Offering Free access to Microsoft 365 MS-500 Exam Questions Pool Bank

Microsoft 365 Security Administration Questions and Answers

PDF + Testing Engine

Product Type: PDF + Testing Engine

$63 ~~$179.99~~

Add to Cart

Testing Engine

Product Type: Testing Engine

$47.25 ~~$134.99~~

Add to Cart

PDF Study Guide

Product Type: PDF Study Guide

$40.25 ~~$114.99~~

Add to Cart

Question 1

What should User6 use to meet the technical requirements?

Options:

Supervision in the Security & Compliance admin center

Service requests in the Microsoft 365 admin center

Security & privacy in the Microsoft 365 admin center

Data subject requests in the Security & Compliance admin center

Question 2

You are evaluating which devices are compliant in Intune.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 3

Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 4

Which role should you assign to User1?

Options:

Global administrator

User administrator

Privileged role administrator

Security administrator

Question 5

Which user passwords will User2 be prevented from resetting?

Options:

User6 and User7

User4 and User6

User4 only

User7 and User8

User8 only

Question 6

You need to meet the technical requirements for User9. What should you do?

Options:

Assign the Privileged administrator role to User9 and configure a mobile phone number for User9

Assign the Compliance administrator role to User9 and configure a mobile phone number for User9

Assign the Security administrator role to User9

Assign the Global administrator role to User9

Question 7

You are evaluating which finance department users will be prompted for Azure MFA credentials.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 8

Which policies apply to which devices? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 9

You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.

What should you include in the recommendation?

Options:

a device compliance policy

an access review

a user risk policy

a sign-in risk policy

Question 10

You need to recommend an email malware solution that meets the security requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 11

NO: 7

You need to resolve the issue that targets the automated email messages to the IT team.

Which tool should you run first?

Options:

Synchronization Service Manager

Azure AD Connect wizard

Synchronization Rules Editor

IdFix

Question 12

You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group.

Which other settings should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 13

You need to recommend a solution for the user administrators that meets the security requirements for auditing.

Which blade should you recommend using from the Azure Active Directory admin center?

Options:

Sign-ins

Azure AD Identity Protection

Authentication methods

Access review

Question 14

An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.

What should you do to meet the security requirements?

Options:

Change the Assignment Type for Admin2 to Permanent

From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2

From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1

Change the Assignment Type for Admin1 to Eligible

Question 15

You need to recommend a solution that meets the technical and security requirements for sharing data with the partners.

What should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

Create an access review.

Assign the Global administrator role to User1.

Assign the Guest inviter role to User1.

Modify the External collaboration settings in the Azure Active Directory admin center.

Question 16

You install Azure ATP sensors on domain controllers.

You add a member to the Domain Admins group. You view the timeline in Azure ATP and discover that information regarding the membership change is missing.

You need to meet the security requirements for Azure ATP reporting.

What should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 17

You have a Microsoft 365 tenant.

User attributes are synced from your company’s human resources (HR) system to Azure Active Directory (Azure AD).

The company has four departments that each has its own Microsoft SharePoint Online site. Each site must be accessed only by the users from its respective department.

You are designing an access management solution that has the following requirements:

Users must be added automatically to the security group of their department.
All security group owners must verify once quarterly that only the users in their department belong to their group.

Which components should you recommend to meet the requirements? To answer, drag the appropriate components to the correct requirements. Each component may only be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Options:

Question 18

You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.

You have the Compliance Manager improvement action shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

Options:

Question 19

You plan to publish a label that will retain documents in Microsoft OneDrive for two years, and then automatically delete the documents.

You need to create the label.

To complete this task, sign in to the Microsoft Office 365 portal.

Options:

Question 20

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

Username and password

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:

admin@LODSe244001@onmicrosoft.com

Microsoft 365 Password: &=Q8v@2qGzYz

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support only:

Lab instance: 11032396

You need to ensure that a user named Lee Gu can manage all the settings for Exchange Online. The solution must use the principle of least privilege.

To complete this task, sign in to the Microsoft Office 365 admin center.

Options:

Question 21

You haw a Microsoft 365 subscription.

You receive a General Data Protection Regulation (GOPR) request for the custom dictionary of a user From The Compliance admin center you need to create a content search, should you configure the content search?

Options:

Condition: Type Operator Equals any of Value Documents

.Condition; Type Operator Equals any of Value Office Roaming Service

Condition: Title Operator Equals any of Value Normal. dot

Condition: We type Operator Equals any of Value dic

Question 22

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

Username and password

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:

admin@LODSe244001@onmicrosoft.com

Microsoft 365 Password: &=Q8v@2qGzYz

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support only:

Lab instance: 11032396

You need to ensure that when users tag documents as classified, a classified watermark is applied to the documents.

To complete this task, sign in to the Microsoft Office 365 admin center.

Options:

Answer:

See explanation below.

Explanation:

1. In the admin center, select the Compliance admin center.

2. Select Classification > Sensitivity labels.

3. Select Create a label, and when the warning appears, select Yes.

4. Enter a Label name, Tooltip, and Description. Select Next.

5. Turn on Encryption. Choose when you want to assign permissions, whether you want your users' access to the content to expire, and whether you want to allow offline access.

6. Select Assign permissions > Add these email addresses or domains.

7. Enter an email address or domain name (such as Contoso.org). Select Add, and repeat for each email address or domain you want to add.

8. Select Choose permissions from preset or custom.

9. Use the drop-down list to select preset permissions, such as Reviewer or Viewer, or select Custom permissions. If you chose Custom, select the permissions from the list. Select Save >Save > Next.

10. Turn on Content marking, and choose the markings you want to use.

11. For each marking that you choose, select Customize text. Enter the text you want to appear on the document, and set the font and layout options. Select Save, and then repeat for any additional markings. Select Next.

12. Optionally, turn on Endpoint data loss prevention. Select Next.

13. Optionally, turn on Auto labeling. Add a condition. For example, under Detect content that contains, select Add a condition. Enter the condition; for example, add a condition that if passport, Social Security, or other sensitive information is detected, the label will be added. Select Next.

14. Review your settings, and select Create. Your label has been created. Repeat this process for any additional labels you want.

15. By default, labels appear in Office apps in this order: Confidential, Internal, and Public. To change the order, for each label, select More actions (the ellipsis), and then move the label up or down. Typically, permissions are listed from the lowest to highest level of permissions.

16. To add a sub-label to a label, select More actions, then Add sub level.

17. When finished, choose Publish labels> Choose labels to publish > Add. Select the labels you want to publish, and then select Add > Done > Next.

18. By default, the new label policy is applied to everyone. If you want to limit who the policy is applied to, select Choose users or groups > Add. Select who you want the policy to apply to, and then select Add > Done > Next.

19. If you want a default label for documents and email, select the label you want from the drop-down list. Review the remaining settings, adjust as needed, and then select Next.

20. Enter a Name and Description for your policy. Select Next.

21. Review your settings, then select Publish.

Reference: [Reference:, https://support.office.com/en-us/article/create-and-manage-sensitivity-labels-2fb96b54-7dd2-4f0c-ac8d-170790d4b8b9, , https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide, , ]

Question 23

You have a Microsoft 365 ES subscription that contains a Microsoft SharePoint Online site named Site1. You create an information barrier segment named Segment 1. You need to add Segment 1 to Site1. What should you do first?

Options:

Run the set-spositr cmcHet.

Run the set-sPOTenont cmdlet

Create an information barrier policy.

Modify the permissions of Site1.

Question 24

You have a Microsoft 365 E5 subscription that contains a user named User1. You need to ensure that User1 can review Conditional Access policies.

Solution: You assign User1 the Security Administrator role.

Does this meet the goal?

Options:

Yes

Question 25

Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You have a Microsoft 365 tenant. You create a label named CompanyConfidential in Microsoft Azure

Information Protection.

You add CompanyConfidential to a global policy.

A user protects an email message by using CompanyConfidential and sends the label to several external

recipients. The external recipients report that they cannot open the email message.

You need to ensure that the external recipients can open protected email messages sent to them.

Solution: You modify the content expiration settings of the label.

Does this meet the goal?

Options:

Yes

Question 26

How should you configure Azure AD Connect? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 27

You need to create Group3.

What are two possible ways to create the group?

Options:

an Office 365 group in the Microsoft 365 admin center

a mail-enabled security group in the Microsoft 365 admin center

a security group in the Microsoft 365 admin center

a distribution list in the Microsoft 365 admin center

a security group in the Azure AD admin center

Question 28

You need to implement Windows Defender ATP to meet the security requirements. What should you do?

Options:

Configure port mirroring

Create the ForceDefenderPassiveMode registry setting

Download and install the Microsoft Monitoring Agent

Run WindowsDefenderATPOnboardingScript.cmd

Question 29

You need to configure threat detection for Active Directory. The solution must meet the security requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Options:

Question 30

You need to create Group2.

What are two possible ways to create the group?

Options:

an Office 365 group in the Microsoft 365 admin center

a mail-enabled security group in the Microsoft 365 admin center

a security group in the Microsoft 365 admin center

a distribution list in the Microsoft 365 admin center

a security group in the Azure AD admin center

Question 31

You need to enable and configure Microsoft Defender for Endpoint to meet the security requirements. What should you do?

Options:

Configure port mirroring

Create the ForceDefenderPassiveMode registry setting

Download and install the Microsoft Monitoring Agent

Run WindowsDefenderATPOnboardingScripc.cmd

Question 32

Which IP address space should you include in the MFA configuration?

Options:

131.107.83.0/28

192.168.16.0/20

172.16.0.0/24

192.168.0.0/20

Question 33

How should you configure Group3? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Load More MS-500 Questions

Labour Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Microsoft MS-500 Microsoft 365 Security Administration Exam Practice Test

Microsoft 365 Security Administration Questions and Answers

PDF + Testing Engine

Testing Engine

PDF Study Guide

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options: