Pass Your MS-500 Exam Easily - Real MS-500 Practice Dump Updated Jan 06, 2022
2022 Realistic Verified Free Microsoft MS-500 Exam Questions
NEW QUESTION 25
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a user named Lee Gu can manage all the settings for Exchange Online. The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft Office 365 admin center.
Answer:
Explanation:
See explanation below.
* In the Exchange Administration Center (EAC), navigate to Permissions > Admin Roles.
* Select the group: Organization Management and then click on Edit.
* In the Members section, click on Add.
* Select the users, USGs, or other role groups you want to add to the role group, click on Add, and then click on OK.
* Click on Save to save the changes to the role group.
Reference:
https://help.bittitan.com/hc/en-us/articles/115008104507-How-do-I-assign-the-elevated-admin-role-Organization
https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo
NEW QUESTION 26
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in Security & Compliance to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
You run the Set-MailboxFolderPermission -Identity "User1"
-User [email protected] -AccessRights Owner command.
Does that meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps
NEW QUESTION 27
How should you configure Azure AD Connect? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 28
You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group.
Which other settings should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 29
Your company has a Microsoft 365 subscription, a Microsoft Azure subscription, and an Azure Active Directory (Azure AD) tenant named contoso.com.
The company has the offices shown in the following table.
The tenant contains the users shown in the following table.
You create the Microsoft Cloud App Security policy shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 30
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a user named Lee Gu can manage all the settings for Exchange Online. The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft Office 365 admin center.
Answer:
Explanation:
See explanation below.
* In the Exchange Administration Center (EAC), navigate to Permissions > Admin Roles.
* Select the group: Organization Management and then click on Edit.
* In the Members section, click on Add.
* Select the users, USGs, or other role groups you want to add to the role group, click on Add, and then click on OK.
* Click on Save to save the changes to the role group.
Reference:
https://help.bittitan.com/hc/en-us/articles/115008104507-How-do-I-assign-the-elevated-admin-role-Organization
https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo
NEW QUESTION 31
You have a Microsoft 365 E5 subscription.
Users and device objects are added and removed daily. Users in the sales department frequently change their device.
You need to create three following groups:
The solution must minimize administrative effort.
What is the minimum number of groups you should create for each type of membership? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
References:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/users-groups-roles/groups-dyn
NEW QUESTION 32
You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by using Microsoft Intune.
You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will allow only Windows 10 computers marked as compliant to establish a VPN connection to the on-premises network.
What should you do first?
- A. Enable Application Proxy in Azure AD
- B. From Active Directory Administrative Center, create a Dynamic Access Control policy
- C. From the Azure Active Directory admin center, create a new certificate
- D. From the Azure Active Directory admin center, configure authentication methods
Answer: C
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/ad-ca-vpn-connectivity- windows10
NEW QUESTION 33
You are evaluating which devices are compliant in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 34
You have a Microsoft 365 subscription.
Some users access Microsoft SharePoint Online from unmanaged devices.
You need to prevent the users from downloading, printing, and syncing files.
What should you do?
- A. Run the Set-SPOTenantcmdlet and specify the -ConditionalAccessPolicyparameter.
- B. From the Microsoft Azure portal, create an Azure Active Directory (Azure AD) Identity Protection sign-in risk policy.
- C. From the SharePoint admin center, configure the secure control settings.
- D. From the Microsoft Azure portal, create an Azure AD Identity Protection user risk policy.
Answer: A
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenant?view=sharepoint-ps
https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices
NEW QUESTION 35
You have a Microsoft 365 subscription.
You are creating a retention policy named Retention1 as shown in the following exhibit.
You apply Retention1 to SharePoint sites and OneDrive accounts.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 36
You have a Microsoft 365 subscription.
You identify the following data loss prevention (DLP) requirements:
* Send notifications to users if they attempt to send attachments that contain EU social security numbers
* Prevent any email messages that contain credit card numbers from being sent outside your organization
* Block the external sharing of Microsoft OneDrive content that contains EU passport numbers
* Send administrators email alerts if any rule matches occur.
What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 37
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in Security & Compliance to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
You run the Set-Maibox -Identity "User1" -AuditEnabled $true command.
Does that meet the goal?
- A. No
- B. Yes
Answer: B
Explanation:
References:
https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps
NEW QUESTION 38
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be availableto you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, itdoesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place yourcursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password:#HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance:11122308








You need to ensure that a user named Allan Deyoung receives incident reports when email messages that contain data covered by the U.K. Data Protection Act are sent outside of your organization.
To complete this task, sign in to the Microsoft 365 admin center.
Answer:
Explanation:
See explanation below.
Explanation
1. In the Security & Compliance Center > left navigation >Data loss prevention>Policy>+ Create a policy.
2. Choose theU.K. Data Protection Acttemplate >Next.
3. Name the policy >Next.
4. ChooseAll locations in Office 365>Next.
5. At the firstPolicy Settingsstep just accept the defaults,
6. After clickingNext,you'll bepresented with an additionalPolicy Settingspage Deselect theShow policy tips to users and send them an email notificationoption.
Select theDetect when content that's being shared containsoption, and configure the number instances to be 10.
Select theSend incident reports in emailoption.
Select theChoose what to include in the report and who receives itlink to add Allan Deyoung as a recipient.
7. >Next
8. Select the option to turn on the policy right away >
9. ClickCreateto finish creating the policy.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwid
https://docs.microsoft.com/en-us/microsoft-365/compliance/what-the-dlp-policy-templates-include?view=o365
NEW QUESTION 39
You have a Microsoft 365 Enterprise E5 subscription.
You use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). You plan to use Microsoft Office 365 Attack simulator.
What is a prerequisite for running Attack simulator?
- A. Integrate Office 365 Threat Intelligence and Microsoft Defender ATP
- B. Configure Office 365 Advanced Threat Protection (ATP)
- C. Create a Conditional Access App Control policy for accessing Office 365
- D. Enable multi-factor authentication (MFA)
Answer: D
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator
NEW QUESTION 40
You have a Microsoft 365 E5 subscription.
You implement Advanced Threat Protection (ATP) safe attachments policies for all users.
User reports that email messages containing attachments take longer than expected to be received.
You need to reduce the amount of time it takes to receive email messages that contain attachments. The
solution must ensure that all attachments are scanned for malware. Attachments that have malware must
be blocked.
What should you do from ATP?
- A. Add a condition
- B. Set the action to Dynamic Delivery
- C. Set the action to Block
- D. Add an exception
Answer: B
Explanation:
Explanation/Reference:
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/dynamic-delivery-and-previewing
NEW QUESTION 41
You need to resolve the issue that targets the automated email messages to the IT team.
Which tool should you run first?
- A. Synchronization Rules Editor
- B. Synchronization Service Manager
- C. IdFix
- D. Azure AD Connect wizard
Answer: D
Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/office365/enterprise/fix-problems-with-directory-synchronization
Topic 3, Contoso, Ltd
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, and New York.
The company has the offices shown in the following table.
Contoso has IT, human resources (HR), legal, marketing, and finance departments. Contoso uses Microsoft
365.
Existing Environment
Infrastructure
The network contains an Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. Password writeback is enabled.
The domain contains servers that run Windows Server 2016. The domain contains laptops and desktop computers that run Windows 10 Enterprise.
Each client computer has a single volume.
Each office connects to the Internet by using a NAT device. The offices have the IP addresses shown in the following table.
Named locations are defined in Azure AD as shown in the following table.
From the Multi-Factor Authentication page, an address space of 198.35.3.0/24 is defined in the trusted IPs list.
Azure Multi-Factor Authentication (MFA) is enabled for the users in the finance department.
The tenant contains the users shown in the following table.
The tenant contains the groups shown in the following table.
Customer Lockbox is enabled in Microsoft 365.
Microsoft Intune Configuration
The devices enrolled in Intune are configured as shown in the following table.
The device compliance policies in Intune are configured as shown in the following table.
The device compliance policies have the assignments shown in the following table.
The Mark devices with no compliance policy assigned as setting is set to Compliant.
Requirements
Technical Requirements
Contoso identifies the following technical requirements:
* Use the principle of least privilege
* Enable User1 to assign the Reports reader role to users
* Ensure that User6 approves Customer Lockbox requests as quickly as possible
* Ensure that User9 can implement Azure AD Privileged Identity Management
NEW QUESTION 42
注:この質問は同じシナリオを提示する一連の質問の一部です。の各質問
シリーズは述べられた目的を満たすかもしれないユニークな解決策を含みます。いくつかの質問セット
他の人が正しい解決策を持っていないかもしれない間、複数の正しい解決策を持っています。
このセクションで質問に答えた後は、それに戻ることはできません。その結果、
質問はレビュー画面に表示されません。
Microsoft Azure Active Directory(Azure)に関連付けられているMicrosoft 365 E5サブスクリプションがあります。
contoso.comという名前のAD)テナント。
Active Directoryフェデレーションサービス(AD FS)を使用して、オンプレミスのActive Directoryと
テナント。 Azure AD Connectには次の設定があります。
ソースアンカー:objectGUID
パスワードハッシュ同期:無効
パスワードライトバック:無効
ディレクトリ拡張属性の同期:無効
Azure ADアプリと属性のフィルタリング:無効
Exchangeハイブリッド展開:無効
ユーザライトバック:無効
Azure AD Identity Protectionで漏洩した資格情報の検出を使用できるようにする必要があります。
解決方法:パスワードハッシュ同期設定を変更します。
それは目標を達成していますか?
- A. いいえ
- B. はい
Answer: B
Explanation:
説明/参照:
参考文献:
https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps
NEW QUESTION 43
You have a Microsoft 365 E5 subscription.
You plan to create a conditional access policy named Policy1.
You need to be able to use the sign-in risk level condition in Policy1.
What should you do first?
- A. Connect Microsoft Endpoint Manager and Microsoft Defender for Endpoint.
- B. From the Endpoint Management admin center, create a device compliance policy.
- C. From the Azure Active Directory admin center, configure the Diagnostics settings.
- D. Onboard Azure Active Directory (Azure AD) Identity Protection.
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-risk
NEW QUESTION 44
You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription.
You need to allow a user named User1 to view ATP reports in the Threat management dashboard.
Which role provides User1 with the required role permissions?
- A. Information Protection administrator
- B. Service administrator
- C. Compliance administrator
- D. Security reader
- E. Message center reader
- F. Exchange administrator
Answer: D
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/view-reports-for-atp#what-permissions-are- needed-to-view-the-atp-reports
NEW QUESTION 45
You have a Microsoft 365 subscription that contains the users shown in the following table.
You create and enforce an Azure Active Directory (Azure AD) Identity Protection sign-in risk policy that has the following settings:
* Assignments: Include Group1, Exclude Group2
* Conditions: User risk level of Medium and above
* Access: Allow access, Require password change
The users attempt to sign in. The risk level for each user is shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Yes.
User1 is in Group1 which the policy applies to.
Box 2: No
User2 is in Group2 which is excluded from the policy.
Box 3: No
User3 is in Group1 which is included in the policy and Group2 which is excluded from the policy. In this case, the exclusion wins so the policy does not apply to User3.
NEW QUESTION 46
......
How to study the MS-500 Exam
Free4Torrent expert team recommends you to prepare some notes on these topics along with it don’t forget to practice Microsoft MS-500 Exam dumps which been written by our expert team, Both these will help you a lot to clear this exam with good marks.
Most of those IT specialists who want to become Security Administrators or verify their knowledge by a popular certification vendor in this sector opt for Microsoft and its MS-500 exam. After passing this test, you will be awarded the Microsoft 365 Certified: Security Administrator Associate certificate, but before that, you need to prepare well and explore all the important details related to this qualifying exam.
MS-500 Real Exam Questions and Answers FREE: https://www.free4torrent.com/MS-500-braindumps-torrent.html
MS-500 Exam Questions | Real MS-500 Practice Dumps: https://drive.google.com/open?id=1qxGI9dfQvj7mNm44Yqcr3YqJi0vmz6lj