Complete list of current Q & A>> Download Microsoft 365 Security Administration (MS-500) – Quiz 1 / 15 Category: Microsoft 365 Security Administration (MS-500) 1. You have a Microsoft 365 subscription. You need to recommend a passwordless authentication solution that uses biometric authentication. What should you include in the recommendation? A. Windows Hello for Business B. a smart card C. the Microsoft Authenticator app D. a PIN 2 / 15 Category: Microsoft 365 Security Administration (MS-500) 2. You have a Microsoft 365 tenant that is linked to a hybrid Azure Active Directory (Azure AD) tenant named contoso.com. You need to enable Azure AD Seamless Single Sign-On (Azure AD SSO) for contoso.com. What should you use? A. Azure AD Connect B. the Microsoft 365 Defender portal C. the Microsoft 365 Security admin center D. the Microsoft 365 admin center 3 / 15 Category: Microsoft 365 Security Administration (MS-500) 3. You have a Microsoft 365 E5 subscription. You plan to create a conditional access policy named Policy1. You need to be able to use the sign-in risk level condition in Policy1. What should you do first? A. Connect Microsoft Endpoint Manager and Microsoft Defender for Endpoint. B. From the Azure Active Directory admin center, configure the Diagnostics settings. C. From the Endpoint Management admin center, create a device compliance policy. D. Onboard Azure Active Directory (Azure AD) Identity Protection. 4 / 15 Category: Microsoft 365 Security Administration (MS-500) 4. You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription. You need to allow a user named User1 to view ATP reports from the Threat management dashboard. Which role provides User1 with the required role permissions? A. Compliance administrator B. Security reader C. Message center reader D. Reports reader 5 / 15 Category: Microsoft 365 Security Administration (MS-500) 5. You have a Microsoft 365 subscription linked to an Azure Active Directory (Azure AD) tenant that contains a user named User1. You have a Data Subject Request (DSR) case named Case1. You need to allow User1 to export the results of Case1. The solution must use the principle of least privilege. Which role should you assign to User1 for Case1? A. eDiscovery Manager B. Security Operator C. eDiscovery Administrator D. Global Reader 6 / 15 Category: Microsoft 365 Security Administration (MS-500) 6. You have a Microsoft 365 subscription that contains a user named User1. You plan to use Compliance Manager. You need to ensure that User1 can assign Compliance Manager roles to users. The solution must use the principle of least privilege. Which role should you assign to User1? A. Compliance Manager Assessor B. Global Administrator C. Portal Admin D. Compliance Manager Administrator 7 / 15 Category: Microsoft 365 Security Administration (MS-500) 7. You configure several Microsoft Defender for Office 365 policies in a Microsoft 365 subscription. You need to allow a user named User1 to view Defender for Office 365 reports from the Threat management dashboard. Which role provides User1 with the required role permissions? A. Security administrators B. Information Protection administrator C. Message center reader D. Service administrator 8 / 15 Category: Microsoft 365 Security Administration (MS-500) 8. You have a Microsoft 365 E5 subscription. Some users are required to use an authenticator app to access Microsoft SharePoint Online. You need to view which users have used an authenticator app to access SharePoint Online. The solution must minimize costs. What should you do? A. From the Azure Active Directory admin center, view the sign-ins. B. From the Microsoft 365 Security admin center, download a report. C. From the Enterprise applications blade of the Azure Active Directory admin center, view the audit logs. D. From the Azure Active Directory admin center, view the authentication methods. 9 / 15 Category: Microsoft 365 Security Administration (MS-500) 9. Your company has a main office and a Microsoft 365 subscription. You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office. What should you include in the configuration? A. a user risk policy B. a sign-in risk policy C. a named location in Azure Active Directory (Azure AD) D. an Azure MFA Server 10 / 15 Category: Microsoft 365 Security Administration (MS-500) 10. You have a Microsoft 365 E5 subscription. Some users are required to use an authenticator app to access Microsoft SharePoint Online. You need to view which users have used an authenticator app to access SharePoint Online. The solution must minimize costs. What should you do? A. From the Microsoft 365 Security admin center, download a report. B. From Azure Log Analytics, query the logs. C. From the Microsoft 365 Security admin center, perform an audit log search. D. From the Enterprise applications blade of the Azure Active Directory admin center, view the sign-ins. 11 / 15 Category: Microsoft 365 Security Administration (MS-500) 11. You have several Conditional Access policies that block noncompliant devices from connecting to services. You need to identify which devices are blocked by which policies. What should you use? A. the Setting compliance report in the Microsoft Endpoint Manager admin center B. Sign-ins in the Azure Active Directory admin center C. Activity log in the Cloud App Security portal D. Audit logs in the Azure Active Directory admin center 12 / 15 Category: Microsoft 365 Security Administration (MS-500) 12. You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by using Microsoft Endpoint Manager. You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will allow only Windows 10 computers marked as compliant to establish a VPN connection to the on-premises network. What should you do first? A. From the Azure Active Directory admin center, create a new certificate B. Enable Application Proxy in Azure AD C. From Active Directory Administrative Center, create a Dynamic Access Control policy D. From the Azure Active Directory admin center, configure authentication methods 13 / 15 Category: Microsoft 365 Security Administration (MS-500) 13. You have a Microsoft 365 subscription. From the Microsoft 365 admin center, you create a new user. You plan to assign the Reports reader role to the user. You need to view the permissions of the Reports reader role. Which admin center should you use? A. Microsoft 365 Defender B. Azure Active Directory C. Microsoft Defender for Identity D. Microsoft Defender for Cloud Apps 14 / 15 Category: Microsoft 365 Security Administration (MS-500) 14. You have a Microsoft 365 E5 subscription. You need to ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use multi-factor authentication (MFA) to request the permissions. What should you use to achieve the goal? A. Microsoft 365 Compliance permissions B. Microsoft Azure Active Directory (Azure AD) Privileged Identity Management C. Microsoft Azure AD group management D. Microsoft 365 user management 15 / 15 Category: Microsoft 365 Security Administration (MS-500) 15. Your company has a Microsoft 365 subscription. The company does not permit users to enroll personal devices in mobile device management (MDM). Users in the sales department have personal iOS devices. You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant. The users must be prevented from backing up the app’s data to iCloud. What should you create? A. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition B. an app protection policy in Microsoft Endpoint Manager C. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition D. a device compliance policy in Microsoft Endpoint Manager Your score is 0% Restart quiz Send feedback
