ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-101 All Questions

View all questions & answers for the MS-101 exam
Go to Exam

Exam MS-101 topic 3 question 44 discussion

Actual exam question from Microsoft's MS-101
Question #: 44
Topic #: 3
[All MS-101 Questions]

HOTSPOT -
You have a document in Microsoft OneDrive that is encrypted by using Microsoft Azure Information Protection as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protection
by Jake1 at May 18, 2021, 4:41 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jake1
Highly Voted 4 years, 1 month ago
Answers are correct. When a document or email is protected by a Rights Management service, it is encrypted at rest and in transit. It can then be decrypted only by authorized users
upvoted 18 times
jkklim
3 years, 7 months ago
both are 30 days. External users can also access. You can try sending an encrypted emai to your personal external email and you are able to open this
upvoted 4 times
ajna_
3 years, 3 months ago
Not sure if you are correct. For the second answer, the external user will not be able to access this document because he is not in the user permissions list. So, I agree with Jake1.
upvoted 2 times
...
...
...
JT19760106
Highly Voted 3 years, 5 months ago
Answers are correct: Open 30 Days after copying to Internet Connected Computer Guest cannot open. Permissions have been granted for all users in the M36x901434.onmicrosoft.com domain as Co-Owner. There's no permissions assigned for external users.
upvoted 6 times
...
jonny_sins
Most Recent 1 year, 10 months ago
Answer is not correct. It is very correct, most straightforward question I've seen from microsoft in a while jesus bejeus i hate them
upvoted 1 times
...
TimNov
2 years, 11 months ago
Agree with Jake1
upvoted 2 times
...
AZalan
3 years, 2 months ago
Answer is Correct: https://docs.microsoft.com/en-us/previous-versions/azure/information-protection/configure-policy-protection To specify the users you want to be able to open protected documents and emails, select Add permissions. Then on the Add permissions pane, select the first set of users and groups who will have rights to use the content that will be protected by the selected label: Choose Select from the list where you can then add all users from your organization by selecting Add <organization name> - All members. This setting excludes guest accounts. Or, you can select Add any authenticated users, or browse the directory. Some typical scenarios for the any authenticated users setting: You don't mind who views the content, but you want to restrict how it is used. For example, you do not want the content to be edited, copied, or printed. You don't need to restrict who accesses the content, but you want to be able to track who opens it and potentially, revoke it. You have a requirement that the content must be encrypted at rest and in transit, but it doesn't require access controls.
upvoted 1 times
...
OneplusOne
3 years, 5 months ago
Answers are correct, only users in the same org can work with the file. https://kartikkopalleblog.files.wordpress.com/2019/07/31-1.png?w=625 https://kartikkopalle.com/2019/12/02/document-protection-with-azure-information-protection-ad-hoc-permissions/
upvoted 2 times
...
[Removed]
3 years, 5 months ago
Why should the user outside of the organization be able to decrypt/open the doc? Permission is only assigned for the tenants URL. Agree with Jake, I think the answers are correct.
upvoted 2 times
...
jkklim
3 years, 6 months ago
30d each If you protect an email with an Office document attachment to a user who doesn't have an account in Azure AD, the authentication method changes. The Azure Rights Management service is federated with some popular social identity providers, such as Gmail. If the user's email provider is supported, the user can sign in to that service and their email provider is responsible for authenticating them. If the user's email provider is not supported, or as a preference, the user can apply for a one-time passcode that authenticates them and displays the email with the protected document in a web browser.
upvoted 2 times
...
Chris_Rock
3 years, 9 months ago
Both are 30 days. Why would an external user 'can open document'? he/she can open the document for up to 30 days also. Answer is 30D and 30D
upvoted 3 times
Turak64
3 years, 8 months ago
They won't be an authorised user
upvoted 1 times
[Removed]
3 years, 7 months ago
If the external user's company uses Azure AD, they still get authenticated: https://docs.microsoft.com/en-us/azure/information-protection/faqs-rms#when-i-share-a-protected-document-with-somebody-outside-my-company-how-does-that-user-get-authenticated
upvoted 3 times
AVR31
2 years, 11 months ago
Yes, an external user will be authenticated but the policy states very clearly who can access the document. There is a domain specified there and only users from that domain will be able to open the document.
upvoted 2 times
...
AlexBa
3 years, 6 months ago
"If" is never a solution for certification so here we don't know so the external user don't have access to file.
upvoted 6 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel