Updated Microsoft MS-500 Exam Dumps

Text Material Preview

Itfreedumps provides the latest online questions for all IT certifications,
such as IBM, Microsoft, CompTIA, Huawei, and so on. 
Hot exams are available below. 
AZ-204 Developing Solutions for Microsoft Azure 
820-605 Cisco Customer Success Manager 
MS-203 Microsoft 365 Messaging 
HPE2-T37 Using HPE OneView 
300-415 Implementing Cisco SD-WAN Solutions (ENSDWI) 
DP-203 Data Engineering on Microsoft Azure 
500-220 Engineering Cisco Meraki Solutions v1.0 
NACE-CIP1-001 Coating Inspector Level 1 
NACE-CIP2-001 Coating Inspector Level 2 
200-301 Implementing and Administering Cisco Solutions 
Share some MS-500 exam online questions below. 
1.You need to enable and configure Microsoft Defender for Endpoint to meet the security
requirements.
What should you do?
A. Configure port mirroring
B. Create the ForceDefenderPassiveMode registry setting
 1 / 52
https://www.itfreedumps.com/exam/real-microsoft-az-204-dumps/
https://www.itfreedumps.com/exam/real-cisco-820-605-dumps/
https://www.itfreedumps.com/exam/real-microsoft-ms-203-dumps/
https://www.itfreedumps.com/exam/real-hp-hpe2-t37-dumps/
https://www.itfreedumps.com/exam/real-cisco-300-415-dumps/
https://www.itfreedumps.com/exam/real-microsoft-dp-203-dumps/
https://www.itfreedumps.com/exam/real-cisco-500-220-dumps/
https://www.itfreedumps.com/exam/real-nace-nace-cip1-001-dumps/
https://www.itfreedumps.com/exam/real-nace-nace-cip2-001-dumps/
https://www.itfreedumps.com/exam/real-cisco-200-301-dumps/
C. Download and install the Microsoft Monitoring Agent
D. Run WindowsDefenderATPOnboardingScripc.cmd
Answer: C
2. In the Impersonation section, select Edit.
3.You have a Microsoft 365 E5 Subscription named cont0S0.C0rn.
You create a user named User'.
You Need to ensure that User1 can change Status of Microsoft Defender for Identity health alerts.
The solution must use principle of the least principle.
What should you do?
A. From the Microsoft 365 admin center, add user' to the Azure ATP contoso.com Administrators
group.
B. From the Microsoft 365 Defender portal, assign user' the Security Operator role.
C. From the Microsoft 365 admin center, add user' to the Azure ATP contoso.com users group.
D. From the Microsoft admin center, assign user1 the Hybrid Identity Administrator role.
Answer: B
4. For each marking that you choose, select Customize text. Enter the text you want to appear on the
document, and set the font and layout options. Select Save, and then repeat for any additional
markings. Select Next.
5.DRAG DROP
You have an on-premises Hyper-V infrastructure that contains the following:
? An Active Directory domain
? A domain controller named Server1
? A member server named Server2
A security policy specifies that Server1 cannot connect to the Internet. Server2 can connect to the
Internet.
You need to implement Azure Advanced Threat Protection (ATP) to monitor the security of the
domain.
What should you configure on each server? To answer, drag the appropriate components to the
correct servers. Each component may only be used once, more than once, or not at all. You may
need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is
worth one point.
 2 / 52
7
Answer:
6.HOTSPOT
You company has a Microsoft 36S E5 subscription and a hybrid Azure active Directory named
contoso.com.
Contoso.com includes the following users:
You configure Password protection for Contoso.com as shown in the following exhibit.
 3 / 52
Answer:
7. Name the policy > Next.
8.CORRECT TEXT
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This
may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a
set of tasks in a live environment. While most functionality will be available to you as it would be in a
live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will
not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t
matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You
can use as much time as you would like to complete each lab. But, you should manage your time
appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in
the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be
able to return to the lab.
Username and password
 4 / 52
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password
below.
Microsoft 365 Username:
admin@LODSe00019@onmicrosoft.com
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
 5 / 52
 6 / 52
 7 / 52
 8 / 52
 9 / 52
 10 / 52
 11 / 52
 12 / 52
You need to create a retention policy that contains a data label. The policy must delete all Microsoft
Office 365 content that is older than six months.
To complete this task, sign in to the Microsoft 365 admin center.
Answer:
Creating Office 356 labels is a two-step process. The first step is to create the actual label which
includes the name, description, retention policy, and classifying the content as a record. Once this is
completed, the second step requires the deployment of a label using a labelling policy which specifies
the specific location to publish and applying the label automatically.
To create an Office 365 label, following these steps:
9.An administrator plans to deploy several Azure Advanced Threat Protection (ATP) sensors.
You need to provide the administrator with the Azure information required to deploy the sensors.
What information should you provide?
A. an Azure Active Directory Authentication Library (ADAL) token
B. the public key
C. the access key
D. the URL of the Azure ATP admin center
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/workspace-portal
10.You have a Microsoft 365 E5 subscription that has Microsoft Defender for Cloud Apps enabled.
You need to create an alert in Defender for Cloud Apps when source code is shared externally.
Which type of policy should you create?
 13 / 52
A. Cloud Discovery anomaly detection
B. file
C. access
D. activity
Answer: B
11.HOTSPOT
You have a Microsoft 365 subscription. Auditing is enabled.
A user named User1 is a member of a dynamic security group named Group1.
You discover that User1 is no longer a member of Group1.
You need to search the audit log to identify why User1 was removed from Group1.
Which two actions should you use in the search? To answer, select the appropriate activities in the
answer area. NOTE: Each correct selection is worth one point.
Answer:
 14 / 52
Explanation:
References: https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-
security-and-compliance
12. Click Create to finish creating the policy.
References:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-
policy?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/what-the-dlp-policy-templates-
include?view=o365-worldwide
13.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some questions sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an on-premises Active Directory domain named contoso.com.
You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
You use the Application event log on Server1.
Does that meet the goal?
 15 / 52
A. Yes
B. No
Answer: A
Explanation:
References: https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-
Instance
14.You create a data loss prevention (DLP) policy as shown in the following shown:
What is the effect of the policy when a user attempts to send an email messages that contains
sensitive information?
A. The user receives a notification and can send the email message
B. The user receives a notification and cannot send the email message
C. The email message is sent without a notification
D. The email message is blocked silently
Answer: A
Explanation:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
15. Open the Service settings
Before we start enabling MFA for the users, we first go through the service settings. The button to the
settings screen doesn’t stand out, but it’s just below the title
 16 / 52
16.HOTSPOT
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
 17 / 52
Explanation:
YES, YES, NO.
Named locations can't have a private IP range, look at https://docs.microsoft.com/en-us/azure/active-
directory/conditional-access/location-condition
"User IP address The IP address that is used in policy evaluation is the public IP address of the user.
For devices on a private network, this IP address is not the client IP of the user’s device on the
intranet, it is the address used by the network to connect to the public internet."
Topic 4, Misc. Questions
17.You have a hybrid Azure Active Directory (Azure AD) tenant that has pass- through authentication
enabled.
You plan to implement Azure AD identity Protection and enable the user risk policy.
You need to configure the environment to support the user risk policy.
A. Enable password hash synchronization.
B. Configure a conditional access policy.
C. Enforce the multi-factor authentication (MFA) registration policy.
D. Enable the sign-in risk policy.
Answer: C
18.You have a Microsoft 365 E3 subscription.
You plan to audit all Microsoft Exchange Online user and admin activities.
You need to ensure that all the Exchange audit log records are retained for one year.
What should you do?
A. Modify the retention period of the default audit retention policy.
B. Create a custom audit retention policy.
C. Assign Microsoft 365 Enterprise E5 licenses to all users.
D. Modify the record type of the default audit retention policy.
Answer: C
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/audit-log-retention-
policies?view=o365-worldwide
19.HOTSPOT
You have a Microsoft 365 E5 tenant that contains two users named User1 and User2 and a Microsoft
SharePoint Online site named Site1 as shown in
 18 / 52
For Site1, the users are assigned the roles shown in the following table.
You publish a retention label named Retention1 to Site1.
To which files can the users apply Retention1? To answer, select the appropriate options in the
answer area. NOTE: Each correct selection is worth one point.
