MS-500 Microsoft 365 Security Administration Updated Questions

Prévia do material em texto

MS-500 Microsoft 365 Security Administration exam dumps questions are the
best material for you to test all the related Microsoft exam topics. By using the
MS-500 exam dumps questions and practicing your skills, you can increase your
confidence and chances of passing the MS-500 exam.
Features of Dumpsinfo’s products
Instant Download
Free Update in 3 Months
Money back guarantee
PDF and Software
24/7 Customer Support
Besides, Dumpsinfo also provides unlimited access. You can get all
Dumpsinfo files at lowest price.
Microsoft 365 Security Administration MS-500 exam free dumps questions
are available below for you to study. 
Full version: MS-500 Exam Dumps Questions
1. Check the Enable modern authentication box in the Modern authentication panel.
 1 / 50
https://www.dumpsinfo.com/unlimited-access/
https://www.dumpsinfo.com/exam/ms-500
Enable multi-factor authentication for your organization
2.You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Office 365.
You need to protect users from malicious emails that attempt to capture their credentials. The solution
must ensure that suspicious emails contain tips alerting the users to potential threats.
What should you create?
A. a Safe Links policy
B. an anti-phishing policy
C. an alert policy for delivered phishing email
D. an alert policy for suspicious email
Answer: B
Explanation:
According to the article “Investigate malicious email that was delivered in Microsoft 365” 1, an anti-
phishing policy can help you protect your organization from malicious emails that attempt to capture
user credentials by enabling user impersonation and domain impersonation protection. The policy can
also enable safety tips that alert users to potential threats in suspicious emails 1. A Safe Links policy
can help protect users from malicious links, but not from credential phishing 1. An alert policy can
help you monitor and respond to suspicious activities, but not prevent them 1.
3.CORRECT TEXT
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This
may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a
set of tasks in a live environment. While most functionality will be available to you as it would be in a
live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will
not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t
matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You
can use as much time as you would like to complete each lab. But, you should manage your time
appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in
the time provided.
 2 / 50
https://www.dumpsinfo.com/
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be
able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password
below.
Microsoft 365 Username:
admin@LODSe00019@onmicrosoft.com
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
 3 / 50
https://www.dumpsinfo.com/
 4 / 50
https://www.dumpsinfo.com/
 5 / 50
https://www.dumpsinfo.com/
 6 / 50
https://www.dumpsinfo.com/
 7 / 50
https://www.dumpsinfo.com/
 8 / 50
https://www.dumpsinfo.com/
 9 / 50
https://www.dumpsinfo.com/
 10 / 50
https://www.dumpsinfo.com/
You need to ensure that all links to malware.contoso.com within documents stored in Microsoft Office
365 are blocked when the documents are accessed from Office 365 ProPlus applications.
To complete this task, sign in to the Microsoft 365 admin center.
Answer:
4. Add an exception for recipients in the adatum.com domain
5.You have a Microsoft 365 E5 subscription.
You need to use Microsoft Cloud App Security to identify documents stored in Microsoft SharePomt
Online that contain proprietary information.
What should you create in Cloud App Security?
A. a data source and a file policy
B. a data source and an app discovery policy
C. an app connector and an app discovery policy
D. an app connector and a We policy
Answer: B
6.HOTSPOT
How should you configure Azure AD Connect? To answer, select the appropriate options in the
answer area. NOTE: Each correct selection is worth one point.
 11 / 50
https://www.dumpsinfo.com/
Answer:
7.You have a Microsoft 365 subscription.
You need to be notified by email whenever an administrator starts an eDiscovery search.
What should you do from the Security & Compliance admin center?
A. From Search & investigation, create a guided search.
B. From Events, create an event.
C. From Alerts, create an alert policy.
D. From Search & Investigation, create an eDiscovery case.
Answer: C
Explanation:
References: https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies
8.CORRECT TEXT
You need to implement a solution to manage when users select links in documents or email
messages from Microsoft Office 365 ProPlus applications or Android devices.
The solution must meet the following requirements:
? Block access to a domain named fabrikam.com
 12 / 50
https://www.dumpsinfo.com/
? Store information when the users select links to fabrikam.com
To complete this task, sign in to the Microsoft 365 portal.
Answer:
You need to configure a Safe Links policy.
? Go to the Office 365 Security & Compliance admin center.
? Navigate to Threat Management > Policy > Safe Links.
? In the Policies that apply to the entire organization section, select Default, and then click the Edit
icon.
? In the Block the following URLs section, type in *.fabrikam.com. This meets the first requirement in
the question.
? In the Settings that apply to content except email section, untick the checkbox labelled Do not track
when users click safe links. This meets the second requirement in the question.
? Click Save to save the changes.
9. Open the .txt file in Excel, and then use the information in the following table to edit the file with
information for each search.
10.You have a Microsoft 165 E5 subscription.
You need to enable support for sensitivity labels in Microsoft SharePoint Online.
What should you use?
A. the SharePoint admin center
B. the Microsoft 365 admin center
C. the Microsoft 365 compliance center
D. the Azure Active Directory admin
Answer: B
 13 / 50
https://www.dumpsinfo.com/
11.DRAG DROP
You have a Microsoft 365 subscription that contains 20 data loss prevention (DLP) policies.
You need to identify the following:
• Rules that are applied without Triggering a policy alert
• The top 10 files that have matched DLP policies
• Alerts that are miscategorized
Which report should you use for each requirement? To answer, drag the appropriate reports to the
correct requirements. Each report may be used once, more than once, or not at all. You may need to
drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one
point.
Answer:
12.You have a Microsoft 365 E5 subscription thatcontains a Microsoft SharePoint Online site named
Site1 and the data loss prevention (DIP) policies in following table.
The DLP rules are configured as shown in the following table.
 14 / 50
https://www.dumpsinfo.com/
All the policies are assigned to Site1.
You need to ensure that if a user uploads a document to Site1 that matches all the rules, the user will
be shown the Tip 2 policy tip.
What should you do?
A. Enable additional processing of the policies if is a match for Rule1.
B. Change the priority Of DLP2 to 3.
C. Change the priority of DLP2 to 0
D. Prevent additional processing of the policies if there is a match for Rule2.
Answer: C
13. After signing in to the Microsoft 365 admin center, navigate to Threat management, choose Policy
> Safe Links.
14. Click on Labels;
15. On the Activity alerts page, click + New.
The flyout page to create an activity alert is displayed.
 15 / 50
https://www.dumpsinfo.com/
16.HOTSPOT
You have a Microsoft 365 subscription that uses a default domain name of litwareinc.com.
You configure the Sharing settings in Microsoft OneDrive as shown in the following exhibit.
 16 / 50
https://www.dumpsinfo.com/
Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic. NOTE: Each correct selection is worth one point.
 17 / 50
https://www.dumpsinfo.com/
Answer:
17.HOTSPOT
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You have the devices shown in the following table.
You have the Microsoft Defender for Endpoint portal roles shown in the following table.
 18 / 50
https://www.dumpsinfo.com/
You have the Microsoft Defender for Endpoint device groups shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
18. To add a new custom DLP policy, Click on (+) plus button to get the context menu
19.HOTSPOT
You have a Microsoft 365 tenant.
You need to retain Azure Active Directory (Azure AD) audit logs for two years. Administrators must be
able to query the audit log information by using the Azure Active Directory admin center.
 19 / 50
https://www.dumpsinfo.com/
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each
correct selection is worth one point.
Answer:
Explanation:
Graphical user interface, text, application
Description automatically generated
 20 / 50
https://www.dumpsinfo.com/
20.HOTSPOT
Your network contains an on-premises Active Directory domain named contoso.com.
The domain contains the groups shown in the following table.
The domain is synced to an Azure AD tenant that contains the groups shown in the following table.
You create a sensitivity label named Label1.
You need to publish Label1.
To which groups can you publish Label1? To answer, se NOTE: Each correct selection is worth one
point.
 21 / 50
https://www.dumpsinfo.com/
Answer:
 22 / 50
https://www.dumpsinfo.com/
21.You have a Microsoft 365 subscription that contains a Microsoft 365 group named Group1.
Group1 contains 100 users and has dynamic user membership.
All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.
You create a sensitivity label named Label and publish Label 1 as the default label for Group1.
You need to ensure that the users in Group1 must apply Label! to their email and documents.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE:
Each correct selection is worth one point.
A. Install the Azure Information Protection unified labeling client on the Windows 10 devices.
B. From the Microsoft 365 Compliance center, modify the settings of the Label1 policy.
C. Install the Active Directory Rights Management Services (AD RMS) client on the Windows 10
devices.
D. From the Microsoft 365 Compliance center, create an auto-labeling policy.
E. From the Azure Active Directory admin center, set Membership type for Group1 to Assigned.
Answer: D,E
 23 / 50
https://www.dumpsinfo.com/
22.HOTSPOT
You have a Microsoft 365 subscription.
You configure Microsoft Defender for Endpoint as shown in the following table.
You onboard devices to Microsoft Defender for Endpoint as shown in the following table.
Microsoft Defender for Endpoint contains the incidents shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
 24 / 50
https://www.dumpsinfo.com/
Answer:
23. Click on Enable under Quick Steps.
24. On the Protection pane, select Azure (cloud key).
25.CORRECT TEXT
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This
may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a
set of tasks in a live environment. While most functionality will be available to you as it would be in a
live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will
not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t
matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You
can use as much time as you would like to complete each lab. But, you should manage your time
appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in
the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be
able to return to the lab.
Username and password
 25 / 50
https://www.dumpsinfo.com/
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password
below.
Microsoft 365 Username:
admin@LODSe244001@onmicrosoft.com
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a user named Lee Gu can manage all the settings for Exchange
Online. The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft Office 365 admin center.
Answer:
? In the Exchange Administration Center (EAC), navigate to Permissions > Admin Roles.
? Select the group: Organization Management and then click on Edit.
? In the Members section, click on Add.
? Select the users, USGs, or other role groups you want to add to the role group, click on Add, and
then click on OK.
? Click on Save to save the changes to the role group.
26. Choose Review your settings, make sure everything is correct, select Save, then Close.
 26 / 50
https://www.dumpsinfo.com/
27.HOTSPOT
You have a Microsoft Defender for Endpoint deployment that has custom network indicators turned
on.
Microsoft Defender for Endpoint protects two computers that run Windows 10 as shown in the
following table.
Microsoft Defender foe Endpoint has the device groups shown in the following table.
Answer:
28.CORRECT TEXT
Please wait while the virtual machine loads. Once loaded, you may proceed to thelab section. This
may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a
 27 / 50
https://www.dumpsinfo.com/
set of tasks in a live environment. While most functionality will be available to you as it would be in a
live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will
not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t
matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You
can use as much time as you would like to complete each lab. But, you should manage your time
appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in
the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be
able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password
below.
Microsoft 365 Username:
admin@LODSe244001@onmicrosoft.com
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a global administrator is notified when a document that contains
 28 / 50
https://www.dumpsinfo.com/
U.S. Health Insurance Portability and Accountability Act (HIPAA) data is identified in your
Microsoft 365 tenant.
To complete this task, sign in to the Microsoft Office 365 admin center.
Answer:
29.You have a Microsoft 365 subscription that uses a default domain name of fabrikam.com.
You create a safe links policy, as shown in the following exhibit.
Which URL can a user safely access from Microsoft Word Online?
A. fabrikam.phishing.fabrikam.com
B. malware.fabrikam.com
C. fabrikam.contoso.com
D. www.malware.fabrikam.com
Answer: D
Explanation:
References: https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-a-custom-blocked-
urls-list-wtih-atp
30.HOTSPOT
You have a Microsoft 365 E5 tenant that contains two users named User1 and User2 and a Microsoft
 29 / 50
https://www.dumpsinfo.com/
SharePoint Online site named Site1 as shown in
For Site1, the users are assigned the roles shown in the following table.
You publish a retention label named Retention1 to Site1.
To which files can the users apply Retention1? To answer, select the appropriate options in the
answer area. NOTE: Each correct selection is worth one point.
 30 / 50
https://www.dumpsinfo.com/
Answer:
Explanation:
For User 1:
C. File1.docx, File2.docx, and File3.docx
For User 2:
B. File1.docx and File2.docx only
According to the article “Use retention labels to manage SharePoint document lifecycle”1, retention
labels can be applied to all files in all document libraries, and all files at the root level that aren’t in a
folder 1. The article “Learn about retention for SharePoint and OneDrive” 2 also confirms that all files
 31 / 50
https://www.dumpsinfo.com/
stored in SharePoint or OneDrive sites can be retained by applying a retention label 2. Therefore,
User 1, who has the Full Control permission level for Site1, can apply Retention1 to all three files in
Site1.
However, User 2, who has the Read permission level for Site1, cannot apply Retention1 to File3.docx
because it is located in a folder. According to the article “Learn about retention policies & labels to
retain or delete” 3, users need at least Edit permissions on a SharePoint site or OneDrive account to
apply a retention label manually 3. The Read permission level does not include Edit permissions.
Therefore, User 2 can only apply Retention1 to File1.docx and File2.docx, which are at the root level
of Site1.
31.Several users in your Microsoft 365 subscription report that they received an email message
without the attachment. You need to review the attachments that were removed from the messages.
Which two tools can you use? Each correct answer presents a complete solution. NOTE: Each
correct selection is worth one point.
A. the Exchange admin center
B. the Azure ATP admin center
C. Microsoft Azure Security Center
D. the Security & Compliance admin center
E. Outlook on the web
Answer: A,D
Explanation:
References: https://docs.microsoft.com/en-us/office365/securitycompliance/manage-quarantined-
messages-and-files
32.You haw a Microsoft 365 subscription.
You receive a General Data Protection Regulation (GOPR) request for the custom dictionary of a
user.
From the Compliance admin center you need to create a content search, should you configure the
content search?
A. Condition: Type Operator Equals any of Value Documents
B. Condition: Type Operator Equals any of Value Office Roaming Service
C. Condition: Title Operator Equals any of Value Normal. dot
D. Condition: We type Operator Equals any of Value dic
Answer: A
33. > Next
34.You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
On January 1. you create the sensitivity label shown in the following table.
 32 / 50
https://www.dumpsinfo.com/
On January 2, you publish label to User1.
On January 3. User 1 creates a Microsoft Word document named Doc1 and applies Label to the
document.
On January 4. User2 edits Doc1.
On January 15, you increase the content expiry period for Label to 28 days.
When will access to Doc1 expire for User2?
A. January 23
B. January 24
C. January 25
D. January 31
Answer: C
35. On the New Case page, give the case a name, type an optional description, and then click Save.
The case name must be unique in your organization.
The new case is displayed in the list of cases on the eDiscovery page. You can hover the cursor over
a case name to display information about the case, including the status of the case (Active or
 33 / 50
https://www.dumpsinfo.com/
Closed), the description of the case (that was created in the previous step), and when the case was
changed last and who changed it.
To create a hold for an eDiscovery case:
36.You have a Microsoft 365 tenant that uses Azure Information Protection to encrypt sensitive
content.
You plan to implement Microsoft Cloud App Security to inspect protected files that are uploaded to
Microsoft OneDrive for Business.
You need to ensure that at Azure Information Protection-protected files can be scanned by using
Cloud App Security
Which two actions should you perform7 Each correct answer presents part of the solution? NOTE:
Each correct selection is worth one point.
A. From the Cloud App Security admin center, enable file monitoring of software as a service (SaaS)
apps.
B. From the Cloud App Security admin center, create an OAuth app policy for apps that have the
Have full access to user files permission
C. From the Microsoft 365 compliance admin center create a data loss prevention (EXP) policy that
contains an exception for content that contains a sensitive information type.
D. From the Azure Active Directory admin center, grant Cloud App Security permission to read all the
protected content of the tenant
Answer: B,D
37. Topic 2, Litware, Inc
Overview
Litware, Inc. is a financial company that has 1,000 users in its main office in Chicago and 100 users in
a branch office in San Francisco.
Existing Environment
Internal Network Infrastructure
The network contains a single domain forest. The forest functional levelis Windows Server 2016.
Users are subject to sign-in hour restrictions as defined in Active Directory.
The network has the IP address ranges shown in the following table.
 34 / 50
https://www.dumpsinfo.com/
The offices connect by using Multiprotocol Label Switching (MPLS).
The following operating systems are used on the network:
? Windows Server 2016
? Windows 10 Enterprise
? Windows 8.1 Enterprise
The internal network contains the systems shown in the following table.
Litware uses a third-party email system.
Cloud Infrastructure
Litware recently purchased Microsoft 365 subscription licenses for all users.
Microsoft Azure Active Directory (Azure AD) Connect is installed and uses the default authentication
settings. User accounts are not yet synced to Azure AD.
You have the Microsoft 365 users and groups shown in the following table.
Planned Changes
Litware plans to implement the following changes:
? Migrate the email system to Microsoft Exchange Online
? Implement Azure AD Privileged Identity Management
Security Requirements
Litware identities the following security requirements:
? Create a group named Group2 that will include all the Azure AD user accounts. Group2 will be used
to provide limited access to Windows Analytics
? Create a group named Group3 that will be used to apply Azure Information Protection policies to
pilot users. Group3 must only contain user accounts
 35 / 50
https://www.dumpsinfo.com/
? Use Azure Advanced Threat Protection (ATP) to detect any security threats that target the forest
? Prevent users locked out of Active Directory from signing in to Azure AD and Active Directory
? Implement a permanent eligible assignment of the Compliance administrator role for User1
? Integrate Windows Defender and Windows Defender ATP on domain-joined servers
? Prevent access to Azure resources for the guest user accounts by default
? Ensure that all domain-joined computers are registered to Azure AD
Multi-factor authentication (MFA) Requirements
Security features of Microsoft Office 365 and Azure will be tested by using pilot Azure user accounts.
You identify the following requirements for testing MFA.
? Pilot users must use MFA unless they are signing in from the internal network of the Chicago office.
MFA must NOT be used on the Chicago office internal network.
? If an authentication attempt is suspicious, MFA must be used, regardless of the user location
? Any disruption of legitimate authentication attempts must be minimized
General Requirements
Litware want to minimize the deployment of additional servers and services in the Active Directory
forest.
DRAG DROP
You need to configure threat detection for Active Directory. The solution must meet the security
requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from
the list of actions to the answer area and arrange them in the correct order.
Answer:
 36 / 50
https://www.dumpsinfo.com/
38.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some questions sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains 1,000 user mailboxes.
An administrator named Admin1 must be able to search for the name of a competing company in the
mailbox of a user named User5.
You need to ensure that Admin1 can search the mailbox of User5 successfully. The solution must
prevent Admin1 from sending email messages as User5.
Solution: You modify the permissions of the mailbox of User5, and then create an eDiscovery case.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
References: https://docs.microsoft.com/en-us/exchange/policy-and-
compliance/ediscovery/ediscovery?view=exchserver-2019
39. Review your settings, and then click Create this hold.
40. Double click on the added row to open the policy details, click on rules option in left part of the
screen as depicted
 37 / 50
https://www.dumpsinfo.com/
41.You have a Microsoft 365 that uses Microsoft ShareP0•int Online.
You need to ensure that users can only share files with users at specified partner companies. The
solution must minimize administrative effort.
What should you do?
A. Allow only in specific security groups to share externally.
B. Set File and folder links to people.
C. Limit external by domain
D. Set External sharing to New and existing guest
Answer: A
42. On the Hold page, click Create.
43.HOTSPOT
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
Explanation:
YES, YES, NO.
Named locations can't have a private IP range, look at https://docs.microsoft.com/en-us/azure/active-
directory/conditional-access/location-condition
"User IP address The IP address that is used in policy evaluation is the public IP address of the user.
For devices on a private network, this IP address is not the client IP of the user’s device on the
intranet, it is the address used by the network to connect to the public internet."
 38 / 50
https://www.dumpsinfo.com/
Topic 4, Misc. Questions
44. (Optional) In the Description box, add a description of the hold.
45.You create a data loss prevention (DLP) policy as shown in the following shown:
What is the effect of the policy when a user attempts to send an email messages that contains
sensitive information?
A. The user receives a notification and can send the email message
B. The user receives a notification and cannot send the email message
C. The email message is sent without a notification
D. The email message is blocked silently
Answer: A
Explanation:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
46.You have a Microsoft 365 E5 subscription that contains 100 users. Each user has a computer that
runs Windows 10 and either an Android mobile device or an iOS mobile device. All the devices are
registered with Azure AD.
You enable passwordless authentication for all the users.
You need to ensure that the users can sign in to the subscription by using passwordless
authentication.
What should you instruct the users to do on their mobile device first?
A. Install a device certificate.
B. Install a user certificate.
C. Install the Microsoft Authenticator app.
D. Register for self-service password reset (SSPR).
Answer: C
47. Select Default Policy to refine it.
 39 / 50
https://www.dumpsinfo.com/
48.Which user passwords will User2 be prevented from resetting?
A. User6 and User7
B. User4 and User6
C. User4 only
D. User7 and User8
E. User8 only
Answer: C
49. To add a sub-label to a label, select More actions, then Add sub level.
50.Note: This question is part of series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory
(Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and
the tenant.
Azure AD Connect has the following settings:
? Source Anchor: objectGUID
? Password Hash Synchronization: Disabled
? Password writeback:Disabled
? Directory extension attribute sync: Disabled
? Azure AD app and attribute filtering: Disabled
? Exchange hybrid deployment: Disabled
? User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Azure AD app and attribute filtering settings.
Does that meet the goal?
A. Yes
B. No
Answer: B
51.You have a Microsoft 365 E5 subscription that contains a user named User1. You need to ensure
that User1 can review Conditional Access policies.
Solution: You assign User1 the Authentication Administrator role.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Assigning User1 the Authentication Administrator role does not meet the goal of allowing User1 to
review Conditional Access policies. According to the article “Azure AD built-in roles” 1, the
Authentication Administrator role can only view, set and reset authentication method information for
any non-admin user. To review Conditional Access policies, User1 needs to have either the
Conditional Access Administrator role or the Security Administrator role 1. The Conditional Access
Administrator role can manage all aspects of Conditional Access policies, while the Security
Administrator role can manage security-related features, including Conditional Access
 40 / 50
https://www.dumpsinfo.com/
52.What should User6 use to meet the technical requirements?
A. Supervision in the Security & Compliance admin center
B. Service requests in the Microsoft 365 admin center
C. Security & privacy in the Microsoft 365 admin center
D. Data subject requests in the Security & Compliance admin center
Answer: B
53.You have a Microsoft 365 tenant that has modern authentication enabled.
You have Windows 10, MacOS. Android, and iOS devices that are managed by using Microsoft
Endpoint Manager. Some users have older email client applications that use Basic authentication to
connect to Microsoft Exchange Online. You need to implement a solution to meet the following
security requirements:
• Allow users to connect to Exchange Online only by using email client applications that support
modern authentication protocols based on OAuth 2.0.
• Block connections to Exchange Online by any email client applications that do NOT support modern
authentication.
What should you implement?
A. a conditional access policy in Azure Active Directory (Azure AD)
B. an OAuth app policy m Microsoft Defender for Cloud Apps
C. a compliance policy in Microsoft Endpoint Manager
D. an application control profile in Microsoft Endpoint Manager
Answer: C
54. On the Multi-factor authentication page, select user if you are enabling this for one user or select
Bulk Update to enable multiple users.
55. Choose Save.
56.You have a Microsoft 365 subscription.
You need to enable auditing for all Microsoft Exchange Online users.
What should you do?
A. From the Exchange admin center, create a journal rule
B. Run the Set-MailboxDatabase cmdlet
C. Run the Set-Mailbox cmdlet
D. From the Exchange admin center, create a mail flow message trace rule.
Answer: C
Explanation:
Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing
57.HOTSPOT
You have a Microsoft SharePoint Online site named Site! that has the users shown in the following
table.
 41 / 50
https://www.dumpsinfo.com/
You create the retention labels shown In the following table.
Answer:
58. Enable MFA for Office 365 users
After you have set the settings to your liking click on save and then on users (just below the title Multi-
factor authentication).
You see the list of your users again. Here you can select single or multiple users to enable MFA.
 42 / 50
https://www.dumpsinfo.com/
At the moment you enable Office 365 MFA for a user it can get the setup screen as soon as the users
browse to one of the Office 365 products.
59.HOTSPOT
You have a hybrid Microsoft 365 E5 environment that contains a synced user named User1.
You need to ensure that User1 can configure Microsoft Defender for Identity and deploy a Defender
for Identity sensor. The solution must use the principle of least privilege.
Which role should you assign to User1, and to which group should you add User*!? To answer, select
the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
 43 / 50
https://www.dumpsinfo.com/
Answer:
60. Enter a Label name, Tooltip, and Description. Select Next.
61. The label has now been created.
To create a label policy, follow these steps:
62. Navigate to Compliance management > Retention tags, and then click Add +
63. Click on Data Governance, Retention;
64.You have a Microsoft 365 E5 subscription that contains a user named User1.
 44 / 50
https://www.dumpsinfo.com/
The Azure Active Directory (Azure AD) Identity Protection risky users report identifies User1.
For User1. you select Confirm user compromised.
User1 can still sign in.
You need to prevent User1 from signing in. The solution must minimize the impact on users at a lower
risk level.
Solution: You configure the user risk policy to block access when the user risk level is medium and
higher.
Does this meet the goal?
A. Yes
B. No
Answer: B
65. In New Retention Policy, complete the following fields:
? Name: Enter a name for the retention policy.
? Retention tags: Click Add + to select the tags you want to add to this retention policy.
A retention policy can contain the following tags:
? One DPT with the Move to Archive action.
? One DPT with the Delete and Allow Recovery or Permanently Delete actions.
? One DPT for voice mail messages with the Delete and Allow Recovery or
Permanently Delete actions.
? One RPT per default folder such as Inbox to delete items.
? Any number of personal tags.
Step 3: Apply a retention policy to mailbox users
After you create a retention policy, you must apply it to mailbox users. You can apply different
retention policies to different set of users.
? Navigate to Recipients > Mailboxes.
? In the list view, use the Shift or Ctrl keys to select multiple mailboxes.
? In the details pane, click More options.
? Under Retention Policy, click Update.
? In Bulk Assign Retention Policy, select the retention policy you want to apply to the mailboxes, and
then click Save.
For retaining documents in SharePoint Online
Access Security & Compliance Admin Center
66. Open Security and Compliance Centre;
67. Complete the following fields to create an activity alert:
a. Name - Type a name for the alert. Alert names must be unique within your organization.
b. Description (Optional) - Describe the alert, such as the activities and users being tracked, and the
users that email notifications are sent to. Descriptions provide a quick and easy way to describe the
purpose of the alert to other admins.
c. Alert type - Make sure the Custom option is selected.
d. Send this alert when - Click Send this alert when and then configure these two fields:
? Activities - Click the drop-down list to display the activities that you can create an alert for. This is
the same activities list that's displayed when you search the Office 365 audit log. You can select one
or more specific activities or you can click the activity group name to select all activities in the group.
For a description of these activities, see the "Audited activities" section in Search the audit log. When
a user performs any of the activities that you've added to the alert, an email notification is sent.
? Users - Click this box and then select one or more users. If the users in this box perform the
activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send
an alert when any user in your organization performs the activities specified by the alert.
 45 / 50
https://www.dumpsinfo.com/
e. Send this alert to - Click Send this alert, and thenclick in the Recipients box and type a name to
add a user’s who will receive an email notification when a user (specified in the Users box) performs
an activity (specified in the Activities box). Note that you are added to the list of recipients by default.
You can remove your name from this list.
68. Click Open next to the case that you want to create the holds in.
69.You have a Microsoft 365 subscription.
You create an Advanced Threat Protection (ATP) safe attachments policy.
You need to configure the retention duration for the attachments in quarantine.
Which type of threat management policy should you create?
A. Anti-malware
B. DKIM
C. Anti-spam
D. ATP anti-phishing
Answer: A
70.HOTSPOT
You have a Microsoft 365 E5 subscription that uses Microsoft Endpoint Manager.
The Compliance policy settings are configured as shown in the following exhibit.
On February 25, 2020, you create the device compliance policies shown in the following table.
 46 / 50
https://www.dumpsinfo.com/
On March 1. 2020, users enroll Windows 10 devices in Microsoft Endpoint Manager as shown in the
following table
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Yes
Device2 is in Group2 so Policy2 applies.
Device2 is not compliant with Policy2. However, the device won’t be marked as non-compliant until
10 days after the device was enrolled.
Box 2: Yes
Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.
Device1 is compliant with Policy1 but non-compliant with Policy2. However, the device won’t be
marked as non-compliant until 10 days after the device was enrolled.
Box 3: No
Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.
 47 / 50
https://www.dumpsinfo.com/
Device1 is compliant with Policy1 but non-compliant with Policy2.
March 12th is more than 10 days after the device was enrolled so it will now be marked as non-
compliant by Policy2.
71.You have a Microsoft 365 subscription that contains 100 users and a Microsoft 365 group named
Group1.
All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
A. Change the order of Sublabel1.
B. Modify the policy of Label 1.
C. Duplicate all the settings from Sublabel1 to Label 1.
D. Delete the policy of Label! and publish Sublabel1.
Answer: B
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-
labels?view=o365-worldwide
72.You have multiple Microsoft 365 subscriptions.
You need to build an application that will retrieve the Microsoft Secure Score data of each
subscription.
What should you use?
A. the Microsoft Defender for Endpoint API
B. the Microsoft Graph Security API
C. the Microsoft Office 365 Management API
D. the Azure Monitor REST API
Answer: C
73.HOTSPOT
You have a Microsoft 365 subscription that contains a user named User.
You enroll devices in Microsoft Intune as shown in the following table.
Each device has two line of business apps named App1 and App2 installed.
 48 / 50
https://www.dumpsinfo.com/
You create application control policies targeted to all the app types in Microsoft Endpoint Manager as
shown in the following table.
For each of the following statements, Select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
Explanation:
Graphical user interface, text, application
Description automatically generated
Box 1: Yes
Device1 is an Android device in Group3 (and Group1). Policy1 applies to Android devices in Group3.
Therefore, Policy1 does apply to Device1.
Box 2: Yes
 49 / 50
https://www.dumpsinfo.com/
Policy3 protects App1 for Android devices in Group1. Device1 is in Group1 (and Group3).
Therefore, App1 is protected on Device1.
Box 3: No
Device2 is an iOS device in Group1 and Group2. Policy2 applies to iOS devices in Group2.
However, Policy2 only protects App2. It does not protect App1.
Policy3 applies to Group1 and protects App1. However, Policy3 only applies to Android devices in
Group1. It does not apply to iOS devices. Therefore, Policy3 does not apply to Device2 so App1 is not
protected on Device2.
74.Your network contains an on-premises Active Directory domain. The domain contains servers that
run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection
(ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious
services are created.
What should you do?
A. Configure Azure ATP notifications
B. Configure Event Forwarding on the domain controllers
C. Configure auditing in the Office 365 Security & Compliance center
D. Modify the Domain synchronizer candidate settings on the Azure ATP sensors
Answer: B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/configure-event-
forwarding
Powered by TCPDF (www.tcpdf.org)
 50 / 50
https://www.dumpsinfo.com/
http://www.tcpdf.org