Microsoft MS-500 Microsoft 365 Security Administration Online Training
Microsoft MS-500 Online Training
The questions for MS-500 were last updated at Dec 19,2024.
- Exam Code: MS-500
- Exam Name: Microsoft 365 Security Administration
- Certification Provider: Microsoft
- Latest update: Dec 19,2024
You need to create Group3.
What are two possible ways to create the group?
- A . an Office 365 group in the Microsoft 365 admin center
- B . a mail-enabled security group in the Microsoft 365 admin center
- C . a security group in the Microsoft 365 admin center
- D . a distribution list in the Microsoft 365 admin center
- E . a security group in the Azure AD admin center
HOTSPOT
How should you configure Group3? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to create Group2.
What are two possible ways to create the group?
- A . an Office 365 group in the Microsoft 365 admin center
- B . a mail-enabled security group in the Microsoft 365 admin center
- C . a security group in the Microsoft 365 admin center
- D . a distribution list in the Microsoft 365 admin center
- E . a security group in the Azure AD admin center
HOTSPOT
How should you configure Azure AD Connect? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Which IP address space should you include in the MFA configuration?
- A . 131.107.83.0/28
- B . 192.168.16.0/20
- C . 172.16.0.0/24
- D . 192.168.0.0/20
You need to implement Windows Defender ATP to meet the security requirements.
What should you do?
- A . Configure port mirroring
- B . Create the ForceDefenderPassiveMode registry setting
- C . Download and install the Microsoft Monitoring Agent
- D . Run WindowsDefenderATPOnboardingScript.cmd
Topic 3, Contoso, Ltd
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, and New York.
The company has the offices shown in the following table.
Contoso has IT, human resources (HR), legal, marketing, and finance departments.
Contoso uses Microsoft 365.
Existing Environment
Infrastructure
The network contains an Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. Password writeback is enabled.
The domain contains servers that run Windows Server 2016. The domain contains laptops and desktop computers that run Windows 10 Enterprise.
Each client computer has a single volume.
Each office connects to the Internet by using a NAT device.
The offices have the IP addresses shown in the following table.
Named locations are defined in Azure AD as shown in the following table.
From the Multi-Factor Authentication page, an address space of 198.35.3.0/24 is defined in the trusted IPs list.
Azure Multi-Factor Authentication (MFA) is enabled for the users in the finance department.
The tenant contains the users shown in the following table.
The tenant contains the groups shown in the following table.
Customer Lockbox is enabled in Microsoft 365.
Microsoft Intune Configuration
The devices enrolled in Intune are configured as shown in the following table.
The device compliance policies in Intune are configured as shown in the following table.
The device compliance policies have the assignments shown in the following table.
The Mark devices with no compliance policy assigned as setting is set to Compliant.
Requirements
Technical Requirements
Contoso identifies the following technical requirements:
✑ Use the principle of least privilege
✑ Enable User1 to assign the Reports reader role to users
✑ Ensure that User6 approves Customer Lockbox requests as quickly aspossible
✑ Ensure that User9 can implement Azure AD Privileged Identity Management
HOTSPOT
Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to meet the technical requirements for User9.
What should you do?
- A . Assign the Privileged administrator role to User9 and configure a mobile phone number for User9
- B . Assign the Compliance administrator role to User9 and configure a mobile phone number for User9
- C . Assign the Security administrator role to User9
- D . Assign the Global administrator role to User9
A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-give-access-to-pim
HOTSPOT
Which policies apply to which devices? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Which role should you assign to User1?
- A . Global administrator
- B . User administrator
- C . Privileged role administrator
- D . Security administrator
D
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-give-access-to-pim
You know you need help when you are preparing for a hard exam like Microsoft 365 Security Administration. MS-500 Dumps PDF 2019 is the best source to get familiar with the latest exam patterns and terms. You can easily get a wide range of 2019 MS-500 Exam Questions at affordable rates from Testmayor. Check out the Free Demo to make sure the MS-500 Dumps are up to your demand. Get free 3-month updates with your purchase and a fabulous discount on using the coupon code.