Get Started MS-500 Exam [2022] Dumps Microsoft PDF Questions [Q53-Q71]

Get Started: MS-500 Exam [2022] Dumps Microsoft PDF Questions

MS-500 Premium Exam Engine pdf Download

What Are the Career Opportunities and Their Salary Scale?

A professional who has succeeded in MS-500 exam and has earned the Microsoft 365 Certified: Security Administrator Associate certificate can secure well paying jobs that require knowledge of cloud technologies like those services offered by Microsoft 365 managed by Azure.

Most of those IT specialists who want to become Security Administrators or verify their knowledge by a popular certification vendor in this sector opt for Microsoft and its MS-500 exam. After passing this test, you will be awarded the Microsoft 365 Certified: Security Administrator Associate certificate, but before that, you need to prepare well and explore all the important details related to this qualifying exam.

NEW QUESTION 53
Your company has 500 computers.
You plan to protect the computers by using Windows Defender Advanced Threat Protection (Windows Defender ATP). Twenty of the computers belong to company executives.
You need to recommend a remediation solution that meets the following requirements:
Windows Defender ATP administrators must manually approve all remediation for the executives

Remediation must occur automatically for all other users

What should you recommend doing from Windows Defender Security Center?

A. Configure 20 system exclusions on automation allowed/block lists
B. Configure two alert notification rules
C. Create two machine groups
D. Download an offboarding package for the computers of the 20 executives

Answer: C

Explanation:
Explanation/Reference:
Reference:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/machine- groups-windows-defender-advanced-threat-protection

NEW QUESTION 54
You need to configure threat detection for Active Directory. The solution must meet the security requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

NEW QUESTION 55
Your company has a Microsoft 365 subscription that includes a user named User1.
You suspect that User1 sent email messages to a competitor detailing company secrets.
You need to recommend a solution to ensure that you can review any email messages sent by User1 to the competitor, including sent items that were deleted.
What should you include in the recommendation?

A. From the Security & Compliance, perform a content search of the mailbox of User1
B. Configure message delivery restrictions for the mailbox of User1
C. Place a Litigation Hold on the mailbox of User1
D. Enable In-Place Archiving for the mailbox of User1

Answer: C

Explanation:
Explanation/Reference:

NEW QUESTION 56
HOTSPOT
How should you configure Group3? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 57
You have a hybrid deployment of Microsoft 365 that contains the users shown in the following table.

You plan to use Microsoft 365 Attack Simulator.
You need to identify the users against which you can use Attack Simulator.
Which users should you identify?

A. User1 and User3 only
B. User3 only
C. User3 and User4 only
D. User1, User2, User3, and User4

Answer: C

Explanation:
Each targeted recipient must have an Exchange Online mailbox.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide

NEW QUESTION 58
Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership#suppor

NEW QUESTION 59
You have a Microsoft 365 E5 subscription and a hybrid Microsoft Exchange Server organization.
Each member of a group named Executive has an on-premises mailbox. Only the Executive group members have multi-factor authentication (MFA) enabled. Each member of a group named Research has a mailbox in Exchange Online.
You need to use Microsoft Office 365 Attack simulator to model a spear-phishing attack that targets the Research group members.
The email address that you intend to spoof belongs to the Executive group members.
What should you do first?

A. From the Microsoft Azure portal, configure the user risk settings in Azure AD Identity Protection
B. From Azure ATP admin center, configure the primary workspace settings
C. Migrate the Executive group members to Exchange Online
D. Enable MFA for the Research group members

Answer: D

Explanation:
Explanation/Reference:
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator

NEW QUESTION 60
次のセキュリティ要件を満たすユーザー管理者向けのソリューションを推奨する必要があります。
監査します。
Azure Active Directory管理センターからどのブレードを使用することをお勧めしますか？

A. 認証方法
B. Azure ADのID保護
C. アクセスレビュー
D. サインイン

Answer: D

Explanation:
説明/参照：
参考文献：
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins
テストレット2
概要
Litware、Inc.は、シカゴの本社に1,000人のユーザーと、米国に100人のユーザーを抱える金融会社です。
サンフランシスコの支店。
既存の環境
内部ネットワークインフラ
ネットワークには単一のドメインフォレストが含まれています。フォレストの機能レベルはWindows Server 2016です。
Active Directoryで定義されているように、ユーザーはサインイン時間の制限を受けます。
ネットワークには、次の表に示すIPアドレス範囲があります。

オフィスは、Multiprotocol Label Switching（MPLS;マルチプロトコルラベルスイッチング）を使用して接続します。
ネットワークでは、次のオペレーティングシステムが使用されています。
Windows Server 2016

Windows 10エンタープライズ

Windows 8.1エンタープライズ

内部ネットワークには、次の表に示すシステムが含まれています。

Litwareはサードパーティの電子メールシステムを使用しています。
クラウドインフラ
Litwareは最近、すべてのユーザーに対してMicrosoft 365サブスクリプションライセンスを購入しました。
Microsoft Azure Active Directory（Azure AD）Connectがインストールされており、既定の認証を使用している
設定。ユーザーアカウントはまだAzure ADと同期されていません。
次の表に示すMicrosoft 365ユーザーとグループがあります。

計画された変更
Litwareは以下の変更を実装する予定です。
電子メールシステムをMicrosoft Exchange Onlineに移行します。

Azure AD特権ID管理を実装する

セキュリティ要件
Litwareは、以下のセキュリティ要件を特定しています。
すべてのAzure ADユーザーアカウントを含むGroup2という名前のグループを作成します。グループ2は

Windows Analyticsへの制限付きアクセスを提供する
Azure Information Protectionポリシーをパイロットに適用するために使用されるGroup3という名前のグループを作成します。

ユーザーGroup 3にはユーザーアカウントのみを含める必要があります
Azure Advanced Threat Protection（ATP）を使用して、フォレストを標的とするセキュリティ上の脅威を検出します。

Active DirectoryからロックアウトされたユーザーがAzure ADおよびActive Directoryにサインインできないようにする

User1のコンプライアンス管理者ロールの恒久的な適格割り当てを実装する

ドメインに参加しているサーバーにWindows DefenderとWindows Defender ATPを統合する

ゲストユーザーアカウントのAzureリソースへのアクセスを既定で禁止する

ドメインに参加しているすべてのコンピューターがAzure ADに登録されていることを確認する

多要素認証（MFA）の要件
Microsoft Office 365とAzureのセキュリティ機能は、パイロットのAzureユーザーアカウントを使用してテストされます。
MFAをテストするための以下の要件を確認します。
パイロットユーザーは、シカゴオフィスの内部ネットワークからサインインしていない限り、MFAを使用する必要があります。

シカゴオフィスの内部ネットワークでは、MFAを使用しないでください。
認証の試行が疑わしい場合は、ユーザーの場所に関係なくMFAを使用する必要があります。

正当な認証試行の中断は最小限に抑える必要があります

一般的な要件
Litwareは、Active Directoryフォレスト内の追加のサーバーとサービスの展開を最小限に抑えたいと考えています。

NEW QUESTION 61
You have a Microsoft 365 subscription and a Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) subscription.
You have devices enrolled in Microsoft Endpoint Manager as shown in the following table:

You integrate Microsoft Defender ATP and Endpoint Manager.
You plan to evaluate the Microsoft Defender ATP risk level for the devices.
You need to identify which devices can be evaluated.
Which devices should you identify?

A. Device1 and Device3 only
B. Device1, Device2 and Device3
C. Device1 only
D. Device1 and Device2 only

Answer: C

Explanation:
Microsoft Defender ATP supports Windows 10, Windows Server, macOSX, and Linux Reference:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/minimum- requirements

NEW QUESTION 62
You have a Microsoft 365 subscription. Auditing is enabled.
A user named User1 is a member of a dynamic security group named Group1.
You discover that User1 is no longer a member of Group1.
You need to search the audit log to identify why User1 was removed from Group1.
Which two actions should you use in the search? To answer, select the appropriate activities in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance

NEW QUESTION 63
You have a Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) deployment that has the custom network indicators turned on. Microsoft Defender ATP protects two computers that run Windows 10 as shown in the following table.

Microsoft Defender ATP has the machine groups shown in the following table.

From Microsoft Defender Security Center, you create the URLs/Domains indicators shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 64
You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback

NEW QUESTION 65
You have a Microsoft 365 subscription.
A customer requests that youprovide her with all documents that reference her by name.
You need to provide the customer with a copy of the content.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer areaand arrange them in the correct order.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-dsr-office365

NEW QUESTION 66
You recently created and published several labels policies in a Microsoft 365 subscription.
You need to view which labels were applied by users manually and which labels were applied automatically.
What should you do from the Security & Compliance admin center?

A. From Search & investigation, select Content search
B. From Reports, select Dashboard
C. From Search & investigation, select eDiscovery
D. From Data governance, select Events

Answer: B

NEW QUESTION 67
Your company has a Microsoft 365 subscription, a Microsoft Azure subscription, and an Azure Active Directory (Azure AD) tenant named contoso.com.
The company has the offices shown in the following table.

The tenant contains the users shown in the following table.

You create the Microsoft Cloud App Security policy shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 68
You have a Microsoft 365 subscription.
You have a site collection named SiteCollection1 that contains a site named Site2. Site2 contains a document library namedCustomers.
Customers contains a document named Litware.docx. You need to remove Litware.docx permanently.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrangethem in the correct order.

Answer:

Explanation:

Explanation

NEW QUESTION 69
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
Four Windows 10 devices are joined to the tenant as shown in the following table.

On which devices can you use BitLocker To Go and on which devices can you turn on auto-unlock? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 70
You have a Microsoft 365 subscription that uses a default domain name of contoso.com.
Microsoft Azure Active Directory (Azure AD) contains the users shown in the following table.

Microsoft Intune has two devices enrolled as shown in the following table:

Both devices have three apps named App1, App2, and App3 installed.
You create an app protection policy named ProtectionPolicy1 that has the following settings:
* Protected apps: App1
* Exempt apps: App2
* Windows Information Protection mode: Block
You apply ProtectionPolicy1 to Group1 and Group3. You exclude Group2 from ProtectionPolicy1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.