Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

MS-500 Questions and Answers

Question # 6

You haw a Microsoft 365 subscription.

You receive a General Data Protection Regulation (GOPR) request for the custom dictionary of a user From The Compliance admin center you need to create a content search, should you configure the content search?

A.

Condition: Type Operator Equals any of Value Documents

B.

.Condition; Type Operator Equals any of Value Office Roaming Service

C.

Condition: Title Operator Equals any of Value Normal. dot

D.

Condition: We type Operator Equals any of Value dic

Full Access
Question # 7

You have a Microsoft 365 E5 subscription that contains 500 Windows 10 devices The subscription uses Microsoft Defender for Endpoint and is integrated with Microsoft Endpoint Manager. AJI the devices have Defender for Endpoint deployed.

You create a Conditional Access policy as shown in the following table.

You need to ensure that devices that have a machine risk score of high are blocked. What should you do in Microsoft Endpoint Manager?

A.

Apply a security baseline to all the devices.

B.

Apply an endpoint detection and response policy to the subscription.

C.

Configure the Compliance policy settings.

D.

Apply a compliance policy to all the devices.

Full Access
Question # 8

You are evaluating which finance department users will be prompted for Azure MFA credentials.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 9

You need to ensure that a user named Grady Archie can monitor the service health of your Microsoft 365 tenant. The solution must use the principle of least privilege.

To complete this task, sign in to the Microsoft 365 portal.

Full Access
Question # 10

What should User6 use to meet the technical requirements?

A.

Supervision in the Security & Compliance admin center

B.

Service requests in the Microsoft 365 admin center

C.

Security & privacy in the Microsoft 365 admin center

D.

Data subject requests in the Security & Compliance admin center

Full Access
Question # 11

You need to meet the technical requirements for User9. What should you do?

A.

Assign the Privileged administrator role to User9 and configure a mobile phone number for User9

B.

Assign the Compliance administrator role to User9 and configure a mobile phone number for User9

C.

Assign the Security administrator role to User9

D.

Assign the Global administrator role to User9

Full Access
Question # 12

Which role should you assign to User1?

A.

Global administrator

B.

User administrator

C.

Privileged role administrator

D.

Security administrator

Full Access
Question # 13

Which policies apply to which devices? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 14

You have an Azure Acme Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You discover several security alerts are visible from the Microsoft Defender for Identity portal.

You need to identify which users m contoso.com can dose the security Alerts. Which users should you identify?

A.

User1 only

B.

User1 and User3 only

C.

User1 and User2 only

D.

User4 only

E.

User3 and User4 only

Full Access
Question # 15

You have a Microsoft 365 E5 subscription that contains a user named User1.

User1 needs to be able to create Data Subject Requests (DSRs) in the Microsoft 365 compliance center.

To which role or role group should you add User1?

A.

the Compliance Data Administrator role

B.

the Data Investigator role

C.

the eDiscovery Manager role

D.

the Records Management role group

Full Access
Question # 16

Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.

You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the

tenant. Azure AD Connect has the following settings:

  • Source Anchor: objectGUID
  • Password Hash Synchronization: Disabled
  • Password writeback: Disabled
  • Directory extension attribute sync: Disabled
  • Azure AD app and attribute filtering: Disabled
  • Exchange hybrid deployment: Disabled
  • User writeback: Disabled

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.

Solution: You modify the Source Anchor settings.

Does that meet the goal?

A.

Yes

B.

No

Full Access
Question # 17

Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 18

You are evaluating which devices are compliant in Intune.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 19

Which user passwords will User2 be prevented from resetting?

A.

User6 and User7

B.

User4 and User6

C.

User4 only

D.

User7 and User8

E.

User8 only

Full Access
Question # 20

You need to create Group3.

What are two possible ways to create the group?

A.

an Office 365 group in the Microsoft 365 admin center

B.

a mail-enabled security group in the Microsoft 365 admin center

C.

a security group in the Microsoft 365 admin center

D.

a distribution list in the Microsoft 365 admin center

E.

a security group in the Azure AD admin center

Full Access
Question # 21

You need to configure threat detection for Active Directory. The solution must meet the security requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Full Access
Question # 22

How should you configure Group3? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 23

An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.

What should you do to meet the security requirements?

A.

Change the Assignment Type for Admin2 to Permanent

B.

From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2

C.

From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1

D.

Change the Assignment Type for Admin1 to Eligible

Full Access
Question # 24

You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group.

Which other settings should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 25

You need to recommend a solution that meets the technical and security requirements for sharing data with the partners.

What should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

Create an access review.

B.

Assign the Global administrator role to User1.

C.

Assign the Guest inviter role to User1.

D.

Modify the External collaboration settings in the Azure Active Directory admin center.

Full Access
Question # 26

You need to recommend an email malware solution that meets the security requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 27

You install Azure ATP sensors on domain controllers.

You add a member to the Domain Admins group. You view the timeline in Azure ATP and discover that information regarding the membership change is missing.

You need to meet the security requirements for Azure ATP reporting.

What should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 28

You need to resolve the issue that targets the automated email messages to the IT team.

Which tool should you run first?

A.

Synchronization Service Manager

B.

Azure AD Connect wizard

C.

Synchronization Rules Editor

D.

IdFix

Full Access
Question # 29

You need to recommend a solution for the user administrators that meets the security requirements for auditing.

Which blade should you recommend using from the Azure Active Directory admin center?

A.

Sign-ins

B.

Azure AD Identity Protection

C.

Authentication methods

D.

Access review

Full Access
Question # 30

You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.

What should you include in the recommendation?

A.

a device compliance policy

B.

an access review

C.

a user risk policy

D.

a sign-in risk policy

Full Access