Reliable Microsoft 365 MS-500 Dumps PDF May 21, 2024 Recently Updated Questions
Pass Your Microsoft MS-500 Exam with Correct 329 Questions and Answers
The MS-500 exam covers a broad range of topics related to security and compliance in Microsoft 365, including identity and access management, threat protection, information protection, governance and compliance management, and security management. MS-500 exam also evaluates the candidate's ability to implement and manage security solutions in Microsoft 365 using various tools and technologies, such as Azure Active Directory, Microsoft Intune, Microsoft 365 Defender, and Microsoft Information Protection. Passing the MS-500 exam demonstrates that the candidate has the necessary knowledge and skills to secure Microsoft 365 environments and protect them from various threats and risks.
For more info visit:
Microsoft MS-500 Exam Reference
NEW QUESTION # 143
You need to meet the technical requirements for User9. What should you do?
- A. Assign the Compliance administrator role to User9 and configure a mobile phone number for User9
- B. Assignthe Security administrator role to User9
- C. Assign the Global administrator role to User9
- D. Assign the Privileged administrator role to User9 and configure a mobile phone number for User9
Answer: D
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-give-acces
NEW QUESTION # 144
You need to recommend a solution for the user administrators that meets the security requirements for auditing.
Which blade should you recommend using from the Azure Active Directory admin center?
- A. Access review
- B. Sign-ins
- C. Authentication methods
- D. Azure AD Identity Protection
Answer: B
Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins
Topic 1, Fabrikam inc.
Overview
Fabrikam, Inc. is manufacturing company that sells products through partner retail stores. Fabrikam has 5,000 employees located in offices throughout Europe.
Existing Environment
Network Infrastructure
The network contains an Active Directory forest named fabrikam.com. Fabrikam has a hybrid Microsoft Azure Active Directory (Azure AD) environment.
The company maintains some on-premises servers for specific applications, but most end-user applications are provided by a Microsoft 365 E5 subscription.
Problem Statements
Fabrikam identifies the following issues:
* Since last Friday, the IT team has been receiving automated email messages that contain "Unhealthy Identity Synchronization Notification" in the subject line.
* Several users recently opened email attachments that contained malware. The process to remove the malware was time consuming.
Requirements
Planned Changes
Fabrikam plans to implement the following changes:
* Fabrikam plans to monitor and investigate suspicious sign-ins to Active Directory
* Fabrikam plans to provide partners with access to some of the data stored in Microsoft 365 Application Administration Fabrikam identifies the following application requirements for managing workload applications:
* User administrators will work from different countries
* User administrators will use the Azure Active Directory admin center
* Two new administrators named Admin1 and Admin2 will be responsible for managing Microsoft Exchange Online only Security Requirements Fabrikam identifies the following security requirements:
* Access to the Azure Active Directory admin center by the user administrators must be reviewed every seven days. If an administrator fails to respond to an access request within three days, access must be removed
* Users who manage Microsoft 365 workloads must only be allowed to perform administrative tasks for up to three hours at a time. Global administrators must be exempt from this requirement
* Users must be prevented from inviting external users to view company data. Only global administrators and a user named User1 must be able to send invitations
* Azure Advanced Threat Protection (ATP) must capture security group modifications for sensitive groups, such as Domain Admins in Active Directory
* Workload administrators must use multi-factor authentication (MFA) when signing in from an anonymous or an unfamiliar location
* The location of the user administrators must be audited when the administrators authenticate to Azure AD
* Email messages that include attachments containing malware must be delivered without the attachment
* The principle of least privilege must be used whenever possible
NEW QUESTION # 145
You have a Microsoft 365 subscription that contains 20 data loss prevention (DLP) policies.
You need to identify the following:
* Rules that are applied without Triggering a policy alert
* The top 10 files that have matched DLP policies
* Alerts that are miscategorized
Which report should you use for each requirement? To answer, drag the appropriate reports to the correct requirements. Each report may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 146
You have a Microsoft 365 subscription.
A security manager receives an email message every time a data loss prevention (DLP) policy match occurs.
You need to limit alert notifications to actionable DLP events.
What should you do?
- A. From the Security & Compliance admin center, modify the User overrides settings of a DLP policy.
- B. From the Security & Compliance admin center, modify the matched activities threshold of an alert policy.
- C. From the Cloud App Security admin center, apply a filter to the alerts.
- D. From the Security & Compliance admin center, modify the Policy Tips of a DLP policy.
Answer: B
Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies
NEW QUESTION # 147
You have an Azure Sentinel workspace that has an Office 365 connector.
You are threat hunting events that have suspicious traffic from specific IP addresses.
You need to save the events and the relevant query results for future reference.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/bookmarks
NEW QUESTION # 148
You have a Microsoft 365 subscription. Auditing is enabled.
A user named User1 is a member of a dynamic security group named Group1.
You discover that User1 is no longer a member of Group1.
You need to search the audit log to identify why User1 was removed from Group1.
Which two actions should you use in the search? To answer, select the appropriate activities in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance
NEW QUESTION # 149
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant. You create a label named CompanyConfidential in Microsoft Azure Information Protection. You add CompanyConfidential to a global policy.
A user protects an email message by using CompanyConfidential and sends the label to several external recipients. The external recipients report that they cannot open the email message.
You need to ensure that the external recipients can open protected email messages sent to them.
Solution: You modify the encryption settings of the label.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Explanation
NEW QUESTION # 150
You need to recommend an email malware solution that meets the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 151
You have a Microsoft 365 E5 tenant that contains two users named User1 and User2 and a Microsoft SharePoint Online site named Site1 as shown in
For Site1, the users are assigned the roles shown in the following table.
You publish a retention label named Retention1 to Site1.
To which files can the users apply Retention1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
For User 1: C. File1.docx, File2.docx, and File3.docx
For User 2: B. File1.docx and File2.docx only
According to the article "Use retention labels to manage SharePoint document lifecycle" 1, retention labels can be applied to all files in all document libraries, and all files at the root level that aren't in a folder 1. The article "Learn about retention for SharePoint and OneDrive" 2 also confirms that all files stored in SharePoint or OneDrive sites can be retained by applying a retention label 2. Therefore, User 1, who has the Full Control permission level for Site1, can apply Retention1 to all three files in Site1.
However, User 2, who has the Read permission level for Site1, cannot apply Retention1 to File3.docx because it is located in a folder. According to the article "Learn about retention policies & labels to retain or delete" 3, users need at least Edit permissions on a SharePoint site or OneDrive account to apply a retention label manually 3. The Read permission level does not include Edit permissions . Therefore, User 2 can only apply Retention1 to File1.docx and File2.docx, which are at the root level of Site1.
NEW QUESTION # 152
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the groups shown in the following table.
The domain is synced to a Microsoft Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.
You create an Azure Information Protection policy named Policy1.
You need to apply Policy1.
To which groups can you apply Policy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/azure/information-protection/prepare
NEW QUESTION # 153
You have a Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) deployment that has the custom network indicators turned on. Microsoft Defender ATP protects two computers that run Windows
10 as shown in the following table.
Microsoft Defender ATP has the machine groups shown inthe following table.
From Microsoft Defender Security Center, you create the URLs/Domains indicators shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 154
You have a Microsoft 365 subscription.
A user reports that changes were made to several files in Microsoft OneDrive.
You need to identify which files were modified by which users in the user's OneDrive.
What should you do?
- A. From the OneDrive admin center, select
- B. From Security & Compliance, perform an eDiscovery search
- C. From the Azure Active Directory admin center, open the audit log
- D. From Microsoft Cloud App Security, open the activity log
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/activity-filters
NEW QUESTION # 155
How should you configure Group3? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 156
You have a Microsoft 365 subscription. Auditing is enabled.
A user named User1 is a member of a dynamic security group named Group1.
You discover that User1 is no longer a member of Group1.
You need to search the audit log to identify why User1 was removed from Group1.
Which two actions should you use in the search? To answer, select the appropriate activities in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance
NEW QUESTION # 157
You have a Microsoft 365 subscription that include three users named User1, User2, and User3.
A file named File1.docx is stored in Microsoft OneDrive. An automated process updates File1.docx every minute.
You create an alert policy named Policy1 as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies
NEW QUESTION # 158
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.
You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings:
Assignments: Include Group1, Exclude Group2
Conditions: Sign in risk of Low and above
Access: Allow access, Require password multi-factor authentication
You need to identify how the policy affects User1 and User2.
What occurs when each user signs in from an anonymous IP address? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 159
......
Latest 2024 Realistic Verified MS-500 Dumps: https://pdfpractice.actual4dumps.com/MS-500-study-material.html