Correct Answer: Microsoft Defender XDR (formerly Microsoft 365 Defender)
Explanation: Defender XDR integrates threat detection across endpoints, emails, identities, and cloud applications, providing real-time monitoring and automated security responses.

Correct Answer: Azure AD Privileged Identity Management (PIM)
Explanation: PIM enforces just-in-time (JIT) privileged access, requiring administrators to request access and get approval before using elevated privileges.

Correct Answer: Microsoft Endpoint Manager with Conditional Access
Explanation: Endpoint Manager (Intune) with Conditional Access enforces device compliance policies, ensuring that only secure, managed devices access Microsoft 365.

Correct Answer: Microsoft Purview Message Encryption
Explanation: Purview Message Encryption ensures emails are encrypted based on policies while allowing external recipients to securely reply via a secure web portal.

Correct Answer: Passwordless Authentication with Azure AD
Explanation: Passwordless Authentication (via Windows Hello, FIDO2 keys, or Microsoft Authenticator) enhances security while reducing user friction by eliminating passwords altogether.

Correct Answer: Microsoft Purview Audit
Explanation: Purview Audit logs all sign-in attempts, allowing administrators to investigate failed logins and potential attacks.

Correct Answer: Azure AD Privileged Identity Management
Explanation: Privileged Identity Management (PIM) provides just-in-time access and monitoring to prevent admin account compromise.

Correct Answer: Microsoft Endpoint Manager App Protection Policies
Explanation: App Protection Policies ensure corporate data stays within managed apps, preventing copy-paste or screenshot capture.

Correct Answer: Microsoft Defender for Office 365
Explanation: Defender for Office 365 includes safe links, phishing detection, and security monitoring for Teams messages.

Correct Answer: Azure AD Conditional Access with Risk-Based Policies
Explanation: Conditional Access Risk-Based Policies automatically enforce restrictions on users with high-risk login activity.

Correct Answer: Microsoft Purview Retention Policies
Explanation: Retention policies ensure data is preserved for legal or compliance reasons, even if a user deletes it.

Correct Answer: Microsoft Defender for Cloud Apps
Explanation: Defender for Cloud Apps provides shadow IT detection, blocks unauthorized apps, and enforces security policies.

Correct Answer: Microsoft Purview Data Loss Prevention (DLP)
Explanation: DLP policies can automatically encrypt or block emails containing sensitive data, such as financial records.

Correct Answer: Microsoft Purview Insider Risk Management
Explanation: Purview Insider Risk Management identifies risky user behavior, such as data exfiltration or suspicious activity, using AI-based analysis.

Correct Answer: Microsoft Secure Score
Explanation: Secure Score provides a risk-based security assessment with actionable recommendations to enhance Microsoft 365 security.

Correct Answer: Microsoft Purview Information Protection
Explanation: Purview Information Protection applies sensitivity labels to shared files, restricting download, copy, and print permissions.

Correct Answer: Azure AD Identity Protection
Explanation: Azure AD Identity Protection automatically detects risky sign-ins and can enforce multi-factor authentication (MFA) or block access.

Correct Answer: Microsoft Sentinel
Explanation: Microsoft Sentinel is a cloud-native SIEM that ingests Microsoft 365 security alerts and enables automated incident response.

Correct Answer: Multi-Geo Capabilities
Explanation: Multi-Geo Capabilities allow organizations to store data in specific geographical locations to comply with local regulations.

Correct Answer: Conditional Access
Explanation: Conditional Access enables organizations to enforce risk-based access policies, integrating with Defender for Cloud Apps for real-time security actions.