MS-500 Exam Dumps - Microsoft 365 Security Administration
You install Azure ATP sensors on domain controllers.
You add a member to the Domain Admins group. You view the timeline in Azure ATP and discover that information regarding the membership change is missing.
You need to meet the security requirements for Azure ATP reporting.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.
What should you include in the recommendation?
Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group.
Which other settings should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Which policies apply to which devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You are evaluating which devices are compliant in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You create a supervision policy named Policy1, and you designate a user named User1 as the reviewer.
What should User1 use to view supervised communications?
You have an Azure Sentinel workspace.
You configure a rule to generate Azure Sentinel alerts when Azure Active Directory (Azure AD) Identity Protection detects risky sign-ins. You develop an Azure Logic Apps solution to contact users and verify whether reported risky sign-ins are legitimate.
You need to configure the workspace to meet the following requirements:
- Call the Azure logic app when an alert is triggered for a risky sign-in.
- To the Azure Sentinel portal, add a custom dashboard that displays statistics for risky sign-ins that are detected and resolved.
What should you configure in Azure Sentinel to meet each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Table
Description automatically generatedYour company plans to merge with another company.
A user named Debra Berger is an executive at your company.
You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.
To complete this task, sign in to the Microsoft 365 portal.
You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure Active Directory (Azure AD).
You have a custom compliance manager template named Regulation1.
You have the assessments shown in the following table.
Assessment1 has the improvement actions shown in the following table.
Assessment2 has the improvement actions shown in the following table.
You perform the following actions:
- For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.
- Enable multi-factor authentication (MFA) for all users.
- Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Graphical user interface, text, application
Description automatically generatedNote: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the
tenant. Azure AD Connect has the following settings:
- Source Anchor: objectGUID
- Password Hash Synchronization: Disabled
- Password writeback: Disabled
- Directory extension attribute sync: Disabled
- Azure AD app and attribute filtering: Disabled
- Exchange hybrid deployment: Disabled
- User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Source Anchor settings.
Does that meet the goal?
You have a Microsoft 365 E5 subscription.
You create a sensitivity label named Label 1 and publish Label1 to all users and groups.
You have the following files on a computer:
• File1.doc
• File2.docx
• File3.xlsx
• File4.txt
You need to identify which files can have Label1 applied. Which files should you identify?
You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
You need to recommend an Azure AD Privileged Identity Management (PIM) solution that meets the following requirements:
- Administrators must be notified when the Security administrator role is activated.
- Users assigned the Security administrator role must be removed from the role automatically if they do not sign in for 30 days.
Which Azure AD PIM setting should you recommend configuring for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your network contains an on-premises Active Directory domain that syncs to Azure Active Directory (Azure AD) as shown in the following exhibit.
The synchronization schedule is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You are creating a retention policy named Retention1 as shown in the following exhibit.
You apply Retention1 to SharePoint sites and OneDrive accounts.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You create and run a content search from the Security & Compliance admin center.
You need to download the results of the content search.
What should you obtain first?
You have a hybrid Azure Active Directory (Azure AD) tenant that has pass- through authentication enabled.
You plan to implement Azure AD identity Protection and enable the user risk policy.
You need to configure the environment to support the user risk policy.
An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.
What should you do to meet the security requirements?
You need to resolve the issue that targets the automated email messages to the IT team.
Which tool should you run first?
You need to recommend an email malware solution that meets the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution for the user administrators that meets the security requirements for auditing.
Which blade should you recommend using from the Azure Active Directory admin center?