Microsoft MS-700 Microsoft 365 Certified: Teams Administrator Associate Exam Dumps and Practice Test Questions Set 10- Q181-200

Visit here for our full Microsoft MS-700 exam dumps and practice test questions.

Question 181: 

Your company wants to prevent users from uploading custom apps in Microsoft Teams. What should you modify? 

A) App permission policies
B) App setup policies
C) Teams messaging policies
D) Teams update policies

Answer: A)

Explanation: 

App permission policies are the foundational control mechanism within Microsoft Teams for determining which applications users are allowed to install, upload, or interact with. When an organization wants to block the upload of custom apps—also known as line-of-business (LOB) applications—the configuration point must directly govern how applications enter the Teams environment. App permission policies provide granular control that allows administrators to permit or deny specific categories of applications such as Microsoft apps, third-party apps, or custom apps. By modifying these policies, an organization can fully prevent users from introducing unverified or unauthorized applications, thereby reducing risk exposure, maintaining compliance, and ensuring that only approved solutions are accessible in the Teams client.

This control is vital because custom apps can contain code or integrations that affect data handling, user access, or organizational workflows. Without proper governance, users could unintentionally upload applications that bypass established security controls, compromise data privacy, or violate internal policies. App permission policies thus act as a safeguard that centralizes decision-making regarding app availability and reduces administrative overhead by preventing unauthorized app distribution at the source.

In contrast, app setup policies function differently: they determine which apps are pre-pinned, highlighted, or recommended in the Teams interface but do not restrict what users can upload. Even if app setup policies were modified, users could still potentially add custom applications unless app permission policies explicitly deny that capability. Messaging policies focus on chat-oriented behavior and communications—not application governance—so they do not influence the ability to upload custom apps. Teams update policies deal strictly with client versioning and update interactions, making them irrelevant to app upload restrictions.

Therefore, to prevent custom application uploads, the only setting that provides direct control is the app permission policy. Admins can modify the policy by turning off the setting that allows users to upload custom apps, or they can restrict app availability to only Microsoft-approved apps or apps distributed from the organization’s managed catalog. These configurations ensure that users operate solely within the boundaries defined by IT governance. 

Question 182: 

You need to restrict guest users from creating private channels. What should you configure?

A) Team settings
B) Channel policies
C) Teams guest access settings
D) Teams admin roles

Answer: C)

Explanation: 

Guest access in Microsoft Teams is governed by a distinct set of organizational-level controls that define what external users are allowed to do when they participate in an internal tenant’s Teams environment. When the requirement is to ensure that guest users are unable to create private channels, the configuration point must directly influence guest capabilities rather than the behavior of internal users or team owners. Teams guest access settings provide the necessary governance because they operate at the level of cross-tenant collaboration and define what external participants can and cannot perform within teams to which they are invited. By adjusting guest access permissions, administrators can disable the ability for guests to create private channels entirely, ensuring that only internal members adhere to organizational boundaries when constructing restricted collaboration spaces.

Private channels themselves are more sensitive than standard channels because they create isolated workspaces with their own separate permission structures. Allowing guests to create such spaces can increase risk by giving external participants control over membership and content segregation that may fall outside the intended governance model. With guest access settings, administrators can prevent these scenarios by disabling guest-level creation privileges. This ensures external collaborators can participate but not architect new private subspaces that could house sensitive content outside established oversight.

Team settings differ significantly in purpose: they define capabilities for team members and owners but do not distinguish between internal and external participants. While team settings can restrict channel creation for members, they still do not apply uniquely to guest roles. Because the requirement specifically targets guest behavior, team settings cannot selectively enforce that restriction without inadvertently impacting internal users.

Channel policies, on the other hand, relate primarily to moderation, posting permissions, and content control within channels rather than structural capabilities like channel creation. They determine who can post messages or moderate discussions but do not handle guest permissions with the granularity required for preventing channel creation.

Teams admin roles are completely unrelated to guest access behavior. They define which administrators can manage specific areas of Teams but do not govern end-user privileges within teams or channels. Assigning or modifying admin roles does not influence what guests can or cannot create.

Therefore, the only configuration area that directly governs the ability of guests to create private channels—and does so without impacting internal team members—is Teams guest access settings. By modifying these settings, organizations maintain a secure collaboration environment while still enabling controlled external participation.

Question 183: 

Your organization wants to enable call recording for support agents only. What should you configure?

A) Teams meeting policies
B) Teams calling policies
C) Compliance recording policies
D) Teams voice routing policies

Answer: C)

Explanation: 

Compliance recording policies in Microsoft Teams are designed specifically for scenarios where an organization must enforce the automatic recording of all calls and meetings for particular users due to regulatory, legal, or operational requirements. These policies are particularly important for industries such as finance, healthcare, support operations, law enforcement, or any environment where customer interactions need to be captured consistently for auditing, dispute resolution, supervision, or quality monitoring. When an organization requires that only support agents have their calls recorded automatically, the correct configuration point must allow targeting at the individual or group level while enforcing recording behavior without user intervention. Compliance recording policies provide this level of precision.

These policies operate by pairing approved recording solutions—integrated through certified partners—with user assignments. Once applied, the policy ensures that every inbound and outbound PSTN call, as well as every peer-to-peer or group call, is automatically recorded according to compliance rules. Users covered by these policies cannot disable recording, and the entire process is seamless and preserved according to organizational policy. This selective enforcement ensures that only specific user roles, such as support agents, are placed under permanent recording requirements while the rest of the organization retains normal call behavior without forced recording.

Meeting policies differ significantly. While meeting policies can control aspects like who can record meetings or whether transcription is available, they do not relate to the regulated automatic call recording required for compliance. Meeting recordings are user-initiated and apply only to scheduled or ad hoc meetings, not ongoing call interactions that support agents typically handle.

Teams calling policies manage telephony-related behaviors—such as call forwarding, delegation, simultaneous ring, or voicemail settings—but they do not control recording enforcement. They influence how users manage calls, not whether those calls must be recorded under regulatory frameworks.

Voice routing policies determine the path that voice traffic takes through the PSTN, either through Calling Plans or Direct Routing. While essential for call functionality, routing has no relationship to recording requirements and cannot enforce call capture.

Thus, the only configuration that meets the requirement is compliance recording policies, as they ensure automatic, mandatory, and continuous call recording specifically for selected users. This preserves regulatory adherence while preventing unnecessary recording of non-regulated personnel. The policy creates a structured and enforceable recording environment tailored to the operational needs of support agents.

Question 184: 

A department needs to use shared channels with an external partner. What should you verify first?

A) External access settings
B) App permission policies
C) Teams update policies
D) Teams device policies

Answer: A)

Explanation: 

Shared channels in Microsoft Teams allow seamless collaboration between internal users and external partners without requiring the external participants to switch tenants. This capability enhances cross-organizational work by reducing friction, simplifying access, and enabling targeted collaborations within specific channel spaces. However, shared channels depend heavily on a properly configured external access framework that ensures both organizations can communicate securely and without restrictions. Because shared channels extend beyond the organization’s internal boundaries, the first and most critical prerequisite is verifying that external access settings between the participating tenants are correctly configured.

External access—sometimes called federation—controls whether users from another domain can communicate with users in the local organization. For shared channels to function, both organizations must allow the other’s domain and maintain compatible configurations. This includes enabling communication with external Teams users, validating that domains are not blocked, and ensuring that authentication expectations align. If federation is restricted, disabled, or misconfigured, shared channels cannot be used, even if all other Teams features are properly enabled.

App permission policies have no effect on whether shared channels can be created or used. They simply control which apps users can access within Teams. Even if app permissions allow collaborative tools, shared channels themselves require tenant-level communication permissions that exist outside the scope of app availability.

Teams update policies determine how updates roll out to users, including preview features or release cadences. Although updates may enable visibility of shared channel features, the ability to use shared channels is still fully dependent on external access configuration rather than client update settings.

Device policies govern Teams-certified hardware such as phones, displays, and room systems. These policies focus on device behavior, sign-in rules, and configuration restrictions but do not influence collaborative capabilities like shared channels.

Therefore, verifying external access settings is the first and most foundational requirement for enabling shared channels. Only by ensuring that the partner organization’s domain is allowed, federation is active, and external communication is permitted can shared channels operate successfully. Without this, Teams cannot establish the trust and communication linkage required for shared collaboration spaces.

Question 185: 

You want to prevent users from scheduling meetings in Outlook but still allow scheduling in Teams. What should you modify?

A) Outlook add-in permissions
B) Teams meeting policies
C) Exchange OWA mailbox policies
D) Teams calendar app policies

Answer: A)

Explanation: 

The requirement to prevent users from scheduling meetings in Outlook while still allowing them to schedule meetings in Teams involves separating how meeting creation is initiated across different platforms. The Teams meeting add-in for Outlook is the component that enables users to schedule Teams meetings directly from the Outlook client. If an organization wants to restrict this capability—not globally, but specifically within Outlook—the configuration must focus on the add-in rather than on meeting policies or broader collaboration settings. Managing Outlook add-in permissions provides this precise level of control. By disabling or restricting access to the Teams meeting add-in, administrators can block users from generating Teams meeting invitations directly from Outlook’s calendar interface.

This approach works because the add-in is separate from the core Teams scheduling functionality. Users can still go into the Teams client, navigate to the Calendar tab, and schedule meetings as normal. The Teams platform itself remains fully functional, and no global meeting policies are altered. Only the Outlook-based scheduling flow is restricted.

Teams meeting policies, on the other hand, control meeting behavior—such as who can record, who can bypass the lobby, who can share content, and whether transcription is allowed. They apply universally across Teams and Outlook and do not provide a way to block Outlook scheduling specifically while allowing Teams scheduling. Using them would restrict meeting capabilities rather than restricting the location from which meetings can be created.

Exchange OWA mailbox policies control settings in Outlook on the web, such as UI elements or available actions. However, these policies do not provide direct control over the Teams meeting add-in, nor do they isolate Teams-specific integrations. Adjusting them would not prevent Outlook’s desktop or web experience from enabling Teams meeting creation unless done in ways that would also remove unrelated functionality.

Teams calendar app policies determine how the Calendar app behaves inside Teams but do not govern Outlook or its add-ins. These policies are primarily about visibility or integration within Teams itself.

Therefore, the only configuration that meets the objective—blocking Outlook-based scheduling while permitting Teams-based scheduling—is modifying Outlook add-in permissions. This gives administrators targeted granularity and ensures the organization’s scheduling workflow remains aligned with policy requirements.

Question 186: 

A user cannot make PSTN outbound calls in Teams. What should you check first?

A) Assigned calling plan or voice routing
B) Teams theme settings
C) Meeting recording settings
D) App setup policies

Answer: A)

Explanation: 

When a user cannot place outbound PSTN calls in Microsoft Teams, the first diagnostic step must focus on the telephony foundation that enables voice calling functionality: licensing and voice routing. To make PSTN calls, a user must be assigned an appropriate calling license—such as a Calling Plan, Operator Connect assignment, or a Direct Routing-enabled voice configuration. Without the correct licensing or routing, the user’s client will not display dial pad functionality or permit outbound dialing. Therefore, verifying the assigned calling plan or voice routing configuration is always the most critical first step.

In Microsoft Teams, PSTN calling depends on several interlocking components: a phone system license (bundled or standalone), a connectivity method (Calling Plan, Direct Routing, or Operator Connect), emergency address configuration, and proper voice routing policies. If any of these elements is missing or incomplete, outbound calling will not function. Often, the issue is that the user simply has not been assigned a calling plan or voice routing policy. Confirming these assignments quickly determines whether the user’s calling environment is correctly provisioned.

Teams theme settings are purely cosmetic and allow users to change the appearance of the Teams client, such as switching between dark or light mode. These settings have no relationship to telephony features, permissions, or routing.

Meeting recording settings relate to how and whether users can record Teams meetings. They govern compliance, permissions, and storage behavior for recordings but do not affect the ability to make phone calls or access PSTN capabilities.

App setup policies determine which apps appear in the Teams interface and can pin or unpin apps in the user’s sidebar. However, they cannot enable calling features if the user lacks licensing or routing. Even if the Calls app is pinned, the user cannot place PSTN calls unless the backend configuration is correct.

Therefore, the primary reason a user cannot initiate PSTN outbound calls is almost always tied to missing telephony licensing or routing assignments. This is why checking the user’s calling plan or voice routing configuration is the essential first step in troubleshooting. Only after confirming these components should administrators proceed to deeper diagnostic steps, such as client permissions, network readiness, or policy replication delays.

Question 187: 

A school wants teachers to be able to mute all students in Teams meetings. What must the teachers have?

A) Organizer role
B) Presenter role
C) Team owner permissions
D) Messaging admin role

Answer: B)

Explanation: 

Within Microsoft Teams meetings, the ability to mute all participants is a powerful control mechanism that directly relates to the presenter role. Presenters have elevated privileges during meetings, which include muting attendees, controlling who can speak, managing content sharing, and adjusting participant permissions. When teachers need to mute all students in an educational setting, assigning them as presenters ensures they have the necessary authority to maintain classroom order, reduce background noise, and manage participation effectively. The presenter role establishes a clear boundary between those leading the meeting and those attending.

The organizer role, while important, focuses mainly on scheduling the meeting and configuring pre-meeting settings such as lobby controls, recording permissions, or breakout room assignments. Although organizers can change meeting options, they do not inherently possess all in-meeting controls unless they are also designated as presenters. A teacher serving as an organizer without presenter rights would have administrative setup capabilities but might lack the ability to mute all participants during active instruction.

Team owner permissions are unrelated to meeting-specific controls. Team ownership governs administrative actions within a team—such as managing channels, settings, or member permissions—but does not influence meeting role assignments or in-meeting behaviors. A team owner does not automatically gain presenter status when joining a meeting unless explicitly assigned.

The messaging admin role pertains to global administrative capabilities rather than meeting-level interactions. Messaging administrators configure chat policies, messaging restrictions, and collaboration settings, but they do not determine user behavior in a specific meeting session. This role is entirely separate from the presenter-attendee framework used in Teams meetings.

Therefore, the presenter role is the essential requirement for enabling teachers to mute all students. It gives them full in-meeting control, preserves classroom structure, and supports effective teacher-led communication. By assigning teachers the presenter role, schools ensure that educators maintain control of the virtual classroom environment, enabling productive and organized instruction.

Question 188: 

Your organization wants all Teams recordings to expire after 30 days. What should you configure?

A) Recording expiration policies
B) OneDrive quotas
C) Retention labels
D) Teams device settings

Answer: A)

Explanation: 

Teams recordings are stored in OneDrive or SharePoint, depending on the type of meeting, and Microsoft provides recording expiration policies that allow organizations to automatically delete recordings after a set number of days. These expiration policies are designed to manage storage, reduce clutter, and align retention with organizational needs. When an organization wants all recordings to expire after 30 days, the configuration must directly target recording behavior, not storage limits or compliance labels. Recording expiration policies provide this dedicated control.

These policies ensure that every new recording is assigned a default expiration date, after which the file is automatically deleted unless extended by the user (if allowed) or overridden by admin settings. Applying a 30-day expiration helps organizations manage storage usage and avoid long-term retention of sensitive or unnecessary content. This automated system ensures consistency across all users without requiring manual cleanup.

OneDrive quotas, while related to storage capacity, cannot enforce expiration timelines. A quota determines how much storage space a user is allowed but does not automatically remove content or set time-based deletion rules. Even if storage fills up, files remain in place unless manually deleted.

Retention labels belong to Microsoft Purview and enforce compliance-oriented retention or deletion rules. Although they can control content lifecycle, they serve a different purpose than expiration policies. Retention labels apply compliance logic—such as preserving content for eDiscovery—but they do not operate as simple, universal expiration timers for recordings. Using retention labels instead of expiration policies risks creating conflicts between compliance requirements and operational storage management.

Teams device settings relate only to hardware-specific configurations, such as meeting room devices or Teams phones. These settings have no influence over cloud-stored content, recording duration, or deletion schedules.

Thus, configuring recording expiration policies is the correct approach to ensure that all Teams recordings expire after 30 days. This method provides automatic enforcement, consistency across the organization, and seamless integration with existing Teams storage and lifecycle management frameworks.

Question 189: 

You need to ensure certain users can create live events. What should you modify?

A) Live event policies
B) Meeting policies
C) App permission policies
D) Teams templates

Answer: A)

Explanation:

Live events in Microsoft Teams serve as large-scale broadcast-style sessions designed for presentations, company announcements, webinars, and structured viewer-based interactions. Because these events differ from standard meetings in scale and function, Microsoft provides dedicated live event policies that determine who can create, schedule, and produce live events. When an organization needs to ensure that only specific users can create live events, the configuration must focus on policies built for this purpose. Live event policies include settings for event creation permissions, attendee types, recording capabilities, and production options.

By modifying live event policies, administrators can define which users are allowed to schedule or produce events. These policies can be assigned selectively, ensuring that only authorized individuals—such as communications teams, executives, or marketing staff—receive permissions. This targeted approach maintains organizational control, prevents misuse of large-scale broadcast features, and ensures that live events remain professionally managed.

Meeting policies apply to regular Teams meetings rather than live events. While they govern recording options, lobby controls, audio permissions, and meeting layouts, they do not grant or restrict access to live event creation. Using meeting policies would not influence who can create broadcast events.

App permission policies focus on controlling which applications users can install or access within Teams. They are unrelated to event creation capabilities and do not control advanced collaboration features like live events.

Teams templates create predefined structures for teams, including channels, tabs, and apps suitable for specific workflows. While useful for organizational consistency, they do not influence live event permissions and cannot be used to grant or restrict event creation rights.

Thus, only live event policies provide the necessary configuration to enable or restrict the ability to create live events. These policies ensure that the organization maintains proper oversight of broadcast-level communications and prevents unauthorized or unplanned live sessions.

Question 190: 

Your company reports that users cannot upload files in Teams chats. What should you check?

A) OneDrive sharing settings
B) Teams update policy
C) Device compliance policy
D) Teams background settings

Answer: A)

Explanation: 

File sharing and uploading in Teams chats relies heavily on OneDrive for Business because chat files are stored in the sender’s OneDrive and permissions are automatically granted to recipients. When users report that they cannot upload files in Teams chats, the first and most logical step is to check the OneDrive sharing settings that govern whether users are allowed to share files externally or internally. Restrictive OneDrive policies—particularly those related to sharing links, organization-wide defaults, or block settings—can directly prevent chat file uploads because Teams depends on OneDrive’s ability to provision sharing links automatically.

If OneDrive settings block sharing or restrict link generation, the Teams client will fail when attempting to upload files in chat. This manifests as errors, disabled upload buttons, or failed file transfers. Checking these settings ensures that OneDrive is properly configured to allow file uploads from Teams.

Teams update policies determine when features become available but do not control permissions for file uploads in chats. Even if Teams is fully updated, restrictive OneDrive settings would still block the upload function.

Device compliance policies relate to conditional access and device security posture rather than file-sharing capabilities. While non-compliant devices may be prevented from accessing Teams, they do not selectively block chat file uploads.

Teams background settings control how video backgrounds behave in meetings and are entirely unrelated to file-sharing functionality.

Therefore, the most accurate and effective first troubleshooting step is checking OneDrive sharing settings, as they directly influence file upload capability in Teams chats.

Question 191: 

A Teams admin needs to prevent users from deleting chat messages. What should be configured?

A) Messaging policies
B) Meeting policies
C) Teams update policies
D) App permission policies

Answer: A)

Explanation: 

Messaging policies in Microsoft Teams are specifically designed to govern all aspects of user behavior within chats, including the ability to edit, delete, or otherwise modify messages after they have been sent. When an organization needs to enforce stricter control over how users interact in chat conversations, messaging policies become the central configuration point because they contain granular settings that directly affect these capabilities. By modifying the policy that applies to users—or by creating a new policy and assigning it to specific groups—administrators can explicitly disable message deletion. This ensures that once a user sends a chat message, it remains permanently visible unless a retention or compliance process removes it later, thereby protecting communication records and maintaining accurate conversation history.

Meeting policies, on the other hand, handle entirely different concerns focused on meeting functionality. These include settings related to meeting recordings, lobby behavior, who can present, screen sharing permissions, and breakout room usage, but they do not contain options that influence what happens inside chat threads. Therefore, meeting policies offer no capability to prevent users from deleting chat messages and would be ineffective for this scenario.

Teams update policies are concerned with the client update cycle, such as when new features are delivered to the Teams app. They influence update channels and rollout timing, but they have nothing to do with in-app user behavior or content management. Consequently, they cannot affect chat message deletion settings.

Similarly, app permission policies focus solely on regulating which third-party or Microsoft apps users can install or access within Teams. These policies help organizations enforce the use of approved apps and block untrusted ones, but they do not interfere with the messaging experience or govern actions like deleting messages.

Because the requirement explicitly involves preventing users from deleting their chat messages—and messaging policies are the only policy area where this capability exists—configuring messaging policies is the correct and only effective solution.

Question 192:

You must restrict external domains while still allowing communication with a few trusted partners. What should be used?

A) Allowed domains list
B) Global external access toggle
C) Guest access settings
D) Teams app setup policy

Answer: A)

Explanation: 

When an organization needs to manage which external domains its users are permitted to communicate with, the allowed domains list in the external access settings becomes the essential control mechanism. This list enables administrators to specify individual domains that are trusted and should be permitted for communication while automatically blocking all others. By operating in an allow-only mode, the organization ensures that communication is restricted to a small, explicitly defined set of partner domains, providing both security and precision. This selective approach is especially beneficial when the business works closely with a limited number of external entities and must maintain compliance or protect against unauthorized external interactions.

The global external access toggle, although part of the same configuration area, functions only as an on-off switch for external communication as a whole. When it is turned off, all external access is blocked, including legitimate partner domains; when it is turned on, communication is allowed with all permitted external tenants unless additional domain filtering is configured. Because the toggle does not allow fine-grained selection of individual domains, relying on it alone would not meet the requirement for restricting access to only a few trusted organizations.

Guest access settings operate under a separate model from external access. Guest access controls users who are invited inside the tenant as guests, giving them access to team resources and files. It does not regulate domain-based communication with external users who remain outside the organization’s tenant. Therefore, guest access is irrelevant for restricting external domain communication.

Teams app setup policies, meanwhile, handle the layout and visibility of apps within the Teams client. They are useful for customizing user experience but play no part in determining who can communicate with whom across domains.

Because only the allowed domains list provides the precise control required to selectively permit communication with specific external partners while blocking all others, it is the correct configuration to implement in this scenario.

Question 193: 

A school wants to disable student screen sharing in Teams meetings. What should be modified?

A) Meeting policies
B) Messaging policies
C) eDiscovery settings
D) SharePoint sharing configuration

Answer: A)

Explanation: 

Meeting policies in Microsoft Teams are specifically built to regulate meeting behavior, including what participants can do once inside a meeting. Screen sharing is one of the key capabilities that these policies control, allowing administrators to determine whether users can share their screens, windows, or applications during meetings. When a school wants to prevent students from sharing their screens, applying the appropriate meeting policy with screen-sharing disabled or restricted ensures that students are unable to display content, while staff or teachers may still retain the ability if assigned a different policy. This separation allows educational institutions to maintain structure, minimize disruptions, and prevent inappropriate or unauthorized content from being shared during instructional sessions.

Messaging policies, in contrast, affect text-based communication features such as chat message editing, deletion, link previews, and GIF usage, but they have no authority over meeting-specific capabilities like screen sharing. As a result, relying on messaging policies would not address the requirement and would leave screen-sharing behavior unchanged.

eDiscovery settings belong to the realm of compliance and legal discovery. They are designed to search, retain, and export organizational communication and content for investigation or regulatory needs. Because these settings have no effect on live meeting experiences or participant actions, they cannot disable or influence screen sharing within meetings.

SharePoint sharing configuration deals with how files can be shared inside and outside the organization. Although Teams relies on SharePoint for file storage, SharePoint settings do not impact real-time meeting activities, including screen sharing. Adjusting SharePoint settings would therefore have no effect on what students can present during a meeting.

Since the organization’s requirement specifically concerns disabling screen sharing in meetings for students, and meeting policies are the only place where screen-sharing controls reside, the correct approach is to modify the appropriate meeting policy.

Question 194: 

An organization wants to require moderators for all channel meetings. What should be configured?

A) Channel meeting moderation settings
B) Meeting recording policies
C) Live captions settings
D) Communication compliance

Answer: A)

Explanation: 

Channel meeting moderation settings in Microsoft Teams are designed to determine who can manage, schedule, or initiate meetings within a specific channel. When an organization requires that all channel meetings be handled by moderators—ensuring that only designated individuals can schedule or control meeting activities—the moderation settings become the essential configuration. These settings allow administrators to assign moderation roles to selected members who will be responsible for managing discussions, approving messages, and organizing channel meetings. By enabling moderation requirements, organizations can maintain structured communication, prevent unauthorized users from creating meetings, and ensure oversight in channels that require controlled interaction.

Meeting recording policies, although also related to meetings, serve a different purpose. These policies control who can record meetings, whether cloud recording is enabled, and how recordings are handled. They do not restrict who can schedule or moderate channel meetings. Thus, adjusting recording policies would not meet the requirement of enforcing moderator-controlled channel meetings.

Live captions settings determine whether captions can be turned on during meetings and who can enable them. While useful for accessibility, they have no effect on meeting ownership, scheduling, or moderation requirements. Changing caption settings cannot ensure that only moderators handle channel meetings.

Communication compliance serves as a monitoring tool that helps organizations detect inappropriate or sensitive content in communications across Teams. It is designed for compliance officers who need oversight into user behavior, but it does not provide any controls over meeting scheduling or channel moderation. Because it cannot enforce moderator requirements for channel meetings, it is irrelevant to this scenario.

Since the organization’s requirement focuses specifically on ensuring that moderators have exclusive control of channel meetings, only channel meeting moderation settings provide the necessary configuration. They allow administrators to limit who can schedule meetings, manage sessions, and maintain oversight within the channel, making them the correct choice.

Question 195: 

You want users to use only approved third-party apps in Teams. What should be configured?

A) App permission policies
B) App setup policies
C) Teams update policies
D) Conditional access

Answer: A)

Explanation: 

App permission policies in Microsoft Teams allow administrators to specify exactly which apps users can access within the Teams environment. When an organization only wants users to use approved third-party apps, these policies provide the granular control needed to allow specific applications while blocking all others. App permission policies support allow-only mode, block-specific mode, and organization-wide app control, giving administrators the flexibility to limit app usage to only the set of third-party tools that the organization has vetted. This ensures compliance with security standards, prevents data loss through untrusted apps, and maintains uniformity in the user experience.

In contrast, app setup policies determine which apps are pinned or shown by default in the Teams sidebar. They influence layout, visibility, and app placement, but they do not restrict users from installing or accessing additional apps that are not pinned. Even if an app setup policy hides certain apps, users might still access them unless blocked through permission policies. Therefore, app setup policies cannot enforce the requirement for using only approved third-party apps.

Teams update policies control how and when teams receive client updates. They are focused on the deployment and release management of the Teams client application, not on controlling which apps users can install or interact with. As such, update policies have no relevance to managing app permissions or restricting third-party app usage.

Conditional access policies apply at the authentication and access level. They manage where and how users can sign in, such as based on location, device compliance, or risk. However, they do not offer any controls over in-application features such as third-party app access inside Teams. Because conditional access does not regulate app usage, it is not suitable for ensuring that only approved third-party apps can be used.

Given these distinctions, app permission policies are the only configuration that can directly restrict access to unapproved third-party apps while allowing permitted apps.

Question 196: 

A company wants PSTN users to hear a greeting and be routed to different departments. What should be created?

A) Auto attendant
B) Call queue
C) Caller ID policy
D) Teams device policy

Answer: A)

Explanation: 

Auto attendants in Microsoft Teams are specifically designed to handle automated call routing, greetings, and menu navigation. When a company wants PSTN callers to hear a greeting before being directed to the appropriate department, an auto attendant is the correct tool because it allows administrators to configure custom audio messages and create menu options that callers can interact with using voice commands or keypad inputs. These attendants can forward calls to call queues, users, voice-enabled channels, or external numbers, making them highly flexible for organizations needing structured, multi-step call flows. By using an auto attendant, a company can easily create a welcoming first layer of interaction that guides callers efficiently to the right department without manual intervention.

Call queues, while essential in many call routing scenarios, are designed to handle calls after routing has already occurred. They distribute calls to available agents, provide hold music, and ensure callers are queued fairly. However, they do not provide initial greetings or menu navigation. They depend on an auto attendant or direct routing input to receive calls. Therefore, call queues alone cannot fulfill the requirement of presenting a greeting and routing callers to different departments based on caller choices.

Caller ID policies regulate what number users present when making outbound calls. These are helpful for branding and privacy but have no bearing on call flow, routing, or automated greetings. They cannot support the scenario of directing callers through departments.

Teams device policies are designed to manage the behavior of certified Teams hardware such as desk phones, displays, and conferencing devices. They determine settings like sign-in behavior, user interface features, and device control. These policies do not affect incoming PSTN call routing, greetings, or automated call handling.

Because the requirement explicitly involves playing a greeting and routing callers through multiple options—functions that only auto attendants provide—the proper configuration is to create an auto attendant.

Question 197: 

You must stop employees from creating new Teams while preserving access to existing ones. What should be used?

A) Teams creation restrictions via Azure AD group
B) Teams admin roles
C) Conditional access
D) Sensitivity labeling

Answer: A)

Explanation: 

Teams creation restrictions using an Azure AD group allow organizations to precisely control who can create new Microsoft 365 Groups, which in turn limits who can create new Teams. This method works because every new team in Microsoft Teams corresponds to a Microsoft 365 Group. By configuring Azure AD to restrict group creation to members of a specific security group, administrators ensure that only approved individuals—typically IT staff or department leads—possess the ability to create new Teams. Meanwhile, all other users can continue participating in existing Teams and retain full access to their current collaboration spaces without being able to generate new ones. This separation supports governance, prevents unnecessary team sprawl, and avoids confusion that arises from uncontrolled team creation.

Teams admin roles, while crucial for assigning administrative privileges, do not directly control whether a user can create a new Team. These roles include various administrative scopes such as managing messaging, calling, or devices, but they do not govern group creation rights. Even without admin roles, users may still create Teams unless Azure AD restrictions are applied. Therefore, admin roles cannot enforce the requirement.

Conditional access governs how users authenticate into Microsoft 365, focusing on location, device compliance, session risk, or login behavior. Although essential for security posture, conditional access policies cannot control the ability to create Teams or Microsoft 365 Groups. They operate at the sign-in level, not at the resource creation level.

Sensitivity labeling helps organizations classify and protect content based on confidentiality requirements. While.labels can be applied to teams to enforce privacy settings and external sharing rules, they do not control whether a team can be created in the first place.

Because only Azure AD group-based restrictions directly affect who can create new Teams, this is the correct method to preserve existing access while stopping new Team creation.

Question 198: 

You want to automatically block sensitive information from being posted in Teams chats. Which tool should you use?

A) Data Loss Prevention (DLP)
B) Teams update policy
C) Retention labels
D) Teams app setup policies

Answer: A)

Explanation: 

Data Loss Prevention (DLP) is the primary tool for automatically detecting, blocking, and controlling sensitive information shared within Microsoft Teams chats and channel messages. DLP policies allow administrators to define rules that identify patterns related to sensitive data—such as financial information, personal identification numbers, health records, confidential documents, and other regulated data—and determine what should happen when such data is detected. DLP can block the message entirely, warn the user, or log the event for reporting. With DLP in place, organizations can ensure that employees do not inadvertently or intentionally share sensitive data in conversations, preserving regulatory compliance and protecting organizational information assets.

Teams update policies, by contrast, regulate the timing and method of delivering updates to the Teams app. These policies influence the refresh cycle of the Teams client and determine when users receive new features, but they do not perform any analysis on message content and cannot block or inspect sensitive information.

Retention labels help organizations determine how long content should be stored and when it should be deleted for compliance or lifecycle management purposes. They apply to files, chat messages, emails, and documents but do not actively prevent sensitive content from being sent. Retention governs the lifespan of content after it is created, not the permissible content at the moment of submission.

Teams app setup policies modify the layout of the Teams app by controlling which apps are pinned or displayed for users. These policies influence user experience but are completely unrelated to content analysis or data protection.

Since the requirement is to automatically block sensitive information from being posted in chats—and DLP is the only system capable of real-time scanning and enforcement—Data Loss Prevention is the correct solution.

Question 199: 

Employees must not upload files when chatting with external users. What should be configured?

A) External sharing settings in SharePoint
B) App setup policies
C) Teams messaging policies
D) Meeting policies

Answer: C)

Explanation: 

Teams messaging policies offer administrators the ability to precisely control how users interact within chats, including features related to file sharing, media usage, link previews, and more. When an organization needs to prevent employees from uploading files specifically when chatting with external users, messaging policies provide the required file-sharing controls. Administrators can disable file sharing entirely or restrict it under certain conditions, such as external or federated chats. By applying the appropriate messaging policy to users, employees will be able to continue chatting with external participants but will lose the ability to upload files in those conversations. This prevents potential data leakage, protects sensitive information, and ensures external collaboration stays text-based without compromising security.

External sharing settings in SharePoint govern how files stored in SharePoint and OneDrive can be shared externally. Although Teams stores files in SharePoint when shared in channels or private chat, the act of uploading a file inside a Teams chat with an external user is controlled by Teams messaging policies, not SharePoint settings. SharePoint’s external settings affect link-based access to shared documents but cannot disable the upload function inside the Teams chat box.

App setup policies customize app layout and determine which apps are pinned or available in the Teams client. They do not regulate file-sharing permissions or block the ability to upload files in chats. Modifying them would not impact external chat interactions.

Meeting policies regulate meeting behavior such as screen sharing, recording, breakout rooms, and attendee permissions. These policies affect activity only inside meetings, not in chat conversations. Therefore, they offer no mechanism to restrict file uploads during external chats.

Question 200: 

Your company wants to assign a custom Teams app layout to executives. What should you configure?

A) App setup policy
B) App permission policy
C) Meeting policy
D) Voice routing policy

Answer: A)

Explanation:

App setup policies in Microsoft Teams enable administrators to control the app experience for different user groups by determining which applications appear in the Teams app, in what order, and whether they are pinned to the sidebar. When a company wants to assign a custom Teams app layout to executives, app setup policies are the precise tool to achieve this. Administrators can create a custom policy that includes the specific apps executives should see—such as executive dashboards, analytics tools, approvals apps, or communication channels—and arrange them in a preferred order. This ensures that the executive team has immediate access to the tools they need, streamlines their experience, and supports productivity through a curated, consistent interface.

App permission policies define which apps users are allowed or blocked from using. Although these can ensure that executives access only approved apps, they do not control layout or arrangement. Permission policies determine app availability but cannot customize the interface or pin apps.

Meeting policies manage the behavior and capabilities available in Microsoft Teams meetings, such as screen sharing, meeting chat, recording permissions, and presenter rights. These settings are essential for governing meeting behavior but offer no controls related to app arrangement or sidebar customization.

Voice routing policies apply only to telephony functionality for organizations using Teams Phone. They determine how outbound PSTN calls are routed, which trunks are used, and what calling paths are available to users. Voice routing settings do not affect the Teams app layout or control access to apps.

Because the requirement centers specifically on customizing the Teams interface for executives—a function that app setup policies alone provide—the correct configuration is to create and assign an app setup policy.