Home » Microsoft Exams » MS-102: Microsoft 365 Administrator Expert Exam

MS-102: Microsoft 365 Administrator Expert Exam

325 Questions and Answers

Online exam practice tests for certification exams, university & college test prep

Preview real exam-style questions before you buy—see exactly what you're getting.
Free sample questions with detailed explanations • No signup required.

⚡ Instant Download   •   ⭐ 4.8/5 Student Rating   •   Trusted by 10,000+ Learners   •   Exam-aligned content   •  

MS-102 Microsoft 365 Administrator Expert Practice Exam

The MS-102: Microsoft 365 Administrator Expert Exam is a globally recognized certification designed for IT professionals who want to validate their skills in managing Microsoft 365 environments. This exam measures your ability to deploy, configure, secure, and monitor Microsoft 365 services and enterprise workloads. It’s ideal for administrators responsible for managing identity, security, compliance, and supporting Microsoft 365 core services.

By earning the Microsoft 365 Administrator Expert certification, you demonstrate deep expertise in administering cloud-based solutions, ensuring secure collaboration, managing users and licenses, implementing policies, and maintaining business continuity across Microsoft services like Exchange, Teams, SharePoint, and OneDrive.

On Prep Pool, we offer a comprehensive and up-to-date MS-102 practice exam specifically designed to help you master all exam objectives with confidence. Each question mirrors the real exam format and is crafted to test your understanding of Microsoft 365 technologies in real-world scenarios. Whether you’re preparing for your first attempt or brushing up before recertification, our practice test equips you with the knowledge and experience needed to pass.

What You Will Learn

Through this practice exam, you’ll gain in-depth understanding of:

  • Microsoft 365 tenant management, including configuration and lifecycle planning

  • Identity and access management using Azure Active Directory

  • Security and compliance features like data loss prevention (DLP), insider risk, and Microsoft Purview

  • Service health monitoring, incident response, and change management

  • Deployment and management of core services like Exchange Online, SharePoint Online, Teams, and Intune

  • Governance, reporting, and licensing strategies for enterprise-level organizations

Our exam content is structured to help you think like a Microsoft 365 administrator—not just memorize facts. Every question is followed by a detailed explanation so you can reinforce key concepts, understand why a particular answer is correct, and fill knowledge gaps as you go.

Key Topics Covered

The MS-102 exam practice test on includes all major areas such as:

  • Deploying and managing Microsoft 365 tenants and subscriptions

  • Managing identity and roles using Azure AD and hybrid identity solutions

  • Implementing and managing security and compliance solutions

  • Managing and maintaining Microsoft 365 core services

  • Configuring policies for data retention, classification, and information protection

  • Monitoring service health and investigating issues

Our question sets are aligned with the latest Microsoft exam guide and frequently updated to reflect real-world changes in Microsoft 365 services. This ensures you are learning the most current technologies and practices.

Why Choose Our MS-102 Practice Exam Questions?

At PrepPool, our goal is to help you pass your certification exams efficiently and confidently. Our practice exams are created by subject matter experts with real industry experience. You’ll get access to expertly written multiple-choice questions, real exam scenarios, and answer explanations that actually teach you, not confuse you.

Whether you’re looking to validate your skills, advance in your career, or prepare for a job interview in cloud administration, our MS-102 practice exam is your ideal resource. Start preparing today and take one step closer to becoming a Microsoft 365 Certified Administrator Expert.

Sample Questions and Answers

1.
Which Microsoft 365 service provides protection against advanced threats like zero-day malware and phishing?
A) Microsoft Defender for Endpoint
B) Microsoft Intune
C) Microsoft Teams
D) Microsoft Power BI

Answer: A) Microsoft Defender for Endpoint
Explanation: Microsoft Defender for Endpoint is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats, including zero-day malware and phishing attacks.


2.
You need to configure Microsoft 365 so that users can only access corporate data from compliant devices. Which service should you use?
A) Microsoft Defender for Office 365
B) Azure AD Conditional Access
C) Microsoft Teams policies
D) Microsoft Power Automate

Answer: B) Azure AD Conditional Access
Explanation: Azure AD Conditional Access policies allow you to control access to resources based on device compliance, location, user risk, and more.


3.
What is the maximum retention period for Microsoft 365 retention policies?
A) 1 year
B) 5 years
C) 7 years
D) Unlimited

Answer: D) Unlimited
Explanation: Microsoft 365 retention policies can be configured for an unlimited retention period to meet various compliance requirements.


4.
Which tool is used to manage Microsoft 365 tenant-wide roles and licenses?
A) Microsoft Endpoint Manager
B) Microsoft 365 admin center
C) Exchange Admin Center
D) Microsoft PowerShell

Answer: B) Microsoft 365 admin center
Explanation: The Microsoft 365 admin center is the primary web interface used to manage tenant roles, licenses, and users.


5.
You want to ensure that all email sent from your organization uses DKIM to improve email authentication. What should you configure?
A) SPF records only
B) DKIM signing in Exchange Online
C) DMARC policies only
D) Microsoft Defender policies

Answer: B) DKIM signing in Exchange Online
Explanation: DKIM (DomainKeys Identified Mail) signing is configured in Exchange Online to cryptographically sign outbound emails, helping prevent spoofing.


6.
Which Microsoft 365 service allows you to create and enforce data loss prevention (DLP) policies?
A) Microsoft Teams
B) Microsoft Defender for Identity
C) Microsoft Purview Compliance Portal
D) Microsoft Power BI

Answer: C) Microsoft Purview Compliance Portal
Explanation: The Microsoft Purview Compliance Portal is used to create and manage DLP policies across Microsoft 365 services to protect sensitive information.


7.
What is the PowerShell module required to manage Microsoft Teams?
A) AzureAD
B) MicrosoftTeams
C) MSOnline
D) ExchangeOnlineManagement

Answer: B) MicrosoftTeams
Explanation: The MicrosoftTeams PowerShell module is used to manage Teams-specific settings and policies.


8.
You want to prevent users from sharing files externally in OneDrive and SharePoint. What is the recommended way?
A) Disable sharing in Azure AD
B) Configure sharing policies in the SharePoint admin center
C) Disable user accounts
D) Block guest access in Teams

Answer: B) Configure sharing policies in the SharePoint admin center
Explanation: Sharing policies in the SharePoint admin center control external sharing settings for both SharePoint and OneDrive.


9.
Which Microsoft 365 feature helps you automate responses to phishing attacks?
A) Microsoft Defender for Office 365 Threat Explorer
B) Microsoft Endpoint Manager
C) Azure AD Identity Protection
D) Power Automate

Answer: A) Microsoft Defender for Office 365 Threat Explorer
Explanation: Threat Explorer allows you to investigate and automate responses to email threats like phishing.


10.
Which tool is used for migrating email from an on-premises Exchange environment to Exchange Online?
A) Azure AD Connect
B) Microsoft Endpoint Manager
C) Exchange Online Migration Service
D) Microsoft Teams Admin Center

Answer: C) Exchange Online Migration Service
Explanation: The Exchange Online Migration Service supports various migration methods, including cutover, staged, and hybrid migrations.


11.
You want to enforce multi-factor authentication (MFA) for all users accessing Microsoft 365. Which feature should you configure?
A) Security Defaults
B) Exchange Transport Rules
C) Microsoft Defender for Identity
D) Microsoft Information Protection

Answer: A) Security Defaults
Explanation: Security Defaults in Azure AD provide an easy way to enforce MFA and basic security measures across all users.


12.
Which Microsoft 365 feature allows administrators to monitor the health and performance of Microsoft 365 services?
A) Microsoft Endpoint Manager
B) Microsoft 365 Service health dashboard
C) Microsoft Defender for Endpoint
D) Azure AD Connect

Answer: B) Microsoft 365 Service health dashboard
Explanation: The Service health dashboard provides real-time info about Microsoft 365 services’ status and incidents.


13.
Which protocol does Microsoft 365 use for secure email transport?
A) HTTP
B) SMTP with TLS
C) FTP
D) Telnet

Answer: B) SMTP with TLS
Explanation: SMTP with TLS is used to secure email in transit between mail servers in Microsoft 365.


14.
You need to delegate management of certain Microsoft 365 groups to a user without giving them global admin rights. What role should you assign?
A) Global Reader
B) Groups Administrator
C) Compliance Administrator
D) Security Reader

Answer: B) Groups Administrator
Explanation: The Groups Administrator role allows delegated management of Microsoft 365 groups without full admin privileges.


15.
Which Microsoft 365 compliance tool helps identify sensitive data across the tenant?
A) Azure Sentinel
B) Microsoft Purview Data Classification
C) Microsoft Endpoint Manager
D) Microsoft Power Platform

Answer: B) Microsoft Purview Data Classification
Explanation: Data Classification helps discover, classify, and protect sensitive information within Microsoft 365.


16.
To synchronize on-premises identities to Azure AD, which tool must be installed?
A) Azure AD Connect
B) Microsoft Endpoint Manager
C) Microsoft Teams Admin Center
D) Microsoft Defender for Identity

Answer: A) Azure AD Connect
Explanation: Azure AD Connect synchronizes on-premises Active Directory accounts with Azure Active Directory.


17.
What is the minimum number of global administrators recommended for a Microsoft 365 tenant?
A) 1
B) 2
C) 3
D) 5

Answer: B) 2
Explanation: Having at least two global administrators provides redundancy and ensures management continuity.


