Download Microsoft 365 Security Administration.examcollection.MS-500.2020-10-12.4e.123q.vcex

Download Exam

File Info

Exam Microsoft 365 Security Administration
Number MS-500
File Name Microsoft 365 Security Administration.examcollection.MS-500.2020-10-12.4e.123q.vcex
Size 7.17 Mb
Posted October 12, 2020
Downloads 10

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

 
 



Demo Questions

Question 1
An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.  

   

What should you do to meet the security requirements?

  • A: Change the Assignment Type for Admin2 to Permanent
  • B: From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2
  • C: From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1
  • D: Change the Assignment Type for Admin1 to Eligible



Question 2
Which IP address space should you include in the Trusted IP MFA configuration?

  • A: 131.107.83.0/28
  • B: 192.168.16.0/20
  • C: 172.16.0.0/24
  • D: 192.168.0.0/20



Question 3
You need to create Group3. 
What are two possible ways to create the group?

  • A: an Office 365 group in the Microsoft 365 admin center
  • B: a mail-enabled security group in the Microsoft 365 admin center
  • C: a security group in the Microsoft 365 admin center
  • D: a distribution list in the Microsoft 365 admin center
  • E: a security group in the Azure AD admin center



Question 4
Which user passwords will User2 be prevented from resetting?

  • A: User6 and User7
  • B: User4 and User6
  • C: User4 only
  • D: User7 and User8
  • E: User8 only



Question 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.  
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.  
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.  
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. 
Azure AD Connect has the following settings:
Source Anchor: objectGUID
Password Hash Synchronization: Disabled 
Password writeback: Disabled 
Directory extension attribute sync: Disabled 
Azure AD app and attribute filtering: Disabled 
Exchange hybrid deployment: Disabled 
User writeback: Disabled 
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.  
Solution: You modify the Azure AD app and attribute filtering settings. 
Does that meet the goal?

  • A: Yes
  • B: No



Question 6
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.  
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.  
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.  
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. 
Azure AD Connect has the following settings:
Source Anchor: objectGUID
Password Hash Synchronization: Disabled 
Password writeback: Disabled 
Directory extension attribute sync: Disabled 
Azure AD app and attribute filtering: Disabled 
Exchange hybrid deployment: Disabled 
User writeback: Disabled 
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.  
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?

  • A: Yes
  • B: No



Question 7
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.  
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.  
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.  
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. 
Azure AD Connect has the following settings:
Source Anchor: objectGUID
Password Hash Synchronization: Disabled 
Password writeback: Disabled 
Directory extension attribute sync: Disabled 
Azure AD app and attribute filtering: Disabled 
Exchange hybrid deployment: Disabled 
User writeback: Disabled 
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.  
Solution: You modify the Source Anchor settings.   
Does that meet the goal?

  • A: Yes
  • B: No



Question 8
You have a Microsoft 365 subscription that uses a default domain name of contoso.com. 
The multi-factor authentication (MFA) service settings are configured as shown in the exhibit. (Click the Exhibit tab.) 

   

In contoso.com, you create the users shown in the following table.  

   

What is the effect of the configuration? To answer, select the appropriate options in the answer area.  
NOTE: Each correct selection is worth one point.




Question 9
You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit.  

   

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.  
NOTE: Each correct selection is worth one point.




Question 10
You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by using Microsoft Intune.  
You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will allow only Windows 10 computers marked as compliant to establish a VPN connection to the on-premises network.  
What should you do first?

  • A: From the Azure Active Directory admin center, create a new certificate
  • B: Enable Application Proxy in Azure AD
  • C: From Active Directory Administrative Center, create a Dynamic Access Control policy
  • D: From the Azure Active Directory admin center, configure authentication methods






CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset