[Sep-2021] MS-500 Pre-Exam Practice Tests Exam Questions and Answers for Microsoft 365 Study Guide [Q67-Q88]

[Sep-2021] MS-500 Pre-Exam Practice Tests | Exam Questions and Answers for Microsoft 365 Study Guide

Microsoft 365 Security Administration Certification Sample Questions

NEW QUESTION 67
You have an on-premises Hyper-V infrastructure that contains the following:
* An Active Directory domain
* A domain controller named Server1
* A member server named Server2
A security policy specifies that Server1 cannot connect to the Internet. Server2 can connect to the Internet.
You need to implement Azure Advanced Threat Protection (ATP) to monitor the security of the domain.
What should you configure on each server? To answer, drag the appropriate components to the correct servers.
Each component may only be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

 

NEW QUESTION 68
You need to ensure that unmanaged mobile devices are quarantined when the devices attempt to connect to Exchange Online.
To complete this task, sign in to the Microsoft 365 portal.

Answer:

Explanation:
See explanation below.
Explanation
You need to configure the Exchange ActiveSync Access Settings.
* Go to the Exchange admin center.
* Click on Mobile in the left navigation pane.
* On the Mobile Device Access Exchange ActiveSync Access Settings
area.
* Select the Quarantine option under When a mobile device that isn't managed by a rule or personal exemption connects to Exchange.
* Optionally, you can configure notifications to be sent to administrators and a message to be sent to the mobile device user when a device is quarantined.
* Click Save to save the changes.

 

NEW QUESTION 69
You need to resolve the issue that targets the automated email messages to the IT team.
Which tool should you run first?

• A. Azure AD Connect wizard
• B. IdFix
• C. Synchronization Service Manager
• D. Synchronization Rules Editor

Answer: A

Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/office365/enterprise/fix-problems-with-directory-synchronization

 

NEW QUESTION 70
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a user named Alex Wilber can register for multifactor authentication (MFA).
To complete this task, sign in to the Microsoft Office 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
Enable Modern authentication for your organization
1. To enable modern authentication, from the admin center, select Settings and then in the Services tab, choose Modern authentication
2. Check the Enable modern authentication authentication panel.

Enable multi-factor authentication for your organization
1. In the admin center, select Users and Active Users.
2. In the Active Users section, Click on multi-factor authentication.
3. On the Multi-factor authentication page, select user if you are enabling this for one user or select Bulk Update to enable multiple users.
4. Click on Enable under Quick Steps.
5. In the Pop-up window, Click on Enable Multi-Factor Authentication.
After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authenticatio

 

NEW QUESTION 71
Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership#suppor

 

NEW QUESTION 72
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308









You need to protect against phishing attacks. The solution must meet the following requirements:
* Phishing email messages must be quarantined if the messages are sent from a spoofed domain.
* As many phishing email messages as possible must be identified.
The solution must apply to the current SMTP domain names and any domain names added later.
To complete this task, sign in to the Microsoft 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
1. After signing in to the Microsoft 365 admin center, select Security, Threat Management, Policy, then ATP Anti-phishing.
2. Select Default Policy to refine it.
3. In the Impersonation section, select Edit.
4. Go to Add domains to protect and select the toggle to automatically include the domains you own.
5. Go to Actions, open the drop-down If email is sent by an impersonated user, and choose the Quarantine message action.
Open the drop-down If email is sent by an impersonated domain and choose the Quarantine message action.
6. Select Turn on impersonation safety tips. Choose whether tips should be provided to users when the system detects impersonated users, domains, or unusual characters. Select Save.
7. Select Mailbox intelligence and verify that it's turned on. This allows your email to be more efficient by learning usage patterns.
8. Choose Add trusted senders and domains. Here you can add email addresses or domains that shouldn't be classified as an impersonation.
9. Choose Review your settings, make sure everything is correct, select Save, then Close.
Reference:
https://support.office.com/en-us/article/protect-against-phishing-attempts-in-microsoft-365-86c425e1-1686-430a
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=

 

NEW QUESTION 73
You have a Microsoft 365 sensitivity label that is published to all the users in your Azure Active Directory (Azure AD) tenant as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-worldwide#when-office-apps-apply-content-marking-and-encryption

 

NEW QUESTION 74
You need to implement a solution to manage when users select links in documents or email messages from Microsoft Office 365 ProPlus applications or Android devices. The solution must meet the following requirements:
* Block access to a domain named fabrikam.com
* Store information when the users select links to fabrikam.com
To complete this task, sign in to the Microsoft 365 portal.

Answer:

Explanation:
See explanation below.
Explanation
You need to configure a Safe Links policy.
* Go to the Office 365 Security & Compliance admin center.
* Navigate to Threat Management > Policy > Safe Links.
* In the Policies that apply to the entire organization Default, and then click the Edit icon.
* In the Block the following URLs section, type in *.fabrikam.com. This meets the first requirement in the question.
* In the Settings that apply to content except email section, untick the checkbox labelled Do not track when users click safe links. This meets the second requirement in the question.
* Click Save to save the changes.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-atp-safe-links-policies?view=

 

NEW QUESTION 75
You need to configure threat detection for Active Directory. The solution must meet the security requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

 

NEW QUESTION 76
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to create a case that prevents the members of a group named Operations from deleting email messages that contain the word IPO.
To complete this task, sign in to the Microsoft Office 365 admin center.

Answer:

Explanation:
1. Navigate to the Security & Compliance Center.
2. In the Security & Compliance Center, click eDiscovery > eDiscovery, and then click Create a case.
3. On the New Case page, give the case a name, type an optional description, and then click Save. The case name must be unique in your organization.

The new case is displayed in the list of cases on the eDiscovery page.
After you create a case, the next step is to add members to the case. The eDiscovery Manager who created the case is automatically added as a member. Members have to be assigned the appropriate eDiscovery permissions so they can access the case after you add them.
4. In the Security & Compliance Center, click eDiscovery > eDiscovery to display the list of cases in your organization.
5. Click the name of the case that you want to add members to.
The Manage this case flyout page is displayed.

6. Under Manage members, click Add to add members to the case.
You can also choose to add a role group to the case. Under Manage role groups, click Add.
7. In the list of people or role groups that can be added as members of the case, click the check box next to the names of the people or role groups that you want to add.
8. After you select the people or role groups to add as members of the group, click Add.
In Manage this case, click Save to save the new list of case members.
9. Click Save to save the new list of case members.
You can use an eDiscovery case to create holds to preserve content that might be relevant to the case. You can place a hold on the mailboxes and OneDrive for Business sites of people who are custodians in the case. You can also place a hold on the group mailbox, SharePoint site, and OneDrive for Business site for an Office 365 Group. Similarly, you can place a hold on the mailboxes and sites that are associated with Microsoft Teams or Yammer Groups. When you place content locations on hold, content is held until you remove the hold from the content location or until you delete the hold.
To create a hold for an eDiscovery case:
1. In the Security & Compliance Center, click eDiscovery > eDiscovery to display the list of cases in your organization.
2. Click Open next to the case that you want to create the holds in.
3. On the Home page for the case, click the Hold tab.

4. On the Hold page, click Create.
5. On the Name your hold page, give the hold a name. The name of the hold must be unique in your organization.

6. (Optional) In the Description box, add a description of the hold.
7. Click Next.
8. Choose the content locations that you want to place on hold. You can place mailboxes, sites, and public folders on hold.

a. Exchange email - Click Choose users, groups, or teams and then click Choose users, groups, or teams again. to specify mailboxes to place on hold. Use the search box to find user mailboxes and distribution groups (to place a hold on the mailboxes of group members) to place on hold. You can also place a hold on the associated mailbox for a Microsoft Team, a Yammer Group, or an Office 365 Group. Select the user, group, team check box, click Choose, and then click Done.

a. In the box under Keywords, type a search query in the box so that only the content that meets the search criteria is placed on hold. You can specify keywords, message properties, or document properties, such as file names. You can also use more complex queries that use a Boolean operator, such as AND, OR, or NOT. If you leave the keyword box empty, then all content located in the specified content locations will be placed on hold.
b. Click Add conditions to add one or more conditions to narrow the search query for the hold. Each condition adds a clause to the KQL search query that is created and run when you create the hold. For example, you can specify a date range so that email or site documents that were created within the date ranged are placed on hold. A condition is logically connected to the keyword query (specified in the keyword box) by the AND operator. That means that items have to satisfy both the keyword query and the condition to be placed on hold.
9. After configuring a query-based hold, click Next.
10. Review your settings, and then click Create this hold.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/ediscovery-cases?view=o365-worldwide

 

NEW QUESTION 77
You have a Microsoft 365 subscription. Auditing is enabled.
A user named User1 is a member of a dynamic security group named Group1.
You discover that User1 is no longer a member of Group1.
You need to search the audit log to identify why User1 was removed from Group1.
Which two actions should you use in the search? To answer, select the appropriate activities in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation


References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance

 

NEW QUESTION 78
You have a Microsoft 365 subscription that contains the users shown in the following table.

You create and enforce an Azure Active Directory (Azure AD) Identity Protection sign-in risk policy that has the following settings:
* Assignments: Include Group1, Exclude Group2
* Conditions: User risk level of Medium and above
* Access: Allow access, Require password change
The users attempt to sign in. The risk level for each user is shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Yes.
User1 is in Group1 which the policy applies to.
Box 2: No
User2 is in Group2 which is excluded from the policy.
Box 3: No
User3 is in Group1 which is included in the policy and Group2 which is excluded from the policy. In this case, the exclusion wins so the policy does not apply to User3.

 

NEW QUESTION 79
You have a Microsoft 365 E5 subscription.
All computers run Windows 10 and are onboarded to Windows Defender Advanced Threat Protection (Windows Defender ATP).
You create a Windows Defender machine group named MachineGroupl.
You need to enable delegation for the security settings of the computers in MachineGroupl.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

1 - From Windows Defender Security Center, configure the permissions for MachineGroup1.
2 - From the Microsoft Azure portal, create an Azure Active Directory (Azure AD) group.
3 - From the Azure portal, create an RBAC role.

 

NEW QUESTION 80
You have a Microsoft 365 subscription.
A user reports that changes were made to several files in Microsoft OneDrive.
You need to identify which files were modified by which users in the user's OneDrive.
What should you do?

• A. From Microsoft Cloud App Security, open the activity log
• B. From the OneDrive admin center, select Device access
• C. From Security & Compliance, perform an eDiscovery search
• D. From the Azure Active Directory admin center, open the audit log

Answer: A

Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/cloud-app-security/activity-filters

 

NEW QUESTION 81
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant. You create a label named CompanyConfidential in Microsoft Azure Information Protection. You add CompanyConfidential to a global policy.
A user protects an email message by using CompanyConfidential and sends the label to several external recipients. The external recipients report that they cannot open the email message.
You need to ensure that the external recipients can open protected email messages sent to them.
You modify the encryption settings of the label.
Does that meet the goal?

• A. No
• B. Yes

Answer: A

 

NEW QUESTION 82
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
Four Windows 10 devices are joined to the tenant as shown in the following table.

On which devices can you use BitLocker To Go and on which devices can you turn on auto-unlock? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

 

NEW QUESTION 83
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308









You need to create a retention policy that contains a data label. The policy must delete all Microsoft Office
365 content that is older than six months.
To complete this task, sign in to the Microsoft 365 admin center.

Answer:

Explanation:
See explanation below.
Explanation
Creating Office 356 labels is a two-step process. The first step is to create the actual label which includes the name, description, retention policy, and classifying the content as a record. Once this is completed, the second step requires the deployment of a label using a labelling policy which specifies the specific location to publish and applying the label automatically.
To create an Office 365 label, following these steps:
1. Open Security and Compliance Centre;
2. Click on Classifications;
3. Click on Labels;
4. The label will require configuration including: name your label (Name), add a description for the admins ( Description for Admins), add a description for the users (Description for Users);
5. Click Next once the configuration is completed;
6. Click Label Settings on the left-hand side menu;
7. The Label Settings will need to be configured. On this screen, you can toggle the Retention switch to either
"on" or "off". If you choose "on", then you can answer the question "When this label is applied to content" with one of two options. The first option is to . From the pick boxes, you can choose the length of retention and upon the end of the retention, the action that will take place. The three actions are to delete the data, trigger an approval flow for review, or nothing can be actioned. The second option is to not retain the data after a specified amount of time or based on the age of the data; and
8. The label has now been created.
To create a label policy, follow these steps:
1. Open Security and Compliance Centre
2. Click on Data Governance, Retention
3. Choose Label Policies box at the top of the screen; and
4. There are now two options. The first is to . If your organization wants its end users to apply the label manually, then this is the option you would choose. Note that this is location based. The second option is to Auto-apply Labels. With Auto-apply, you would have the ability to automatically apply a label when it meets the specified criteria.
References:
https://www.maadarani.com/office-365-classification-and-retention-labels/

 

NEW QUESTION 84
Your network contains an Active Directory domain named contoso.com. The domain contains a VPN server named VPN1 that runs Windows Server 2016 and has the Remote Access server role installed.
You have a Microsoft Azure subscription.
You are deploying Azure Advanced Threat Protection (ATP)
You install an Azure ATP standalone sensor on a server named Server1 that runs Windows Server 2016.
You need to integrate the VPN and Azure ATP.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step6-vpn

 

NEW QUESTION 85
You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
You need to recommend an Azure AD Privileged Identity Management (PIM) solution that meets the following requirements:
* Administrators must be notified when the Security administrator role is activated.
* Users assigned the Security administrator role must be removed from the role automatically if they do not sign in for 30 days.
Which Azure AD PIM setting should you recommend configuring for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-how-to-config
https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-how-to-change

 

NEW QUESTION 86
A user stores the following files in Microsoft OneDrive:
* File.docx
* ImportantFile.docx
* File_Important.docx
You create a Microsoft Cloud App Security file policy Policy1 that has the filter shown in the following exhibit.

To which files does Policy1 apply?

• A. File.docx only
• B. File.docx and File_Important.docx only
• C. File_Important.docx only
• D. File.docx, ImportantFile.docx, and File_Important.docx
• E. ImportantFile.docx only

Answer: D

Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/file-filters

 

NEW QUESTION 87
You have a Microsoft 365 subscription that uses a default domain name of fabrikam.com.
You create a safe links policy, as shown in the following exhibit.

Which URL can a user safely access from Microsoft Word Online?

• A. malware.fabrikam.com
• B. fabrikam.contoso.com
• C. www.malware.fabrikam.com
• D. fabrikam.phishing.fabrikam.com

Answer: C

Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-a-custom-blocked-urls-list-wtih-atp

 

NEW QUESTION 88
......

Microsoft Exam Practice Test To Gain Brilliante Result: https://www.realvce.com/MS-500_free-dumps.html

Tested Material Used To MS-500: https://drive.google.com/open?id=1HnPDaElwFLnxxtbsYWwcUmk0o1nusKJN