Microsoft MS-700 Microsoft 365 Certified: Teams Administrator Associate Exam Dumps and Practice Test Questions Set 8 Q141-160

Visit here for our full Microsoft MS-700 exam dumps and practice test questions.

Question 141: 

You need to prevent users from sending voice messages in Teams chats. What should you configure?

A) Messaging policy
B) Teams update policy
C) App setup policy
D) External access policy

Answer: A)

Explanation:

Controlling whether users can send voice messages within Microsoft Teams chat relies entirely on the configuration options available within the messaging policy framework. The messaging policy is designed to govern all chat-related functions, which include sending voice messages, editing chat content, using chat features such as GIFs, stickers, read receipts, and a variety of other communication controls. Because voice messaging is a core chat capability inside the Teams client, the only administrative control point that contains the relevant toggle is the messaging policy assigned to users. By modifying this setting, administrators can immediately restrict or allow this functionality at the user or group level, ensuring precise control over communication features while maintaining compliance, governance, or operational policies.

When examining the Teams update policy, it becomes clear that this policy’s purpose is unrelated to communication controls. Instead, the update policy regulates how new Teams client updates are rolled out across devices and platforms. This includes determining whether users receive updates manually or automatically and whether they have early access to new features. None of these update behaviors influence the availability of voice messages, so configuring this policy would have no impact on users sending audio messages.

The app setup policy focuses exclusively on how apps appear within the Teams interface. It allows administrators to specify which apps are pinned, how apps are arranged, and what apps automatically install for users. While app placement influences the user’s interface experience, it does not provide functionality to disable or enable chat-based features such as voice messaging. Therefore, app setup policy is not relevant to achieving the requirement.

The external access policy manages how users in the organization communicate with external domains via Teams. This includes controlling whether external users can contact internal users and vice versa. Because voice messages in this scenario apply to internal users sending audio messages within internal chats, external access has no bearing on disabling or enabling this feature.

Given these distinctions, the only configuration that directly controls whether users can send voice messages is the messaging policy. By adjusting its settings, the administrator gains fine-grained control over internal chat features. This makes messaging policy the only correct mechanism for achieving the stated objective, and therefore the correct answer.

Question 142: 

You want frontline workers to sign out automatically from shared mobile devices after inactivity. What should you configure?

A) Shared device mode
B) Conditional Access policy
C) App permission policy
D) Teams calling policy

Answer: A)

Explanation: 

The requirement to automatically sign out frontline workers from shared mobile devices after inactivity aligns directly with the capabilities provided by shared device mode. Shared device mode is specifically designed for environments where multiple users operate the same device throughout a shift or workday. In such scenarios, ensuring that data from one shift worker does not remain accessible to the next is critical. Shared device mode introduces identity controls, streamlined authentication, session separation, and most importantly, automatic sign-out options that can function based on inactivity or administrator-defined triggers. By implementing shared device mode, organizations ensure that device sessions remain secure, isolated, and well-controlled without depending solely on user behavior.

Conditional Access policies, while powerful, do not provide automatic inactivity sign-out on mobile devices in the manner required. Conditional Access controls authentication conditions, session safety requirements, multifactor enforcement, and device compliance, but it does not perform automated, device-level sign-out when a user stops interacting with the device. Inactivity timers tied to conditional access primarily relate to token lifetime or reauthentication rules, not real-time session termination needed for shared frontline environments.

App permission policies define which applications users can access within the Teams environment. These policies govern the ability to install, use, or interact with apps, particularly third-party or custom apps. However, app permission policy has no relationship to device session management, inactivity behavior, or account sign-out processes on mobile devices.

Teams calling policies are designed to manage voice and call-related functionalities. They define whether users can make PSTN calls, transfer calls, forward calls, or use advanced calling features. Calling policies focus exclusively on telephony features rather than device identity management. They do not provide any capability to trigger automatic sign-out for inactivity.

Because shared device mode is the only option among the listed choices that provides the required behavior—automatic sign-out for frontline workers using shared mobile devices—it is the correct and most appropriate solution. Organizations using Teams on shared corporate devices rely heavily on shared device mode to maintain security and prevent cross-shift data exposure. Therefore, the correct answer is shared device mode.

Question 143: 

A manager wants only owners to delete messages in a specific Team. What should you modify?

A) Team settings
B) Retention policy
C) App setup policy
D) External sharing policy

Answer: A)

Explanation: 

Controlling who may delete messages within a specific Microsoft Team requires modifying the internal Team settings associated with that team. Team settings include permissions that govern member and owner capabilities, such as whether members can delete their own messages, whether owners have exclusive delete rights, and whether message editing or channel creation is permitted. These granular controls allow Teams administrators or owners to tailor the collaboration environment based on organizational governance, sensitivity of information being shared, or managerial oversight requirements. When only Team owners should delete messages, the appropriate configuration is made directly within the settings of that particular Team, ensuring the permission applies only within that context and not globally to the tenant.

Retention policies provide a completely different type of control. Retention policies dictate how long content—such as Teams messages, documents, and emails—must be preserved before deletion or before compliance-driven removal. These policies function at a compliance level rather than a manual deletion level. They do not determine who can delete individual messages; instead, they determine when content must remain available or when it may be cleanly removed according to the organization’s regulatory requirements. Therefore, they are irrelevant to controlling delete permissions.

App setup policies deal with the arrangement and availability of applications within the Teams interface. They enable administrators to choose which apps appear pinned by default, which apps install automatically, and how users interact with app layouts. These settings have no connection to permissions for deleting messages, so they cannot satisfy the requirement.

External sharing policies are used to regulate how content in SharePoint and OneDrive is shared outside the organization. While Teams channels rely on SharePoint for file storage, these policies do not influence chat or message-level permissions within Teams conversations. Because the question pertains specifically to chat message deletion within a Team, external sharing provides no relevant control.

Thus, Team settings are the correct and only configuration mechanism that meets the requirement of allowing only Team owners to delete messages within a specific Team. This tool offers the granular control necessary to manage message deletion privileges at the Team level, making Team settings the correct answer.

Question 144: 

You want to audit when users create new Teams channels. What should you enable?

A) Audit logging
B) Compliance recordings
C) Retention labels
D) DLP rules

Answer: A)

Explanation: 

Auditing user actions such as creating new Teams channels requires enabling audit logging within the Microsoft 365 ecosystem. Audit logging is a core capability used to track security-relevant and administrative activities across Microsoft 365 services, including Teams, SharePoint, Exchange, and other integrated components. When audit logging is enabled, events such as channel creation, channel deletion, membership changes, team creation, configuration modifications, and other operational activities are captured and recorded. These logs become accessible through the Microsoft Purview compliance portal, where administrators can search, filter, export, and analyze them for security investigations, compliance reviews, or operational monitoring. Because Teams channel creation is classified as an administrative action within Teams, enabling audit logging is the necessary control to capture that event.

Compliance recordings are designed for organizations with regulatory or industry requirements that mandate recording of communications. These recordings often capture meetings, audio interactions, and sometimes video or screen sharing content. Their purpose is to ensure compliance in industries such as finance or healthcare, but they do not track or log administrative events like channel creation. Therefore, compliance recordings do not help with auditing channel creation activity.

Retention labels are intended to manage content lifecycle behavior. These labels define how long content should be stored, when it may be deleted, and how content is classified for compliance purposes. While useful for document governance and compliance, retention labels do not provide auditing functionality. They cannot detect or record when a user creates a new channel.

Data Loss Prevention (DLP) rules control the transmission of sensitive data within messages, documents, and communication channels. DLP helps prevent the accidental or intentional sharing of confidential information. However, DLP does not record administrative or structural changes within Teams. It does not track channel creation events.

Since the goal is to detect and audit the creation of new Teams channels, enabling audit logging is the only solution that provides comprehensive, searchable records of such activity. Once enabled, audit logs provide detailed visibility and support compliance and security use cases. Thus, audit logging is the correct answer.

Question 145: 

You want to restrict a subset of users from creating new Teams. What should you configure?

A) Azure AD group-based Teams creation permissions
B) Meeting policy
C) Teams calling policy
D) App permission policy

Answer: A)

Explanation: 

Restricting which users can create new Teams requires controlling the creation permissions for Microsoft 365 Groups, because every new Team is backed by a Microsoft 365 Group. Azure AD group-based Teams creation permissions allow administrators to define exactly which users or security groups have the authority to create new groups. By placing users in a controlled, administrator-approved security group, organizations can ensure that only designated individuals have the ability to create Teams. This prevents excessive Team sprawl, reduces administrative overhead, and aligns with governance frameworks that many organizations must follow. Because the ability to create Microsoft 365 Groups directly controls the ability to create Teams, this method is the correct and only option that achieves the desired restriction.

Meeting policies determine which meeting features users can access. They can define whether users may share screens, record meetings, enable transcription, or join anonymously. However, meeting policies have absolutely no connection to group or Team creation permissions. Applying meeting policies would not restrict users from creating new Teams.

Teams calling policies control voice-related behaviors. These settings regulate call forwarding, call delegation, PSTN usage, voicemail functionality, and related telephony features. They do not influence the creation or management of Teams or Microsoft 365 Groups, so they cannot meet the requirement.

App permission policies govern access to applications within Teams. They dictate whether users can install or use certain apps, particularly third-party or custom applications. While these policies are important for managing app governance, they do not play any role in determining who may create Teams.

Therefore, the only configuration that fulfills the requirement is Azure AD group-based Teams creation permissions, making it the correct answer.

Question 146: 

You want users to always join meetings muted. Where is this configured?

A) Meeting policy
B) Messaging policy
C) App setup policy
D) Teams client settings

Answer: A)

Explanation:

Configuring users to always join meetings in a muted state requires modifying a meeting policy because this policy directly governs audio, video, and behavioral defaults for meetings across the organization. A meeting policy provides administrators with granular control over how attendees join meetings, whether features are enabled, and what behaviors are applied automatically. Within these settings, the ability to specify whether participants join muted is embedded as a core meeting behavior. By adjusting this policy, organizations can ensure consistency, reduce interruptions, and maintain a predictable meeting environment. This is especially important in large organizations, educational institutions, or environments where disruptions from unmuted users can negatively affect meeting flow or privacy. Meeting policy settings apply at the identity level, making them the authoritative method for enforcing muted entry.

Messaging policies, while powerful, govern an entirely different set of capabilities. These policies address chat-based behaviors such as deleting messages, sending voice messages, editing message content, or using chat features like GIFs and reactions. Messaging policies do not influence meeting audio or how a participant’s microphone behaves upon joining. Because messaging controls apply only to chats and channels, they cannot be used to enforce muted meeting entry.

App setup policies determine the layout and availability of apps within the Teams client. These policies instruct which apps users see, which apps are pinned, and how the app interface is structured. Their function focuses on user interface consistency, onboarding, and app management rather than meeting behavior. As such, app setup policies have no connection to microphone controls.

Client-side settings refer to configurable preferences on the user’s local Teams app. While users can choose to mute themselves manually upon joining, these settings are voluntary and cannot be centrally enforced. Organizations that require consistent behavior across all users cannot rely on client-side settings because users may override them, ignore them, or misconfigure them. Only centrally managed meeting policies enforce organization-wide defaults.

Given these distinctions, the only option capable of enforcing muted meeting entry for users is the meeting policy. This setting ensures that all users governed by that policy join meetings muted automatically, providing consistency, control, and compliance with organizational standards. Therefore, meeting policy is the correct answer.

Question 147: 

An engineer needs to monitor call quality trends for specific users. What should they use?

A) Call Quality Dashboard
B) Teams Admin Center policy report
C) Viva Insights
D) eDiscovery search

Answer: A)

Explanation: 

Monitoring call quality trends for specific users requires a tool capable of collecting, analyzing, and presenting detailed telemetry related to audio, video, device performance, network reliability, and call characteristics. The Call Quality Dashboard provides exactly this capability. It is specifically designed for administrators and support engineers who need visibility into call and meeting performance. The dashboard aggregates user-level and organization-level data, enabling the identification of quality degradation, device-related issues, poor network connectivity, jitter, packet loss, and other factors affecting collaboration quality. It also offers filtering, segmentation, and correlation features, allowing administrators to focus on specific users, departments, or situational trends. Because it provides historical and real-time insights, it is the primary tool within Microsoft Teams for diagnosing call issues and monitoring performance trends.

Policy reports within the Teams Admin Center are far more limited. These reports show the distribution and assignment of different Teams policies across the user population. While useful for understanding policy deployment and compliance, they do not provide call analytics, quality metrics, device insights, or network performance details. They cannot provide the trend analysis required in this scenario.

Viva Insights focuses on employee productivity, wellbeing trends, collaboration habits, and organizational behavioral patterns. It is not designed to diagnose technical issues or evaluate audio and video performance. Viva Insights provides no call telemetry data, making it unsuitable for monitoring call quality.

eDiscovery search is part of Microsoft’s compliance suite, intended for legal investigations, content retrieval, and preservation. It allows authorized personnel to search emails, chats, files, and other content for legal, regulatory, or internal review needs. eDiscovery does not gather performance data or analyze call quality.

Based on these distinctions, the Call Quality Dashboard is the only option capable of delivering user-specific call quality insights. It provides deep analytics, longitudinal trends, and operational data needed for troubleshooting or optimizing the Teams experience. Therefore, it is the correct answer.

Question 148: 

You must prevent users from installing third-party apps in Teams. What should you configure?

A) App permission policy
B) App setup policy
C) Meeting policy
D) Calling policy

Answer: A)

Explanation: 

Preventing users from installing third-party apps in Teams requires controlling which applications are available to them, and this capability exists exclusively within an app permission policy. App permission policies allow administrators to explicitly allow, block, or limit access to third-party, Microsoft, and custom applications. Through this policy type, administrators can disable the entire “third-party apps” category, restrict access selectively, or apply different permissions to specific user groups such as frontline workers, students, executives, or contractors. This approach ensures governance compliance, reduces security risks from unauthorized integrations, and maintains a predictable Teams environment. Because the requirement involves regulating app installation and availability, app permission policy is the precise tool for achieving the desired restriction.

App setup policies have a different purpose. They control how apps appear inside the Teams client, which apps are pinned, which apps launch automatically, and how app interfaces are arranged. Although useful for defining user experience and app placement, they do not restrict whether apps can be installed or accessed. App setup policies influence visibility, not permission.

Meeting policies regulate meeting behaviors. These include settings related to chat availability, screen sharing, recording, transcription, and participant-level controls. Meeting policies do not govern app installation or access, so they cannot satisfy the requirement.

Calling policies define telephony-related features such as call forwarding, delegation, PSTN usage, voicemail behavior, and emergency calling configurations. They affect only call functionality and do not interact with app installation capabilities.

Given these contrasts, the only tool that directly controls whether users can install or access third-party applications is the app permission policy. Applying this policy ensures that third-party apps are blocked for targeted users or for the entire organization. Therefore, app permission policy is the correct answer.

Question 149:

You want to block screen sharing for students but allow it for teachers. What should you assign?

A) Two different meeting policies
B) Two different messaging policies
C) Two different update policies
D) Two different calling policies

Answer: A)

Explanation: 

Blocking screen sharing for one group of users while allowing it for another requires using meeting policies because meeting policies control all screen sharing and content-sharing permissions within Teams. These policies allow administrators to define whether users can share their screen, share specific windows, use PowerPoint Live, or present content. Meeting policies can be assigned at a per-user level or to groups, enabling organizations to implement differentiated access models. In educational environments, for example, teachers may need full sharing capabilities for instruction, while students may require restricted privileges to prevent disruptions or unauthorized content sharing. Because meeting policies support flexible user targeting and granular sharing controls, assigning two different policies—one for teachers and one for students—is the correct approach.

Messaging policies govern chat behavior, including message deletion, voice messaging, chat editing, and similar capabilities. They do not control screen sharing, so applying separate messaging policies would not change screen sharing behavior.

Teams update policies regulate the cadence at which client updates are released. These policies manage preview access and update channels but do not control screen sharing, meeting features, or presentation capabilities.

Calling policies regulate features such as outbound calling, call forwarding, caller ID presentation, voicemail options, and other call-centric settings. While important for telephony management, they do not influence meeting presentation features.

Meeting policies uniquely control screen sharing permissions, and assigning two different policies is the only effective way to differentiate privileges between students and teachers. Therefore, meeting policies are the correct answer.

Question 150: 

Your company wants meeting chats disabled after meetings end. What should you configure?

A) Meeting policy
B) Messaging policy
C) Teams app permission policy
D) Guest access settings

Answer: A)

Explanation: 

Disabling meeting chats after meetings end requires configuring a meeting policy because this policy controls meeting chat behavior before, during, and after the meeting. Meeting policies allow administrators to choose whether chat is enabled at all, available only during the meeting, or available both during and after. If an organization wants meeting chat locked or disabled once the meeting concludes, this setting must be applied in the meeting policy assigned to users. This ensures that participants cannot continue conversations after the session has ended, helping institutions such as schools, financial organizations, and regulated industries maintain compliance, prevent inappropriate post-meeting discussion, or ensure that all official communication occurs through supervised channels.

Messaging policies focus on general chat behavior, including deleting messages, sending voice messages, or editing content. While messaging policies influence chat in channels or 1:1 chats, they do not control the lifecycle of meeting chats specifically. Therefore, they cannot enforce disabling meeting chat after meetings end.

Teams app permission policies regulate which apps users can access, including blocking or allowing third-party or custom apps. They have no relationship to meeting chat availability.

Guest access settings determine what external or guest users can do within Teams. These include permissions for calling, meeting participation, and limited chat capabilities. However, they do not control post-meeting chat functionality for internal users.

Because only a meeting policy includes the setting that governs whether meeting chats remain available after meetings conclude, it is the correct configuration to meet this requirement.

Question 151: 

You need to ensure only your organization’s help-desk team can manage Teams call queues. What should you assign?

A) Teams communications administrator role
B) Teams device administrator role
C) SharePoint administrator role
D) Global reader role

Answer: A)

Explanation: 

Ensuring that only a designated help-desk team can manage call queues requires assigning a role that is explicitly designed for handling Teams voice components. The Teams communications administrator role is the purpose-built role for this type of responsibility. It allows individuals to oversee configuration and management of voice workloads, which include auto attendants, call queues, caller routing behavior, resource accounts, and call-flow design. Because call queues are core telephony elements involving call distribution, greetings, agent assignments, and overflow handling, Microsoft created this role so organizations can delegate voice administration without giving overly broad tenant-wide rights. Assigning this role allows help-desk users to troubleshoot, modify, and maintain call queues without granting control over areas such as SharePoint, Exchange, conditional access, or global administrative controls.

The Teams device administrator role focuses entirely on Microsoft Teams-compatible physical devices. These include Teams Rooms systems, desk phones, displays, and hardware endpoints. This role allows the holder to perform tasks such as rebooting devices, updating firmware, applying device configurations, and monitoring device health. Although devices and voice workloads both fall under the Teams umbrella, they are separate disciplines. Device administrators do not receive the permissions necessary to configure or manage call queues, assign call agents, or alter telephony routing logic.

The SharePoint administrator role is unrelated to Teams telephony. This role governs site collections, document libraries, permission models, content storage architecture, and sharing behaviors. SharePoint administrators handle file repositories and intranet structures but have no authority over Teams voice components or call-queue structures.

The global reader role provides read-only access across the Microsoft 365 environment. It is commonly used for auditors, managers, or oversight personnel who need visibility without administrative control. Global readers can observe call queue configurations but cannot create, modify, or administer them. Since the requirement involves granting the help-desk team operational control, read-only access is insufficient.

Because the Teams communications administrator role is the only role among the options specifically empowered to manage call queues and related telephony features without unnecessary administrative scope, it is the correct and most precise solution.

Question 152: 

A school wants to block students from chatting with external domains but allow teachers to do so. What should you use?

A) External access settings
B) Sensitivity labels
C) Retention labels
D) SharePoint sharing policies

Answer: A)

Explanation: 

Controlling whether different groups can communicate with external domains relies on external access settings, which govern federation and communication paths between Microsoft Teams users and outside organizations. External access allows administrators to define which domains, user groups, or identity types are permitted to initiate or receive messages, calls, and meetings with the organization. Because the requirement involves enabling teachers to communicate externally while preventing students from doing the same, external access must be configured using group-based or identity-based targeting. By applying differentiated external access configurations, administrators can block external communication for students while leaving teachers unrestricted. This segmentation provides flexible communication controls aligned with security, safety, or educational policies.

Sensitivity labels serve a completely different function. These labels classify documents, emails, Teams sites, and channels based on business sensitivity. They control encryption, access restrictions, and content classification—not who can message external users. While sensitivity labels can restrict external sharing of content, they do not block or allow chat or communication with external domains.

Retention labels focus on data lifecycle management. They determine how long messages, documents, and other records must be preserved before deletion. Although important for compliance and regulatory requirements, retention labels do not influence communication ability, federation, or external chat access.

SharePoint sharing policies regulate how files stored in SharePoint and OneDrive may be shared with external parties. These policies define whether sharing links may be used, whether external users may access files, and the level of restriction applied to file collaboration. However, they do not control Teams chat or messaging capabilities. Blocking external chats requires a policy at the communication-layer, not the file-sharing layer.

Given these distinctions, external access settings are the only configuration that directly controls the ability of users to chat with external domains. Therefore, external access is the correct answer.

Question 153: 

You must ensure that important Teams channels cannot be deleted by members. What should you adjust?

A) Team settings to restrict member permissions
B) Meeting policies
C) Teams update policies
D) App permission policies

Answer: A)

Explanation: 

Protecting important Teams channels from deletion requires adjusting Team settings that control member permissions. Team settings provide owners with fine-grained control over what members can do within the team, including whether they can delete messages, create channels, edit channels, or delete channels. By disabling the ability for members to delete channels, owners ensure that only individuals with elevated control—typically owners—can perform such actions. This prevents accidental removal of critical collaboration spaces and protects the integrity of project-related information. Adjusting these settings is precise, targeted, and affects only the specific team rather than applying organization-wide restrictions.

Meeting policies, on the other hand, govern behaviors related to Teams meetings such as screen sharing, recording, chat availability, and attendee permissions. They do not interact with team or channel management functionality. Meeting policies focus entirely on meeting-level features rather than structural team management.

Teams update policies determine how the Teams client receives feature releases and updates, including whether users get early access to preview features. These policies help control client behavior, not permission configurations for channel deletion. They cannot prevent members from deleting channels.

App permission policies regulate which applications users can access inside Teams. These can restrict third-party apps, Microsoft apps, or custom apps, but have no influence over channel creation or deletion. App permission controls operate at the app-availability layer, not the collaboration-structure layer.

Because the only option that directly restricts member actions within a team is the Team settings that govern member permissions, adjusting these settings is the correct and effective solution to prevent unauthorized channel deletion.

Question 154: 

Users report they cannot find newly added custom Teams apps. What should you verify?

A) App setup policy
B) Data loss prevention policy
C) Power Automate flows
D) Conditional access MFA settings

Answer: A)

Explanation: 

When users cannot find newly added custom apps in Microsoft Teams, the most relevant configuration to verify is the app setup policy. App setup policies determine how apps appear within the Teams client, including which apps are pinned by default, which apps load automatically, and whether specific custom apps are made available to users. If a custom app is properly uploaded but does not appear, the app setup policy may have excluded it, failed to pin it, or given users a layout that hides new apps. Reviewing this policy ensures that the custom app is visible, pinned if necessary, and accessible according to organizational design. It also verifies whether custom apps are allowed at all, as organizations can disable the ability to use custom apps globally or for certain groups.

Data Loss Prevention (DLP) policies monitor and restrict sensitive data content flows across Microsoft 365. While DLP plays a major security role in preventing sensitive information from being transmitted improperly, it has no impact on the visibility or availability of apps. DLP policies examine content, not user interface or app placement.

Power Automate flows govern automation processes and task-based integrations, but they do not control the Teams UI or availability of apps. Even if custom apps include automation components, Power Automate does not determine whether users see the app inside Teams.

Conditional access MFA settings manage authentication requirements, access controls, device compliance, and sign-in behavior. While essential for secure access to Teams, these settings do not dictate UI layout, app placement, or visibility of custom apps.

Therefore, app setup policies remain the correct configuration to review when users cannot locate new custom apps in Teams.

Question 155: 

You need to ensure meeting organizers cannot allow attendees to unmute themselves. Where is this controlled?

A) Teams meeting policies
B) Teams app setup policies
C) SharePoint site policies
D) Mobile device management profiles

Answer: A)

Explanation:

Controlling whether meeting organizers can restrict attendees from unmuting themselves is governed by Teams meeting policies. Meeting policies contain settings that define participant audio permissions, presenter controls, lobby behavior, recording permissions, and content sharing rules. Among these settings is the control that determines whether attendees are allowed to unmute themselves or whether organizers retain exclusive control over audio management. This feature is critical in scenarios such as classrooms, large webinars, training sessions, or meetings where minimizing disruptions is essential. By configuring the meeting policy appropriately, administrators can ensure organizers have the authority to enforce strict audio discipline across meetings.

App setup policies focus solely on app placement and layout. They control which apps are pinned, which apps are installed automatically, and how they appear in the Teams interface. These policies do not influence meeting behavior, microphone controls, or attendee permissions.

SharePoint site policies control file retention, site access, sharing permissions, and storage lifecycle rules. These policies do not impact Teams meeting audio functionality, nor do they provide controls over unmuting behavior.

Mobile device management (MDM) profiles manage device security, compliance settings, and configuration profiles for mobile endpoints. While MDM can enforce device-level restrictions or app configurations, it cannot modify user permissions or behavior inside Teams meetings.

Because meeting policies are the only policies that govern audio interaction and attendee unmuting privileges, they are the correct solution to ensure organizers can prevent attendees from unmuting themselves.

Question 156: 

A team wants files shared in their channel stored automatically in a secure departmental library. What should you configure?

A) A SharePoint connected site for the team
B) A retention lock
C) Direct Routing
D) Azure AD dynamic device group

Answer: A)

Explanation: 

When determining how files shared within Teams channels should be stored in a controlled, secure, and departmental repository, it is essential to understand how Teams interacts with SharePoint. Every standard channel in a team automatically stores its files in the default document library of the team-connected SharePoint site. Therefore, ensuring that content is directed to the correct departmental library requires proper configuration of that connected SharePoint site. By establishing or modifying the SharePoint site associated with the team, administrators can ensure that shared files align with departmental governance, classification, and access rules. This design leverages the natural integration between Teams and SharePoint and ensures that files remain structured, secure, and consistently accessible through the team’s interface.

Retention lock, although useful for regulatory compliance, does not influence where files are stored. It is designed to prevent content from being deleted or altered until the retention period has passed. Because the aim is to guide storage location rather than enforce immutability, it cannot be used as a mechanism to ensure files reach the correct departmental library. It protects content but does not redirect or structure it.

Direct Routing relates to enabling PSTN telephony connectivity through on-premises session border controllers. It plays no role in file storage, document libraries, SharePoint architecture, or Teams content organization. Its purpose is entirely within the domain of voice services and therefore has no relevance to channel file placement.

Azure AD dynamic device groups manage collections of devices in the directory based on criteria such as operating system or compliance status. These groups assist with device targeting for policies, applications, or configurations. They have no influence whatsoever on where Teams stores channel files. Device grouping and directory automation do not intersect with SharePoint library mapping or channel file storage.

Thus, ensuring that files uploaded in Teams channels automatically land in a designated secure departmental repository requires focusing on the Teams-connected SharePoint site that underpins file storage for each channel. Adjusting this relationship or configuring the departmental library within that site is the only action that aligns with Teams’ underlying architecture. Therefore, the correct response is configuring the SharePoint connected site for the team.

Question 157: 

You must limit which users can create new Teams. Where can you enforce this?

A) Microsoft 365 group creation restrictions
B) Teams device update policies
C) Intune compliance policies
D) Exchange transport rules

Answer: A)

Explanation: 

Controlling who has the ability to create new Teams requires understanding that the creation of a team is fundamentally tied to Microsoft 365 group creation. When a user creates a new team, the platform automatically generates a Microsoft 365 group that provides the membership, collaboration framework, and connected services such as SharePoint and Planner. Because of this dependency, restricting the ability to create Microsoft 365 groups is the most direct and effective method of controlling who can create new Teams. Administrators can implement this control by configuring group creation permissions through Azure AD and assigning a security group that defines who has the necessary rights. By limiting group creation in this way, team creation is also inherently limited, ensuring governance, structure, and oversight for collaboration environments.

Teams device update policies control updates for Teams-supported hardware, such as Teams Rooms systems and phones. These policies determine firmware updates, configuration profiles, and device client versions. They have no impact on collaboration governance, group provisioning, directory permissions, or the broader Teams lifecycle. Their scope is purely hardware-related rather than tied to controlling who can create collaboration spaces, so they cannot be used to meet the requirement.

Intune compliance policies ensure that devices meet organizational security and configuration standards. These policies influence whether devices are allowed access to corporate resources based on compliance status. While they play a crucial role in endpoint security posture, they do not govern user permissions within Microsoft 365 services. Compliance policies cannot modify directory rights or influence group creation, making them unrelated to controlling Teams provisioning.

Exchange transport rules govern email routing, message hygiene, and mail flow behaviors. They control how messages are evaluated, filtered, or redirected within Exchange Online. Because Teams creation is not connected to mail routing mechanisms, these rules cannot be used to enforce who can and cannot create Teams. Their purpose is limited to email processing rather than collaboration governance.

Given the architecture of Teams and Microsoft 365 groups, restricting group creation is the only mechanism that directly influences the ability to create new Teams. By associating group creation permissions with a specific security group, administrators can ensure proper governance and prevent unchecked team sprawl. Therefore, the correct answer is enforcing Microsoft 365 group creation restrictions.

Question 158: 

A department wants to run webinars with registration forms. Which feature should be enabled?

A) Teams webinar functionality
B) Resource mailbox auto-booking
C) Teams kiosk mode
D) Live events only

Answer: A)

Explanation: 

Leveraging Teams to run webinars with attendee registration requires enabling the platform’s built-in webinar functionality. This feature provides organizers with the ability to create structured events that support registration forms, custom branding, presenter management, attendee limits, and enhanced engagement tools. It integrates seamlessly with Teams meetings while providing additional options for pre-event registration workflows, allowing participants to sign up, submit required information, and receive automated confirmation emails. Because the requirement specifically mentions registration forms, this native capability directly satisfies the scenario, making it the appropriate solution for webinars within the organization.

Resource mailbox auto-booking refers to settings applied to room or equipment mailboxes in Exchange Online. These settings allow rooms or shared resources to be automatically booked based on availability and reservation policies. While useful for scheduling conference rooms, it plays no part in managing webinars, attendee registration, or event engagement features. It cannot produce registration pages or collect user data prior to an online event.

Teams kiosk mode is designed to lock down the Teams client on shared devices, such as those found in reception areas or shared workstations. It restricts functionality to ensure that only specific features are available for users interacting with the device. Because kiosk mode is exclusively related to device experience, it does not provide event hosting, registration forms, or webinar-specific controls. Its scope is entirely different from enabling structured online events.

Live events allow organizations to broadcast to large audiences, but they lack the integrated registration system offered by webinar functionality. Live events are tailored for broadcast-style presentations with one-to-many communication rather than interactive attendee sign-ups. Since they do not include native registration features, they cannot satisfy the requirement for events that need formal pre-registration and structured participant management.

Thus, because the scenario emphasizes registration forms as a core requirement, enabling Teams webinar functionality is the only solution that matches the needed features.

Question 159: 

A manager wants meeting recordings to delete automatically after 30 days. What should you configure?

A) Recording auto-expiration settings
B) Conditional access policies
C) Mobile application management rules
D) Microsoft Defender Safe Links

Answer: A)

Explanation: 

Managing the lifecycle of Teams meeting recordings requires configuring recording auto-expiration settings, which govern how long recordings remain available before being automatically deleted. These settings allow administrators to set a fixed duration, such as 30 days, ensuring that recordings do not accumulate indefinitely and consume unnecessary storage. Auto-expiration provides a consistent enforcement mechanism across the organization, reducing manual cleanup tasks while supporting storage governance and compliance needs. It directly aligns with the requirement to automatically remove recordings after a defined period, making it the appropriate solution.

Conditional access policies determine how users authenticate and under what conditions they are allowed to access corporate resources. These policies enforce requirements such as MFA, compliant devices, or trusted network locations. While essential for strengthening security, conditional access does not influence the retention or deletion of Teams recordings. It governs access controls, not recording management.

Mobile application management rules are used to apply security and compliance configurations to mobile apps. These rules can prevent data leakage, enforce PINs, and restrict data copying between apps. Although they protect corporate data on mobile devices, they do not manage recording storage, retention schedules, or automated deletion workflows. They cannot be applied to determine how long recordings remain available.

Microsoft Defender Safe Links scans URLs for malicious content and protects users by blocking harmful links in emails and documents. This feature supports security and threat protection but has no impact on meeting recordings. Safe Links does not interact with OneDrive or SharePoint storage settings where recordings are stored. It cannot enforce retention timelines or automate recording clean-up.

Since auto-expiration is the only configuration that directly controls the duration for which recordings remain accessible, it is the correct solution.

Question 160: 

The HR team requires private channels for sensitive discussions. What determines where their files are stored?

A) A dedicated SharePoint site created per private channel
B) Microsoft Stream settings
C) Exchange mailbox quotas
D) Teams update rings

Answer: A)

Explanation:

When private channels are created in Teams, the platform automatically provisions a dedicated SharePoint site for each private channel. This separate site ensures that sensitive files shared within that private channel are isolated from the parent team’s primary SharePoint site. The isolation is essential because private channels have their own distinct membership, which may be a subset of the parent team’s members. The separate SharePoint site allows permissions to align precisely with private channel membership, securing confidential information and guaranteeing that files are only accessible to authorized individuals. Therefore, the storage location for files in private channels is governed by the dedicated SharePoint site created for each private channel.

Microsoft Stream settings determine video storage behavior and permissions for recordings and uploaded content but do not control where private channel documents are stored. Stream is not involved in handling files uploaded through private channel conversations, so it cannot influence their storage location.

Exchange mailbox quotas manage mailbox size limits for users. While helpful for email governance, they have no connection to Teams or SharePoint document storage. Mail limits do not determine file placement or storage behavior for private channels.

Teams update rings control when new Teams client features are rolled out. They influence client functionality timelines but do not determine where files are saved. Update rings govern user experience rather than storage, permissions, or SharePoint site provisioning.

Because private channels rely on isolated SharePoint sites to maintain proper permissions and protect sensitive content, the storage location is always the dedicated site created for each private channel.