18.
Which Microsoft 365 security feature helps protect accounts from brute force attacks?
A) Azure AD Password Protection
B) Microsoft Defender for Endpoint
C) Microsoft Information Protection
D) Microsoft Teams Policies

Answer: A) Azure AD Password Protection
Explanation: Azure AD Password Protection prevents users from selecting weak or compromised passwords.


19.
You want to create a Microsoft 365 compliance policy that applies only to users in the finance department. What attribute should you use to target users?
A) Department attribute in Azure AD
B) User principal name
C) Job title
D) Email address

Answer: A) Department attribute in Azure AD
Explanation: Using Azure AD attributes like Department allows targeted policies for specific user groups.


20.
Which license type is required for Microsoft 365 E5 Security features?
A) Microsoft 365 E3
B) Microsoft 365 E5
C) Microsoft 365 Business Basic
D) Office 365 F3

Answer: B) Microsoft 365 E5
Explanation: E5 licenses include advanced security and compliance features not available in E3 or lower.


21.
How do you enforce data encryption for emails sent to external users?
A) Enable Microsoft Information Protection encryption policies
B) Disable external sharing
C) Configure Transport Rules for encryption in Exchange Online
D) Block external emails

Answer: C) Configure Transport Rules for encryption in Exchange Online
Explanation: Transport rules can be set to automatically encrypt outbound emails based on conditions like recipient domain.


22.
Which Microsoft 365 service supports automatic device enrollment for mobile devices?
A) Microsoft Defender for Endpoint
B) Microsoft Endpoint Manager (Intune)
C) Azure AD Connect
D) Microsoft Teams

Answer: B) Microsoft Endpoint Manager (Intune)
Explanation: Intune supports automatic enrollment and management of mobile devices for compliance and security.


23.
Which feature allows you to monitor and control third-party app access to Microsoft 365 data?
A) Azure AD App Proxy
B) Azure AD Conditional Access
C) Microsoft Cloud App Security (MCAS)
D) Microsoft Endpoint Manager

Answer: C) Microsoft Cloud App Security (MCAS)
Explanation: MCAS provides visibility and control over cloud app usage, including third-party integrations.


24.
You want to limit Teams meetings to only users within your organization. What setting should you configure?
A) Teams meeting policies to disable external participants
B) Microsoft Defender for Office 365
C) Azure AD Conditional Access
D) Exchange Online Transport Rules

Answer: A) Teams meeting policies to disable external participants
Explanation: Teams meeting policies can restrict meetings so only internal users can join.


25.
Which PowerShell cmdlet is used to assign a license to a Microsoft 365 user?
A) Set-MsolUser
B) Set-MsolUserLicense
C) New-MsolUser
D) Add-MsolGroupMember

Answer: B) Set-MsolUserLicense
Explanation: Set-MsolUserLicense assigns or modifies licenses for users in Microsoft 365 via PowerShell.


26.
Which Microsoft 365 compliance tool can create audit logs and reports on user activities?
A) Microsoft Endpoint Manager
B) Microsoft Purview Audit (formerly Office 365 Audit Log)
C) Microsoft Defender for Identity
D) Azure AD Connect

Answer: B) Microsoft Purview Audit
Explanation: Purview Audit logs track user and admin activities for compliance and investigation.


27.
Which Microsoft 365 feature protects data at rest within Exchange Online mailboxes?
A) BitLocker encryption
B) Microsoft Information Protection (MIP)
C) Data Loss Prevention (DLP)
D) Transport Layer Security (TLS)

Answer: B) Microsoft Information Protection (MIP)
Explanation: MIP classifies and encrypts data stored in Exchange Online to ensure data protection at rest.


28.
Which Microsoft 365 tool allows admins to recover deleted Teams and Channels?
A) Microsoft Endpoint Manager
B) Microsoft Teams Admin Center
C) Microsoft Purview Compliance Portal
D) Azure AD Connect

Answer: B) Microsoft Teams Admin Center
Explanation: The Teams Admin Center provides recovery options for deleted teams and channels within retention periods.


29.
You want to enable self-service password reset for all users. What is the minimum license requirement?
A) Azure AD Free
B) Azure AD Premium P1
C) Microsoft 365 Business Basic
D) Microsoft 365 E3

Answer: B) Azure AD Premium P1
Explanation: Self-service password reset with write-back requires Azure AD Premium P1 licensing.


30.
Which Microsoft 365 feature helps to prevent data leakage via email by detecting sensitive information?
A) Exchange Online Protection (EOP)
B) Data Loss Prevention (DLP)
C) Azure AD Conditional Access
D) Microsoft Teams policies

Answer: B) Data Loss Prevention (DLP)
Explanation: DLP policies scan emails for sensitive information types and enforce protection actions like blocking or encrypting.

Exam-Ready Practice Access
MS-102: Microsoft 365 Administrator Expert Exam
Real exam-style questions • Clear explanations • Confidence-focused preparation
$19.99
Get Instant Access
Secure checkout • Instant access • Free updates
One-time purchase • No subscription