Microsoft Microsoft Certifications MS-500 Questions & Answers

• Question 291:

  HOTSPOT

  You have a Microsoft 365 subscription.

  You are creating a retention policy named Retention1 as shown in the following exhibit. (Click the Exhibit tab.)

  

  You apply Retention1 to SharePoint sites and OneDrive accounts.

  Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Retained Files are retained for two years and then deleted. The two-year timer resets every time the file is modified. Therefore, if a file is modified every 6 months, it will never be deleted. Box 2: The user can recover the file until the Recycle Bin retention period expires The user deleted the file so it will be removed to the Recycle Bin. The user can recover the file until the Recycle Bin retention period expires. After that time, only an administrator can recover the file and only until the file is permanently deleted after two-years from the last modification date.

• Question 292:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.

  

  You plan to create a communication compliance policy named Policy1.

  You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.

  Who should you identify? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-configure?view=o365-worldwide

• Question 293:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains a security group named Group1 and the users shown in the following table.

  

  You assign the Compliance Manager roles to the users as shown in the following table.

  

  You add two assessments to Compliance Manager as shown in the following exhibit.

  

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Only users who hold a Global Administrator, Compliance Manager Administration, or Compliance Manager Assessor role can create and modify assessments.

  Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-assessments?view=o365-worldwide

• Question 294:

  HOTSPOT

  You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

  

  The User Administrator role is configured in Azure AD Privileged Identity Management (PIM) as shown in the following exhibit.

  

  You make User4 eligible for the User Administrator role.

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

• Question 295:

  HOTSPOT

  You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure Active Directory (Azure AD).

  You have a custom compliance manager template named Regulation1.

  You have the assessments shown in the following table.

  

  Assessment1 has the improvement actions shown in the following table.

  

  Assessment2 has the improvement actions shown in the following table.

  

  You perform the following actions:

  For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.

  Enable multi-factor authentication (MFA) for all users.

  Configure a privileged access policy.

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

• Question 296:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.

  You create the audit retention policies shown in the following table.

  

  The users perform the following actions:

  1.

  User1 renames a Microsoft SharePoint Online site.

  2.

  User2 sends an email message.

  How long will the audit log records be retained for each action? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  User1 renames SharePoint is 6 month,

  because "all custom audit log retention policies (created by your organization) take priority over the default retention policy." and policy AuditRetention3 has highest priority and matches first; activites = none „If you don't choose specific

  activities, the policy will apply to all activities of the selected record type.“

  User2 sends email is 1 year,

  because no policy is matching and 1 year is default for users with Microsoft 365 E5 subscription

  Reference:

  https://docs.microsoft.com/en-us/microsoft-365/compliance/audit-log-retention-policies?view=o365-worldwide

• Question 297:

  HOTSPOT

  You have an Azure Sentinel workspace.

  You configure a rule to generate Azure Sentinel alerts when Azure Active Directory (Azure AD) Identity Protection detects risky sign-ins. You develop an Azure Logic Apps solution to contact users and verify whether reported risky sign-ins are

  legitimate.

  You need to configure the workspace to meet the following requirements:

  1.

  Call the Azure logic app when an alert is triggered for a risky sign-in.

  2.

  To the Azure Sentinel portal, add a custom dashboard that displays statistics for risky sign-ins that are detected and resolved. What should you configure in Azure Sentinel to meet each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Call the Azure logic app when an alert is triggered for a risky sign-in > a playbook https://docs.microsoft.com/en-us/azure/sentinel/automate-responses-with-playbooks

  displays statistics for risky sign-ins that are detected and resolved > a workbook https://docs.microsoft.com/en-gb/azure/azure-monitor/visualize/workbooks-overview

  Reference: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook

• Question 298:

  HOTSPOT

  You have a Microsoft 365 subscription that contains a user named User1.

  You enroll devices in Microsoft Intune as shown in the following table.

  

  Each device has two line-of-business apps named App1 and App2 installed.

  You create application control policies targeted to all the app types in Microsoft Endpoint Manager as shown in the following table.

  

  For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Yes

  Device1 is an Android device in Group3 (and Group1). Policy1 applies to Android devices in Group3. Therefore, Policy1 does apply to Device1.

  Box 2: Yes

  Policy3 protects App1 for Android devices in Group1. Device1 is in Group1 (and Group3). Therefore, App1 is protected on Device1.

  Box 3: No

  Device2 is an iOS device in Group1 and Group2. Policy2 applies to iOS devices in Group2. However, Policy2 only protects App2. It does not protect App1.

  Policy3 applies to Group1 and protects App1. However, Policy3 only applies to Android devices in Group1. It does not apply to iOS devices. Therefore, Policy3 does not apply to Device2 so App1 is not protected on Device2.

• Question 299:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that uses Microsoft Endpoint Manager.

  The Compliance policy settings are configured as shown in the following exhibit.

  

  On February 25, 2020, you create the device compliance policies shown in the following table.

  

  On March 1. 2020, users enroll Windows 10 devices in Microsoft Endpoint Manager as shown in the following table

  

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Yes

  Device2 is in Group2 so Policy2 applies.

  Device2 is not compliant with Policy2. However, the device won't be marked as non-compliant until 10 days after the device was enrolled.

  Box 2: Yes

  Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.

  Device1 is compliant with Policy1 but non-compliant with Policy2. However, the device won't be marked as non-compliant until 10 days after the device was enrolled.

  Box 3: No

  Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.

  Device1 is compliant with Policy1 but non-compliant with Policy2.

  March 12th is more than 10 days after the device was enrolled so it will now be marked as non-compliant by Policy2.

• Question 300:

  HOTSPOT

  Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the groups shown in the following table.

  

  The domain is synced to a Microsoft Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.

  

  You create a sensitivity label named Label1.

  You need to publish Label1.

  To which groups can you publish Label1? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  The groups must be mail-enabled.

  Labels can be published to any specific user or email-enabled security group, distribution group, or Microsoft 365 group (which can have dynamic membership) in Azure AD.

  Reference:

  https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide