Microsoft MS-700 Managing Teams Exam Dumps and Practice Test Questions Set 12 Q 166-180
Visit here for our full Microsoft MS-700 exam dumps and practice test questions.
Question 166:
You are configuring a Teams meeting policy. Users must be prevented from using virtual backgrounds during meetings. What should you configure in the meeting policy?
A) Video filters mode
B) Allow IP video
C) Media bit rate
D) Allow video in meetings
Answer: A
Explanation:
Microsoft Teams provides extensive policy controls for managing meeting experiences, including visual effects and virtual backgrounds that users can apply during video calls. Understanding the specific policy settings that control different aspects of video functionality is essential for implementing governance that balances user experience with organizational requirements. Some organizations restrict virtual backgrounds for security, professionalism, or bandwidth considerations.
Video filters mode is the policy setting that specifically controls virtual backgrounds and other video effects in Teams meetings. This setting has multiple options: AllFilters allows users to use all video effects including background blur and virtual backgrounds; BackgroundBlurOnly restricts users to only background blur while preventing custom virtual backgrounds; NoFilters disables all video filters including both blur and virtual backgrounds; and BackgroundBlurOnlyWithDefaultImages allows blur and Microsoft-provided backgrounds but blocks custom images.
To prevent users from using virtual backgrounds as required in the scenario, you would set the video filters mode to either BackgroundBlurOnly, which still allows users to blur their background for privacy but prevents virtual backgrounds, or NoFilters, which disables all effects entirely. The choice between these options depends on whether your organization wants to allow background blur as a privacy feature while preventing virtual backgrounds, or whether all video effects should be blocked.
The video filters mode setting operates at the policy level, meaning you can apply different restrictions to different user groups through policy assignment. For example, you might allow executives to use all filters including virtual backgrounds for external meetings while restricting other employees to background blur only. This granular control enables balancing different needs across the organization while maintaining consistent governance within each user group.
Virtual background restrictions are enforced by the Teams client, which checks the user’s assigned meeting policy when they attempt to enable video effects. If the policy prohibits the attempted effect, the option appears grayed out or unavailable in the user interface. This client-side enforcement provides immediate feedback to users about what’s permitted under their policy without requiring server-side processing during meetings.
B is incorrect because Allow IP video is a policy setting that controls whether video can be used at all in meetings, not whether specific video effects like virtual backgrounds are permitted. Disabling IP video would prevent users from using their cameras entirely, which is far more restrictive than the requirement to simply prevent virtual backgrounds. Users would lose all video capability rather than just losing background effects.
C is incorrect because Media bit rate controls the maximum bandwidth allocated for audio and video streams in meetings, affecting quality and network consumption rather than what visual effects users can apply. Adjusting media bit rate impacts video resolution and smoothness but has no relationship to virtual backgrounds or video filters. This setting addresses network performance optimization, not video effect governance.
D is incorrect because Allow video in meetings is a broader policy setting that enables or disables video capability entirely in meetings, similar to Allow IP video. Disabling this setting would prevent users from turning on their cameras at all, which exceeds the requirement. The scenario only asks to prevent virtual backgrounds while presumably allowing normal video, making this an inappropriate and overly restrictive option.
Question 167:
You manage Teams for an organization with 5,000 users. You need to create a team that includes all users in the Sales department. The team membership must automatically update as users join or leave the department. What type of team should you create?
A) Dynamic membership team
B) Org-wide team
C) Private team with PowerShell script
D) Public team with manual membership
Answer: A
Explanation:
Microsoft Teams provides different team types designed for various organizational scenarios and membership management requirements. Understanding these team types and their membership management capabilities is essential for implementing Teams structures that remain accurate as organizational changes occur. Large departments particularly benefit from automated membership management that eliminates manual administration overhead and ensures teams accurately reflect current organizational structure.
Dynamic membership teams use Azure Active Directory dynamic group functionality to automatically determine team membership based on user attributes. When you create a dynamic membership team, you define membership rules using expressions that evaluate user properties such as department, job title, location, or custom attributes. The system automatically adds or removes users from the team as their attributes change to match or not match the membership rules.
For the scenario described, you would create a dynamic membership team with a membership rule targeting the department attribute. The rule would be something like user.department equals «Sales», which would automatically include all users whose department attribute is set to Sales in Azure AD. When new employees join the Sales department and their user account is configured with department equals Sales, they’re automatically added to the team. When employees leave or transfer to other departments, they’re automatically removed.
Dynamic membership eliminates the administrative burden of manually managing large team memberships. For a 5,000-user organization with a substantial sales department, manually adding and removing members as organizational changes occur would be time-consuming and error-prone. Dynamic membership ensures the team roster always reflects current reality without requiring administrators to monitor departmental changes and update team membership accordingly.
The membership evaluation for dynamic groups occurs on a schedule, typically processing changes within minutes to hours depending on the size of the organization and current system load. This near-real-time updating ensures that new team members gain access to team resources quickly after joining the department, and departed members lose access appropriately. The automated process is more reliable and timely than manual processes that depend on administrators receiving and acting on change notifications.
B is incorrect because org-wide teams are automatically created to include all users in the organization, not users from a specific department. An org-wide team would include all 5,000 users across all departments rather than just Sales department members. Additionally, org-wide teams are limited to organizations with 10,000 or fewer users and are intended for company-wide communication rather than departmental collaboration.
C is incorrect because while you could create a private team and use PowerShell scripts to periodically update membership based on department attribute queries, this approach requires custom script development, scheduled execution infrastructure, and ongoing maintenance. It’s also less reliable than native dynamic membership because updates only occur when scripts run rather than continuously. This represents a custom workaround rather than using built-in functionality designed specifically for this scenario.
D is incorrect because public teams with manual membership management require administrators or team owners to manually add and remove members as departmental changes occur. This approach is labor-intensive, error-prone, and does not meet the requirement for automatic updates. Manual membership management is appropriate for small teams with stable membership but impractical for large departmental teams in organizations with regular personnel changes.
Question 168:
You are configuring Teams calling policies. Users in the Finance department must be prevented from making international calls. All other users should be able to make international calls. What should you configure?
A) Calling policy with call forwarding settings
B) Outbound call restriction policy
C) Call park policy
D) Voice routing policy with PSTN usage restrictions
Answer: D
Explanation:
Microsoft Teams Phone System provides comprehensive policy controls for managing calling capabilities including detailed restrictions on what types of calls users can make. Understanding the policy architecture for controlling calling permissions is essential for implementing appropriate governance that prevents unauthorized use while enabling legitimate business communication. Organizations commonly need to restrict international calling for cost control while allowing it for roles that require global communication.
Voice routing policy with PSTN usage restrictions is the mechanism for controlling what types of calls users can make in Teams Phone System. Voice routing policies define which PSTN usages are available to users, and PSTN usages are associated with voice routes that specify which destination patterns are permitted. By creating a voice routing policy that includes only PSTN usages configured for domestic calling and assigning it to Finance department users, you prevent them from placing international calls.
The implementation involves creating PSTN usages that define different calling scopes such as domestic-only, North America, or international. Voice routes are then configured with destination number patterns and associated with appropriate PSTN usages. For example, a domestic-only PSTN usage would be associated with routes matching patterns like +1[2-9]XXXXXXXXX for US numbers. Users assigned a voice routing policy containing only domestic PSTN usages cannot complete calls to international destinations because no routes match those patterns.
For the Finance department, you would create a voice routing policy that includes only domestic PSTN usages and assign this policy to Finance users. For all other users, you would use a different voice routing policy that includes both domestic and international PSTN usages, allowing them to call any destination. This differential policy assignment provides the granular control needed to restrict some users while enabling others based on business requirements.
When a user attempts to place a call, Teams evaluates their assigned voice routing policy to determine which voice routes are available. If the dialed number doesn’t match any route pattern permitted by the user’s policy, the call fails with an error message indicating the destination cannot be reached. This enforcement happens before the call attempt reaches the PSTN, preventing both unauthorized calls and associated charges.
A is incorrect because calling policy with call forwarding settings controls features like whether users can forward calls, configure simultaneous ring, or use voicemail, not what destinations they can call. Call forwarding policies manage how incoming calls are handled and routed rather than restricting outbound calling capabilities. These policies don’t provide the granular control over call destinations required to prevent international calling.
B is incorrect because while «outbound call restriction policy» might sound like the correct answer, this is not an actual policy type in Microsoft Teams. The term doesn’t correspond to a real Teams policy category. The actual mechanism for restricting outbound calls based on destination is through voice routing policies and PSTN usages, which control call routing and destination reachability.
C is incorrect because call park policy controls the call park feature that allows users to place calls on hold and retrieve them from different devices or locations. Call park policies manage features related to parking calls, such as timeout periods and pickup ranges, but have no relationship to restricting what destinations users can call. This policy addresses call handling features rather than calling permissions.
Question 169:
You are deploying Microsoft Teams Rooms devices in conference rooms. The devices must automatically check for updates and install them outside of business hours. What should you configure?
A) Windows Update policy
B) Teams device configuration profile
C) Microsoft Teams admin center device settings
D) Group Policy Object
Answer: C
Explanation:
Microsoft Teams Rooms devices require specialized management approaches that differ from managing standard Windows endpoints or Teams client software. These dedicated conference room devices run a customized Windows version and Teams Rooms application that requires specific update management to ensure reliability while minimizing disruption to meeting room availability. Understanding where and how to configure Teams Rooms device settings is essential for maintaining healthy conference room infrastructure.
Microsoft Teams admin center device settings provide centralized management for Teams Rooms devices including update management configuration. In the Teams admin center under Devices and then Teams Rooms, administrators can configure settings that control when and how devices check for and install updates. These settings specifically address Teams Rooms software updates for both the Teams Rooms application and the underlying Windows operating system components.
The update settings in Teams admin center allow you to configure maintenance windows that specify when devices can install updates. You can define these windows to occur outside business hours, such as overnight or on weekends, ensuring conference rooms remain available during working hours. The system automatically checks for updates, downloads them in the background, and installs them during the configured maintenance windows without requiring manual intervention.
Teams Rooms devices receive updates through Windows Update for Business channels specifically designed for these appliances. The Teams admin center configuration controls how these devices interact with the update service, including deferral periods, installation timing, and restart behavior. This centralized management ensures consistent update policies across all Teams Rooms devices in the organization without requiring individual device configuration or visits to each conference room.
The configuration applies automatically to Teams Rooms devices through their connection to the Teams service and Azure AD. When devices check in with the service, they receive their assigned configuration profiles including update settings. This cloud-based management enables administrators to control hundreds of conference room devices from a single interface, ensuring they remain updated and secure while respecting room availability requirements.
A is incorrect because while Teams Rooms devices run Windows and do receive updates through Windows Update infrastructure, standard Windows Update policies designed for PCs don’t provide the Teams Rooms-specific controls needed for managing conference room devices. Teams Rooms devices require specialized update management that considers room scheduling, maintenance windows, and application-specific requirements that generic Windows Update policies don’t address.
B is incorrect because while device configuration profiles exist in Microsoft Endpoint Manager for managing mobile devices and PCs, Teams Rooms devices are managed through the Teams admin center rather than Intune device configuration profiles. The device configuration profile terminology might suggest mobile device management, but Teams Rooms devices use their own management infrastructure within the Teams admin center designed specifically for collaboration devices.
D is incorrect because Group Policy Objects are on-premises Active Directory mechanisms for managing Windows computers, and they’re not the recommended or most effective way to manage cloud-connected Teams Rooms devices. Modern Teams Rooms deployments leverage cloud-based management through the Teams admin center and Azure AD rather than traditional on-premises GPOs. While technically possible to apply some GPOs to Teams Rooms devices, this approach doesn’t provide the specialized controls available through native Teams Rooms management.
Question 170:
You manage Teams for a global organization. Users in different regions must be able to create teams, but team names must follow a naming convention that includes a three-letter region code prefix. What should you implement?
A) Teams naming policy with prefix requirements
B) Azure AD group naming policy
C) PowerShell script to rename teams
D) Teams template with predefined names
Answer: B
Explanation:
Microsoft Teams team creation involves Azure Active Directory group creation because every team has an underlying Microsoft 365 group that provides identity, membership, and permissions infrastructure. Understanding this relationship between Teams and Azure AD groups is essential for implementing governance policies that control how teams are created and named. Naming policies that enforce organizational standards must be implemented at the Azure AD level to be effective for Teams.
Azure AD group naming policy allows administrators to enforce naming conventions for groups created by users across Microsoft 365 services including Teams. The policy can mandate prefixes, suffixes, or both based on user attributes or organizational requirements. For the scenario described, you would configure an Azure AD group naming policy that requires a prefix based on the user’s location or region attribute, automatically ensuring all teams include the appropriate three-letter region code.
The naming policy can use both fixed strings and dynamic attributes. For regional prefixes, you might configure the policy to use the user’s country, state, or a custom attribute that contains the region code. When a user creates a team, the system automatically prepends the appropriate prefix based on the creating user’s attributes. For example, a user in the Americas region might have teams automatically prefixed with «AMR-«, while European users get «EUR-«, ensuring consistent naming without requiring users to remember conventions.
The policy also supports blocking specific words or patterns in group names, preventing users from creating teams with inappropriate, confusing, or conflicting names. Combined with prefix requirements, this comprehensive naming governance ensures teams follow organizational standards while preventing common naming problems. The policy applies regardless of how teams are created—through the Teams client, Teams admin center, PowerShell, or APIs—ensuring consistent enforcement.
When users create teams, the naming policy is enforced in real-time. The Teams client shows a preview of the final team name including the automatic prefix as users type, providing immediate feedback about what the team will be called. If users attempt to use blocked words or patterns, they receive error messages explaining the policy violation. This user experience helps users understand naming standards and create appropriately named teams on the first attempt.
A is incorrect because there is no separate «Teams naming policy» distinct from Azure AD group naming policy. Since Teams relies on Microsoft 365 groups, naming governance is implemented through Azure AD group policy, which applies to Teams because of this underlying group relationship. The terminology «Teams naming policy» might seem intuitive but doesn’t correspond to an actual separate policy mechanism in the Microsoft 365 admin center.
C is incorrect because PowerShell scripts to rename teams after creation is a reactive rather than preventive approach that doesn’t enforce naming standards at creation time. Users could create teams with non-compliant names, use them for periods before scripts run, and then experience disruption when names change. This approach also requires custom script development, scheduled execution, and handling of naming conflicts, making it complex and less user-friendly than native policy enforcement.
D is incorrect because Teams templates provide predefined channel structures, app configurations, and settings for newly created teams but do not enforce naming conventions. While templates can suggest a naming pattern or include placeholder text, they cannot mandate prefixes based on user attributes or prevent users from changing suggested names. Templates standardize team structure and configuration but don’t provide the governance controls needed for naming enforcement.
Question 171:
You are configuring guest access in Teams. External users must be able to participate in team channels and meetings but should not be able to create new teams. What should you configure?
A) Guest access settings in Teams admin center
B) External access settings in Teams admin center
C) Azure AD B2B collaboration settings
D) Teams policy for guest users
Answer: A
Explanation:
Microsoft Teams provides different mechanisms for collaborating with external users, and understanding the distinction between guest access and external access is critical for implementing appropriate external collaboration capabilities. Guest access allows external users to be added as members of teams where they can participate fully in channels, chat, meetings, and file collaboration. External access provides basic chat and calling between organizations but without team membership.
Guest access settings in the Teams admin center control what capabilities guest users have when they’re members of teams in your organization. These settings include whether guests can create, update, or delete channels; whether they can chat; whether they can participate in meetings; and whether they can create new teams. The ability to disable team creation for guests while allowing channel participation and meeting attendance makes guest access settings the correct configuration point for this scenario.
The guest access configuration page in Teams admin center provides granular controls over guest capabilities. The setting specifically relevant to this scenario is the ability to allow guests to create, update, and delete channels, and separately, whether guests can create teams. By enabling guest access, allowing channel and meeting participation, but ensuring the team creation option is disabled for guests, you achieve exactly the requirements described—guests participate fully in existing teams but cannot create new teams.
Guest users are actual Azure AD B2B guest identities added to your tenant, which means they appear in your directory and can be assigned to teams and resources like internal users. However, guest access settings apply specifically to these guest identities, allowing you to restrict their capabilities compared to member users. This approach provides the security and governance benefits of limiting external user capabilities while enabling the collaboration benefits of including external partners in your teams.
It’s important to note that guest access must be enabled both at the organizational level in Teams admin center and at the individual team level. Team owners can control whether their specific teams allow guests, providing an additional layer of control. However, the capabilities guests have once added to teams—including whether they can create new teams—are controlled by the organizational guest access settings that apply uniformly to all guest users.
B is incorrect because external access settings control federation with other organizations for chat and calling but do not provide team membership or channel participation capabilities. External access allows users from other organizations to chat with your users and join meetings, but external access users are not guests in your teams and cannot access team channels or files. External access is for basic communication, not the deeper collaboration that guest access enables.
C is incorrect because Azure AD B2B collaboration settings control whether guest users can be invited to your tenant and what restrictions apply to their accounts, but these settings don’t specifically control Teams capabilities like channel participation or team creation. While B2B settings are prerequisites for guest access to work, the specific Teams capabilities that guests have are controlled through Teams admin center guest access settings, not directly through Azure AD.
D is incorrect because while Teams policies can control various capabilities, the specific governance around guest users and their ability to create teams is controlled through the guest access settings rather than through standard Teams policies. Teams policies primarily target internal users and control features like messaging, calling, and meeting capabilities. Guest-specific controls are centralized in the guest access configuration area of Teams admin center.
Question 172:
You need to prevent users from installing third-party apps in Teams. Pre-approved Microsoft apps should still be available. What should you configure?
A) App permission policy
B) App setup policy
C) Teams update policy
D) Messaging policy
Answer: A
Explanation:
Microsoft Teams extensibility through apps, bots, tabs, and connectors provides powerful capabilities for integrating third-party services and custom solutions into the collaboration environment. However, this extensibility also introduces security, compliance, and governance considerations as users might install apps that haven’t been vetted by IT. Understanding the policy mechanisms that control app availability and installation is essential for balancing extensibility benefits with organizational security requirements.
App permission policy is the Teams admin center policy type that controls which apps users can install and use in Teams. These policies allow administrators to specify whether users can access Microsoft apps, third-party apps published in the Teams app store, and custom apps developed specifically for the organization. For each category, administrators can allow all apps, block all apps, or allow specific apps while blocking others.
For the scenario described, you would configure an app permission policy that allows all Microsoft apps but blocks third-party apps. The policy settings include separate controls for Microsoft apps and third-party apps, allowing this differential treatment. You would set Microsoft apps to «Allow all» while setting third-party apps to «Block all apps» or potentially «Allow specific apps and block all others» if you want to permit selected pre-approved third-party applications.
App permission policies can be applied to different user groups, enabling scenarios where some users like developers or advanced users have broader app access while typical users have restricted access. You might create one policy for general users that blocks third-party apps and another policy for IT staff that allows all apps for evaluation and testing purposes. This flexibility enables appropriate governance that matches organizational roles and responsibilities.
The enforcement of app permission policies occurs when users attempt to browse or install apps through the Teams app store interface. Apps that are blocked by policy don’t appear in the store for affected users, preventing installation. If apps were previously installed before policy changes, they may be disabled or removed depending on the policy configuration, ensuring policy compliance even for apps installed before restrictions were implemented.
B is incorrect because app setup policy controls which apps are automatically installed and pinned for users when they start Teams, not which apps users are permitted to install. App setup policies help standardize the Teams environment by pre-installing approved apps and organizing them in the app bar, but they don’t provide the security controls needed to prevent users from installing unapproved apps. Users can still manually install other apps unless restricted by app permission policy.
C is incorrect because Teams update policy controls how the Teams client application itself receives updates, including update ring assignment and whether users receive preview features. Update policies manage the Teams software version and feature rollout, not app installation permissions. This policy type doesn’t relate to third-party app governance or security controls.
D is incorrect because messaging policy controls chat and channel messaging features like editing messages, deleting messages, using chat, creating urgent messages, and similar communication capabilities. Messaging policies govern how users communicate within Teams but have no relationship to app installation or third-party app permissions. These policies address user communication behavior rather than extensibility governance.
Question 173:
You manage Teams for an organization that must comply with regulatory requirements to retain all chat messages for seven years. Deleted messages must remain accessible to compliance officers. What should you implement?
A) Retention policy with preservation lock
B) Teams messaging policy
C) Litigation hold on all users
D) Sensitivity labels
Answer: A
Explanation:
Organizations subject to regulatory requirements around data retention must implement solutions that preserve communication records for specified periods while preventing premature deletion. Microsoft Teams generates significant communication data through chats and channel messages that may constitute business records requiring preservation. Understanding the compliance features available in Microsoft 365 for Teams content is essential for meeting legal and regulatory obligations.
Retention policies in the Microsoft 365 compliance center allow organizations to specify how long content should be retained and what happens at the end of the retention period. For Teams, retention policies can target chat messages and channel messages separately, specifying retention periods and whether content should be deleted or just retained after the period expires. A retention policy configured for seven years ensures that Teams chat messages are preserved for this duration regardless of user actions.
The preservation aspect of retention policies is critical for compliance scenarios. When a retention policy is in effect, messages that users delete from their chat history are not actually removed from the system—they’re moved to a hidden preservation folder that remains accessible to compliance administrators through eDiscovery tools. This ensures that even if users delete messages intentionally or accidentally, the organization maintains the required records for the full retention period.
Preservation lock is an optional retention policy feature that prevents the policy from being modified or deleted once enabled. When a retention policy has a preservation lock applied, even global administrators cannot shorten the retention period, disable the policy, or delete content covered by the policy. This immutability ensures that once data is committed to a retention period, it will definitely be preserved for that duration, providing the strongest possible guarantee for regulatory compliance.
For the seven-year retention scenario with deleted messages remaining accessible, you would create a retention policy specifying a seven-year retention period for Teams chat and channel messages, configure it to retain content even if deleted, and optionally apply a preservation lock to ensure the policy cannot be weakened. Compliance officers can then use Content Search or eDiscovery tools in the compliance center to find and review retained messages, including those users deleted, ensuring complete access to communication records throughout the retention period.
B is incorrect because Teams messaging policy controls messaging features like editing, deleting, chat, and prioritizing messages, but it does not provide data retention or compliance capabilities. While messaging policy can prevent users from deleting messages they’ve sent, this doesn’t constitute compliance-grade retention that preserves content in a searchable repository accessible to compliance officers. Messaging policies affect user experience, not data lifecycle management.
C is incorrect because litigation hold is an Exchange Online feature designed primarily for mailbox content preservation in legal scenarios. While litigation hold can preserve some Teams data stored in Exchange (like meeting recordings), it’s not the appropriate comprehensive solution for Teams chat and channel message retention. Retention policies specifically designed for Teams provide more appropriate and complete coverage for Teams communication content.
D is incorrect because sensitivity labels are used to classify and protect content based on sensitivity level, applying encryption, access restrictions, and markings to documents and emails. While sensitivity labels are important for data protection, they do not provide retention capabilities or prevent deletion. Labels can work in conjunction with retention policies, but labels alone don’t retain content or make deleted messages accessible to compliance officers.
Question 174:
You are configuring a Teams calling solution. Users must be able to place and receive calls using their existing direct phone numbers. The solution must integrate with the existing on-premises PBX system. What should you implement?
A) Direct Routing
B) Microsoft Calling Plan
C) Operator Connect
D) Teams Phone Mobile
Answer: A
Explanation:
Microsoft Teams Phone System provides enterprise calling capabilities, but organizations have different requirements for how they connect to the public switched telephone network and manage phone numbers. Some organizations have existing telecommunications infrastructure including on-premises PBX systems and relationships with carriers that they want to preserve while adopting Teams for collaboration and calling. Understanding the different PSTN connectivity options available for Teams Phone is essential for choosing the approach that aligns with organizational requirements and existing investments.
Direct Routing enables organizations to connect Teams Phone System to their existing telephony infrastructure by routing calls through Session Border Controllers that bridge between Teams and the existing PBX or PSTN connectivity. With Direct Routing, the organization maintains its existing phone numbers through its current carrier, integrates with existing PBX systems if desired, and has complete control over call routing, trunking, and carrier relationships while gaining Teams calling capabilities.
The architecture of Direct Routing involves deploying certified Session Border Controllers either on-premises or in Azure, configuring them to communicate with Microsoft Teams Phone System, and defining voice routing policies that determine how calls flow between Teams users and the PSTN or existing PBX. Organizations can implement various scenarios including connecting all Teams users directly to the PSTN through SBCs, connecting Teams users to an existing PBX system where the PBX handles PSTN connectivity, or hybrid approaches where some users are on Teams while others remain on the legacy PBX.
For the scenario described where users must use existing direct phone numbers and integrate with an existing on-premises PBX, Direct Routing provides the necessary flexibility. The SBC can be configured to route Teams calls through the existing PBX, allowing Teams users to call PBX users and vice versa. The existing phone numbers can be associated with Teams users through phone number assignment, enabling incoming calls to existing numbers to reach Teams users seamlessly.
Direct Routing requires more technical expertise and infrastructure compared to Calling Plans because the organization is responsible for SBC deployment, configuration, maintenance, and troubleshooting. However, this responsibility comes with flexibility and control that’s valuable for organizations with complex requirements, existing telephony investments, or specific carrier relationships they want to maintain. The solution enables modernizing to Teams calling while preserving elements of existing infrastructure that provide value or meet specific needs.
B is incorrect because Microsoft Calling Plan is a fully cloud-based PSTN connectivity solution where Microsoft acts as the carrier providing phone numbers and PSTN connectivity. Calling Plans don’t integrate with existing on-premises PBX systems and don’t support using existing phone numbers from other carriers—you must obtain new numbers from Microsoft or port existing numbers to Microsoft’s service. This approach is appropriate for organizations wanting a fully cloud-based solution but doesn’t meet the requirement to integrate with existing PBX infrastructure.
C is incorrect because Operator Connect is a Microsoft partner program where approved telecommunications carriers provide PSTN connectivity and phone numbers for Teams through direct integration with Teams Phone System. While Operator Connect allows using an existing carrier if they participate in the program, it doesn’t provide integration with on-premises PBX systems. Operator Connect is a carrier-managed cloud solution, not a hybrid solution that bridges to existing infrastructure.
D is incorrect because Teams Phone Mobile is a solution that enables using mobile phone numbers for Teams calling, integrating cellular service with Teams through carrier partnerships. This solution addresses the scenario of using mobile numbers for both cellular calls and Teams calls, providing a unified experience across devices. It doesn’t integrate with on-premises PBX systems or address the scenario of existing direct dial numbers in a traditional telephony environment.
Question 175:
You need to configure Teams so that users in the Marketing department can communicate via chat and calls with users in a partner organization. Users should not be able to see the partner organization’s directory. What should you configure?
A) External access with specific domain allowed
B) Guest access enabled
C) Shared channels
D) Azure AD B2B direct connect
Answer: A
Explanation:
Microsoft Teams provides multiple mechanisms for enabling collaboration with external organizations, each designed for different collaboration patterns and security requirements. Understanding the differences between these mechanisms is essential for implementing external collaboration that provides appropriate capabilities while maintaining security boundaries. Some scenarios require full integration where external users become guests in your environment, while others need lighter-weight communication without directory integration.
External access, also called federation, enables chat and calling between users in different organizations while maintaining complete separation of directories and tenants. When external access is configured, users can search for and communicate with users in external organizations using their full email addresses, but they cannot see the external organization’s directory or browse available users. This provides a secure communication channel while maintaining organizational boundaries and preventing information disclosure about the external organization’s structure or personnel.
For the scenario described where Marketing users need to communicate with a partner organization but should not see the partner’s directory, external access is the appropriate solution. You would configure external access in the Teams admin center to allow communication with the specific partner domain. Users can then add external contacts using email addresses and communicate through chat and calls, but the directory listing of the partner organization remains hidden and inaccessible.
External access configuration allows granular control over which external domains your users can communicate with. You can allow all external domains, allow only specific trusted domains, or block all external domains and then allow specific exceptions. For partner organizations, the common approach is to specifically allow known partner domains while blocking others, ensuring controlled external communication that aligns with business relationships and security policies.
The user experience with external access is straightforward but deliberately limited compared to guest access. Users add external contacts by typing their full email address in the search or new chat interface. Once added, they can chat and make calls, but they cannot add external users to teams, share files through Teams channels, or collaborate on SharePoint content. This limitation is intentional, providing communication capabilities without the deeper integration and potential security implications of full guest access.
B is incorrect because guest access would provide external users with visibility into team membership, channel lists, and other organizational information as they become members of teams. Guest users can browse team directories and see member lists, which violates the requirement that partner users should not see directory information. Guest access provides deeper integration than required and more information exposure than desired for this scenario.
C is incorrect because shared channels are a feature that allows creating channels accessible to users from external organizations without making them guests in teams, but users can still see information about the channel members and have deeper integration than basic chat and calling. Shared channels are appropriate for ongoing collaboration on specific projects but provide more capability and integration than the scenario requires. The requirement is specifically for chat and calls without directory visibility.
D is incorrect because Azure AD B2B direct connect is a technology that enables shared channel functionality by allowing external users to access resources in your organization using their home organization credentials. B2B direct connect supports shared channels but, like those channels, provides more integration and information sharing than the scenario requires. The focus on chat and calls without directory visibility makes external access the more appropriate lightweight solution.
Question 176:
You manage Teams for a healthcare organization that must comply with HIPAA regulations. Teams meetings that discuss patient information must be recorded and stored securely for compliance purposes. What should you implement?
A) Compliance recording policy
B) Meeting policy with automatic recording
C) Retention policy for Teams meetings
D) Teams recording storage in SharePoint
Answer: A
Explanation:
Healthcare organizations and other regulated industries face unique compliance requirements around communication recording, particularly when communications involve sensitive information subject to regulations like HIPAA, MiFID II, or other industry-specific mandates. Standard Teams recording capabilities where users manually start recordings don’t meet compliance requirements that mandate comprehensive capture of regulated communications. Understanding the difference between user-initiated recording and compliance-driven recording is essential for implementing solutions that meet regulatory obligations.
Compliance recording policy in Teams enables organizations to configure automatic recording of all calls and meetings for specific users based on regulatory or organizational requirements. When a compliance recording policy is applied to users, all their calls and meetings are automatically recorded regardless of whether participants manually start recording. These recordings are captured by compliance recording applications provided by Microsoft partners, which store recordings in specialized compliance repositories designed for tamper-proof retention and easy retrieval for audits or investigations.
The architecture of compliance recording involves integration with certified Microsoft partner solutions that provide recording, storage, and management capabilities designed specifically for regulated industries. These solutions capture both audio and video from Teams meetings and calls, along with metadata like participants, timestamps, and duration. The recordings are stored in compliance-grade repositories with appropriate security controls, access restrictions, and retention management to meet regulatory requirements.
For healthcare organizations under HIPAA, compliance recording ensures that all meetings discussing patient information are captured regardless of whether participants remember to manually start recording. The automatic nature removes dependency on user action, eliminating gaps in compliance coverage. The recordings can be accessed by compliance officers for quality assurance, training, dispute resolution, or responding to regulatory audits, while access controls ensure that only authorized personnel can review sensitive recorded content.
Implementing compliance recording requires both configuring Teams policies to enable compliance recording and deploying a certified partner solution to capture and store recordings. The Teams policy identifies which users are subject to compliance recording requirements, and the partner solution receives notification when these users join meetings, automatically capturing the content. This combination of policy configuration and specialized infrastructure provides the comprehensive compliance recording capabilities that regulated organizations require.
B is incorrect because meeting policy with automatic recording refers to the standard Teams recording feature that automatically starts cloud recording when meetings begin, but these recordings are stored in OneDrive or SharePoint and are accessible to meeting participants. This user-grade recording capability doesn’t provide the tamper-proof storage, access controls, or comprehensive coverage that compliance recording offers. Participants could potentially delete or modify recordings, which is unacceptable for compliance scenarios.
C is incorrect because retention policy for Teams meetings controls how long meeting chat messages and recordings are kept but does not actually create recordings or ensure meetings are recorded. Retention policies manage the lifecycle of content that exists, but they don’t cause meetings to be automatically recorded. A retention policy without recordings being created doesn’t meet the requirement for meetings to be recorded for compliance purposes.
D is incorrect because while Teams recordings can be stored in SharePoint, this refers to standard user-initiated recordings that don’t meet compliance requirements. The storage location alone doesn’t make recordings compliance-grade—what matters is whether recording is automatic, comprehensive, and stored in tamper-proof systems with appropriate controls. Standard SharePoint storage of user-initiated recordings doesn’t provide the specialized compliance recording infrastructure that regulated industries require.
Question 177:
You are configuring emergency calling for Teams Phone users. When users dial emergency services, their location must be automatically identified and provided to emergency dispatchers. What should you configure?
A) Emergency addresses with location identification
B) Network topology with trusted IP addresses
C) Calling policy with emergency call routing
D) Call park policy with emergency numbers
Answer: B
Explanation:
Emergency calling is a critical safety feature in any enterprise phone system, and Teams Phone System must be configured to ensure emergency calls reach appropriate services with accurate location information. In traditional office phone systems, location was relatively simple because phones had fixed locations associated with their physical connections. With modern IP telephony and mobile users, determining location requires more sophisticated mechanisms that identify where users are physically located based on network connectivity.
Network topology with trusted IP addresses enables Teams to dynamically determine user location by mapping IP subnets to physical locations. Administrators configure the network topology in Teams admin center by defining network sites, associating them with physical addresses, and specifying which IP address ranges correspond to each site. When users connect to Teams from these network locations, the system identifies their location and can automatically provide this information when they place emergency calls.
The implementation involves carefully mapping your organization’s network infrastructure including all office locations, buildings, floors, and the IP address ranges used in each location. For each network site, you define an emergency address that includes complete physical location information. When a Teams Phone user places an emergency call, the system checks their current IP address against the network topology, identifies the matching site, and provides the associated emergency address to the emergency services dispatcher through Enhanced 911 systems.
This dynamic location identification is critical for organizations with mobile users who work from different office locations. Unlike static phone systems where each phone has a permanent location, Teams Phone users might connect from different offices on different days. Network topology configuration ensures that regardless of which office they’re in, emergency calls include current location information. This capability can literally save lives by ensuring emergency responders reach the correct location quickly.
For remote workers and users outside the corporate network, the network topology approach doesn’t provide location information because their IP addresses don’t match corporate subnets. These users should be encouraged to manually update their emergency location through their Teams client settings, though this introduces risk of outdated information. Organizations often implement additional policies and communication to ensure remote workers maintain current emergency location information for their primary work locations.
A is incorrect because while emergency addresses are essential components of emergency calling configuration, simply configuring emergency addresses doesn’t automatically identify user locations. Emergency addresses define the possible locations, but without network topology configuration mapping IP addresses to these addresses, the system cannot determine which address applies to a specific user’s current location. Emergency addresses are necessary but not sufficient for automatic location identification.
C is incorrect because calling policy with emergency call routing controls behaviors like whether emergency calls are routed to security desk first or directly to emergency services, not how user locations are identified. Call routing policies manage the path emergency calls take through the system but don’t provide the location identification mechanism. These policies affect call handling workflows but rely on location having already been determined through network topology.
D is incorrect because call park policy manages the call park feature that allows placing calls on hold for retrieval from other phones, and has no relationship to emergency calling or location identification. This policy controls a feature for managing regular business calls and doesn’t interact with emergency calling systems at all. The policy name might be confused with emergency call handling but addresses a completely different capability.
Question 178:
You need to create a Teams template that includes specific channels, apps, and tabs for project teams. New project teams should be created from this template to ensure consistent structure. What should you use to create the template?
A) Teams admin center team templates
B) Azure AD group template
C) SharePoint site template
D) PowerShell with New-Team cmdlet
Answer: A
Explanation:
Organizations that frequently create teams with similar structures, channels, and apps benefit from standardization that ensures consistency, saves time, and incorporates organizational best practices. Rather than manually creating channels, adding apps, and configuring settings for each new team, templates allow creating preconfigured teams that include all standard elements. Understanding where and how to create Teams templates is essential for implementing this governance and efficiency capability.
Teams admin center team templates provide a built-in mechanism for creating reusable team structures that define channels, installed apps, tabs, settings, and other configurations. Administrators can create custom templates that reflect organizational needs, specifying exactly which channels should exist, what apps should be installed, which tabs should be added to channels, and what team settings should be configured. Users then create new teams by selecting a template, ensuring every team starts with the approved structure.
Creating a template in Teams admin center involves defining all the elements that should be included in teams created from the template. For project teams, you might include channels for Project Planning, Deliverables, Issues, and Lessons Learned; install apps like Planner, OneNote, and Forms; add tabs for project schedule, risk register, and status dashboard; and configure settings like moderation policies or guest access preferences. Once saved, the template appears as an option when users create new teams.
Templates improve both consistency and efficiency. Every project team starts with the same organizational structure, ensuring project managers and team members find familiar layouts regardless of which project they join. New teams are fully configured immediately upon creation rather than requiring manual setup work. Standard apps and tabs ensure all teams have access to approved tools configured correctly for project collaboration.
Template-based team creation also enforces governance by ensuring teams include appropriate structures and tools from inception. Rather than hoping users will configure teams correctly or spending time fixing inconsistent configurations, templates guarantee new teams align with organizational standards. IT administrators control template definitions while end users simply select appropriate templates when creating teams, balancing governance with user empowerment.
B is incorrect because Azure AD group templates don’t exist as a feature for preconfiguring Teams structures. While Microsoft 365 groups underlie Teams, there’s no group template mechanism that defines channels, apps, and tabs. Group naming policies and classification exist, but these don’t provide the structural configuration capabilities that Teams templates offer. Templates are specific to Teams and configured in Teams admin center.
C is incorrect because SharePoint site templates define SharePoint site structures including lists, libraries, pages, and navigation, but they don’t configure Teams elements like channels and installed apps. While each team has an associated SharePoint site, SharePoint templates and Teams templates are separate concepts addressing different layers of the collaboration stack. SharePoint templates don’t create Teams channels or install Teams apps.
D is incorrect because while PowerShell’s New-Team cmdlet can create teams and optionally specify channels and settings, this approach requires writing and maintaining scripts rather than using the built-in template functionality. PowerShell is more appropriate for programmatic team creation or bulk operations than for providing user-facing templates. Templates in Teams admin center provide a user-friendly interface where users select from predefined templates without needing technical knowledge or script execution.
Question 179:
You manage Teams for an educational institution. Teachers must be able to mute students during online classes, but students should not be able to unmute themselves until the teacher allows it. What should you configure in meeting policies?
A) Allow participants to give or request control
B) Automatically admit people
C) Who can present in meetings
D) Designated presenter role with audio permissions
Answer: D
Explanation:
Educational scenarios in Teams meetings often require different controls than typical business meetings, particularly around managing student participation and maintaining classroom order in virtual environments. Teachers need capabilities to manage large groups of students, control when students can speak, and maintain focus during instruction. Understanding the meeting policy settings that enable these classroom management capabilities is essential for supporting educational use cases in Teams.
The designated presenter role combined with audio permission settings provides the classroom management capabilities described in the scenario. In Teams meetings, organizers can configure who has presenter roles versus attendee roles, and these roles have different capabilities. By configuring meeting policies so that only teachers have presenter roles while students are attendees, and by configuring audio permissions that allow presenters to mute attendees who cannot unmute themselves, you implement the required classroom management controls.
The presenter role in Teams meetings provides elevated privileges including admitting participants from lobbies, sharing content, managing breakout rooms, and importantly for this scenario, controlling other participants’ audio. When meeting policies are configured to restrict audio permissions, presenters can mute attendees, and those attendees cannot unmute themselves without presenter permission. This gives teachers the control they need to maintain order during instruction while still being able to selectively allow students to speak when appropriate.
Teachers can use several approaches to manage student audio with these settings. They can mute all students at the start of class and unmute specific students when calling on them for questions or participation. They can allow students to raise hands through the meeting controls to request permission to speak, then unmute those students. For breakout room discussions, teachers can adjust permissions to allow students to unmute themselves in smaller group contexts while maintaining tighter control in the main class meeting.
These controls balance classroom management needs with educational effectiveness. Teachers need the ability to minimize disruptions and manage large groups of students who may not have experience with virtual meeting etiquette. However, the controls shouldn’t prevent legitimate student participation. The presenter role model with configurable audio permissions provides the flexibility to enforce control when needed while enabling participation when appropriate, supporting various pedagogical approaches and classroom scenarios.
A is incorrect because «allow participants to give or request control» refers to screen sharing controls where presenters can give control of shared content to other participants, not audio muting controls. This setting affects collaborative presentations where multiple people edit shared content but doesn’t provide the audio management capabilities needed for classroom scenarios. It addresses a different type of participant control focused on content rather than audio.
B is incorrect because «automatically admit people» controls whether participants wait in the lobby before joining or are automatically admitted to meetings. While lobby controls are important for meeting security and managing who attends, they don’t provide the in-meeting audio management capabilities required for muting students and controlling when they can speak. This setting affects meeting access, not audio permissions during meetings.
C is incorrect because while «who can present in meetings» does relate to presenter roles, this setting alone doesn’t provide the specific audio muting controls described in the scenario. The setting might control who has presenter capabilities, but the question specifically requires the ability to mute students who cannot unmute themselves, which requires the combination of presenter roles and specific audio permission configurations designed for scenarios like education.
Question 180:
You are implementing information barriers in Teams to prevent users in the Legal department from communicating with users in the Trading department. What must you configure before information barriers take effect?
A) Azure AD user attributes and information barrier policies
B) Teams communication compliance policies
C) Data loss prevention policies
D) Conditional access policies
Answer: A
Explanation:
Information barriers are compliance features designed to prevent communication and collaboration between specific groups of users when regulations, policies, or ethics requirements demand separation. Common in financial services, legal, and other regulated industries, information barriers help organizations prevent conflicts of interest, protect confidential information, and comply with regulatory frameworks that mandate separation between certain business functions. Understanding how information barriers work and what prerequisites must be met is essential for successful implementation.
Azure AD user attributes and information barrier policies work together to implement communication restrictions in Teams and other Microsoft 365 services. The implementation begins with ensuring users have appropriate attributes populated in Azure AD, such as department, company, or custom attributes that identify which group or segment each user belongs to. Information barrier policies then reference these attributes to define which segments should be blocked from communicating with each other.
For the scenario requiring separation between Legal and Trading departments, you would first ensure all users have their department attribute correctly populated in Azure AD—Legal department users with «Legal» and Trading department users with «Trading». You would then create information barrier segments defining these groups, such as a Legal segment containing users where department equals Legal and a Trading segment for Trading users. Finally, you would create information barrier policies specifying that Legal and Trading segments are blocked from communicating with each other.
Information barrier policies must be explicitly activated after creation before they take effect. After defining segments and policies, administrators run cmdlets to apply the policies, which triggers processing that can take several hours to complete for large organizations. During this processing, Teams and other services receive the policy information and begin enforcing restrictions. Users in restricted segments find that they cannot search for, chat with, call, or add users from blocked segments to teams or meetings.
The enforcement is comprehensive across Microsoft 365 services. Information barriers affect Teams chat and calling, email in Exchange Online, OneDrive sharing, SharePoint site membership, and other collaboration features. When users attempt to communicate with someone in a blocked segment, they receive error messages indicating the action isn’t permitted due to organizational policies. This consistent enforcement across services ensures that barriers are effective and that prohibited communications cannot occur through alternative channels within the platform.
B is incorrect because Teams communication compliance policies are used to detect policy violations in communications such as inappropriate language, sensitive information sharing, or harassment, typically triggering reviews by compliance officers. Communication compliance monitors and flags problematic communications but doesn’t prevent communications from occurring in the first place. It’s a detective control for reviewing communications, while information barriers are preventive controls that block communications entirely.
C is incorrect because data loss prevention policies identify and protect sensitive information in documents, emails, and chats by blocking sharing, applying encryption, or triggering policy tips, but they don’t prevent people from communicating with each other. DLP focuses on content protection based on what information is being shared, while information barriers focus on who can communicate with whom regardless of content. These are complementary but distinct compliance capabilities.
D is incorrect because conditional access policies control authentication and access to applications based on conditions like location, device compliance, sign-in risk, or user/group membership. Conditional access determines whether users can access services like Teams at all, but it doesn’t control who users can communicate with once authenticated and granted access. Conditional access is about identity-driven access control, while information barriers are about compliance-driven communication restrictions.