Microsoft (MS-500) Exam Questions And Answers page 43
Your company uses Microsoft Azure Advanced Threat Protection (ATP).
You enable the delayed deployment of updates for an Azure ATP sensor named Sensor1.
How long after the Azure ATP cloud service is updated will Sensor1 be updated?
You enable the delayed deployment of updates for an Azure ATP sensor named Sensor1.
How long after the Azure ATP cloud service is updated will Sensor1 be updated?
24 hours
1 hour
48 hours
12 hours
Implement and manage threat protection
Manage governance and compliance features in Microsoft 365
You recently created and published several label policies in a Microsoft 365 subscription.
You need to view which labels were applied by users manually and which labels were applied automatically.
What should you do from the Security & Compliance admin center?
You need to view which labels were applied by users manually and which labels were applied automatically.
What should you do from the Security & Compliance admin center?
From Search & investigation, select Content search
From Alerts, select View alerts
From eDiscovery, view an eDiscovery case
From Reports, select Dashboard
Implement and manage information protection
Manage governance and compliance features in Microsoft 365
Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
Configure Event Forwarding on the domain controllers.
Configure auditing in the Office 365 Security & Compliance center.
Turn on Delayed updates for the Azure ATP sensors.
Enable the Audit account management Group Policy setting for the servers.
Implement and manage identity and access
Implement and manage threat protection
Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
Turn off Delayed updates for the Azure ATP sensors.
Configure auditing in the Office 365 Security & Compliance center.
Turn on Delayed updates for the Azure ATP sensors.
Integrate SIEM and Azure ATP.
Implement and manage identity and access
Implement and manage threat protection
Your network contains an on-premises Active Directory domain. The domain contains the servers shown in the following table.
You plan to implement Azure Advanced Threat Protection (ATP) for the domain.
You install an Azure ATP standalone sensor on Server1.
You need to monitor the domain by using Azure ATP.
What should you do?
You plan to implement Azure Advanced Threat Protection (ATP) for the domain.
You install an Azure ATP standalone sensor on Server1.
You need to monitor the domain by using Azure ATP.
What should you do?
Configure port mirroring for Server1.
Install the Microsoft Monitoring Agent on DC1.
Install the Microsoft Monitoring Agent on Server1.
Configure port mirroring for DC1.
Implement and manage identity and access
Implement and manage threat protection
You should make at least how many bit-stream copies of a suspect drive?
2
1
3
4
Manage governance and compliance features in Microsoft 365
Monitor and troubleshoot Microsoft 365 security
You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?
Show outdated equipment so it can be replaced
List weak points on their network
Use attack as a launching point to penetrate deeper into the network
Demonstrate that no system can be protected against DoS attacks
Implement and manage identity and access
Implement and manage threat protection
Comments