Winter 50% Special Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 28285018

MS-500 Microsoft 365 Security Administration Questions and Answers

Questions 4

You are evaluating which finance department users will be prompted for Azure MFA credentials.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 5

What should User6 use to meet the technical requirements?

Options:

A.

Supervision in the Security & Compliance admin center

B.

Service requests in the Microsoft 365 admin center

C.

Security & privacy in the Microsoft 365 admin center

D.

Data subject requests in the Security & Compliance admin center

Buy Now
Questions 6

Which user passwords will User2 be prevented from resetting?

Options:

A.

User6 and User7

B.

User4 and User6

C.

User4 only

D.

User7 and User8

E.

User8 only

Buy Now
Questions 7

Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 8

You install Azure ATP sensors on domain controllers.

You add a member to the Domain Admins group. You view the timeline in Azure ATP and discover that information regarding the membership change is missing.

You need to meet the security requirements for Azure ATP reporting.

What should you configure? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 9

You need torecommend an email malware solution that meets the security requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 10

You need to recommend a solution that meets the technical and security requirements for sharing data with thepartners.

What should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Create an access review.

B.

Assign the Global administrator role to User1.

C.

Assign theGuest inviter role to User1.

D.

Modify the External collaboration settings in the Azure Active Directory admin center.

Buy Now
Questions 11

An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.

What should you do to meet the security requirements?

Options:

A.

Change the Assignment Type for Admin2 toPermanent

B.

From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2

C.

From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1

D.

Change the Assignment Type for Admin1 toEligible

Buy Now
Questions 12

You need to resolve the issue that targets the automated email messages to the IT team.

Which tool should you run first?

Options:

A.

Synchronization Service Manager

B.

Azure AD Connect wizard

C.

Synchronization Rules Editor

D.

IdFix

Buy Now
Questions 13

You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.

What should you include in the recommendation?

Options:

A.

a device compliance policy

B.

an access review

C.

a user risk policy

D.

a sign-in risk policy

Questions 14

You need to recommend asolution for the user administrators that meets the security requirements for auditing.

Which blade should you recommend using from the Azure Active Directory admin center?

Options:

A.

Sign-ins

B.

Azure AD Identity Protection

C.

Authentication methods

D.

Access review

Questions 15

You have an Azure Active Directory (Azure AD) tenant named contoso.com and a Microsoft 365 subscription. Contoso.com contains the groups shown in the following table.

You plan to create a supervision policy named Policy1.

You need to identify which groups can be supervised by using Policy1.

Which groups should you identify?

Options:

A.

Group1 and Group4 only

B.

Group1 only

C.

Group1, Group3, and Group4 only

D.

Group2 and Group3 only

E.

Group1, Group2, and Group3 only

Buy Now
Questions 16

You have a Microsoft 365subscription.

You have a Microsoft SharePoint Online site named Site1.

You have a Data Subject Request (DSR) case named Case1 that searches Site1.

You create a new sensitive information type.

You need to ensure that Case1 returns all the documents that contain the new sensitive information type.

What should you do?

Options:

A.

From the Security & Compliance admin center, create a new Search by ID List.

B.

From Site1, modify the search dictionary.

C.

From the Security & Compliance admin center, create a new Guided search.

D.

From Site1, initiate a re-indexing of Site1.

Buy Now
Questions 17

Your company has a Microsoft 365 subscription, a Microsoft Azure subscription, and an Azure Active Directory (AzureAD) tenant named contoso.com.

The company has the offices shown in the following table.

The tenant contains the users shown in the following table.

You create the Microsoft Cloud App Security policy shown in the following exhibit.

Foreach of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 18

You have a Microsoft 365 E5 subscription without a Microsoft Azure subscription.

Some users are required to use anauthenticator app to access Microsoft SharePoint Online.

You need to view which users have used an authenticator app to access SharePoint Online. The solution must minimize costs.

What should you do?

Options:

A.

From the Enterprise applications blade of the Azure Active Directory admin center, view the audit logs

B.

From Azure Log Analytics, query the logs

C.

From the Azure Active Directory admin center, view the audit logs

D.

From the Enterprise applications blade of the Azure Active Directory admin center, view the sign-ins

Buy Now
Questions 19

Your network contains anon-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.

The security logs of the servers are collected by using a third-party SIEM solution.

You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.

You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.

What should you do?

Options:

A.

Configure Azure ATPnotifications

B.

Configure Event Forwarding on the domain controllers

C.

Configure auditing in the Office 365 Security & Compliance center

D.

Modify the Domain synchronizer candidate settings on the Azure ATP sensors

Buy Now
Questions 20

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You create and enforce an Azure AD Identity Protection user risk policy that has the following settings:

  • Assignments: Include Group1, Exclude Group2
  • Conditions: Sign in risk of Low and above
  • Access: Allow access, Require password change

You need to identify how the policy affectsUser1 and User2.

What occurs when User1 and User2 sign in from an unfamiliar location? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 21

You need to implement Windows DefenderATP to meet the security requirements. What should you do?

Options:

A.

Configure port mirroring

B.

Create the ForceDefenderPassiveMode registry setting

C.

Download and install the Microsoft Monitoring Agent

D.

RunWindowsDefenderATPOnboardingScript.cmd

Buy Now
Questions 22

You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. OneDrive stores files thatare shared with external users. The files are configured as shown in the following table.

You create a data loss prevention (DLP) policy that applies to the content stored in OneDrive accounts. The policy contains the following three rules:

• Rulel:

•Conditions: Label 1, Detect content that's shared with people outside my organization

• Actions: Restrict access to the content for external users

• User notifications: Notify the user who last modified the content

• User overrides: On

• Priority: 0

• Rule2:

• Conditions: Label 1 or Label2

• Actions: Restrict access to the content

• Priority: 1

• Rule3:

• Conditions: Label2, Detect content that's shared with people outside my organization

• Actions: Restrict access to thecontent for external users

• User notifications: Notify the user who last modified the content

• User overrides: On

• Priority: 2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Options:

Buy Now
Questions 23

Which IP address space should you include in the MFA configuration?

Options:

A.

131.107.83.0/28

B.

192.168.16.0/20

C.

172.16.0.0/24

D.

192.168.0.0/20

Buy Now
Questions 24

You need to create Group2.

What are two possible ways to create the group?

Options:

A.

an Office 365 group in the Microsoft 365 admin center

B.

a mail-enabled security group in the Microsoft 365 admin center

C.

a security group in the Microsoft 365 admin center

D.

a distribution list in the Microsoft 365 admin center

E.

a security group in the Azure AD admin center

Buy Now
Questions 25

You need to configure threat detection for Active Directory. The solution must meet the security requirements.

Which three actions should youperform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Options:

Buy Now
Questions 26

How should you configure Azure AD Connect? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 27

How should you configure Group3? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Options:

Buy Now
Questions 28

You need to create Group3

What are two possible ways tocreate the group?

Options:

A.

an Office 365 group in the Microsoft 365 admin center

B.

a mail-enabled security group in the Microsoft 365 admin center

C.

a security group in the Microsoft 365 admin center

D.

a distribution list in the Microsoft 365 admin center

E.

a security group in the Azure AD admin center

Buy Now
Exam Code: MS-500
Exam Name: Microsoft 365 Security Administration
Last Update: Apr 22, 2021
Questions: 191

PDF + Testing Engine

$76  $151.99

Testing Engine

$57.5  $114.99

PDF (Q&A)

$52.5  $104.99