Microsoft ms-500 exam

Pass with honors, latest Microsoft MS-500 practice exam online

Understanding the basic concepts of the Microsoft MS-500 exam doesn’t mean you’ll easily be certified by Microsoft 365 Security Administration. In order to pass the Microsoft MS-500 with excellent results, some preparatory work needs to be done. Passing the exam MS-500 requires hands-on experience and practice. Then you really need the Microsoft MS-500 practice exam!

MS-500 practice exam online

The perfect MS-500 practice exam https://www.pass4itsure.com/ms-500.html ( MS-500 PDF + MS-500 VCE Dumps) Helps you get a high score.

[Online] Come try Microsoft MS-500 practice test

QUESTION 1

You create a sensitivity label named secret and enable encryption. On the assign permission page, you select all tenant
members. A user Sally creates a team in Teams and invites a guest user Kevin. Sally creates a document in Word and
applies the secret label.

She uploads to document to the Teams file library. Select which items are true. (Choose three.)

A. Sally successfully uploads the document to Teams
B. Kevin can see the document listed in the Teams files library
C. Kevin can download the document from the Teams files library
D. Kevin can open the document and view the content

Correct Answer: ABC

Everyone in your organization (the all tenant members setting) excludes B2B guest accounts Kevin is a B2B guest in
this scenario. He can therefore not open the document. DLP settings are not mentioned in the scenario and are the only thing that could prevent the uploading of AIP-labelled content to Teams.

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/encryption-sensitivity-labels#add-users-or-groups

QUESTION 2

You are managing your users\’ existing Windows 10 workstations using Intune. You want to configure the telemetry settings to only send security-related information to Microsoft.

Which of the following do you configure?

A. Device configuration profile
B. Device configuration policy
C. Device compliance policy
D. Device deployment profile
E. MDM Security Baseline profile

Correct Answer: A

Device configuration profile allows forcing the configuration settings of the OS No such thing as a device configuration
policy Device compliance policy has the minimum requirements for the device to be marked as compliant Device
deployment profile is for Autopilot; new installations, not existing.

MDM Security baseline is recommended security settings (AKA configuration profile)

Reference:
https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10#reporting-and-telemetry

QUESTION 3

You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription.
You need to allow a user named User1 to view ATP reports in the Threat management dashboard.

Which role provides User1 with the required role permissions?

A. Security administrators
B. Exchange administrator
C. Compliance administrator
D. Message center reader

Correct Answer: A

Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/view-reports-for-atp#what-permissions-areneeded-to-view-the-atp-reports

QUESTION 4

Which of the following tools will you use to activate a GDPR Data Subject Request?

A. Service Trust Portal
B. Compliance Manager
C. Trust Center
D. Azure Security Center
E. Microsoft Compliance Portal
F. Office365 Security and Compliance Center

Correct Answer: F

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-dsr-office365#using-the-content-searchediscovery-tool-to-respond-to-dsrs

QUESTION 5

You need to ensure that users can manually designate which content will be subject to data loss prevention (DLP)
policies. You have a Microsoft 365 subscription.

What should you create first?

A. A retention label in Microsoft Office 365
B. A custom sensitive information type
C. A Data Subject Request (DSR)
D. A safe attachments policy in Microsoft Office 365

Correct Answer: C

References: https://docs.microsoft.com/en-us/office365/securitycompliance/manage-gdpr-data-subject-requests-withthe-dsr-case-tool#more-information-about-using-the-dsr-case-tool

QUESTION 6

He requires that all privileged accounts be reviewed every seven days. Users with administrative privileges must self-assess their access, however, if an administrator doesn\’t respond within three days of receiving such a request,
privileged access must be removed.

What tool will you use to implement his requirements?

A. Azure Active Directory
B. Azure AD Privileged Identity Management
C. Identity Governance
D. Activity Log

Correct Answer: B

Access review for Azure AD roles (like Global Administrator or another privileged role) is configured under Azure AD
Privileged Identity Management.

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-perform-securityreview

QUESTION 7

You use Windows Defender Advanced Threat Protection (Windows Defender ATP). You plan to use Microsoft Office
365 Attack simulator. You have a Microsoft 365 Enterprise E5 subscription.

What is a prerequisite for running an Attack simulator?

A. Enable multi-factor authentication (MFA)
B. Configure Advanced Threat Protection (ATP)
C. Create a Conditional Access App Control policy for accessing Office 365
D. Integrate Office 365 Threat Intelligence and Windows Defender ATP

Correct Answer: A

Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator

QUESTION 8

In Office365 ATP Safe Attachments, what happens when you select Dynamic Delivery?

A. The message is delivered, but attachments containing malware is blocked
B. The message is not delivered until attachments have been confirmed safe
C. The message is delivered, but attachments containing malware is replaced by a message informing the user that the
missing attachment contained malware and was blocked
D. The message and attachments are quarantined if malware is detected in any of the attachments
E. The message is delivered without attachments. When the attachments are confirmed safe, the message is updated
with the attachments

Correct Answer: E

Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/dynamic-delivery-andpreviewing

QUESTION 9

Which of the following tools will you use to manage regulatory compliance within the shared responsibility model of the cloud?

A. Service Trust Portal
B. Compliance Manager
C. Trust Center
D. Azure Security Center
E. Microsoft Compliance Portal

Correct Answer: B

Both the compliance manager and the trust center are components of the service trust portal. Each of them has a
different purpose. See the document link for details.

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-service-trust-portal#compliance

QUESTION 10

You click on the button as indicated in the exhibit.

Select all of the sensitivity labels that are generated by AIP. (Choose ve.)

A. Personal
B. Non-Business
C. Private
D. Public
E. General
F. Business General
G. Sensitive
H. Confidential I. Secret
J. Highly Confidential K. Top Secret

Correct Answer: ADEHJ

Reference: https://docs.microsoft.com/en-us/azure/information-protection/quickstart-viewpolicy#create-and-publishlabels

QUESTION 11

You have a Microsoft 365 subscription linked to an Azure Active Directory (Azure AD) tenant that contains a user named User1.

You have a Data Subject Request (DSR) case named Case1. You need to allow User1 to export the results of Case1.
The solution must use the principle of least privilege.

Which role should you assign to User1 for Case1?

A. eDiscovery Manager
B. Security Operator
C. eDiscovery Administrator
D. Global Reader

Correct Answer: A

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/manage-gdpr-data-subject-requests-with-the- dsr-casetool?view=o365-worldwide#step-1-assign-ediscovery-permissions-to-potential-case-members

QUESTION 12

Your company has a Microsoft 365 subscription.
The company does not permit users to enroll personal devices in mobile device management (MOM). Users in the sales
the department has personal iOS devices.

You need to ensure that the sales department users can use the Microsoft Power Bl app from iOS devices to access the Power Bl data in your tenant. The users must be prevented from backing up the app\\’s data to iCloud.

What should you create?

A. a device compliance policy in Microsoft Endpoint Manager
B. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition
C. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition
D. an app protection policy in Microsoft Endpoint Manager

Correct Answer: D

QUESTION 13

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.

You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1. Some email messages sent to
User1 appears to have been read and deleted before the user viewed them.

When you search the audit log in Security and Compliance to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1. You run the Set-Mailbox-Identity “User1”-AuditEnabled $true command.

Does that meet the goal?

A. Yes
B. No

Correct Answer: A

Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps

[Pdf] Microsoft 365 Security Administration MS-500 pdf download

Microsoft MS-500 pdf practice exam [Drive] free download https://drive.google.com/file/d/1tgWiGZNm0XVbliriEEmc7wVbdkbDA949/view?usp=sharing

So,

Pass4itSure is willing to provide updates for ms-500 testing. The above practice questions all come from it. MS-500 dumps provide the latest MS-500 practice exams to help you, all you have to do is practice!

Try now, latest MS-500 practice exam: https://www.pass4itsure.com/ms-500.html(Q&As: 226).

Need another practice exam for Microsoft certification? Click here: https://www.microsoft-technet.com/category/microsoft