28% OFF Automatically For You
Microsoft 365 Mobility and Security
1.Topic 1, Contoso, Ltd
Contoso, Ltd. is a consulting company that has a main office in Montreal and two
branch offices in Seattle and New York.
The company has the employees and devices shown in the following table.
Contoso recently purchased a Microsoft 365 E5 subscription.
The network contains an on-premises Active Directory forest named contoso.com.
The forest contains the servers shown in the following table.
All servers run Windows Server 2016. All desktops and laptops run Windows 10
Enterprise and are joined to the domain.
The mobile devices of the users in the Montreal and Seattle offices run Android. The
mobile devices of the users in the New York office run iOS.
The domain is synced to Azure Active Directory (Azure AD) and includes the users
shown in the following table.
The domain also includes a group named Group1.
Contoso plans to implement the following changes:
• Implement Microsoft 365.
• Manage devices by using Microsoft Intune.
• Implement Azure Advanced Threat Protection (ATP).
• Every September, apply the latest feature updates to all Windows computers. Every
March, apply the latest feature updates to the computers in the New York office only.
Contoso identifies the following technical requirements:
• When a Windows 10 device is joined to Azure AD, the device must enroll in Intune
• Dedicated support technicians must enroll all the Montreal office mobile devices in
• User1 must be able to enroll all the New York office mobile devices in Intune.
• Azure ATP sensors must be installed and must NOT use port mirroring.
• Whenever possible, the principle of least privilege must be used.
• A Microsoft Store for Business must be created.
Contoso identifies the following compliance requirements:
• Ensure that the users in Group1 can only access Microsoft Exchange On