CertsTopics Logo

Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Microsoft MS-500 Dumps Questions Answers

Page: 1 / 8
Total 327 questions
Get MS-500 Full Access Download MS-500 PDF

Microsoft 365 Security Administration Questions and Answers

Question 1

You need to create Group2.

What are two possible ways to create the group?

Options:

A.

an Office 365 group in the Microsoft 365 admin center

B.

a mail-enabled security group in the Microsoft 365 admin center

C.

a security group in the Microsoft 365 admin center

D.

a distribution list in the Microsoft 365 admin center

E.

a security group in the Azure AD admin center

Buy Now
Question 2

You need to enable and configure Microsoft Defender for Endpoint to meet the security requirements. What should you do?

Options:

A.

Configure port mirroring

B.

Create the ForceDefenderPassiveMode registry setting

C.

Download and install the Microsoft Monitoring Agent

D.

Run WindowsDefenderATPOnboardingScripc.cmd

Question 3

You need to configure threat detection for Active Directory. The solution must meet the security requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Options:

Question 4

How should you configure Azure AD Connect? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 5

How should you configure Group3? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 6

You need to create Group3.

What are two possible ways to create the group?

Options:

A.

an Office 365 group in the Microsoft 365 admin center

B.

a mail-enabled security group in the Microsoft 365 admin center

C.

a security group in the Microsoft 365 admin center

D.

a distribution list in the Microsoft 365 admin center

E.

a security group in the Azure AD admin center

Question 7

Which IP address space should you include in the MFA configuration?

Options:

A.

131.107.83.0/28

B.

192.168.16.0/20

C.

172.16.0.0/24

D.

192.168.0.0/20

Question 8

You need to implement Windows Defender ATP to meet the security requirements. What should you do?

Options:

A.

Configure port mirroring

B.

Create the ForceDefenderPassiveMode registry setting

C.

Download and install the Microsoft Monitoring Agent

D.

Run WindowsDefenderATPOnboardingScript.cmd

Question 9

You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.

What should you include in the recommendation?

Options:

A.

a device compliance policy

B.

an access review

C.

a user risk policy

D.

a sign-in risk policy

Question 10

You need to recommend a solution for the user administrators that meets the security requirements for auditing.

Which blade should you recommend using from the Azure Active Directory admin center?

Options:

A.

Sign-ins

B.

Azure AD Identity Protection

C.

Authentication methods

D.

Access review

Question 11

NO: 7

You need to resolve the issue that targets the automated email messages to the IT team.

Which tool should you run first?

Options:

A.

Synchronization Service Manager

B.

Azure AD Connect wizard

C.

Synchronization Rules Editor

D.

IdFix

Question 12

You need to recommend a solution that meets the technical and security requirements for sharing data with the partners.

What should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Create an access review.

B.

Assign the Global administrator role to User1.

C.

Assign the Guest inviter role to User1.

D.

Modify the External collaboration settings in the Azure Active Directory admin center.

Question 13

You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group.

Which other settings should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 14

You need to recommend an email malware solution that meets the security requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 15

You install Azure ATP sensors on domain controllers.

You add a member to the Domain Admins group. You view the timeline in Azure ATP and discover that information regarding the membership change is missing.

You need to meet the security requirements for Azure ATP reporting.

What should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 16

An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.

What should you do to meet the security requirements?

Options:

A.

Change the Assignment Type for Admin2 to Permanent

B.

From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2

C.

From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1

D.

Change the Assignment Type for Admin1 to Eligible

Question 17

You have a Microsoft 365 subscription for a company named Contoso, Ltd. All data is in Microsoft 365.

Contoso works with a partner company named Litware, Inc. Litware has a Microsoft 365 subscription.

You need to allow users at Contoso to share files from Microsoft OneDrive to specific users at Litware.

Which two actions should you perform from the OneDrive admin center? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Increase the permission level for OneDrive External sharing

B.

Modify the Links settings

C.

Change the permissions for OneDrive External sharing to the least permissive level

D.

Decrease the permission level for OneDrive External sharing

E.

Modify the Device access settings

F.

Modify the Sync settings

Question 18

You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.

You need to recommend an Azure AD Privileged Identity Management (PIM) solution that meets the following requirements:

  • Administrators must be notified when the Security administrator role is activated.
  • Users assigned the Security administrator role must be removed from the role automatically if they do not sign in for 30 days.

Which Azure AD PIM setting should you recommend configuring for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 19

You have a Microsoft 365 subscription.

A security manager receives an email message every time a data loss prevention (DLP) policy match occurs.

You need to limit alert notifications to actionable DLP events.

What should you do?

Options:

A.

From the Security & Compliance admin center, modify the Policy Tips of a DLP policy.

B.

From the Cloud App Security admin center, apply a filter to the alerts.

C.

From the Security & Compliance admin center, modify the User overrides settings of a DLP policy.

D.

From the Security & Compliance admin center, modify the matched activities threshold of an alert policy.

Question 20

You have several Conditional Access policies that block noncompliant devices from connecting to services.

You need to identify which devices are blocked by which policies.

What should you use?

Options:

A.

the Device compliance report in the Microsoft Endpoint Manager admin center

B.

the Device compliance trends report in the Microsoft Endpoint Manager admin center

C.

Activity log in the Cloud App Security admin center

D.

the Conditional Access Insights and Reporting workbook in the Azure Active Directory admin center

Question 21

You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Options:

Question 22

You company has a Microsoft 36S E5 subscription and a hybrid Azure active Directory named contoso.com.

Contoso.com includes the following users:

You configure Password protection for Contoso.com as shown in the following exhibit.

Options:

Question 23

You view Compliance Manager as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Options:

Question 24

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You discover that several security alerts are visible from the Microsoft Defender for Identity portal.

You need to identify which users in contoso.com can close the security alerts.

Which users should you identify?

Options:

A.

User3 only

B.

User1 and User2 only

C.

User3 and User4 only

D.

User1 and User3 only

E.

User1 only

Question 25

You have a Microsoft 365 alert named Alert?

as shown in the following exhibit.

You need to manage the status of Alert2. To which status can you change Alert2?

Options:

A.

The status cannot be changed.

B.

investigating only

C.

Active or investigating only

D.

Investigating, Active, or Dismissed

E.

Dismissed only

Question 26

You are evaluating which devices are compliant in Intune.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 27

Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 28

You are evaluating which finance department users will be prompted for Azure MFA credentials.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 29

What should User6 use to meet the technical requirements?

Options:

A.

Supervision in the Security & Compliance admin center

B.

Service requests in the Microsoft 365 admin center

C.

Security & privacy in the Microsoft 365 admin center

D.

Data subject requests in the Security & Compliance admin center

Question 30

Which user passwords will User2 be prevented from resetting?

Options:

A.

User6 and User7

B.

User4 and User6

C.

User4 only

D.

User7 and User8

E.

User8 only

Question 31

Which policies apply to which devices? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 32

Which role should you assign to User1?

Options:

A.

Global administrator

B.

User administrator

C.

Privileged role administrator

D.

Security administrator

Question 33

You need to meet the technical requirements for User9. What should you do?

Options:

A.

Assign the Privileged administrator role to User9 and configure a mobile phone number for User9

B.

Assign the Compliance administrator role to User9 and configure a mobile phone number for User9

C.

Assign the Security administrator role to User9

D.

Assign the Global administrator role to User9

Exam Detail
Vendor: Microsoft
Certification: Microsoft Other Certification
Exam Code: MS-500
Exam Name: Microsoft 365 Security Administration
Last Update: Mar 14, 2025
MS-500 Question Answers
Page: 1 / 8
Total 327 questions
Get MS-500 Full Access Download MS-500 PDF