 19 / 52
Answer:
Explanation:
For User 1:
C. File1.docx, File2.docx, and File3.docx
For User 2:
B. File1.docx and File2.docx only
According to the article “Use retention labels to manage SharePoint document lifecycle”1, retention
labels can be applied to all files in all document libraries, and all files at the root level that aren’t in a
folder 1. The article “Learn about retention for SharePoint and OneDrive” 2 also confirms that all files
 20 / 52
stored in SharePoint or OneDrive sites can be retained by applying a retention label 2. Therefore,
User 1, who has the Full Control permission level for Site1, can apply Retention1 to all three files in
Site1.
However, User 2, who has the Read permission level for Site1, cannot apply Retention1 to File3.docx
because it is located in a folder. According to the article “Learn about retention policies & labels to
retain or delete” 3, users need at least Edit permissions on a SharePoint site or OneDrive account to
apply a retention label manually 3. The Read permission level does not include Edit permissions.
Therefore, User 2 can only apply Retention1 to File1.docx and File2.docx, which are at the root level
of Site1.
20.Which user passwords will User2 be prevented from resetting?
A. User6 and User7
B. User4 and User6
C. User4 only
D. User7 and User8
E. User8 only
Answer: C
21. Select one of the following options:
? Applied automatically to entire mailbox (default): Select this option to create a default policy tag
(DPT). You can use DPTs to create a default deletion policy and a default archive policy, which
applies to all items in the mailbox.
? Applied automatically to a specific folder: Select this option to create a retention policy tag (RPT) for
a default folder such as Inbox or Deleted Items.
? Applied by users to items and folders (Personal): Select this option to create personal tags. These
tags allow Outlook and Outlook on the web (formerly known as Outlook Web App) users to apply
archive or deletion settings to a message or folders that are different from the settings applied to the
parent folder or the entire mailbox.
22.You have a hybrid deployment of Microsoft 365 that contains the users shown in the following
table.
You plan to use Microsoft 365 Attack Simulator.
You need to identify the users against which you can use Attack Simulator.
Which users should you identify?
A. User1 and User3 only
B. User1, User2, User3, and User4
C. User3 only
D. User3 and User4 only
 21 / 52
Answer: D
Explanation:
Each targeted recipient must have an Exchange Online mailbox.
Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-
simulator?view=o365-worldwide
23.You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by
using Microsoft Intune.
You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will
allow only Windows 10 computers marked as compliant to establish a VPN connection to the on-
premises network.
What should you do first?
A. From the Azure Active Directory admin center, create a new certificate
B. Enable Application Proxy in Azure AD
C. From Active Directory Administrative Center, create a Dynamic Access Control policy
D. From the Azure Active Directory admin center, configure authentication methods
Answer: A
Explanation:
Reference: https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/ad-ca-vpn-
connectivitywindows10
24.You have a Microsoft 365 subscription that contains a user named User1.
You plan to use Compliance Manager.
You need to ensure that User1 can assign Compliance Manager roles to users. The solution must
use the principle of least privilege.
Which role should you assign to User1?
A. Compliance Manager AssessorB. Global Administrator
C. Portal Admin
D. Compliance Manager Administrator
Answer: C
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/working-with-compliance-
manager?view=o365-worldwide
25.Note: This question is part of series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory
(Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and
the
tenant.
Azure AD Connect has the following settings:
? Source Anchor: objectGUID
? Password Hash Synchronization: Disabled
? Password writeback: Disabled
 22 / 52
? Directory extension attribute sync: Disabled
? Azure AD app and attribute filtering: Disabled
? Exchange hybrid deployment: Disabled
? User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?
A. Yes
B. No
Answer: A
Explanation:
References: https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps
26.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains the users shown in the following table.
You discover that all the users in the subscription can access Compliance Manager reports.
The Compliance Manager Reader role is not assigned to any users.
You need to recommend a solution to prevent a user named User5 from accessing the Compliance
Manager reports.
Solution: You recommend assigning the Compliance Manager Reader role to User1.
Does this meet the goal?
A. Yes
B. No
Answer: B
27. Turn on Content marking, and choose the markings you want to use.
28.Note: This question is part of series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
 23 / 52
questions will not appear in the review screen.
You have a Microsoft 365 tenant. You create a label named CompanyConfidential in Microsoft Azure
Information Protection.
You add CompanyConfidential to a global policy.
A user protects an email message by using CompanyConfidential and sends the label to several
external recipients. The external recipients report that they cannot open the email message.
You need to ensure that the external recipients can open protected email messages sent to them.
Solution: You create a new label in the global policy and instruct the user to resend the email
message.
Does this meet the goal?
A. Yes
B. No
Answer: A
29.Von haw a Microsoft 365 subscription.
You need to ensure that users on manually designate which content will be subject to data toss
prevention (DIP) polices?
What should you create first?
A. a retention label
B. a custom sensitive information type
C. a safe attachments policy
D. a Data Subject Request (OSR)
Answer: D
30. Select Protection.
31.You have a Microsoft 365 E5 subscription.
You need to investigate threats to the subscription by using the Campaigns view in Microsoft
Defender for Office 365.
Which types of threats will appear?
A. phishing and password attacks only
B. malware and password attacks only
C. malware only
D. phishing only
E. phishing and malware only
Answer: E
Explanation:
According to the article “Campaigns in Microsoft Defender for Office 365 Plan” 1, campaigns in the
Microsoft 365 Defender portal identifies and categorizes coordinated email attacks, including phishing
and malware 1. The article “Track and respond to emerging threats with campaigns in Microsoft
Defender for Office 365” 2 also confirms that campaigns allow you to investigate a coordinated email
attack against your organization that involves phishing and malware 2. The article “Microsoft
Defender for Office 365 service description” 3 lists the features of Defender for Office 365 Plan 2,
which include anti-phishing and anti-malware protection 3. Password attacks are not mentioned as a
type of threat that will appear in the Campaigns view.
32.HOTSPOT
You plan to configure an access review to meet the security requirements for the workload
administrators. You create an access review policy and specify the scope and a group.
 24 / 52
Which other settings should you configure? To answer, select the appropriate options in the answer
area. NOTE: Each correct selection is worth one point.
Answer:
33.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some questions sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed
them.
When you search the audit log in Security & Compliance to identify who signed in to the mailbox of
User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
 25 / 52
You run the Set-MailboxFolderPermission CIdentity "User1"
-User User1@contoso.com CAccessRights Owner command.
Does that meet the goal?
A. Yes
B. No
Answer: B
Explanation:
References: https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-
mailbox?view=exchange-ps
34.You have several Conditional Access policies that block noncompliant devices from connecting to
services.
You need to identify which devices are blocked by which policies.
What should you use?
A. the Device compliance report in the Microsoft Endpoint Manager admin center
B. the Device compliance trends report in the Microsoft Endpoint Manager admin center
C. Activity log in the Cloud App Security admin center
D. the Conditional Access Insights and Reporting workbook in the Azure Active Directory admin
center
Answer: D
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-
conditional-access-insights-reporting
35.HOTSPOT
You have a Microsoft E5 subscription that contains two users named User 1 and User2.
You have a Microsoft SharePoint site named Site1.
Site1 stores files that contain IP addresses as shown in the following table.
User1 is assigned the SharePoint admin role for Site1. User2 is a member of Sile1. You create the
data loss prevention (DLP)1 policy shown in the following exhibit.
 26 / 52
 27 / 52
For each of the following statements, select Yes if the statement is true: Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
 28 / 52
36. Topic 3, Contoso, Ltd
Overview
Contoso,Ltd. is a consulting company that has a main office in Montreal and three branch offices in
Seattle, and New York.
The company has the offices shown in the following table.
Contoso has IT, human resources (HR), legal, marketing, and finance departments.
Contoso uses Microsoft 365.
Existing Environment
Infrastructure
The network contains an Active Directory domain named contoso.com that is synced to a Microsoft
Azure Active Directory (Azure AD) tenant. Password writeback is enabled.
The domain contains servers that run Windows Server 2016. The domain contains laptops and
desktop computers that run Windows 10 Enterprise.
Each client computer has a single volume.
Each office connects to the Internet by using a NAT device.
The offices have the IP addresses shown in the following table.
 29 / 52
Named locations are defined in Azure AD as shown in the following table.
From the Multi-Factor Authentication page, an address space of 198.35.3.0/24 is defined in the
trusted IPs list.
Azure Multi-Factor Authentication (MFA) is enabled for the users in the finance department.
The tenant contains the users shown in the following table.
The tenant contains the groups shown in the following table.
 30 / 52
Customer Lockbox is enabled in Microsoft 365.
Microsoft Intune Configuration
The devices enrolled in Intune are configured as shown in the following table.
The device compliance policies in Intune are configured as shown in the following table.
The device compliance policies have the assignments shown in the following table.
The Mark devices with no compliance policy assigned as setting is set to Compliant.
 31 / 52
Requirements
Technical Requirements
Contoso identifies the following technical requirements:
? Use the principle of least privilege
? Enable User1 to assign the Reports reader role to users
? Ensure that User6 approves Customer Lockbox requests as quickly aspossible
? Ensure that User9 can implement Azure AD Privileged Identity Management
HOTSPOT
Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in
the answer area. NOTE: Each correct selection is worth one point.
Answer:
 32 / 52
37. Click OK to close the Protection pane and see your choice of User defined or your chosen
template display for the Protection option in the Label pane.
38.You have a Microsoft 365 tenant that is linked to a hybrid Azure Active Directory (Azure AD) tenant
named contoso.com.
You need to enable Azure AD Seamless Single Sign-On (Azure AD SSO) for contoso.com.
What should you use?
A. Azure AD Connect
B. the Azure Active Directory admin center
C. the Microsoft 365 Security admin center
D. the Microsoft 365 admin center
Answer: A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-
start
39.HOTSPOT
You have a Microsoft SharePoint Online site named Site! that has the users shown in the following
table.
 33 / 52
You create the retention labels shown In the following table.
Answer:
40.You create an Azure Sentinel workspace.
You configure Azure Sentinel to ingest data from Azure Active Directory (Azure AD).
In the Azure Active Directory admin center, you discover Azure AD Identity Protection alerts.
The Azure Sentinel workspace shows the status as shown in the following exhibit.
 34 / 52
In Azure Log Analytics, you can see Azure AD data in the Azure Sentinel workspace.
What should you configure in Azure Sentinel to ensure that incidents are created for detected
threats?
A. data connectors
B. rules
C. workbooks
D. hunting queries
Answer: B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/sentinel/detect-threats-custom
41.HOTSPOT
You have a Microsoft 365 subscription that contains two groups named Group' and Group2.
You have the compliance assessments shown in the following table.
You have the improvement actions shown in the following table.
 35 / 52
Answer:
42. Navigate to Compliance management > Retention tags, and then click Add +
43.You have a Microsoft 365 E5 subscription that uses Privacy Risk Management in Microsoft Priva.
You need to review the personal data type instances that were detected in the subscription.
What should you use in the Microsoft Purview compliance portal?
A. Content search
B. an eDiscovery case
C. Content explorer
D. User data sear
Answer: C
44.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some questions sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have an on-premises Active Directory domain named contoso.com.
You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
You use the System event log on Server1.
Does that meet the goal?
A. Yes
B. No
Answer: B
Explanation:
References: https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-
Instance
45.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some questions sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
 36 / 52
Some email messages sent to User1 appear to have been read and deleted before the user viewed
them.
When you search the audit log in Security & Compliance to identify who signed in to the mailbox of
User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
You run the Set-Maibox -Identity "User1" -AuditEnabled $true command.
Does that meet the goal?
A. Yes
B. No
Answer: A
Explanation:
References: https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-
mailbox?view=exchange-ps
46.You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365
subscription.
You need to allow a user named User1 to view ATP reports in the Threat management dashboard.
Which role provides User1with the required role permissions?
A. Security reader
B. Message center reader
C. Compliance administrator
D. Information Protection administrator
Answer: A
Explanation:
Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/view-reports-for-atp#what-
permissions-areneeded-to-view-the-atp-reports
47.You have a Microsoft 365 E5 subscription.
Some users are required to use an authenticator app to access Microsoft SharePoint Online.
You need to view which users have used an authenticator app to access SharePoint Online. The
solution must minimize costs.
What should you do?
A. From the Azure Active Directory admin center, view the sign-ins.
B. From the Security & Compliance admin center, download a report.
C. From the Azure Active Directory admin center, view the authentication methods.
D. From the Azure Active Directory admin center, view the audit logs.
Answer: A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-
ins
48.HOTSPOT
Which policies apply to which devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 37 / 52
Answer:
49.HOTSPOT
You have an Azure Active Directory(Azure AD) tenant named contoso.com that contains the users
shown in the following table.
You register devices in contoso.com as shown in the following table.
 38 / 52
You create app protection policies in Intune as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Answer:
 39 / 52
Explanation:
References: https://docs.microsoft.com/en-us/intune/apps/app-protection-policy
50. On the next screen is where you set up the logic. You can configure how many days, months, or
years to retain the content for, specify whether you want the math (retention period) to be calculated
from the Created Date or Last Modified Date. Lastly, you can also specify whether you want to keep
or delete content after the Retention period expires. Hit Next
51.You have a Microsoft 365 E5 subscription that contains a user named Used.
You need to ensure that User! can use the Microsoft 365 compliance center to search audit logs and
 40 / 52
identify which users were added to Microsoft 365 role groups. The solution must use the principle of
least privilege.
To which role group should you add User1?
A. Security Reader
B. View-Only Organization Management
C. Organization Management
D. Compliance Management
Answer: C
52. On the Home page for the case, click the Hold tab.
53.DRAG DROP
Your company has two departments named department and department2 and a Microsoft 365 E5
subscription.
You need to prevent communication between the users in department1 and the users in department2.
How should you complete the PowerShell script? To answer, drag the appropriate values to the
correct targets. Each value may be used once, more than once, or not at all. You may need to drag
the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one
point.
Answer:
 41 / 52
54. In the Pop-up window, Click on Enable Multi-Factor Authentication.
After you set up multi-factor authentication for your organization, your users will be required to set up
two-step verification on their devices.
55.You have a Microsoft 365 subscription.
A security manager receives an email message every time a data loss prevention (DLP) policy match
occurs.
You need to limit alert notifications to actionable DLP events.
What should you do?
A. From the Security & Compliance admin center, modify the Policy Tips of a DLP policy.
B. From the Cloud App Security admin center, apply a filter to the alerts.
C. From the Security & Compliance admin center, modify the User overrides settings of a DLP policy.
D. From the Security & Compliance admin center, modify the matched activities threshold of an alert
policy.
Answer: D
Explanation:
References: https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies
56.Your network contains an on-premises Active Directory domain. The domain contains servers that
run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection
(ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious
services are created.
What should you do?
A. Configure auditing in the Office 365 Security & Compliance center.
B. Turn off Delayed updates for the Azure ATP sensors.
C. Modify the Domain synchronizer candidate’s settings on the Azure ATP sensors.
D. Integrate SIEM and Azure ATP.
Answer: C
Explanation:
References: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5
57. On the New Case page, give the case a name, type an optional description, and then click Save.
The case name must be unique in your organization.
 42 / 52
The new case is displayed in the list of cases on the eDiscovery page.
After you create a case, the next step is to add members to the case. The eDiscovery Manager who
created the case is automatically added as a member. Members have to be assigned the appropriate
eDiscovery permissions so they can access the case after you add them.
58.You have a Microsoft 365 subscription.
You receive a General Data Protection Regulation (GDPR) request for the custom dictionary of a
user.
From the Compliance admin center you need to create a content search.
How should you configure the content search1?
A. Condition: Type Operator. Equals any of Value: Office Roaming Service
B. Condition: Title Operator: Equals any of Value: Normal.dot
C. Condition: Type Operator: Equals any of Value: Documents
D. Condition: File type Operator: Equals any of Value: dic
Answer: D
59.You have a Microsoft 365 subscription that contains 50 devices- The devices are enrolled in
 43 / 52
Microsoft Endpomt Manager and have Microsoft Defender for Endpoint enabled. You need to identify
devices that have a pending offline scan.
What should you do?
A. From the Microsoft 365 Defender portal, review the Threat & Vulnerability Management dashboard.
B. From the Microsoft 365 Defender portal, review the Threat analytics dashboard
C. From the Microsoft Endpoint Manager admin center, review the Detected malware report
D. From the Microsoft Endpoint Manager admin center, review the Antivirus agent status report.
Answer: A
60.You need to meet the technical requirements for User9.
What should you do?
A. Assign the Privileged administrator role to User9 and configure a mobile phone number for User9
B. Assign the Compliance administrator role to User9 and configure a mobile phone number for User9
C. Assign the Security administrator role to User9
D. Assign the Global administrator role to User9
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-
give-access-to-pim
61. Navigate to eDiscovery in the Security & Compliance Center, and then click Create a case.
62.HOTSPOT
You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit.
 44 / 52
Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic. NOTE: Each correct selection is worth one point.
 45 / 52
Answer:
 46 / 52
63.Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some questions sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed
them.
When you search the audit log in Security & Compliance to identify who signed in to the mailbox of
User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
You run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true
-AdminAuditLogCmdlets *Mailbox* command.
Does that meet the goal?
A. Yes
B. No
Answer: B
Explanation:
References: https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-
audit/setadminauditlogconfig?view=exchange-ps
64.CORRECT TEXT
You need to create a policy that identifies content in Microsoft OneDrive that contains credit card
numbers.
To complete this task, sign in to the Microsoft 365 portal.
Answer:
You need to configure auto-labeling in ‘simulation’ mode. In the policy, you can select the‘Credit Card’ sensitive info type.
? In the Microsoft 365 compliance center, navigate to sensitivity labels: Solutions > Information
protection
? Select the Auto-labeling (preview) tab.
? Select + Create policy.
? For the page Choose info you want this label applied to: Select one of the templates, such as
Financial or Privacy. You can refine your search by using the Show options for dropdown. Or, select
Custom policy if the templates don't meet your requirements. Select Next.
? For the page Name your auto-labeling policy: Provide a unique name, and optionally a description
to help identify the automatically applied label, locations, and conditions that identify the content to
label.
? For the page Choose locations where you want to apply the label: Select OneDrive. Then select
Next.
? For the Define policy settings page: Keep the default of Find content that contains to define rules
that identify content to label across all your selected locations. The rules use conditions that include
sensitive information types and sharing options. For sensitive information types, you can select both
built-in and custom sensitive information types.
? Then select Next.
? For the Set up rules to define what content is labeled page: Select + Create rule and then select
Next.
? On the Create rule page, name and define your rule, using sensitive information types and then
select Save.
? Click Next.
 47 / 52
? For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose
a sensitivity label pane, and then select Next.
? For the Decide if you want to run policy simulation now or later page: Select Run policy in simulation
mode if you're ready to run the auto-labeling policy now, in simulation mode. Otherwise, select Leave
policy turned off. Select Next.
? For the Summary page: Review the configuration of your auto-labeling policy and make any
changes that needed, and complete the wizard.
65. In User Mailbox, click Mailbox features.
66.You have a Microsoft 365 subscription.
You create an Advanced Threat Protection (ATP) safe attachments policy to quarantine malware.
You need to configure the retention duration for the attachments in quarantine.
Which type of threat management policy should you create from the Security&Compliance admin
center?
A. ATP anti-phishing
B. DKIM
C. Anti-spam
D. Anti-malware
Answer: D
67. Click Next.
68.You have a Microsoft 165 ES subscription that contains users named User 1 and User2?
You have the audit log retention requirements shown in the following table.
You need to create audit retention policies to meet the requirements. The solution must minimize cost
and the number of policies.
What is the minimum number of audit retention policies that you should create?
A. 1
B. 2
C. 3
D. 4
Answer: C
69. After signing in to the Microsoft 365 admin center, select Security, Threat Management, Policy,
then ATP Anti-phishing.
70.HOTSPOT
You have a Microsoft 365 E5 subscription.
From Microsoft Azure Active Directory (Azure AD), you create a security group named Group1. You
add 10 users to Group1.
 48 / 52
You need to apply app enforced restrictions to the members of Group1 when they connect to
Microsoft Exchange Online from non-compliant devices, regardless of their location.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each
correct selection is worth one point.
Answer:
 49 / 52
71. On the Hold page, click Create.
72.You have a Microsoft SharePoint Online sire named Site1 that contains the files shown in the
following table.
You have a data loss prevention (DLP) policy named DLP1 that has the advanced DLP rules shown
in the following table.
You apply DLP1 to Site1.
Which policy tips will appear for File2?
 50 / 52
A. Tip1 only
B. Tip2 only
C. Tip3 only
D. Tip1 and Tip2 only
Answer: B
73. In the Security & Compliance Center > left navigation > Data loss prevention > Policy > + Create a
policy.
74.HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a VPN
server named VPN1 that runs Windows Server 2016 and has the Remote Access server role
installed.
You have a Microsoft Azure subscription.
You are deploying Azure Advanced Threat Protection (ATP)
You install an Azure ATP standalone sensor on a server named Server1 that runs Windows Server
2016.
You need to integrate the VPN and Azure ATP.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each
correct selection is worth one point.
Answer:
 51 / 52
Get MS-500 exam dumps full version.
Powered by TCPDF (www.tcpdf.org)
 52 / 52
https://www.itfreedumps.com/exam/real-microsoft-ms-500-dumps/
http://www.tcpdf.org