Practice Test Free
  • QUESTIONS
  • COURSES
    • CCNA
    • Cisco Enterprise Core
    • VMware vSphere: Install, Configure, Manage
  • CERTIFICATES
No Result
View All Result
  • Login
  • Register
Quesions Library
  • Cisco
    • 200-301
    • 200-901
      • Multiple Choice
      • Drag Drop
    • 350-401
      • Multiple Choice
      • Drag Drop
    • 350-701
    • 300-410
      • Multiple Choice
      • Drag Drop
    • 300-415
      • Multiple Choice
      • Drag Drop
    • 300-425
    • Others
  • AWS
    • CLF-C02
    • SAA-C03
    • SAP-C02
    • ANS-C01
    • Others
  • Microsoft
    • AZ-104
    • AZ-204
    • AZ-305
    • AZ-900
    • AI-900
    • SC-900
    • Others
  • CompTIA
    • SY0-601
    • N10-008
    • 220-1101
    • 220-1102
    • Others
  • Google
    • Associate Cloud Engineer
    • Professional Cloud Architect
    • Professional Cloud DevOps Engineer
    • Others
  • ISACA
    • CISM
    • CRIS
    • Others
  • LPI
    • 101-500
    • 102-500
    • 201-450
    • 202-450
  • Fortinet
    • NSE4_FGT-7.2
  • VMware
  • >>
    • Juniper
    • EC-Council
      • 312-50v12
    • ISC
      • CISSP
    • PMI
      • PMP
    • Palo Alto Networks
    • RedHat
    • Oracle
    • GIAC
    • F5
    • ITILF
    • Salesforce
Contribute
Practice Test Free
  • QUESTIONS
  • COURSES
    • CCNA
    • Cisco Enterprise Core
    • VMware vSphere: Install, Configure, Manage
  • CERTIFICATES
No Result
View All Result
Practice Test Free
No Result
View All Result
Home Practice Test Free

MS-500 Practice Test Free

Table of Contents

Toggle
  • MS-500 Practice Test Free – 50 Real Exam Questions to Boost Your Confidence
  • Free Access Full MS-500 Practice Test Free Questions

MS-500 Practice Test Free – 50 Real Exam Questions to Boost Your Confidence

Preparing for the MS-500 exam? Start with our MS-500 Practice Test Free – a set of 50 high-quality, exam-style questions crafted to help you assess your knowledge and improve your chances of passing on the first try.

Taking a MS-500 practice test free is one of the smartest ways to:

  • Get familiar with the real exam format and question types
  • Evaluate your strengths and spot knowledge gaps
  • Gain the confidence you need to succeed on exam day

Below, you will find 50 free MS-500 practice questions to help you prepare for the exam. These questions are designed to reflect the real exam structure and difficulty level. You can click on each Question to explore the details.

Question 1

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that contains a user named User1.
You need to ensure that User1 can review Conditional Access policies.
Solution: You assign User1 the Security Reader role.
Does that meet the goal?

A. Yes

B. No

 









Suggested Answer: A


 








Question 2




You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
 Image
You enable the authentication methods registration campaign and configure the Microsoft Authenticator method for Group1.
Which users will be prompted to configure authentication during sign in?


A. User1 only


B. User2 only


C. User2 and User3 only


D. User1 and User2 only


E. User2 and User3 only


F. User1, User2, and User3 only


 










Suggested Answer: D


You can nudge users to set up Microsoft Authenticator during sign-in. Users will go through their regular sign-in, perform multifactor authentication as usual, and then be prompted to set up Microsoft Authenticator. You can include or exclude users or groups to control who gets nudged to set up the app. This allows targeted campaigns to move users from less secure authentication methods to Microsoft Authenticator.

Incorrect:

Not C, Not E, Not F: Not User3 since the user must not have already set up Microsoft Authenticator for push notifications on their account.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-registration-campaign








Question 3




You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.
 Image
You discover that several security alerts are visible from the Microsoft Defender for Identity portal.
You need to identify which users in contoso.com can close the security alerts.
Which users should you identify?


A. User4 only


B. User1 and User2 only


C. User3 and User4 only


D. User1 and User3 only


E. User1 only


 










Suggested Answer: D


 








Question 4




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab.
But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password -
 Image
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@LODSe244001.onmicrosoft.com
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab instance: 11032396 -
You need to ensure that a user named Alex Wilber can register for multifactor authentication (MFA).
To complete this task, sign in to the Microsoft Office 365 admin center.


 










Suggested Answer: See explanation below.


Enable Modern authentication for your organization

1. To enable modern authentication, from the admin center, select Settings > Settings and then in the Services tab, choose Modern authentication from the list.

2. Check the Enable modern authentication box in the Modern authentication panel.

Reference Image

Enable multi-factor authentication for your organization

1. In the admin center, select Users and Active Users.

2. In the Active Users section, Click on multi-factor authentication.

3. On the Multi-factor authentication page, select user if you are enabling this for one user or select Bulk Update to enable multiple users.

4. Click on Enable under Quick Steps.

5. In the Pop-up window, Click on Enable Multi-Factor Authentication.

After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices.

Reference: alt=”Reference Image” />

Enable multi-factor authentication for your organization

1. In the admin center, select Users and Active Users.

2. In the Active Users section, Click on multi-factor authentication.

3. On the Multi-factor authentication page, select user if you are enabling this for one user or select Bulk Update to enable multiple users.

4. Click on Enable under Quick Steps.

5. In the Pop-up window, Click on Enable Multi-Factor Authentication.

After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authentication?view=o365-worldwide








Question 5




SIMULATION -
You need to implement a solution to manage when users select links in documents or email messages from Microsoft Office 365 ProPlus applications or Android devices. The solution must meet the following requirements:
✑ Block access to a domain named fabrikam.com
✑ Store information when the users select links to fabrikam.com
To complete this task, sign in to the Microsoft 365 portal.


 










Suggested Answer: See explanation below.


You need to configure a Safe Links policy.

1. Go to the Office 365 Microsoft 365 Compliance center.

2. Navigate to Threat Management > Policy > Safe Links.

3. In the Policies that apply to the entire organization section, select Default, and then click the Edit icon.

4. In the Block the following URLs section, type in *.fabrikam.com. This meets the first requirement in the question.

5. In the Settings that apply to content except email section, untick the checkbox labelled Do not track when users click safe links. This meets the second requirement in the question.

6. Click Save to save the changes.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-atp-safe-links-policies?view=o365-worldwide








Question 6




DRAG DROP -
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Identity.
You receive the following alerts:
✑ Suspected Netlogon privilege elevation attempt
✑ Suspected Kerberos SPN exposure
✑ Suspected DCSync attack
To which stage of the cyber-attack kill chain does each alert map? To answer, drag the appropriate alerts to the correct stages. Each alert may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
 Image


 










Suggested Answer:

Correct Answer Image


Box 1: Compromised credential –

The following security alerts help you identify and remediate Compromised credential phase suspicious activities detected by Defender for Identity in your network.

In this tutorial, you’ll learn how to understand, classify, remediate and prevent the following types of attacks:

Suspected Netlogon privilege elevation attempt (CVE-2020-1472 exploitation) (external ID 2411)

Suspected Kerberos SPN exposure (external ID 2410)

Etc.

Box 2: Compromised credential –

Box 3: Domain dominance –

The following security alerts help you identify and remediate Domain dominance phase suspicious activities detected by Defender for Identity in your network. In this tutorial, learn how to understand, classify, prevent, and remediate the following attacks:

Suspected DCSync attack (replication of directory services) (external ID 2006)

Etc.

Reference:

https://docs.microsoft.com/en-us/defender-for-identity/compromised-credentials-alerts

https://docs.microsoft.com/en-us/defender-for-identity/domain-dominance-alerts








Question 7




Your network contains an on-premises Active Directory domain. The domain contains a domain controller named DC1.
You have a Microsoft 365 E5 subscription.
You install the Microsoft Defender for Identity sensor on DC1.
You need to configure enhanced threat detection in Defender for Identity. The solution must ensure that the following events are collected from DC1:
✑ 4726 - User Account Deleted
✑ 4728 - Member Added to Global Security Group
✑ 4776 - Domain Controller Attempted to Validate Credentials for an Account (NTLM)
What should you do on DC1?


A. Install the Azure Monitor agent.


B. Install System Monitor (SYSMON).


C. Configure the Windows Event Collector service.


D. Configure the Advanced Audit Policy Configuration policy.


 










Suggested Answer: D


Windows Event logs –

Defender for Identity detection relies on specific Windows Event logs that the sensor parses from your domain controllers. For the correct events to be audited and included in the Windows Event log, your domain controllers require accurate Advanced Audit Policy settings.

For the correct events to be audited and included in the Windows Event Log, your domain controllers require accurate Advanced Audit Policy settings. Incorrect

Advanced Audit Policy settings can lead to the required events not being recorded in the Event Log and result in incomplete Defender for Identity coverage.

Note: Relevant Windows Events –

For Active Directory Federation Services (AD FS) events

1202 – The Federation Service validated a new credential

1203 – The Federation Service failed to validate a new credential

4624 – An account was successfully logged on

4625 – An account failed to log on

For other events –

1644 – LDAP search

4662 – An operation was performed on an object

4726 – User Account Deleted

4728 – Member Added to Global Security Group

4729 – Member Removed from Global Security Group

4730 – Global Security Group Deleted

4732 – Member Added to Local Security Group

4733 – Member Removed from Local Security Group

4741 – Computer Account Added

4743 – Computer Account Deleted

4753 – Global Distribution Group Deleted

4756 – Member Added to Universal Security Group

4757 – Member Removed from Universal Security Group

4758 – Universal Security Group Deleted

4763 – Universal Distribution Group Deleted

4776 – Domain Controller Attempted to Validate Credentials for an Account (NTLM)

7045 – New Service Installed

8004 – NTLM Authentication

Reference:

https://docs.microsoft.com/en-us/defender-for-identity/prerequisites

https://docs.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection








Question 8




You have an Azure Active Directory (Azure AD) tenant named contoso.com and a Microsoft 365 subscription. Contoso.com contains the groups shown in the following table.
 Image
You plan to create a supervision policy named Policy1.
You need to identify which groups can be supervised by using Policy1.
Which groups should you identify?


A. Group1 and Group4 only


B. Group1 only


C. Group1, Group3, and Group4 only


D. Group2 and Group3 only


E. Group1, Group2, and Group3 only


 










Suggested Answer: E


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/configure-supervision-policies?view=o365-worldwide








Question 9




You have a Microsoft 365 E5 subscription.
You need to use Attack simulation training to launch a credential harvest simulation.
For which Microsoft 365 workloads can you create a payload?


A. Microsoft Exchange Online only


B. Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive


C. Microsoft Teams and Exchange Online only


D. Microsoft SharePoint Online and OneDrive only


 










Suggested Answer: A


Create a payload, select a payload type.

On the Select type page, the only value that you can currently select is Email.

Incorrect:

Not A, Not B, Not C: Payloads cannot be created for Microsoft Exchange Online.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-payloads








Question 10




You have a Microsoft 365 subscription that contains the users shown in the following table.
 Image
You enable self-service password reset for Group1 and configure security questions as the only authentication method for self-service password reset.
You need to identity which user must answer security questions to reset their password.
Which user should you identify?


A. User1


B. User2


C. User3


D. User4


 










Suggested Answer: B


Self-service password reset (SSPR) is only enabled for Group1 (User1 and User2). User1 cannot use security questions for SSPR because User1 has an administrative security role. Therefore, only User2 can use SSPR with security questions as the authentication method.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#administrator-reset-policy-differences








Question 11




You have a Microsoft 365 E5 subscription and a hybrid Microsoft Exchange Server organization.
Each member of a group named Executive has an on-premises mailbox. Only the Executive group members have multi-factor authentication (MFA) enabled. Each member of a group named Research has a mailbox in Exchange Online.
You need to use Microsoft 365 Attack simulation training to model a spear-phishing attack that targets the Research group members. The email addresses that you intend to spoof belong to the Executive group members.
What should you do first?


A. From the Microsoft Azure portal, configure the user risk policy settings in Azure AD Identity Protection.


B. Migrate the Executive group members to Exchange Online.


C. Enable MFA for the Research group members.


D. Enable MFA for your account.


E. From the Microsoft Defender for Identity portal, configure the primary workspace settings.


 










Suggested Answer: D


Module 6 – Lab 1 – Exercise 1 – Conduct a Spear phishing attack

Holly Dickson is concerned that some users in her organization may require education about phishing attacks. In this lab you will use the Microsoft 365 Attack simulator to determine your users’ susceptibility to phishing attacks.

Task 1: Enable Mulit-factor authentication for Holly Dickson

1. On LON-CL1, Go to the Office 365 Security & Compliance center https://protection.office.com and login as Holly Dickson.

2. Click Threat management, and then click Attack simulator.

3. Notice the warning that you must enable multi-factor authentication (MFA). You are about to do a simulated attack and the system wants to confirm your credentials. This is a requirement of the attack simulator. Let’s enable MFA for Holly Dickson.

4. Etc.

Reference:https://protection.office.com

and login as Holly Dickson.

2. Click Threat management, and then click Attack simulator.

3. Notice the warning that you must enable multi-factor authentication (MFA). You are about to do a simulated attack and the system wants to confirm your credentials. This is a requirement of the attack simulator. Let’s enable MFA for Holly Dickson.

4. Etc.

Reference:

https://microsoftlearning.github.io/MS-500-Microsoft-365-Security/Instructions/Labs/MS500T00/LAB_AK_06_Lab1_Ex1_Phishing_attack.html








Question 12




You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
 Image
You have a retention label configured as shown in the following exhibit.
 Image
You apply the label to the resources.
Which items can you delete?


A. Mail1 only


B. File1.docx and File2.xlsx only


C. Mail1 and File1.docx only


D. Mail1 and File2.xlsx only


E. Mail1, File1.docx, and File2.xlsx


 










Suggested Answer: D


You will be able to choose whether the label should appear in all locations, which includes SharePoint, OneDrive, Office 365 Groups and Exchange email, or you can choose one of those locations in which the label would appear.

Reference:

https://www.sharepointeurope.com/how-retention-works-in-office-365/








Question 13




You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.
What should you include in the recommendation?


A. a device compliance policy


B. an access review


C. a user risk policy


D. a sign-in risk policy


 










Suggested Answer: D


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy








Question 14




You need to meet the technical requirements for User9. What should you do?


A. Assign the Privileged administrator role to User9 and configure a mobile phone number for User9


B. Assign the Compliance administrator role to User9 and configure a mobile phone number for User9


C. Assign the Security administrator role to User9


D. Assign the Global administrator role to User9


 










Suggested Answer: D


To implement PIM, you must be a global admin.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started#enable-pim








Question 15




You have a Microsoft 365 E3 subscription.
You plan to audit all Microsoft Exchange Online user and admin activities.
You need to ensure that all the Exchange audit log records are retained for one year.
What should you do?


A. Modify the retention period of the default audit retention policy.


B. Create a custom audit retention policy.


C. Assign Microsoft 365 Enterprise E5 licenses to all users.


D. Modify the record type of the default audit retention policy.


 










Suggested Answer: C


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/audit-log-retention-policies?view=o365-worldwide








Question 16




You have a Microsoft 365 subscription and a Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) subscription.
You have devices enrolled in Microsoft Endpoint Manager as shown in the following table:
 Image
You integrate Microsoft Defender ATP and Endpoint Manager.
You plan to evaluate the Microsoft Defender ATP risk level for the devices.
You need to identify which devices can be evaluated.
Which devices should you identify?


A. Device1 and Device2 only


B. Device1 only


C. Device1 and Device3 only


D. Device1, Device2 and Device3


 










Suggested Answer: D


Microsoft Defender ATP (now known as Microsoft Defender for Endpoint) now supports Windows 7 SP1 and above, Windows Server 2008 SP1 and above, the three most recent major releases of macOS, iOS 11.0 and above, Android 6.0 and above and Red Hat Enterprise Linux 7.2 or higher, CentOS 7.2 or higher,

Ubuntu 16.04 LTS or higher LTS, Debian 9 or higher, SUSE Linux Enterprise Server 12 or higher, and Oracle Linux 7.2 or higher.

Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements








Question 17




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab.
But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password -
 Image
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@LODSe244001.onmicrosoft.com
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab instance: 11032396 -
You need to ensure that email messages in Exchange Online and documents in SharePoint Online are retained for eight years.
To complete this task, sign in to the Microsoft Office 365 admin center.


 










Suggested Answer: See explanation below.


NB: For our purposes, the retention period will be 8 years.

For retaining email messages in Exchange Online:

Step 1: Create a retention tag –

1. Navigate to the Exchange Admin Center

2. Navigate to Compliance management > Retention tags, and then click Add +

3. Select one of the following options:

✑ Applied automatically to entire mailbox (default): Select this option to create a default policy tag (DPT). You can use DPTs to create a default deletion policy and a default archive policy, which applies to all items in the mailbox.

✑ Applied automatically to a specific folder: Select this option to create a retention policy tag (RPT) for a default folder such as Inbox or Deleted Items.

✑ Applied by users to items and folders (Personal): Select this option to create personal tags. These tags allow Outlook and Outlook on the web (formerly known as Outlook Web App) users to apply archive or deletion settings to a message or folders that are different from the settings applied to the parent folder or the entire mailbox.

4. The New retention tag page title and options will vary depending on the type of tag you selected. Complete the following fields:

✑ Name: Enter a name for the retention tag. The tag name is for display purposes and doesn’t have any impact on the folder or item a tag is applied to. Consider that the personal tags you provision for users are available in Outlook and Outlook on the web.

✑ Apply this tag to the following default folder: This option is available only if you selected Applied automatically to a specific folder.

✑ Retention action: Select one of the following actions to be taken after the item reaches its retention period:

✑ Delete and Allow Recovery: Select this action to delete items but allow users to recover them using the Recover Deleted Items option in Outlook or Outlook on the web. Items are retained until the deleted item retention period configured for the mailbox database or the mailbox user is reached.

✑ Permanently Delete: Select this option to permanently delete the item from the mailbox database.

✑ Move to Archive: This action is available only if you’re creating a DPT or a personal tag. Select this action to move items to the user’s In-Place Archive.

Retention period: Select one of the following options:

Reference Image

✑ Never: Select this option to specify that items should never be deleted or moved to the archive.

✑ When the item reaches the following age (in days): Select this option and specify the number of days to retain items before they’re moved or deleted. The retention age for all supported items except Calendar and Tasks is calculated from the date an item is received or created. Retention age for Calendar and

Tasks items is calculated from the end date.

✑ Comment: User this optional field to enter any administrative notes or comments. The field isn’t displayed to users.

Step 2: Create a retention policy

+

1. Navigate to Compliance management > Retention policies, and then click Add

2. In New Retention Policy, complete the following fields:

✑ Name: Enter a name for the retention policy.

+

Retention tags: Click Add –

✑ to select the tags you want to add to this retention policy.

A retention policy can contain the following tags:

✑ One DPT with the Move to Archive action.

✑ One DPT with the Delete and Allow Recovery or Permanently Delete actions.

✑ One DPT for voice mail messages with the Delete and Allow Recovery or Permanently Delete actions.

✑ One RPT per default folder such as Inbox to delete items.

✑ Any number of personal tags.

Step 3: Apply a retention policy to mailbox users

After you create a retention policy, you must apply it to mailbox users. You can apply different retention policies to different set of users.

1. Navigate to Recipients > Mailboxes.

2. In the list view, use the Shift or Ctrl keys to select multiple mailboxes.

3. In the details pane, click More options.

4. Under Retention Policy, click Update.

5. In Bulk Assign Retention Policy, select the retention policy you want to apply to the mailboxes, and then click Save.

For retaining documents in SharePoint Online

Access Compliance Admin Center –

1. Navigate to the Office 365 Admin Centers

Reference Image

2. From the list of available Admin Centers, click on Security & Compliance

Reference Image

How to create and publish a Retention Policy on a SharePoint site

Now that we are in the Compliance Admin Center, we are ready to create and publish a Retention Policy on a SharePoint site.

Under Data Governance, click Retention

Reference Image

1. Hit Create button to create new Retention Policy

Reference Image

2. Give your policy a name and description. Hit Next

Reference Image

3. On the next screen is where you set up the logic. You can configure how many days, months, or years to retain the content for, specify whether you want the math (retention period) to be calculated from the Created Date or Last Modified Date. Lastly, you can also specify whether you want to keep or delete content after the Retention period expires. Hit Next

Reference Image

4. On the next screen, you get to choose where to apply the policy. You can apply it to email (Exchange), SharePoint sites, OneDrive accounts as well as Office

365 Groups.

Reference Image

5. In my case, I applied a policy to a single Office 365 Group Site

Reference Image

6. On a final screen, you need to review and confirm the settings and click Create this policy button. It is imperative to note the message you get to see at the bottom. It warns you that content might be deleted as soon as the policy takes effect according to the logic you set up in previous steps.

Reference Image

Reference: alt=”Reference Image” />

✑ Never: Select this option to specify that items should never be deleted or moved to the archive.

✑ When the item reaches the following age (in days): Select this option and specify the number of days to retain items before they’re moved or deleted. The retention age for all supported items except Calendar and Tasks is calculated from the date an item is received or created. Retention age for Calendar and

Tasks items is calculated from the end date.

✑ Comment: User this optional field to enter any administrative notes or comments. The field isn’t displayed to users.

Step 2: Create a retention policy

+

1. Navigate to Compliance management > Retention policies, and then click Add

2. In New Retention Policy, complete the following fields:

✑ Name: Enter a name for the retention policy.

+

Retention tags: Click Add –

✑ to select the tags you want to add to this retention policy.

A retention policy can contain the following tags:

✑ One DPT with the Move to Archive action.

✑ One DPT with the Delete and Allow Recovery or Permanently Delete actions.

✑ One DPT for voice mail messages with the Delete and Allow Recovery or Permanently Delete actions.

✑ One RPT per default folder such as Inbox to delete items.

✑ Any number of personal tags.

Step 3: Apply a retention policy to mailbox users

After you create a retention policy, you must apply it to mailbox users. You can apply different retention policies to different set of users.

1. Navigate to Recipients > Mailboxes.

2. In the list view, use the Shift or Ctrl keys to select multiple mailboxes.

3. In the details pane, click More options.

4. Under Retention Policy, click Update.

5. In Bulk Assign Retention Policy, select the retention policy you want to apply to the mailboxes, and then click Save.

For retaining documents in SharePoint Online

Access Compliance Admin Center –

1. Navigate to the Office 365 Admin Centers

Reference Image

2. From the list of available Admin Centers, click on Security & Compliance

Reference Image

How to create and publish a Retention Policy on a SharePoint site

Now that we are in the Compliance Admin Center, we are ready to create and publish a Retention Policy on a SharePoint site.

Under Data Governance, click Retention

Reference Image

1. Hit Create button to create new Retention Policy

Reference Image

2. Give your policy a name and description. Hit Next

Reference Image

3. On the next screen is where you set up the logic. You can configure how many days, months, or years to retain the content for, specify whether you want the math (retention period) to be calculated from the Created Date or Last Modified Date. Lastly, you can also specify whether you want to keep or delete content after the Retention period expires. Hit Next

Reference Image

4. On the next screen, you get to choose where to apply the policy. You can apply it to email (Exchange), SharePoint sites, OneDrive accounts as well as Office

365 Groups.

Reference Image

5. In my case, I applied a policy to a single Office 365 Group Site

Reference Image

6. On a final screen, you need to review and confirm the settings and click Create this policy button. It is imperative to note the message you get to see at the bottom. It warns you that content might be deleted as soon as the policy takes effect according to the logic you set up in previous steps.

<img src=”https://www.examtopics.com/assets/media/exam-media/04320/0033400001.jpg” alt=”Reference Image” />

Reference:

https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/create-a-retention-policy#step-2-create-a-retention-policy

https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/apply-retention-policy#use-the-eac-to-apply-a-retention-

policy-to-multiple-mailboxes https://sharepointmaven.com/how-to-set-a-retention-policy-on-a-sharepoint-site/








Question 18




HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
 Image
You plan to enable Microsoft Defender for Endpoint role-based access control (RBAC).
You need to identify which users can enable RBAC in Microsoft Defender for Endpoint, and which users will lose access to Microsoft 365 Defender portal after RBAC in enabled.
Which users should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 Image


 










Suggested Answer:

Correct Answer Image


 








Question 19




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an on-premises Active Directory domain named contoso.com.
You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
Solution: You use the Security event log on Server1.
Does that meet the goal?


A. Yes


B. No


 










Suggested Answer: B


References:

https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-Instance








Question 20




SIMULATION -
You need to create a policy that identifies content in Microsoft OneDrive that contains credit card numbers.
To complete this task, sign in to the Microsoft 365 portal.


 










Suggested Answer: See explanation below.


You need to configure auto-labeling in ‘simulation’ mode. In the policy, you can select the ‘Credit Card’ sensitive info type.

1. In the Microsoft 365 compliance center, navigate to sensitivity labels:

Solutions > Information protection

2. Select the Auto-labeling (preview) tab.

3. Select + Create policy.

4. For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy. You can refine your search by using the Show options for dropdown. Or, select Custom policy if the templates don’t meet your requirements. Select Next.

5. For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.

6. For the page Choose locations where you want to apply the label: Select OneDrive. Then select Next.

7. For the Define policy settings page: Keep the default of Find content that contains to define rules that identify content to label across all your selected locations. The rules use conditions that include sensitive information types and sharing options. For sensitive information types, you can select both built-in and custom sensitive information types.

8. Then select Next.

9. For the Set up rules to define what content is labeled page: Select + Create rule and then select Next.

10.On the Create rule page, name and define your rule, using sensitive information types and then select Save.

11.Click Next.

12.For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose a sensitivity label pane, and then select Next.

13.For the Decide if you want to run policy simulation now or later page: Select Run policy in simulation mode if you’re ready to run the auto-labeling policy now, in simulation mode. Otherwise, select Leave policy turned off. Select Next.

14.For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the wizard.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-worldwide








Question 21




HOTSPOT -
Your company has a Microsoft 365 E5 subscription and a hybrid Azure Active Directory named contoso.com.
Contoso.com includes the following users:
 Image
You configure Password protection for Contoso.com as shown in the following exhibit.
 Image
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Box 1: Yes –

Note: The following considerations and limitations apply to the custom banned password list:

The custom banned password list can contain up to 1000 terms.

The custom banned password list is case-insensitive.

The custom banned password list considers common character substitution, such as “o” and “0”, or “a” and “@”.

The minimum string length is four characters, and the maximum is 16 characters.

Box 2: Yes –

The $ character is OK when it used instead of an S.

Box 3: No –

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-configure-custom-password-protection








Question 22




SIMULATION -
You need to ensure that a global administrator is notified when a document that contains U.S. Health Insurance Portability and Accountability Act (HIPAA) data is identified in your Microsoft 365 tenant.
To complete this task, sign in to the Microsoft Office 365 admin center.


 










Suggested Answer: See explanation below.


1. In the Security & Compliance Center > left navigation > Data loss prevention > Policy > + Create a policy.

2. Choose the U.S. Health Insurance Portability and Accountability Act (HIPAA) template > Next.

3. Name the policy > Next.

4. Choose All locations in Office 365 > Next.

5. At the first Policy Settings step just accept the defaults,

6. After clicking Next, you’ll be presented with an additional Policy Settings page

✑ Deselect the Show policy tips to users and send them an email notification option.

✑ Select the Detect when content that’s being shared contains option, and decrease the number of instances to 1.

✑ Select the Send incident reports in email option.

7. > Next

8. Select the option to turn on the policy right away > Next.

9. Click Create to finish creating the policy.

References:

https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide

https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide

https://docs.microsoft.com/en-us/microsoft-365/compliance/what-the-dlp-policy-templates-include?view=o365-worldwide








Question 23




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains the users shown in the following table.
 Image
You discover that all the users in the subscription can access Compliance Manager reports.
The Compliance Manager Reader role is not assigned to any users.
You need to recommend a solution to prevent a user named User5 from accessing the Compliance Manager reports.
Solution: You recommend assigning the Compliance Manager Reader role to User1.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: A


We need to prevent User5 from accessing the compliance manager reports. Assigning Compliance Manager Reader role to User1 will prevent the User5 from accessing the reports.

Reference:

https://docs.microsoft.com/en-us/office365/securitycompliance/working-with-compliance-manager








Question 24




HOTSPOT -
How should you configure Group3? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Reference:

https://docs.microsoft.com/en-us/azure/information-protection/prepare








Question 25




You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.
 Image
You plan to implement privileged access in Microsoft 365.
Which groups can you specify as the default approval group?


A. Group1, Group2, or Group3 only


B. Group4 only


C. Group1, Group2, Group3, or Group4


D. Group1, Group3, or Group4 only


E. Group3 or Group4 only


 










Suggested Answer: C


 








Question 26




You need to resolve the issue that generates the automated email messages to the IT team.
Which tool should you run first?


A. Synchronization Service Manager


B. Azure AD Connect wizard


C. Synchronization Rules Editor


D. IdFix


 










Suggested Answer: B


References:

https://docs.microsoft.com/en-us/office365/enterprise/fix-problems-with-directory-synchronization








Question 27




You plan to deploy a new Microsoft 365 subscription that will contain 500 users.
You need to ensure that the following actions are performed when the users sign in to the subscription:
•	Evaluate the users’ risk level based on their location and travel.
•	Require high-risk users to sign in by using Azure Multi-Factor Authentication (Azure MFA).
The solution must minimize cost.
Which license should you assign to each user?


A. Enterprise Mobility + Security E3


B. Microsoft 365 Business Premium


C. Microsoft 365 E3


D. Microsoft 365 E5


 










Suggested Answer: A


 








Question 28




HOTSPOT -
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
 Image
For contoso.com, you create a group naming policy that has the following configuration.
 -
You plan to create the groups shown in the following table.
 Image
Which users can be used to create each group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Reference:

https://office365itpros.com/2020/01/22/using-groups-admin-role/

https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference








Question 29




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that contains a user named User1.
You need to ensure that User1 can review Conditional Access policies.
Solution: You assign User1 the Authentication Administrator role.
Does that meet the goal?


A. Yes


B. No


 










Suggested Answer: A


 








Question 30




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
✑ Source Anchor: objectGUID
✑ Password Hash Synchronization: Disabled
✑ Password writeback: Disabled
✑ Directory extension attribute sync: Disabled
✑ Azure AD app and attribute filtering: Disabled
✑ Exchange hybrid deployment: Disabled
✑ User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Source Anchor settings.
Does that meet the goal?


A. Yes


B. No


 










Suggested Answer: B


 








Question 31




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an on-premises Active Directory domain named contoso.com.
You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
Solution: You use the System event log on Server1.
Does that meet the goal?


A. Yes


B. No


 










Suggested Answer: B


References:

https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-Instance








Question 32




HOTSPOT -
You have a Microsoft 365 E5 subscription that contains the uses shown in the following table.
 Image
You have the devices shown in the following table.
 Image
You have the Microsoft Defender for Endpoint portal roles shown in the following table.
 Image
You have the Microsoft Defender for Endpoint device groups shown in the following table.
 Image
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


 








Question 33




SIMULATION -
You plan to create a script to automate user mailbox searches. The script will search the mailbox of a user named Allan Deyoung for messages that contain the word injunction.
You need to create the search that will be included in the script.
To complete this task, sign in to the Microsoft 365 admin center.


 










Suggested Answer: See explanation below.


Step 1: Create a CSV file that contains information about the searches you want to run

The comma separated value (CSV) file that you create in this step contains a row for each user that want to search. You can search the user’s Exchange Online mailbox (which includes the archive mailbox, if it’s enabled) and their OneDrive for Business site. Or you can search just the mailbox or the OneDrive for Business site. You can also search any site in your SharePoint Online organization. The script that you run in Step 3 will create a separate search for each row in the CSV file.

1. Copy and paste the following text into a .txt file using NotePad. Save this file to a folder on your local computer. You’ll save the other scripts to this folder as well.

ExchangeLocation,SharePointLocation,ContentMatchQuery,StartDate,EndDate

sarad@contoso.onmicrosoft.com

,https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,(lawsuit OR legal),1/1/2000,12/31/2005

sarad@contoso.onmicrosoft.com

,https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,(lawsuit OR legal),1/1/2006,12/31/2010

sarad@contoso.onmicrosoft.com

,https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,(lawsuit OR legal),1/1/2011,3/21/2016

,https://contoso.sharepoint.com/sites/contoso,,,3/21/2016

,https://contoso-my.sharepoint.com/personal/davidl_contoso_onmicrosoft_com,,1/1/2015,

,https://contoso-my.sharepoint.com/personal/janets_contoso_onmicrosoft_com,,1/1/2015,

The first row, or header row, of the file lists the parameters that will be used by New-ComplianceSearch cmdlet to create a new Content Searches. Each parameter name is separated by a comma. Make sure there aren’t any spaces in the header row. Each row under the header row represents the parameter values for each search. Be sure to replace the placeholder data in the CSV file with your actual data.

2. Open the .txt file in Excel, and then use the information in the following table to edit the file with information for each search.

Reference Image

3. Save the Excel file as a CSV file to a folder on your local computer. The script that you create in Step 3 will use the information in this CSV file to create the searches.

Reference:https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,(lawsuit

OR legal),1/1/2000,12/31/2005

sarad@contoso.onmicrosoft.com

,https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,(lawsuit

OR legal),1/1/2006,12/31/2010

sarad@contoso.onmicrosoft.com

,https://contoso-my.sharepoint.com/personal/sarad_contoso_onmicrosoft_com,(lawsuit

OR legal),1/1/2011,3/21/2016

,https://contoso.sharepoint.com/sites/contoso,,,3/21/2016


,https://contoso-my.sharepoint.com/personal/davidl_contoso_onmicrosoft_com,,1/1/2015,


,https://contoso-my.sharepoint.com/personal/janets_contoso_onmicrosoft_com,,1/1/2015,


The first row, or header row, of the file lists the parameters that will be used by New-ComplianceSearch cmdlet to create a new Content Searches. Each parameter name is separated by a comma. Make sure there aren’t any spaces in the header row. Each row under the header row represents the parameter values for each search. Be sure to replace the placeholder data in the CSV file with your actual data.

2. Open the .txt file in Excel, and then use the information in the following table to edit the file with information for each search.

<img src=”https://www.examtopics.com/assets/media/exam-media/04320/0044300001.png” alt=”Reference Image” />

3. Save the Excel file as a CSV file to a folder on your local computer. The script that you create in Step 3 will use the information in this CSV file to create the searches.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/create-report-on-and-delete-multiple-content-searches?view=o365-worldwide

https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide








Question 34




You have a Microsoft 365 subscription.
You need to recommend a passwordless authentication solution that uses biometric authentication.
What should you include in the recommendation?


A. Windows Hello for Business


B. a smart card


C. the Microsoft Authenticator app


D. a PIN


 










Suggested Answer: A


Reference:

https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview








Question 35




HOTSPOT -
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
 Image
You plan to implement Azure Active Directory (Azure AD) Identity Protection.
You need to identify which users can perform the following actions:
✑ Configure a user risk policy.
✑ View the risky users report.
Which users should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection








Question 36




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab.
But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password -
 Image
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@LODSe244001.onmicrosoft.com
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab instance: 11032396 -
You need to ensure that
SharepointAdmins@contoso.com
receives an alert when a user establishes a sync relationship to a document library from a computer that is a member of an Active Directory (AD) domain.
To complete this task, sign in to the Microsoft Office 365 admin center.


 










Suggested Answer: See explanation below.


1. Navigate to Manage Alerts in the Security & Compliance Center.

2. On the Activity alerts page, click + New.

The flyout page to create an activity alert is displayed.

Reference Image

3. Complete the following fields to create an activity alert: a. Name – Type a name for the alert. Alert names must be unique within your organization. b. Description (Optional) – Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins. c. Alert type – Make sure the Custom option is selected. d. Send this alert when – Click Send this alert when and then configure these two fields:

✑ Activities – Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that’s displayed when you search the

Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For a description of these activities, see the “Audited activities” section in Search the audit log. When a user performs any of the activities that you’ve added to the alert, an email notification is sent.

✑ Users – Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert. e. Send this alert to – Click Send this alert, and then click in the Recipients box and type a name to add a user’s who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.

4. Click Save to create the alert.

The new alert is displayed in the list on the Activity alerts page.

Reference Image

The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.

Reference: alt=”Reference Image” />

3. Complete the following fields to create an activity alert: a. Name – Type a name for the alert. Alert names must be unique within your organization. b. Description (Optional) – Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins. c. Alert type – Make sure the Custom option is selected. d. Send this alert when – Click Send this alert when and then configure these two fields:

✑ Activities – Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that’s displayed when you search the

Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For a description of these activities, see the “Audited activities” section in Search the audit log. When a user performs any of the activities that you’ve added to the alert, an email notification is sent.

✑ Users – Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert. e. Send this alert to – Click Send this alert, and then click in the Recipients box and type a name to add a user’s who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.

4. Click Save to create the alert.

The new alert is displayed in the list on the Activity alerts page.

<img src=”https://www.examtopics.com/assets/media/exam-media/04320/0033900003.png” alt=”Reference Image” />

The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide








Question 37




SIMULATION -
You need to create an Azure Information Protection label to meet the following requirements:
✑ Content must expire after 21 days.
✑ Offline access must be allowed for 21 days only.
✑ Documents must be protected by using a cloud key.
✑ Authenticated users must be able to view content only.
To complete this task, sign in to the Microsoft 365 admin center.


 










Suggested Answer: See explanation below.


1. If you haven’t already done so, open a new browser window and sign in to the Azure portal. Then navigate to the Azure Information Protection pane.

For example, in the search box for resources, services, and docs: Start typing Information and select Azure Information Protection.

2. From the Classifications > Labels menu option: On the Azure Information Protection – Labels pane, select the label you want to change.

✑ On the Label pane, locate Set permissions for documents and emails containing this label, and select Protect.

3. Select Protection.

4. On the Protection pane, select Azure (cloud key).

5. Select Set permissions to define new protection settings in this portal.

6. If you selected Set permissions for Azure (cloud key), this option lets you select users and usage rights.

To specify the users that you want to be able to open protected documents and emails, select Add permissions. Then on the Add permissions pane, select the first set of users and groups who will have rights to use the content that will be protected by the selected label:

Choose Select from the list where you can then add all users from your organization by selecting Add – All members. This setting

Reference Image

excludes guest accounts. Or, you can select Add any authenticated users, or browse the directory.

When you choose all members or browse the directory, the users or groups must have an email address. In a production environment, users and groups nearly always have an email address, but in a simple testing environment, you might need to add email addresses to user accounts or groups.

✑ Change the File Content Expiration setting to 21 days.

✑ Change the Allow offline access setting to 21 days.

When you have finished configuring the permissions and settings, click OK.

This grouping of settings creates a custom template for the Azure Rights Management service. These templates can be used with applications and services that integrate with Azure Rights Management.

7. Click OK to close the Protection pane and see your choice of User defined or your chosen template display for the Protection option in the Label pane.

8. On the Label pane, click Save.

9. On the Azure Information Protection pane, use the PROTECTION column to confirm that your label now displays the protection setting that you want:

✑ A check mark if you have configured protection.

✑ An x mark to denote cancellation if you have configured a label to remove protection.

✑ A blank field when protection is not set.

When you clicked Save, your changes are automatically available to users and services. There’s no longer a separate publish option.

Reference: alt=”Reference Image” />

excludes guest accounts. Or, you can select Add any authenticated users, or browse the directory.

When you choose all members or browse the directory, the users or groups must have an email address. In a production environment, users and groups nearly always have an email address, but in a simple testing environment, you might need to add email addresses to user accounts or groups.

✑ Change the File Content Expiration setting to 21 days.

✑ Change the Allow offline access setting to 21 days.

When you have finished configuring the permissions and settings, click OK.

This grouping of settings creates a custom template for the Azure Rights Management service. These templates can be used with applications and services that integrate with Azure Rights Management.

7. Click OK to close the Protection pane and see your choice of User defined or your chosen template display for the Protection option in the Label pane.

8. On the Label pane, click Save.

9. On the Azure Information Protection pane, use the PROTECTION column to confirm that your label now displays the protection setting that you want:

✑ A check mark if you have configured protection.

✑ An x mark to denote cancellation if you have configured a label to remove protection.

✑ A blank field when protection is not set.

When you clicked Save, your changes are automatically available to users and services. There’s no longer a separate publish option.

Reference:

https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protection








Question 38




You have a Microsoft 365 E5 subscription.
A security manager receives an email message every time a data loss prevention (DLP) policy match occurs.
You need to limit alert notifications to actionable DLP events.
What should you do?


A. From the Microsoft 365 Compliance center, modify the Policy Tips settings of a DLP policy.


B. From the Cloud App Security portal, apply a filter to the alerts.


C. From the Microsoft 365 Compliance center, modify the User overrides settings of a DLP policy.


D. From the Microsoft 365 Compliance center, modify the matched activities threshold of an alert policy.


 










Suggested Answer: D


Reference:

https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies








Question 39




You have a Microsoft 365 E5 subscription and a hybrid Microsoft Exchange Server organization.
Each member of a group named Executive has an on-premises mailbox. Only the Executive group members have multi-factor authentication (MFA) enabled. Each member of a group named Research has a mailbox in Exchange Online.
You need to use Microsoft Office 365 Attack simulator to model a spear-phishing attack that targets the Research group members.
What should you do first?


A. From the Microsoft Defender for Identity portal, configure the primary workspace settings.


B. From the Microsoft Azure portal, configure the user risk policy settings in Azure AD Identity Protection.


C. Enable MFA for the Research group members.


D. Migrate the Executive group members to Exchange Online.


 










Suggested Answer: C


Reference:

https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator








Question 40




HOTSPOT -
You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.
 Image
You plan to create a communication compliance policy named Policy1.
You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.
Who should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-configure?view=o365-worldwide








Question 41




HOTSPOT -
You need to recommend an email antimalware solution that meets the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


 








Question 42




You have an Azure Sentinel workspace.
You need to manage incidents based on alerts generated by Microsoft Cloud App Security.
What should you do first?


A. From the Cloud App Security portal, configure security extensions.


B. From the Cloud App Security portal, configure app connectors.


C. From the Cloud App Security portal, configure log collectors.


D. From the Microsoft 365 compliance center, add and configure a data connector.


 










Suggested Answer: A


Reference:

https://docs.microsoft.com/en-us/cloud-app-security/siem-sentinel








Question 43




HOTSPOT -
You have a Microsoft 365 E5 subscription.
Users and device objects are added and removed daily. Users in the sales department frequently change their device.
You need to create three following groups:
 Image
The solution must minimize administrative effort.
What is the minimum number of groups you should create for each type of membership? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Group 1 has to be assigned because you can’t create a device group based on the device owners’ attributes.

Group 2 can be dynamic because a user does have a department attribute.

Group 3 can be dynamic because a device does have a deviceownership attribute.








Question 44




You need to recommend a solution that meets the technical and security requirements for sharing data with the partners.
What should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.


A. Create an access review


B. Assign the Global administrator role to User1


C. Assign the Guest inviter role to User1


D. Modify the External collaboration settings in the Azure Active Directory admin center


 










Suggested Answer: CD


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/external-identities/delegate-invitations








Question 45




You configure several Microsoft Defender for Office 365 policies in a Microsoft 365 subscription.
You need to allow a user named User1 to view Defender for Office 365 reports from the Threat management dashboard.
Which role provides User1 with the required role permissions?


A. Reports reader


B. Exchange administrator


C. Security administrators


D. Compliance administrator


 










Suggested Answer: A


 








Question 46




You have a Microsoft 365 subscription.
You need to ensure that users can manually designate which content will be subject to data loss prevention (DLP) policies.
What should you create first?


A. a retention label


B. a custom sensitive information type


C. a Data Subject Request (DSR)


D. a safe attachments policy


 










Suggested Answer: A


A DLP policy can help protect sensitive information, which is defined as a sensitive information type.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide








Question 47




You have a Microsoft 365 subscription that contains a user named User1.
You need to assign User1 permissions to search Microsoft Office 365 audit logs.
What should you use?


A. the Azure Active Directory admin center


B. the Exchange admin center


C. the Microsoft 365 Defender portal


D. the Microsoft 365 Compliance center


 










Suggested Answer: B


To give a user the ability to search the audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only

Audit Logs or Audit Logs role, and then add the user as a member of the new role group.

Incorrect:

Not D: If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the compliance portal, they won’t be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet.

You can also use the Exchange admin center (EAC).

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance








Question 48




HOTSPOT -
You have a Microsoft 365 E5 subscription.
You need to create a role-assignable group. The solution must ensure that you can nest the group.
How should you configure the group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Box 1: Security only –

You can add an existing Security group to another existing Security group (also known as nested groups), creating a member group (subgroup) and a parent group. The member group inherits the attributes and properties of the parent group, saving you configuration time.

Incorrect:

Not supported:

Adding Security groups to Microsoft 365 groups.

Adding Microsoft 365 groups to Security groups or other Microsoft 365 groups.

Box 2: Assigned only –

The membership type for role-assignable groups must be Assigned and can’t be an Azure AD dynamic group.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-membership-azure-portal








Question 49




SIMULATION -
You discover that Microsoft SharePoint content is shared with users from multiple domains.
You need to allow sharing invitations to be sent only to users in an email domain named contoso.com.
To complete this task, sign in to the Microsoft 365 portal.


 










Suggested Answer: See explanation below.


You need to configure the Sharing options in the SharePoint admin center.

1. Go to the SharePoint admin Center.

2. Navigate to Policies > Sharing.

3. In the External Sharing section, click on More external sharing settings.

4. Tick the Limit external sharing by domain checkbox.

5. Click the Add domains button.

6. Select the Allow only specific domains option and type in the domain contoso.com.

7. Click Save to save the changes.








Question 50




HOTSPOT -
You have a Microsoft 365 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 contains the folders shown in the following table.
 Image
At 09:00, you create a Microsoft Cloud App Security policy named Policy1 as shown in the following exhibit.
 Image
After you create Policy1, you upload files to Site1 as shown in the following table.
 Image
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Reference:

https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies






Free Access Full MS-500 Practice Test Free Questions


If you’re looking for more MS-500 practice test free questions, click here to access the full MS-500 practice test.


We regularly update this page with new practice questions, so be sure to check back frequently.


Good luck with your MS-500 certification journey!

                                
	                            
                                                            



                        

	                    

                

                    Share18Tweet11
                    

                    
                

                
                

            

	                    
                        

            
            Previous Post
            
MS-203 Practice Test Free

        
    
            
            Next Post
            
MS-700 Practice Test Free

        
    
    

        Next Post

                    

                

                                        
                        
                    
                

                

                    
                        MS-700 Practice Test Free                    
                

            

                    

                

                                        
                        
                    
                

                

                    
                        MS-900 Practice Test Free                    
                

            

                    

                

                                        
                        
                    
                

                

                    
                        N10-007 Practice Test Free                    
                

            

                
        
    


	

		
Leave a Reply Cancel reply
Your email address will not be published. Required fields are marked *
 
 


 


 


 


 


	

	

                                    

            

            


    

                

                    
Recommended

                    
                

                

                
                

                

                

                    
                    

                

                

                    

                        Network+ Practice Test
                    

                    
                

            

                

                    
                    

                

                

                    

                        Comptia Security+ Practice Test
                    

                    
                

            

                

                    
                    

                

                

                    

                        A+ Certification Practice Test
                    

                    
                

            

                

                    
                    

                

                

                    

                        Aws Cloud Practitioner Exam Questions
                    

                    
                

            

                

                    
                    

                

                

                    

                        Aws Cloud Practitioner Practice Exam
                    

                    
                

            

                

                    
                    

                

                

                    

                        Comptia A+ Practice Test
                    

                    
                

            

            

                

                

                    

                        
                    

                    

                        

                            

                        

                    

                    

                        

                    

                

            

            

            

                

                
                
            

                
                
            
        


        

            
        


    



                

            


            


            
        


        

    

        

            
        

        

            

                

            

        

        

            

        

    



    

        

            

    

        

            

                

                    

                        

                            
  • About
    • 

  • DMCA
    • 

  • Privacy & Policy
    • 

  • Contact
    • 

                        

                        

                            

                                                            

                        

                    


                    
                    

                        

                            
 PracticeTestFree.com materials do not contain actual questions and answers from Cisco's Certification Exams. PracticeTestFree.com doesn't offer Real Microsoft Exam Questions. PracticeTestFree.com doesn't offer Real Amazon Exam Questions.
 

                        

                        


                            			

				  			

			
                        

                    


                                        
                

            

        

    


        


        

        	
        

    


    


    
    

    

        

    

        

    

        
    
                    
  •  Login
    • 
                    
  •  Sign Up
    • 
                    
                
	





    
    

    
    





    

    

    

        No Result    

    

         View All Result    



    
  • Quesions

      
	
    • Cisco
      • 
	
    • AWS
      • 
	
    • Microsoft
      • 
	
    • CompTIA
      • 
	
    • Google
      • 
	
    • ISACA
      • 
	
    • ECCouncil
      • 
	
    • F5
      • 
	
    • GIAC
      • 
	
    • ISC
      • 
	
    • Juniper
      • 
	
    • LPI
      • 
	
    • Oracle
      • 
	
    • Palo Alto Networks
      • 
	
    • PMI
      • 
	
    • RedHat
      • 
	
    • Salesforce
      • 
	
    • VMware
      • 

    

    • 

  • Courses

      
	
    • CCNA
      • 
	
    • ENCOR
      • 
	
    • VMware vSphere
      • 

    

    • 

  • Certificates
    • 

    

    

            


    





    

        

            
Welcome Back!
            
Login to your account below


            
            

            

                
            

            

                
            

            

                
                
            

			

			

                
                
                
            

            

                Forgotten Password?
                                 Sign Up
                            

        

    







    

        

            
Create New Account!
            
Fill the forms below to register


            
            


            

                
            

            

                
            

			

            

                
                
                
            

                        

                All fields are required.
                 Log In
            

        

    







    

        

            
Retrieve your password

            
Please enter your username or email address to reset your password.


            
            


            

                
            

			

            

                
                
                
            

            

                 Log In
            

        

    



                

                

                    

                        

                        

                        

                    

                    

                        

                            

                            
                            
                            
                            
                            

                                

                                    

                                        

                                    

                                

                            

                        

                        

                            

                        

                        
                        
                        

                            

                        

                    

                

            



                        

                            
              
                                

                            

                                
      
                            
 
                        
      
                      

























































		
		


		

		

		

				
Insert/edit link

		
		

			

				
Enter the destination URL

				

					
				

				

					
				

				

					
				

			

			
Or link to existing content

			

				

					
				

				

					
    
					
    
						
					
    
				
    
				
    
					
    
						No search term specified. Showing recent items.
						
							Search or use up and down arrow keys to select an item.