Microsoft MS-700 Managing Teams Exam Dumps and Practice Test Questions Set 3 Q 31-45

Visit here for our full Microsoft MS-700 exam dumps and practice test questions.

Question 31: 

You are the Teams administrator for your organization. Users report that they cannot share their screens during Teams meetings. You need to ensure that all users can share their screens. What should you configure?

A) Teams meeting policy

B) Teams messaging policy

C) Teams app setup policy

D) Teams calling policy

Answer: A

Explanation:

Teams meeting policy is the correct configuration for controlling screen sharing capabilities during Teams meetings. Meeting policies in Microsoft Teams define what features and capabilities are available to users before, during, and after meetings, including screen sharing permissions, recording options, video settings, and participant controls. The screen sharing settings within meeting policies allow administrators to enable or disable screen sharing functionality, specify who can share screens, and determine what types of content can be shared during meetings.

Screen sharing settings in Teams meeting policies provide granular control over sharing capabilities. The «Screen sharing mode» setting determines the scope of screen sharing permissions with options including «Entire screen» allowing users to share their complete desktop, «Single application» restricting sharing to individual application windows for enhanced privacy, or «Disabled» preventing screen sharing entirely. The «Allow a participant to give or request control» setting enables collaborative scenarios where presenters can grant attendees temporary control of shared screens for interactive demonstrations or troubleshooting. Additionally, meeting policies control whether external participants can share screens and whether users can share PowerPoint presentations through the dedicated PowerPoint Live feature providing enhanced presentation experiences.

Configuring meeting policies for screen sharing involves accessing the Teams admin center, navigating to Meetings and then Meeting policies, selecting the appropriate policy applied to affected users either the Global default policy or custom policies assigned to specific users or groups, and modifying the Content sharing section to enable screen sharing. The «Screen sharing mode» should be set to «Entire screen» or «Single application» rather than «Disabled» to allow screen sharing. Changes to meeting policies typically take effect within a few hours but may require up to 24 hours for complete propagation across all clients. Users may need to sign out and back into Teams for policy changes to apply immediately.

Meeting policies support flexible deployment strategies for different organizational requirements. Organizations can create multiple meeting policies with varying screen sharing permissions for different user groups, such as allowing full screen sharing for internal meetings while restricting external meeting participants to view-only mode. Policy assignment can be based on user groups, departments, or security requirements enabling role-based access control for meeting features. Integration with sensitivity labels allows automatic application of sharing restrictions based on meeting content classification. Meeting policies also control related features including meeting recording, live captions, meeting chat, and Q&A functionality providing comprehensive meeting experience management.

A is correct as explained above. Teams meeting policies control screen sharing capabilities during meetings.

B is incorrect because Teams messaging policies govern chat and messaging features including deleting sent messages, editing sent messages, using chat, reading receipts, URL previews, translating messages, and using immersive reader, but they do not control meeting-specific features like screen sharing. Messaging policies affect 1-on-1 chats, group chats, and channel conversations outside of meeting contexts. While messaging policies are important for communication governance, they have no impact on screen sharing capabilities during Teams meetings. Screen sharing is exclusively controlled through meeting policies as it is a meeting-specific feature requiring separate policy configuration.

C is incorrect because Teams app setup policies control which apps are available to users, how apps appear in the Teams client, and whether users can upload custom apps, but they do not govern meeting features like screen sharing. App setup policies manage the Teams app experience including pinned apps in the app bar, installed apps by default, and permissions for adding third-party applications. While apps might enhance meeting experiences, screen sharing is a core built-in meeting feature controlled by meeting policies rather than app policies. App setup policies would only be relevant if screen sharing functionality was delivered through a specific app, which it is not.

D is incorrect because Teams calling policies govern voice calling features including making private calls, call forwarding, simultaneous ringing, voicemail, call groups, delegation, and caller ID settings, but they do not control meeting features. Calling policies specifically address person-to-person calling and PSTN calling capabilities rather than collaborative meeting functionality. Screen sharing occurs during Teams meetings and is managed through meeting policies rather than calling policies. While both policies configure Teams communication features, they address distinctly different communication modalities with calling policies focused on telephony features and meeting policies focused on collaborative meeting experiences.

Question 32: 

Your organization uses Microsoft Teams with multiple teams and channels. You need to prevent users from creating new teams while still allowing them to create private channels within existing teams. What should you configure?

A) Microsoft 365 Groups creation policy

B) Teams creation policy in the Teams admin center

C) Azure AD group settings

D) SharePoint site creation settings

Answer: A

Explanation:

Microsoft 365 Groups creation policy is the correct configuration for controlling who can create new teams while maintaining independent control over private channel creation. Every Microsoft Teams team is backed by a Microsoft 365 Group, which provides identity, membership, and resources including the Exchange mailbox, SharePoint site, Planner, and OneNote. The ability to create new teams is fundamentally tied to Microsoft 365 Groups creation permissions, meaning that restricting Groups creation effectively prevents users from creating new teams. However, creating private channels within existing teams is a separate permission controlled through Teams-specific policies, allowing the granular control required for this scenario.

Microsoft 365 Groups creation policies are configured through Azure Active Directory and determine which users can create new Groups and therefore new Teams. By default, all users in an organization can create Microsoft 365 Groups and Teams, promoting self-service collaboration but potentially leading to sprawl and governance challenges. Organizations can restrict Groups creation to specific security groups, designated users, or administrators only, implementing controlled team provisioning workflows. This restriction prevents unauthorized team creation while designated users or administrators can create teams following governance processes, approval workflows, and naming conventions ensuring organized team structures aligned with business requirements.

Private channel creation permissions are managed independently through Teams policies in the Teams admin center, specifically within the Teams policies section. The «Create private channels» setting can be enabled or disabled independently of Microsoft 365 Groups creation permissions, allowing organizations to permit private channel creation within existing teams even when users cannot create new teams. This separation enables flexible governance models where team structures are centrally managed while empowering team owners and members to create private channels for confidential discussions, project-specific collaboration, or restricted information sharing within established team boundaries.

The implementation approach involves configuring Microsoft 365 Groups creation settings in Azure AD to restrict team creation to specific security groups or administrators by creating a security group containing authorized team creators, accessing Azure Active Directory admin center, navigating to Groups then General settings, and configuring the «Users can create Microsoft 365 groups» setting to «No» for most users while adding the designated security group to the exceptions. Separately, Teams policies in the Teams admin center should have «Create private channels» enabled in the Teams policy assigned to users. This combination achieves the desired outcome where general users cannot create new teams but can create private channels within teams they belong to. Policy changes typically propagate within hours, and users may need to restart Teams clients for immediate effect.

A is correct as explained above. Microsoft 365 Groups creation policy controls team creation while Teams policies independently control private channel creation.

B is incorrect because while the Teams admin center provides extensive Teams management capabilities, there is no specific «Teams creation policy» setting that independently controls team creation separate from Microsoft 365 Groups. Team creation is fundamentally tied to Microsoft 365 Groups creation permissions because every team requires an underlying Microsoft 365 Group. The Teams admin center includes Teams policies that control features within teams like private channel creation, but the ability to create the team itself is governed by Microsoft 365 Groups settings in Azure AD. Attempting to control team creation solely through Teams admin center settings would not achieve the desired restriction.

C is incorrect because while Azure AD group settings are indeed where Microsoft 365 Groups creation policies are configured, this answer is less specific than option A and might be confused with other Azure AD group-related settings that do not directly control Teams creation. Azure AD contains many group-related configurations including dynamic group rules, group naming policies, expiration policies, and general group settings. The specific setting required is the Microsoft 365 Groups creation policy within Azure AD group settings. Additionally, this answer does not clarify that private channel creation is controlled separately through Teams policies, making option A a more complete and precise answer.

D is incorrect because SharePoint site creation settings control whether users can create SharePoint team sites, communication sites, and classic sites independently, but they do not directly prevent Teams creation. While every Teams team includes an associated SharePoint site, the site is created automatically as part of the team provisioning process driven by Microsoft 365 Groups creation. Restricting SharePoint site creation would prevent users from creating standalone SharePoint sites but would not prevent Teams creation if Microsoft 365 Groups creation remains enabled. The relationship flows from Groups to SharePoint, not the reverse, making Groups creation policy the appropriate control point for Teams creation.

Question 33: 

You need to configure Microsoft Teams so that external users from a specific partner organization can participate in Teams meetings but cannot initiate chats with internal users. What should you configure?

A) External access settings with domain restrictions

B) Guest access settings

C) Meeting policy settings

D) App permission policies

Answer: A

Explanation:

External access settings with domain restrictions is the correct configuration for controlling how users from external organizations interact with your Teams environment, specifically allowing meeting participation while restricting chat capabilities. External access, formerly known as federation, enables users from external organizations to find, call, chat, and meet with users in your organization using their own organization’s Teams or Skype for Business accounts. External access provides granular controls over communication channels including whether external users can initiate chats, make calls, or join meetings, with the ability to configure these permissions on a per-domain basis enabling customized collaboration policies for different partner organizations.

External access configuration in Microsoft Teams admin center provides comprehensive control over cross-organization communication. Administrators can choose to allow external access for all external domains, block all external domains and allow only specific domains through an allow list, or block specific domains while allowing all others through a block list. For each allowed domain, administrators can configure specific communication capabilities including whether users in that domain can start chats with internal users, whether they can join meetings, and whether voice and video calling is permitted. This granular control enables the scenario where external users from a partner organization can join Teams meetings when invited but cannot initiate direct chats with internal users.

The configuration for this specific scenario involves accessing the Teams admin center, navigating to Users and then External access, ensuring that external access is enabled at the organizational level, adding the partner organization’s domain to the allowed domains list if using an allow list approach, and configuring the communication settings for that domain. The key settings include disabling «Users can start chats with external users» while keeping «Users can join meetings» enabled. This configuration permits external users from the specified domain to join Teams meetings when invited through meeting links or calendar invitations but prevents them from initiating one-on-one or group chats with internal users through Teams search or contact discovery.

External access differs significantly from guest access in terms of identity, permissions, and user experience. External access users authenticate through their home organization’s identity system, appear in Teams with their external organization designation, have limited visibility into internal team structures, and access Teams with capabilities defined by external access policies. External users do not have access to team resources like files, channels, or SharePoint sites unless separately invited as guests. This controlled interaction model makes external access appropriate for business-to-business communication scenarios with established partner organizations where organizations want to enable specific collaboration capabilities like meeting participation without granting broader access to internal resources or allowing unrestricted communication.

A is correct as explained above. External access settings with domain restrictions enable granular control over external organization communication including selective meeting participation without chat capabilities.

B is incorrect because guest access involves inviting external users into your organization’s Teams environment as guests who authenticate through Azure AD B2B and have access to team resources including channels, files, and applications. Guest access provides deeper integration and broader permissions than external access, including the ability to participate in team channels, access SharePoint documents, use team apps, and engage in all team activities. Guest access cannot be configured to allow meeting participation while preventing chat because guests have comprehensive collaboration capabilities within teams they’re added to. Additionally, guest access does not provide per-domain configuration capabilities, making it unsuitable for organization-level communication policies. Guest access is designed for deeper collaboration requiring resource access rather than controlled external communication.

C is incorrect because meeting policy settings control what features and capabilities are available during Teams meetings including recording, transcription, screen sharing, video usage, and participant permissions, but they do not control whether external users can initiate chats with internal users outside meeting contexts. Meeting policies apply to meeting experiences and do not govern one-on-one communication capabilities like chat initiation. While meeting policies could restrict what external users can do during meetings, they cannot prevent external users from starting chats with internal users through Teams search or contacts. The requirement to allow meeting participation while blocking chat initiation requires external access configuration rather than meeting policy settings.

D is incorrect because app permission policies control which Microsoft Teams apps, bots, tabs, and connectors are available to users and whether users can install third-party or custom apps, but they do not govern communication capabilities between internal and external users. App permission policies manage the Teams application ecosystem including which apps users can access, which apps are blocked, and default installed apps. These policies have no bearing on fundamental communication capabilities like chat initiation or meeting participation between organizations. While app policies might restrict external users’ ability to use specific apps during collaboration, they do not provide the communication channel controls needed for this scenario which requires external access configuration.

Question 34:

Your organization wants to ensure that all Teams meetings are automatically recorded and stored in a specific SharePoint location. What should you configure?

A) Teams meeting policy with automatic recording

B) Retention policy in the Microsoft 365 compliance center

C) SharePoint site settings

D) OneDrive storage settings

Answer: A

Explanation:

Teams meeting policy with automatic recording is the closest available configuration, though it’s important to note that as of current Teams capabilities, truly automatic recording that requires no user action has limitations and typically requires third-party solutions or compliance recording for regulated industries. However, Teams meeting policies provide the foundational controls for meeting recording capabilities including who can record meetings, where recordings are stored, and recording availability. Meeting policies enable organizations to configure recording permissions ensuring authorized users can initiate recordings, and when combined with organizational processes or compliance recording solutions, can support scenarios approaching automatic recording with centralized storage.

Meeting policies control recording capabilities through several important settings. The «Cloud recording» setting determines whether meeting recordings are enabled for users assigned to the policy, with options to enable or disable recording completely. The «Recordings automatically expire» setting manages how long recordings are retained before automatic deletion, helping organizations balance compliance retention requirements against storage costs. When recordings are enabled, Teams stores completed recordings in OneDrive for meetings organized by individuals or in SharePoint for channel meetings, with recordings appearing in the Teams meeting chat and organizer’s OneDrive or channel’s files section respectively.

For organizations requiring centralized recording storage in specific SharePoint locations, several approaches work within Teams architecture. Channel meetings automatically store recordings in the associated SharePoint site’s recording folder, providing centralized storage within the team’s document library. For non-channel meetings, post-recording workflows using Power Automate can detect new recording files in organizers’ OneDrive accounts and automatically move or copy them to designated SharePoint locations based on meeting metadata, attendee information, or other criteria. Compliance recording solutions available for regulated industries provide policy-based automatic recording with centralized storage, capturing meetings based on policy conditions without requiring user action.

Advanced meeting recording scenarios leverage Microsoft 365’s broader information governance and compliance capabilities. Retention policies in the Microsoft 365 compliance center can be configured to retain meeting recording files for specified periods preventing premature deletion and ensuring compliance with regulatory requirements. Sensitivity labels can be automatically applied to meeting recordings based on meeting settings or content, with labels triggering additional protections like encryption or access restrictions. Data loss prevention policies can monitor recording content for sensitive information, blocking sharing or triggering alerts when protected data is detected. These integrated capabilities enable comprehensive governance of meeting recordings aligned with organizational security and compliance requirements while Teams meeting policies provide the foundational recording permissions.

A is correct as it provides the primary configuration for meeting recording capabilities, though fully automatic recording without user initiation requires additional solutions or compliance recording.

B is incorrect because retention policies in the Microsoft 365 compliance center govern how long content is retained and when it can be deleted but do not control whether meetings are recorded or where recordings are initially stored. Retention policies apply to content after it’s created, preserving meeting recordings for specified retention periods and preventing deletion before retention requirements are met. While essential for compliance and governance of meeting recordings, retention policies do not enable recording functionality or determine initial storage locations. Retention policies work in conjunction with meeting policies where meeting policies enable recording and retention policies govern lifecycle management of recorded content.

C is incorrect because SharePoint site settings control individual site configurations including permissions, features, storage limits, and sharing settings but do not control Teams meeting recording behavior. While Teams channel meeting recordings are stored in SharePoint document libraries associated with teams, this storage occurs automatically based on Teams architecture rather than through SharePoint site settings configuration. SharePoint settings cannot trigger or automate Teams meeting recording, determine which meetings are recorded, or change default recording behavior. SharePoint provides the storage infrastructure for recordings initiated through Teams but does not control the recording process itself.

D is incorrect because OneDrive storage settings manage individual user’s OneDrive configuration including storage quotas, sync settings, and sharing permissions but do not control Teams meeting recording functionality or automate recording processes. Non-channel meeting recordings are stored in the meeting organizer’s OneDrive by default, but this storage location is determined by Teams recording architecture rather than OneDrive settings. OneDrive settings cannot enable meeting recording, initiate automatic recording, or change where Teams stores recordings. While OneDrive administrators can manage storage capacity and sharing permissions affecting recorded content, the recording functionality itself is controlled through Teams meeting policies.

Question 35: 

You are configuring Teams for your organization. You need to prevent users from installing third-party apps while still allowing them to use Microsoft-provided apps. What should you configure?

A) Teams app setup policy

B) Teams app permission policy

C) Teams meeting policy

D) Teams messaging policy

Answer: B

Explanation:

Teams app permission policy is the correct configuration for controlling which apps users can install and use in Microsoft Teams, including the ability to differentiate between Microsoft apps, third-party apps, and custom apps. App permission policies provide granular control over the Teams app ecosystem, allowing administrators to specify which categories of apps are available, block or allow specific apps by name or publisher, and create different app experiences for different user groups based on organizational roles, security requirements, or compliance needs. This policy-based approach enables the specific scenario of allowing Microsoft-provided apps while preventing third-party app installations.

App permission policies operate through a permission model with three distinct app categories each with independent controls. Microsoft apps are applications published by Microsoft including apps like Planner, OneNote, Praise, Tasks, Forms, and other productivity applications built and maintained by Microsoft. Third-party apps are applications published by software vendors other than Microsoft available through the Teams app store, including popular business applications, productivity tools, and industry-specific solutions. Custom apps are applications developed internally by organizations or their partners, uploaded to the organization’s Teams environment for internal use. Each category can be independently allowed or blocked in app permission policies enabling precise control over the app landscape.

Configuring app permission policies for this scenario involves accessing the Teams admin center, navigating to Teams apps and then Permission policies, either modifying the Global default policy that applies to all users or creating custom policies for specific user groups, and setting permissions for each app category. To allow Microsoft apps while preventing third-party apps, administrators set «Microsoft apps» to «Allow all apps» while setting «Third-party apps» to «Block all apps.» More granular controls enable allowing specific third-party apps by adding them to an allow list even when the category is generally blocked, providing flexibility for approved third-party applications. Custom apps can be configured independently based on whether the organization develops internal Teams applications requiring deployment.

Advanced app governance scenarios leverage additional app management capabilities beyond basic permission policies. App setup policies, which are separate from permission policies, control which apps are pinned to users’ Teams app bars, which apps are installed by default, and the order in which apps appear. Organizations typically combine permission policies that determine which apps are available with setup policies that determine which available apps are prominently featured, creating cohesive app experiences. App approval workflows enable administrators to review and approve third-party apps before they become available to users, ensuring security review, compliance validation, and compatibility testing. App usage analytics provide visibility into which apps users are actively using, helping administrators make informed decisions about app permissions and investments in app training or alternatives.

B is correct as explained above. Teams app permission policies control which categories and specific apps users can install and use in Teams.

A is incorrect because Teams app setup policies control which apps are pre-installed, pinned to the app bar, and in what order they appear, but they do not control which apps users are permitted to install or whether third-party apps are allowed. Setup policies manage the app presentation and default app experience but assume that users already have permission to access those apps through app permission policies. An app must first be allowed by an app permission policy before a setup policy can pin or install it. Setup policies enhance the user experience by highlighting important apps and organizing the app bar, but they do not provide the fundamental allow/block controls needed to prevent third-party app installation.

C is incorrect because Teams meeting policies control features and capabilities available during Teams meetings including recording, screen sharing, video settings, chat, and participant permissions, but they have no relationship to app installation or app permissions. Meeting policies govern the meeting experience and do not extend to the Teams app ecosystem or app management. While some apps might provide functionality usable during meetings, the availability of those apps is controlled by app permission policies rather than meeting policies. Meeting policies and app policies serve distinctly different purposes within Teams administration.

D is incorrect because Teams messaging policies control chat and messaging features including message deletion, editing, chat functionality, read receipts, priority messages, and related messaging behaviors, but they do not govern app permissions or installation capabilities. Messaging policies affect how users communicate through Teams chat without impacting which apps are available or installable. While apps might enhance messaging experiences through bots or message extensions, the permissions controlling whether users can install such apps are managed through app permission policies. Messaging policies and app policies address different aspects of the Teams experience with no overlap in app installation controls.

Question 36: 

Your organization uses Teams with dynamic membership groups. Users report that team membership is not updating automatically when group membership changes in Azure AD. What is the MOST likely cause?

A) Team is not connected to the correct Microsoft 365 Group

B) Dynamic group membership synchronization is delayed

C) Teams sync is disabled in Azure AD Connect

D) Team was created before dynamic groups were enabled

Answer: B

Explanation:

Dynamic group membership synchronization delay is the most likely cause when Teams membership does not immediately reflect Azure AD dynamic group membership changes. Dynamic groups in Azure Active Directory automatically update membership based on user attributes and rules defined by administrators, providing automated group management that eliminates manual membership maintenance. However, dynamic group membership evaluation and update processes are not instantaneous, operating on a scheduled basis that can result in delays between when user attributes change and when group membership reflects those changes with typical synchronization intervals ranging from 5 minutes to several hours depending on tenant size and current processing load.

Dynamic group membership updates follow a multi-step process that introduces inherent delays. When user attributes change in Azure AD through directory synchronization, user profile updates, or administrative changes, these attribute changes trigger a reevaluation of dynamic group rules. The Azure AD dynamic membership processing engine evaluates whether users meet the criteria defined in dynamic group rules, adding users who now match criteria and removing users who no longer match. After Azure AD updates the group membership, this membership change must propagate to associated services including Microsoft Teams, which relies on the underlying Microsoft 365 Group membership. Each step in this chain introduces processing time resulting in observable delays before Teams membership reflects attribute changes.

The synchronization delay characteristics vary based on several factors. Tenant size significantly impacts processing speed with larger tenants experiencing longer delays due to the scale of membership evaluations required across potentially thousands of dynamic groups and millions of users. Rule complexity affects evaluation time with simple rules based on single attributes processing faster than complex rules with multiple conditions and nested logic. Azure AD service load influences processing priority and available resources for dynamic group evaluation. Microsoft does not guarantee specific synchronization intervals, documenting typical delays of 5 minutes to 24 hours with most updates completing within a few hours under normal conditions.

Organizations can work within dynamic group synchronization constraints through several approaches. Setting appropriate expectations with users and administrators about synchronization delays prevents confusion when membership changes are not immediate. Monitoring dynamic group processing status through Azure AD’s dynamic group management interface shows last processing time and any membership processing errors. For time-sensitive membership changes requiring immediate effect, administrators can manually trigger membership reevaluation for specific groups or temporarily manage membership manually during critical periods. Designing dynamic group rules carefully with clear attribute criteria and testing rules thoroughly before production deployment reduces unexpected membership changes and processing errors. Complementing dynamic groups with administrative notifications when critical membership changes occur ensures awareness even during synchronization delays.

B is correct as explained above. Dynamic group membership synchronization delays are normal and expected, representing the most likely cause of observed membership update timing issues.

A is incorrect because if a team is not connected to the correct Microsoft 365 Group, membership would not update at all rather than updating slowly, and this would be a configuration error evident immediately upon team creation rather than a timing issue. Every Teams team is backed by exactly one Microsoft 365 Group which provides identity and membership services. The connection between team and group is established during team creation and cannot be changed afterward. If membership from a specific dynamic group is not appearing in a team, the team was either not created from that group or the group association was never established. This scenario presents as complete absence of expected membership rather than delayed synchronization.

C is incorrect because Teams sync in Azure AD Connect relates to synchronizing on-premises Active Directory groups to Azure AD, not to synchronization between Azure AD dynamic groups and Teams. Azure AD Connect synchronizes identity information from on-premises directories to Azure AD, but once objects exist in Azure AD, the dynamic group processing and Teams synchronization occur entirely within the cloud services without involving Azure AD Connect. Disabling Teams sync in Azure AD Connect would prevent creation of new teams from on-premises groups but would not affect membership synchronization for cloud-based dynamic groups and existing teams. This setting is irrelevant to dynamic group membership delays.

D is incorrect because the creation timing of teams relative to dynamic group enablement does not affect membership synchronization behavior. Teams created from Microsoft 365 Groups, whether those groups are static or dynamic, continuously sync membership from the underlying group regardless of when the team or group was created. Converting a static group to a dynamic group after team creation results in the team membership synchronizing with the dynamic group membership once rules process. There is no architectural limitation or configuration requirement related to team creation timing that would prevent dynamic membership synchronization. Teams membership always reflects the current underlying Microsoft 365 Group membership once synchronization processes complete.

Question 37: 

You need to configure Teams to prevent users from sharing sensitive company files with external users during meetings. What should you configure?

A) Teams meeting policy with content sharing restrictions

B) SharePoint external sharing settings

C) Azure Information Protection policies

D) Data loss prevention policies

Answer: B

Explanation:

SharePoint external sharing settings is the correct configuration because Teams file sharing during meetings relies on the underlying SharePoint and OneDrive infrastructure that stores and manages all files shared in Teams. When users share files in Teams meetings, those files are stored in either the meeting organizer’s OneDrive for non-channel meetings or the team’s SharePoint site for channel meetings. SharePoint’s external sharing controls determine whether files can be shared with people outside the organization, making it the primary control point for preventing external file sharing across Teams, including during meetings.

SharePoint external sharing can be configured at multiple levels providing granular control. The organization-level settings in the SharePoint admin center establish the maximum sharing capability allowed across all sites, with options ranging from «Anyone» allowing anonymous sharing, to «New and existing guests» requiring authentication, to «Existing guests only» restricting to already-invited users, to «Only people in your organization» preventing all external sharing. Individual site collection sharing settings can be more restrictive than organizational defaults but never more permissive, allowing site-specific controls for teams requiring tighter security. These settings apply uniformly to all file sharing methods including direct SharePoint sharing, Teams file sharing in chats and channels, and file sharing during Teams meetings.

When external sharing is restricted at the SharePoint level, users attempting to share files with external participants during Teams meetings will encounter permission errors or sharing failures, effectively preventing the unintended disclosure of sensitive information. This protection operates automatically without requiring users to make security decisions during meetings, reducing the risk of accidental data exposure. The SharePoint-based approach provides comprehensive protection because it controls the underlying storage and sharing infrastructure rather than just the Teams interface, preventing workarounds through direct SharePoint access.

Organizations often combine SharePoint external sharing restrictions with complementary security measures for defense-in-depth. Sensitivity labels can be applied to teams and files, automatically enforcing encryption and access restrictions based on content classification. Data loss prevention policies scan content being shared and block sharing when sensitive information like credit card numbers or social security numbers is detected. Azure Information Protection provides rights management preventing file downloads or imposing expiration dates on shared files. Teams meeting policies can disable file sharing in meetings entirely for high-security scenarios, though this prevents both internal and external sharing. The combination of these technologies creates layered protection ensuring sensitive information remains secure.

B is correct because SharePoint external sharing settings control the underlying file sharing infrastructure used by Teams meetings.

A is incorrect because while Teams meeting policies control many meeting features like screen sharing and recording, they do not provide granular controls specifically for preventing external file sharing while allowing internal sharing. Meeting policies can disable file sharing entirely through the «Allow a participant to give or request control» setting when disabled along with screen sharing restrictions, but this prevents all file sharing rather than selectively blocking external sharing. Meeting policies lack the nuanced external versus internal distinction needed for this scenario.

C is incorrect because while Azure Information Protection policies can classify and protect sensitive documents with encryption and usage restrictions, they do not automatically prevent file sharing based on recipient domain or external status. AIP requires explicit labeling of documents and applies protection based on label policies, but external sharing prevention would need to be enforced at the sharing platform level (SharePoint) rather than through document-level protection alone.

D is incorrect because data loss prevention policies detect and block sharing of content containing specific sensitive information types like credit card numbers or personally identifiable information, but they do not prevent all external file sharing regardless of content. DLP policies are content-aware rather than recipient-aware, scanning for sensitive data patterns rather than evaluating who receives shared files. While DLP prevents sharing documents containing detected sensitive information, it allows sharing files without sensitive content.

Question 38: 

Users in your organization report that they cannot find specific messages in Teams search results. You verify the messages exist in the chat. What is the MOST likely cause?

A) Search indexing delay

B) Retention policy has deleted the messages

C) Users lack permissions to view the messages

D) Teams cache corruption

Answer: A

Explanation:

Search indexing delay is the most likely cause when messages exist in Teams chats but do not appear in search results immediately. Microsoft Teams uses a search indexing system that crawls and indexes content including messages, files, and conversation threads to make them searchable through the Teams search interface. This indexing process operates asynchronously in the background, meaning that newly posted messages require time to be indexed before they appear in search results. The typical indexing delay ranges from a few minutes to several hours depending on service load, message volume, and tenant size, with most messages becoming searchable within 15-30 minutes under normal conditions.

The Teams search architecture involves multiple components that introduce indexing latency. When a user sends a message, it is immediately stored in the Teams backend databases and visible to conversation participants in real-time, but the message must go through the indexing pipeline before it becomes searchable. The indexing service continuously processes new and modified content, extracting text, metadata, and relationships, then updating search indexes with this information. During periods of high activity or system maintenance, indexing queues can grow longer resulting in increased delays before content appears in search results. Microsoft prioritizes real-time message delivery over search indexing, ensuring that communication remains instantaneous even if searchability lags.

Search indexing delays are normal operational behavior rather than system failures or configuration errors. Users should understand that recently sent messages, particularly those sent within the last 30 minutes, may not yet appear in search results even though they are visible in the conversation threads. For time-sensitive information retrieval, users should navigate directly to relevant chats or channels rather than relying exclusively on search for very recent content. Organizations cannot manually trigger or accelerate indexing for specific messages, as the indexing process is managed entirely by Microsoft’s backend services operating on automated schedules.

Organizations can minimize the impact of indexing delays through user education and alternative discovery methods. Training users to understand search limitations helps set appropriate expectations about when content becomes searchable. Encouraging use of features like pinned messages for important information ensures critical content remains easily accessible without search. Utilizing Teams’ conversation filtering and sorting capabilities allows users to navigate chronologically through channels and chats to find recent messages. Bookmarking important conversations provides direct access without search dependency. When troubleshooting search issues, administrators should verify whether missing content is recently created, as indexing delays are the most common explanation for search result gaps with existing visible messages.

A is correct because search indexing operates asynchronously with inherent delays before new content appears in search results.

B is incorrect because if a retention policy had deleted the messages, they would not be visible in the chat conversation either. Retention policies delete messages from all locations including the conversation view and backend storage, not just from search indexes. Users reporting that messages exist in chat but not in search indicates the messages remain in the system and have not been deleted. Retention policy deletion is permanent and comprehensive rather than search-specific.

C is incorrect because Teams message permissions are conversation-based rather than message-specific. If users can see messages in a chat conversation, they have permissions to those messages and should be able to find them in search results once indexed. Teams does not implement message-level permissions within conversations that would allow viewing messages directly but prevent finding them through search. Permission issues would prevent accessing the entire conversation rather than selectively affecting search.

D is incorrect because while Teams client cache issues can cause display problems or missing messages in the client interface, they do not affect search results which are generated server-side. Search queries are processed by Microsoft’s backend services querying centralized indexes rather than local client caches. Clearing Teams cache or reinstalling the client might resolve display issues but would not affect whether messages appear in search results. Cache corruption typically manifests as missing conversations or rendering problems, not search-specific issues.

Question 39: 

You need to configure Teams so that all messages sent in a specific team are retained for 7 years to meet regulatory compliance requirements. What should you configure?

A) Retention policy in the Microsoft 365 compliance center

B) Teams meeting policy

C) eDiscovery hold

D) Microsoft 365 Group expiration policy

Answer: A

Explanation:

Retention policy in the Microsoft 365 compliance center is the correct configuration for implementing message retention requirements across Microsoft Teams. Retention policies are compliance features that preserve content for specified periods ensuring organizations meet regulatory obligations, legal requirements, and internal governance policies. For Teams, retention policies can be configured specifically for Teams channel messages and Teams chats with independent retention settings, allowing organizations to specify how long content is retained, what happens after the retention period expires, and whether content can be deleted before retention periods complete.

Configuring a retention policy for Teams messages involves accessing the Microsoft 365 compliance center, navigating to Data lifecycle management or Records management, creating a new retention policy, and specifying the policy scope. For the scenario requiring 7-year retention of all messages in a specific team, administrators would create a policy targeting «Teams channel messages» location, use an adaptive scope or static scope identifying the specific team through its associated Microsoft 365 Group, set the retention period to 7 years, and configure the retention action as «Retain items for a specified period» with deletion allowed or blocked after the period expires depending on organizational requirements. The policy applies automatically to all messages in the specified team, preserving them in a protected compliance repository even if users delete messages from the Teams interface.

Retention policies for Teams operate through a preservation system that works transparently to users while ensuring compliance. When retention policies apply to Teams messages and a user deletes a message, the message disappears from the Teams interface but is preserved in a hidden compliance location called the SubstrateHolds folder. This preserved copy remains accessible through eDiscovery searches and compliance exports but is invisible to users during normal Teams usage. After the retention period expires, the system automatically permanently deletes the preserved copies if configured to do so, or retains them indefinitely if configured for permanent retention. Users cannot bypass retention policies, and even administrators cannot permanently delete retained content until retention periods expire.

Organizations implementing retention policies should consider several important factors. Retention policies apply at the message level rather than conversation level, meaning individual messages within a conversation have independent retention periods based on their creation dates. Multiple retention policies can apply to the same content with the most restrictive policy taking precedence following principles of retention that prioritize preservation over deletion. Retention policies do not prevent users from deleting content from their view, but ensure deleted content remains recoverable for compliance purposes. Policy changes can take up to 7 days to fully propagate across the organization. Organizations often combine retention policies with other compliance features like litigation holds for legal proceedings, sensitivity labels for information protection, and communication compliance policies for regulatory supervision creating comprehensive compliance frameworks.

A is correct because retention policies provide the regulatory compliance capability to retain Teams messages for specified periods including 7-year requirements.

B is incorrect because Teams meeting policies control features available during meetings like recording, screen sharing, and participant permissions but do not provide content retention or compliance capabilities. Meeting policies govern the meeting experience and functionality rather than post-meeting content lifecycle management. While meeting recordings have their own retention considerations, meeting policies do not enforce retention periods for meeting content including transcripts, recordings, or associated chat messages.

C is incorrect because eDiscovery holds preserve content indefinitely for legal proceedings, investigations, or audits but are intended for temporary preservation during litigation or investigations rather than routine regulatory retention periods. Holds prevent content deletion but do not specify retention periods or automatic deletion after compliance periods expire. While holds serve compliance purposes, they are reactive tools for preserving content when legal needs arise rather than proactive governance tools for implementing retention schedules. Retention policies are the appropriate mechanism for routine compliance retention requirements.

D is incorrect because Microsoft 365 Group expiration policies manage the lifecycle of entire groups and associated teams, automatically deleting unused groups after specified inactivity periods to reduce sprawl and reclaim resources. Expiration policies operate at the team level affecting the entire team and all its content, rather than providing message-level retention. Expiration and retention serve opposite purposes with expiration removing inactive resources and retention preserving content for compliance. Implementing a group expiration policy would conflict with message retention requirements by potentially deleting teams containing messages still under retention.

Question 40: 

Your organization wants to prevent specific users from creating private chats but allow them to participate in team channels. What should you configure?

A) Teams messaging policy

B) Teams meeting policy

C) External access settings

D) Guest access settings

Answer: A

Explanation:

Teams messaging policy is the correct configuration for controlling whether users can engage in private chat functionality while maintaining their ability to participate in team channels. Messaging policies in Microsoft Teams govern chat and messaging behaviors including the ability to start chats, delete sent messages, edit sent messages, use read receipts, send urgent messages using priority notifications, use Giphy animated images, stickers, and memes, translate messages, and use the immersive reader for accessibility. The «Chat» setting within messaging policies specifically controls whether users can create and participate in private one-on-one and group chats independent of team channels.

The messaging policy chat setting provides the granular control needed for this scenario through its configurable options. Setting «Chat» to «Off» completely disables private chat functionality for users assigned to that policy, preventing them from creating new chats, sending messages in existing chats, or receiving chat notifications, while channel posting and participation remain fully functional. This selective restriction enables organizations to limit communication to structured team channels where conversations are organized, discoverable, and subject to team-level governance while preventing ad-hoc private conversations that might bypass oversight or create information silos. Users with chat disabled can still see existing chat conversations in read-only mode but cannot send new messages or create chats.

Implementing this configuration involves accessing the Teams admin center, navigating to Messaging policies, either modifying an existing policy or creating a new custom policy for affected users, setting the «Chat» option to «Off» or «On for everyone except external Skype users» depending on external communication requirements, and assigning the policy to the specific users or groups requiring chat restrictions. Policy assignment can be done through direct user assignment, group-based policy assignment for automated management, or batch policy assignment for multiple users. Changes typically propagate within minutes to hours with users potentially needing to restart Teams clients for immediate policy application.

Organizations implement chat restrictions for various legitimate business reasons. Compliance and regulatory requirements in industries like finance or healthcare may mandate that all communications occur in auditable channels rather than private chats. Workforce management for frontline workers or production environments might limit chat to reduce distractions while maintaining team coordination through channels. Information governance objectives might centralize communications in channels where content is organized, searchable, and subject to retention policies rather than scattered across private chats. Security considerations might restrict chat for temporary workers, contractors, or users with limited trust levels while allowing them to contribute to supervised team discussions. Organizations typically combine chat restrictions with clear policies explaining why restrictions exist and providing guidance on appropriate communication channels ensuring users understand expectations and have suitable alternatives for collaboration needs.

A is correct because Teams messaging policies specifically control private chat functionality independent of channel participation capabilities.

B is incorrect because Teams meeting policies control features available during meetings including recording, screen sharing, video usage, and meeting chat during meetings, but do not restrict private chat functionality outside of meeting contexts. While meeting policies include a «Meeting chat» setting controlling whether chat is available during meetings, this does not affect the broader private chat functionality outside meetings. Users with meeting chat enabled can still engage in regular private chats if messaging policies allow it.

C is incorrect because external access settings control communication between your organization and external organizations including federated chat, calling, and meetings with users from other companies or Skype for Business users. External access does not control internal private chat capabilities between users within the same organization. External access restrictions prevent communication with external users but do not disable private chat functionality among internal colleagues, which is controlled through messaging policies.

D is incorrect because guest access settings control what guest users invited into your Teams environment can do, including whether guests can access channels, participate in chats, use apps, or share files. Guest access does not apply to regular internal users and does not provide mechanisms for restricting internal users’ private chat capabilities. Guest access governs external user permissions after they’re invited as guests, while this scenario requires controlling internal user communication methods through messaging policies.

Question 41: 

You are implementing Teams Phone System. Users report they cannot make external calls to mobile phones. Internal calling works correctly. What should you verify first?

A) Calling policy allows PSTN calling

B) Emergency address is configured

C) Direct Routing is properly configured

D) Users have appropriate licenses

Answer: D

Explanation:

Verifying that users have appropriate licenses is the first and most fundamental troubleshooting step when external PSTN calling fails while internal calling works. Microsoft Teams Phone System requires specific licensing for Public Switched Telephone Network calling capabilities, with different licensing options depending on how the organization implements telephony. Without the correct license assignment including Teams Phone with Calling Plan, Teams Phone with Direct Routing, or Teams Phone Mobile licenses, users cannot make or receive external calls through the PSTN even if all configuration is correct and internal VoIP calling functions normally.

Teams Phone licensing comes in several variations each enabling different calling capabilities. The Microsoft Teams Phone Standard license provides the core Phone System functionality including call management, auto attendants, call queues, voicemail, and internal calling between Teams users, but does not include PSTN connectivity by itself. For external calling, organizations must add either Calling Plans which are Microsoft-provided PSTN connectivity available in select countries including domestic and international calling options, or implement Direct Routing connecting Teams Phone to existing telephony infrastructure or third-party SIP trunks. Users must have both the Phone System license and an appropriate PSTN connectivity solution either Calling Plan license or proper Direct Routing configuration to complete external calls.

License verification should be the first troubleshooting step because licensing issues are common, easy to verify, and prevent calling functionality regardless of configuration correctness. Administrators can verify licenses through the Microsoft 365 admin center by viewing user details and examining assigned licenses, checking specifically for Microsoft Teams Phone System licenses and Calling Plan licenses if used. Azure AD PowerShell commands can query license assignments for multiple users simultaneously. The Teams admin center shows user licensing status and calling capabilities. License assignment changes typically take 15 minutes to several hours to propagate fully with users sometimes requiring sign-out and sign-in for license changes to take effect.

When license verification confirms correct assignments but external calling still fails, troubleshooting proceeds to configuration aspects. Calling policies must allow PSTN calling through the «Make private calls» setting. Emergency addresses must be assigned to user phone numbers for regulatory compliance. Direct Routing configurations require properly configured Session Border Controllers, voice routing policies, and PSTN usage records. Network connectivity issues might prevent communication with Microsoft calling services or Direct Routing infrastructure. Call Analytics and Call Quality Dashboard provide detailed diagnostic information about failed call attempts including failure points, error codes, and network quality metrics. However, confirming proper licensing must be the initial verification step as it is the foundation upon which all other calling functionality depends, and missing or incorrect licenses explain calling failures with complete certainty eliminating need for complex configuration troubleshooting.

D is correct because licensing is the fundamental requirement for PSTN calling and should be verified before investigating configuration issues.

A is incorrect because while calling policy settings including «Make private calls» must be enabled for PSTN calling, this would be a secondary verification after confirming proper licensing. Calling policies control what users can do with their calling capabilities but licensing determines whether those capabilities exist at all. If calling policies prevent PSTN calling, users typically see policy-based error messages, whereas missing licenses often result in features not appearing in the interface. Calling policy verification is important but should follow license confirmation.

B is incorrect because while emergency addresses are required for regulatory compliance and proper emergency services routing, missing emergency addresses typically allow normal outbound calling with warnings or limitations rather than completely preventing external calls. Emergency address requirements are enforced during number assignment and for emergency calls specifically, but most calling scenarios function without assigned emergency addresses albeit with compliance warnings. Emergency address configuration is important but would not be the first verification step for external calling failures.

C is incorrect because verifying Direct Routing configuration assumes the organization uses Direct Routing for PSTN connectivity, which is only one of several telephony implementation options. Organizations using Microsoft Calling Plans do not use Direct Routing and would find this verification irrelevant. Additionally, internal calling working correctly suggests that core Teams Phone System functionality is operational, with the issue specifically affecting PSTN connectivity. Direct Routing verification would be appropriate after confirming licenses include Phone System and determining the organization’s PSTN connectivity method.

Question 42: 

You need to configure Teams to automatically delete channel messages after 90 days while retaining one-on-one chat messages indefinitely. What should you configure?

A) Two separate retention policies with different locations and settings

B) Single retention policy with 90-day retention

C) Teams meeting policy with message expiration

D) Microsoft 365 Group expiration policy

Answer: A

Explanation:

Two separate retention policies with different locations and settings is the correct approach because Teams channel messages and Teams chats are treated as distinct locations in Microsoft 365 retention policy configuration, each requiring independent retention settings to implement different retention periods. Microsoft Teams supports separate retention policies for «Teams channel messages» location and «Teams chats» location, allowing organizations to apply different retention rules based on message type reflecting different compliance requirements, business needs, or risk profiles for structured channel communications versus informal private chats.

The retention policy architecture in Microsoft 365 recognizes that Teams channel messages and Teams chats serve different purposes and may have different retention requirements. Channel messages occur in team channels representing organized, topic-based discussions within defined team contexts often containing project-related information, decisions, and work artifacts requiring structured retention. Teams chats include private one-on-one and group conversations typically less formal and more transient but potentially containing important business communications requiring preservation. By separating these locations in retention policy configuration, Microsoft enables organizations to implement appropriate retention strategies for each communication type.

Implementing the specific scenario requires creating two distinct retention policies in the Microsoft 365 compliance center. The first policy targets the «Teams channel messages» location, specifies a 90-day retention period, and configures deletion after retention expiration, applying either organization-wide or to specific teams based on scope configuration. The second policy targets the «Teams chats» location, configures indefinite retention by selecting «Keep items forever» or specifying a very long retention period without deletion, ensuring private chats are preserved permanently. These policies operate independently with each applying to its designated location, and Teams messages are automatically classified and subject to the appropriate policy based on whether they’re channel messages or chat messages.

Organizations benefit from flexible retention policy configuration through several advanced capabilities. Adaptive scopes enable dynamic policy targeting based on group attributes, user attributes, or other properties automatically including new teams or users matching criteria without manual policy updates. Retention labels allow users or administrators to manually classify specific conversations with custom retention settings overriding default policies for exceptional cases. Policy priority and conflict resolution rules automatically handle situations where multiple policies might apply to the same content, following principles of retention that prioritize preservation over deletion and longer retention over shorter retention. Monitoring and reporting capabilities track policy application, preserved content volumes, and disposition actions providing visibility into compliance program effectiveness. The combination of separate location-based policies, adaptive targeting, and priority rules enables sophisticated retention programs meeting complex regulatory and business requirements while maintaining operational simplicity.

A is correct because separate retention policies for different Teams locations enable independent retention periods for channel messages versus chats.

B is incorrect because a single retention policy cannot simultaneously apply different retention periods to channel messages and chats even when both locations are included in the same policy. When a retention policy includes both Teams channel messages and Teams chats locations, the same retention period and actions apply to both. Creating one policy with 90-day retention would delete both channel messages and chats after 90 days, failing to meet the requirement for indefinite chat retention. Separate policies are required for different retention treatments.

C is incorrect because Teams meeting policies control features available during meetings but do not provide message retention or automatic deletion capabilities. Meeting policies govern the meeting experience including recording, screen sharing, and live features, but have no relationship to message lifecycle management or retention compliance. Teams meeting policies cannot implement retention periods or automatic deletion schedules which are compliance features managed through retention policies in the compliance center.

D is incorrect because Microsoft 365 Group expiration policies manage entire group and team lifecycle, automatically deleting unused groups after inactivity periods to reduce sprawl. Expiration policies operate at the team level affecting all content simultaneously including channels, files, and settings rather than providing message-level retention granularity. Expiration would delete entire teams and all their content rather than selectively removing channel messages while preserving chats. Additionally, expiration focuses on inactive resource cleanup rather than compliance-driven content retention making it inappropriate for regulatory retention requirements.

Question 43: 

Users report that they cannot see meeting transcripts after Teams meetings conclude. Transcription was enabled during the meetings. What should you verify?

A) Meeting policy allows transcription

B) Users have the required license for transcription

C) Meeting recording was enabled

D) Azure Speech Services is configured

Answer: A

Explanation:

Meeting policy allowing transcription is the first verification point when users cannot access meeting transcripts despite transcription being enabled during meetings. Teams meeting policies control whether live transcription and post-meeting transcripts are available to meeting participants through the «Allow transcription» setting. Even if users attempt to enable transcription during meetings and the transcription feature appears to function, the underlying policy setting determines whether transcripts are actually generated, stored, and made available after meetings conclude. Policy restrictions may allow the transcription interface to appear without actually producing accessible transcripts.

Teams transcription capabilities are governed by multiple policy settings working together. The primary «Allow transcription» setting in meeting policies controls basic transcription availability with options including «On» enabling transcription for all meetings organized by users with this policy, and «Off» completely disabling transcription regardless of user attempts to enable it. When transcription is allowed, meeting organizers and participants with appropriate permissions can enable live transcription during meetings, which displays real-time captions and creates a full transcript stored with the meeting for post-meeting access. The «Allow cloud recording» setting, while separate, interacts with transcription because transcripts are typically stored alongside meeting metadata and recordings in the meeting organizer’s OneDrive or team’s SharePoint site.

Verifying meeting policy configuration involves accessing the Teams admin center, navigating to Meetings then Meeting policies, identifying the policy assigned to affected users either the Global policy or custom policies, and reviewing the «Allow transcription» setting within the Recording & transcription section. If transcription is disabled in the assigned policy, users will not have access to meeting transcripts even if transcription appeared to be active during meetings. Policy changes require time to propagate typically minutes to hours and users may need to sign out and back into Teams for policy updates to take effect. Organizations should ensure policies are assigned correctly to intended users or groups through direct assignment or group-based policy assignment.

Additional considerations affect transcript availability beyond basic policy enablement. Transcription feature availability varies by meeting type with scheduled meetings, channel meetings, and ad-hoc meetings having different transcript storage and access patterns. Transcript access permissions depend on meeting participation with only meeting participants able to view transcripts, and transcript location in OneDrive or SharePoint requires appropriate file access permissions. Language support for transcription is limited to certain languages primarily English with expanding coverage, and meetings conducted in unsupported languages may not generate transcripts. Network connectivity during meetings affects transcription quality with poor connections potentially causing transcription failures or incomplete transcripts. Organizations implementing transcription should communicate policy settings clearly to users, provide guidance on enabling transcription during meetings, and ensure meeting organizers understand where transcripts are stored and how to access them post-meeting for review, sharing, or compliance purposes.

A is correct because meeting policy transcription settings control whether transcription is available and whether transcripts are accessible after meetings.

B is incorrect because Teams meeting transcription is generally available to users with appropriate Teams licenses including Microsoft 365 E3, E5, Business Premium, and Business Standard licenses without requiring additional transcription-specific licensing. While some advanced features may have specific license requirements, basic meeting transcription is available broadly and licensing issues would typically prevent transcription from appearing as an option rather than creating transcripts that are inaccessible after meetings. If users could enable transcription during meetings, licensing is likely not the issue.

C is incorrect because meeting transcription and meeting recording are independent features that operate separately. Transcription can be enabled without recording, and transcripts are generated regardless of whether meetings are recorded. While transcripts are often accessed through recorded meeting interfaces when both features are used, transcription functions independently creating text transcripts of meeting audio without requiring video or audio recording. The scenario describes transcription being enabled but transcripts unavailable, not recording-related issues.

D is incorrect because Azure Speech Services is the underlying Microsoft AI technology that powers Teams transcription, but it is a backend service managed entirely by Microsoft and does not require customer configuration or setup. Organizations using Teams meeting transcription do not need to configure, license, or enable Azure Speech Services separately as it is integrated into Teams automatically. Transcription availability is controlled through Teams admin policies rather than Azure service configuration, making Speech Services configuration irrelevant to troubleshooting transcript access issues.

Question 44: 

Your organization needs to prevent users from using anonymous join for Teams meetings while allowing authenticated external users to join. What should you configure?

A) Meeting policy with lobby settings

B) External access settings

C) Guest access settings

D) Azure AD conditional access

Answer: A

Explanation:

Meeting policy with lobby settings is the correct configuration for controlling anonymous meeting join capabilities while allowing authenticated external users. Teams meeting policies include comprehensive lobby and admission settings that determine who can bypass the meeting lobby and join directly versus who must wait in the lobby for admission by meeting organizers or presenters. The «Who can bypass the lobby» setting provides granular options including Everyone, People in my organization and guests, People in my organization, trusted organizations, and guests, People in my organization, or Only organizers and co-organizers, with each option defining different admission criteria balancing meeting accessibility against security and control requirements.

The lobby acts as a virtual waiting room where participants remain until meeting organizers or presenters explicitly admit them into the meeting. Lobby functionality provides meeting hosts control over meeting access enabling them to verify participant identities, prevent unauthorized access, and manage meeting disruption. Anonymous participants are those joining meetings without signing in to Teams or authenticating with organizational accounts, typically joining through meeting links without providing credentials. Authenticated external users include federated users from other organizations with their own Teams or Skype for Business deployments, and guest users who have been invited into your Azure AD through B2B collaboration. These user types can be treated differently in lobby settings allowing authenticated external participation while requiring lobby admission for anonymous users.

Configuring the scenario requires accessing Teams admin center, navigating to Meetings and then Meeting policies, selecting the appropriate policy for users requiring this configuration, and modifying the «Who can bypass the lobby» setting to «People in my organization and guests» or «People in my organization, trusted organizations, and guests» depending on external collaboration patterns. These settings allow authenticated users including employees, guests, and federated external users to join meetings directly while forcing anonymous participants into the lobby where they await admission. The «Anonymous users can join a meeting» setting should remain enabled allowing anonymous users to reach the lobby but not bypass it, with meeting organizers retaining control over whether to admit anonymous participants on a case-by-case basis.

Organizations implement lobby controls for various security and compliance reasons. Preventing automatic anonymous access reduces risks of meeting bombing where unauthorized participants disrupt meetings, protects sensitive discussions from unknown participants, and ensures all participants are identifiable. Allowing authenticated external users supports business collaboration with partners, customers, and vendors without requiring them to request admission creating friction in professional meetings. Lobby settings complement other meeting security features including meeting passwords required for all external access, meeting registration requiring participants to provide information before receiving join links, sensitivity labels automatically applying protection settings based on content classification, and meeting options allowing organizers to adjust lobby settings for individual meetings overriding policy defaults. The combination of policy-based default controls and meeting-specific adjustments provides flexible security management matching protection levels to meeting sensitivity and participant trust levels.

A is correct because meeting policy lobby settings provide granular control over anonymous versus authenticated external user admission to meetings.

B is incorrect because external access settings control whether users from external organizations can find, call, chat, and meet with users in your organization through federation, but they do not control anonymous meeting join or lobby behavior. External access operates at the organizational relationship level enabling or blocking communication with specific domains, but does not provide meeting-specific admission controls. External access settings are binary allowing or blocking communication with external organizations entirely rather than managing admission processes for individual meetings.

C is incorrect because guest access settings control what guest users who have been invited into your Azure AD can do within your Teams environment including accessing teams, channels, files, and apps, but guest access does not govern anonymous meeting join scenarios. Guests are authenticated users with identity records in your directory, distinct from anonymous users who lack credentials. Guest access settings would affect authenticated guests but not anonymous participants, and do not provide lobby admission controls which are managed through meeting policies.

D is incorrect because Azure AD conditional access policies control authentication requirements and access conditions for organizational resources based on user identity, location, device compliance, and risk signals, but they apply to authenticated users and do not directly control anonymous access to Teams meetings. Conditional access affects whether users can sign in and access Teams based on policy conditions, but anonymous meeting participants by definition are not signing in or subject to conditional access evaluation. Conditional access complements meeting policies by ensuring authenticated users meet security requirements but does not prevent anonymous meeting join.

Question 45: 

You need to configure Teams so that when users share their screens during meetings, only the specific application window is visible to participants, not their entire desktop. What should you configure?

A) Meeting policy screen sharing mode to «Single application»

B) External access settings

C) Teams app permission policy

D) Azure AD conditional access

Answer: A

Explanation:

Meeting policy screen sharing mode set to «Single application» is the correct configuration for restricting screen sharing to specific application windows rather than entire desktop sharing. Teams meeting policies include a «Screen sharing mode» setting that controls the scope of screen sharing capabilities available to meeting participants, with options including «Entire screen» allowing participants to share their complete desktop with all windows and applications visible, «Single application» restricting sharing to individual application windows providing privacy protection, and «Disabled» preventing screen sharing entirely. The single application mode ensures that only the selected application window appears in the shared screen without revealing other desktop content, taskbars, notifications, or background applications.

Single application screen sharing provides significant privacy and security benefits compared to entire screen sharing. Users sharing their screens often have sensitive information visible in other application windows, browser tabs, notifications, or desktop backgrounds including confidential emails, proprietary documents, personal information, or security credentials. By restricting sharing to single applications, users can present specific content like PowerPoint presentations, Excel spreadsheets, or demonstration applications without exposing unrelated desktop activity. This protection operates automatically based on policy settings rather than relying on users to remember to close sensitive windows or disable notifications before sharing, reducing the risk of accidental information disclosure during meetings.

Configuring the screen sharing mode involves accessing Teams admin center, navigating to Meetings and then Meeting policies, selecting the appropriate policy for users requiring application-only sharing, and setting the «Screen sharing mode» to «Single application» within the Content sharing section. This policy setting applies to all users assigned to the policy, enforcing single application sharing universally during their meetings. Users attempting to share screens will see only single application options without the ability to share entire screens, ensuring consistent privacy protection. Policy changes propagate within typical policy update timeframes usually minutes to hours with users potentially needing to restart Teams for immediate effect.

Organizations often use single application sharing in specific scenarios requiring enhanced privacy protection. External-facing meetings with customers, partners, or public participants benefit from application-only sharing preventing accidental exposure of internal information. Regulated industries with strict data protection requirements implement single application sharing to reduce compliance risks during screen sharing. Support and training scenarios where screen sharing is frequent benefit from application-level sharing ensuring only intended demonstration content is visible. Organizations can implement different sharing modes for different user groups through multiple meeting policies, allowing internal users entire screen sharing for collaborative work sessions while restricting customer-facing roles to single application sharing. Meeting organizers can additionally configure sharing permissions through meeting options on a per-meeting basis, specifying who can share screens and what they can share, providing additional control layers beyond policy defaults ensuring appropriate sharing capabilities for each meeting’s specific security requirements.

A is correct because meeting policy screen sharing mode controls the scope of screen sharing between entire screen and single application options.

B is incorrect because external access settings control federation and communication capabilities with external organizations including chat, calling, and meeting participation, but they do not govern screen sharing behavior or control what content is shared during screen sharing sessions. External access operates at the organizational relationship level enabling or blocking communication with specific domains without managing meeting feature configurations. Screen sharing restrictions require meeting policy settings rather than external access controls.

C is incorrect because Teams app permission policies control which apps users can install and use in Teams including Microsoft apps, third-party apps, and custom apps, but they do not govern screen sharing capabilities or control how screen sharing operates during meetings. App permission policies manage the Teams application ecosystem without affecting core meeting features like screen sharing which are controlled through meeting policies. Screen sharing is a built-in meeting feature rather than an app-based capability.

D is incorrect because Azure AD conditional access policies control authentication requirements and access conditions based on user identity, location, device compliance, and risk levels, but they do not manage meeting feature configurations or screen sharing behavior. Conditional access determines whether users can access Teams and what conditions must be met for access, but does not control how users share their screens once in meetings. Screen sharing restrictions are meeting policy configurations rather than identity and access controls.