Microsoft (MS-500) Exam Questions And Answers page 42
You need to enable and configure Microsoft Defender for Endpoint to meet the security requirements. What should you do?
Create the ForceDefenderPassiveMode registry setting
Download and install the Microsoft Monitoring Agent
Run WindowsDefenderATPOnboardingScript.cmd
Implement and manage threat protection
Manage governance and compliance features in Microsoft 365
How can the technical requirements for User9 be met?
Single Choice
You need to meet the technical requirements for User9. What should you do?
Assign the Privileged administrator role to User9 and configure a mobile phone number for User9
Assign the Compliance administrator role to User9 and configure a mobile phone number for User9
Assign the Security administrator role to User9
Assign the Global administrator role to User9
Implement and manage identity and access
Manage governance and compliance features in Microsoft 365
You need to recommend a solution for the user administrators that meets the security requirements for auditing.
Which blade should you recommend using from the Azure Active Directory admin center?
Which blade should you recommend using from the Azure Active Directory admin center?
Sign-ins
Azure AD Identity Protection
Authentication methods
Access review
Implement and manage identity and access
Manage governance and compliance features in Microsoft 365
You need to recommend a solution that meets the technical and security requirements for sharing data with the partners.
What should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
What should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Create an access review
Assign the Global administrator role to User1
Assign the Guest inviter role to User1
Modify the External collaboration settings in the Azure Active Directory admin center
Implement and manage threat protection
Implement and manage information protection
You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.
What should you include in the recommendation?
What should you include in the recommendation?
a device compliance policy
an access review
a user risk policy
a sign-in risk policy
Implement and manage identity and access
Implement and manage threat protection
You need to resolve the issue that generates the automated email messages to the IT team.
Which tool should you run first?
Which tool should you run first?
Synchronization Service Manager
Azure AD Connect wizard
Synchronization Rules Editor
IdFix
Manage governance and compliance features in Microsoft 365
Monitor and troubleshoot Microsoft 365 security
Your company has 500 computers.
You plan to protect the computers by using Microsoft Defender for Endpoint. Twenty of the computers belong to company executives.
You need to recommend a remediation solution that meets the following requirements:
• Microsoft Defender for Endpoint administrators must manually approve all remediation for the executives
• Remediation must occur automatically for all other users
What should you recommend doing from Microsoft Defender Security Center?
You plan to protect the computers by using Microsoft Defender for Endpoint. Twenty of the computers belong to company executives.
You need to recommend a remediation solution that meets the following requirements:
• Microsoft Defender for Endpoint administrators must manually approve all remediation for the executives
• Remediation must occur automatically for all other users
What should you recommend doing from Microsoft Defender Security Center?
Configure 20 system exclusions on automation allowed/block lists
Configure two alert notification rules
Download an offboarding package for the computers of the 20 executives
Create two machine groups
Implement and manage threat protection
Implement and manage information protection
Your company has a main office and a Microsoft 365 subscription.
You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office.
What should you include in the configuration?
You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office.
What should you include in the configuration?
a user risk policy
a sign-in risk policy
a named location in Azure Active Directory (Azure AD)
an Azure MFA Server
Implement and manage identity and access
Monitor and troubleshoot Microsoft 365 security
Your company has a Microsoft 365 subscription.
The company does not permit users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.
The users must be prevented from backing up the app s data to iCloud.
What should you create?
The company does not permit users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.
The users must be prevented from backing up the app s data to iCloud.
What should you create?
a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition
an app protection policy in Microsoft Endpoint Manager
a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition
a device compliance policy in Microsoft Endpoint Manager
Implement and manage identity and access
Implement and manage threat protection
Your company has a Microsoft 365 subscription that includes a user named User1.
You suspect that User1 sent email messages to a competitor detailing company secrets.
You need to recommend a solution to ensure that you can review any email messages sent by User1 to the competitor, including sent items that were deleted.
What should you include in the recommendation?
You suspect that User1 sent email messages to a competitor detailing company secrets.
You need to recommend a solution to ensure that you can review any email messages sent by User1 to the competitor, including sent items that were deleted.
What should you include in the recommendation?
Enable In-Place Archiving for the mailbox of User1
From the Security & Compliance, perform a content search of the mailbox of User1
Place a Litigation Hold on the mailbox of User1
Configure message delivery restrictions for the mailbox of User1
Implement and manage threat protection
Manage governance and compliance features in Microsoft 365
Comments