: You can inspect email attachments in your Exchange Online organization by setting up mail flow rules. Exchange Online offers mail flow rules that provide the ability to examine email attachments as a part of your messaging security and compliance needs. However, mail flow rules are not used to detect malware in emails.
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies
by Prianishnikov at April 6, 2021, 9:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Prianishnikov
Highly Voted 4 years, 2 months ago
C. From the Security & Compliance admin center, create an alert policy.
upvoted 15 times
...
Jake1
Highly Voted 4 years, 2 months ago
You can create an alert for infected email messages sent to users in your organization via the S&C Admin center. Answer is correct.
upvoted 5 times
...
Fala_Fel
Most Recent 2 years, 5 months ago
Selected Answer: C
But now (Jan 2023) in 365 Defender > Email & Collaboration > Policies & Rules > Alert Policy.... I suppose in the exam look for 'alert policy' I
upvoted 1 times
...
F_M
3 years, 10 months ago
Answer is correct! If you're trying to replicate this on your tenant, you must have Microsoft Defender for Office365 enabled! Otherwise you won't see the related activity in the list to create the alert.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel