Microsoft MS-500 Microsoft 365 Security Administration Online Training
Microsoft MS-500 Online Training
The questions for MS-500 were last updated at Dec 20,2024.
- Exam Code: MS-500
- Exam Name: Microsoft 365 Security Administration
- Certification Provider: Microsoft
- Latest update: Dec 20,2024
HOTSPOT
You are evaluating which devices are compliant in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
What should User6 use to meet the technical requirements?
- A . Supervision in the Security & Compliance admin center
- B . Service requests in the Microsoft 365 admin center
- C . Security & privacy in the Microsoft 365 admin center
- D . Data subject requests in the Security & Compliance admin center
Which user passwords will User2 be prevented from resetting?
- A . User6 and User7
- B . User4 and User6
- C . User4 only
- D . User7 and User8
- E . User8 only
HOTSPOT
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
YES, YES, NO.
Named locations can’t have a private IP range, look at https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
"User IP address The IP address that is used in policy evaluation is the public IP address of the user. For devices on a private network, this IP address is not the client IP of the user’s device on the intranet, it is the address used by the network to connect to the public internet."
Topic 4, Misc. Questions
You create a data loss prevention (DLP) policy as shown in the following shown:
What is the effect of the policy when a user attempts to send an email messages that contains sensitive information?
- A . The user receives a notification and can send the email message
- B . The user receives a notification and cannot send the email message
- C . The email message is sent without a notification
- D . The email message is blocked silently
A
Explanation:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
You have a Microsoft 365 subscription.
You need to ensure that users can manually designate which content will be subject to data loss prevention (DLP) policies.
What should you create first?
- A . A retention label in Microsoft Office 365
- B . A custom sensitive information type
- C . A Data Subject Request (DSR)
- D . A safe attachments policy in Microsoft Office 365
A
Explanation:
References: https://docs.microsoft.com/en-us/office365/securitycompliance/manage-gdpr-data-subject-requests-with-thedsr-case-tool#more-information-about-using-the-dsr-case-tool
You have a Microsoft 365 E5 subscription that contains a user named User1.
The Azure Active Directory (Azure AD) Identity Protection risky users report identities User1.
For User1, you select Confirm user compromised.
User1 can still sign in.
You need to prevent User1 from signing in. The solution must minimize the impact on users at a lower risk level.
Solution: You configure the user risk policy to block access when the user risk level is high.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-investigate-risk
Your company has a Microsoft 365 subscription.
The company forbids users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.
The users must be prevented from backing up the app’s data to iCloud.
What should you create?
- A . a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition
- B . an app protection policy in Microsoft Intune
- C . a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition
- D . a device compliance policy in Microsoft Intune
HOTSPOT
You have a Microsoft 365 subscription that contains the users shown in the following table.
Group1 is member of a group named Group3.
The Azure Active Directory (Azure AD) tenant contains the Windows 10 devices shown in the following table.
Microsoft Endpoint Manager has the devices shown in the following table.
Microsoft Endpoint Manager contains the compliance policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
Your network contains an on-premises Active Directory domain named contoso.com.
The domain contains the groups shown in the following table.
The domain is synced to a Microsoft Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.
You create an Azure Information Protection policy named Policy1.
You need to apply Policy1.
To which groups can you apply Policy1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You know you need help when you are preparing for a hard exam like Microsoft 365 Security Administration. MS-500 Dumps PDF 2019 is the best source to get familiar with the latest exam patterns and terms. You can easily get a wide range of 2019 MS-500 Exam Questions at affordable rates from Testmayor. Check out the Free Demo to make sure the MS-500 Dumps are up to your demand. Get free 3-month updates with your purchase and a fabulous discount on using the coupon code.