Microsoft New 2022 MS-500 Sample Questions Reliable MS-500 Test Engine
Feel Microsoft MS-500 Dumps PDF Will likely be The best Option
Microsoft MS-500 and Career Benefits
The Microsoft exams and certifications give you a lot of new opportunities that will help you advance your career. When your future or current employer sees such a certificate on your resume, especially if you have a suitable one for your job, they may think about getting you a promotion or a good job. Thus, you will be able to become a Security Administrator, a Personnel Security Case Administrator, an O365 Administrator, or a Network System Administrator. Moreover, you will be able to get an average salary of about $57,000 per year.
NEW QUESTION 68
You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback
NEW QUESTION 69
An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.
What should you do to meet the security requirements?
- A. From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2
- B. From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1
- C. Change the Assignment Type for Admin1 to Eligible
- D. Change the Assignment Type for Admin2 to Permanent
Answer: C
NEW QUESTION 70
Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
- A. Enable the Audit account management Group Policy setting for the servers.
- B. Configure Event Forwarding on the domain controllers.
- C. Turn on Delayed updates for the Azure ATP sensors.
- D. Configure auditing in the Office 365 Security & Compliance center.
Answer: B
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/configure-event-forwarding
NEW QUESTION 71
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that when users tag documents as classified, a classified watermark is applied to the documents.
To complete this task, sign in to the Microsoft Office 365 admin center.
Answer:
Explanation:
See explanation below.
Explanation
1. In the admin center, select the Compliance
2. Select Classification > Sensitivity labels
3. Select Create a label, and when the warning appears, select
4. Enter a Label name, Tooltip, and
5. Turn on Encryption. Choose when you want to assign permissions, whether you want your users' access to the content to expire, and whether you want to allow offline access.
6. Select Assign permissions > Add these email addresses or domains
7. Enter an email address or domain name (such as Contoso.org). Select , and repeat for each email address or domain you want to add.
8. Select Choose permissions from preset or custom.
9. Use the drop-down list to select preset permissions, such as Reviewer or Viewer, or select Custom permissions. If you chose Custom, select the permissions from the list. Select Save >Save > Next.
10. Turn on Content marking, and choose the markings you want to use.
11. For each marking that you choose, select Customize text. Enter the text you want to appear on the document, and set the font and layout options. Select Save, and then repeat for any additional markings. Select Next.
12. Optionally, turn on Endpoint data loss prevention. Select Next.
13. Optionally, turn on Auto labeling. Add a condition. For example, under Detect content that contains, select Add a condition. Enter the condition; for example, add a condition that if passport, Social Security, or other sensitive information is detected, the label will be added. Select Next.
14. Review your settings, and select Create. Your label has been created. Repeat this process for any additional labels you want.
15. By default, labels appear in Office apps in this order: Confidential, Internal, and Public. To change the order, for each label, select More actions (the ellipsis), and then move the label up or down. Typically, permissions are listed from the lowest to highest level of permissions.
16. To add a sub-label to a label, select More actions, then Add sub level.
17. When finished, choose Publish labels> Choose labels to publish > Add. Select the labels you want to publish, and then select Add > Done
18. By default, the new label policy is applied to everyone. If you want to limit who the policy is applied to, select Choose users or groups > . Select who you want the policy to apply to, and then select Add > Done > Next.
19. If you want a default label for documents and email, select the label you want from the drop-down list.
Review the remaining settings, adjust as needed, and then select
20. Enter a Name and Description
21. Review your settings, then select
Reference:
https://support.office.com/en-us/article/create-and-manage-sensitivity-labels-2fb96b54-7dd2-4f0c-ac8d-170790d
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
NEW QUESTION 72
次のセキュリティ要件を満たすユーザー管理者向けのソリューションを推奨する必要があります。
監査します。
Azure Active Directory管理センターからどのブレードを使用することをお勧めしますか?
- A. 認証方法
- B. アクセスレビュー
- C. Azure ADのID保護
- D. サインイン
Answer: D
Explanation:
説明/参照:
参考文献:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins
テストレット2
概要
Litware、Inc.は、シカゴの本社に1,000人のユーザーと、米国に100人のユーザーを抱える金融会社です。
サンフランシスコの支店。
既存の環境
内部ネットワークインフラ
ネットワークには単一のドメインフォレストが含まれています。フォレストの機能レベルはWindows Server 2016です。
Active Directoryで定義されているように、ユーザーはサインイン時間の制限を受けます。
ネットワークには、次の表に示すIPアドレス範囲があります。
オフィスは、Multiprotocol Label Switching(MPLS;マルチプロトコルラベルスイッチング)を使用して接続します。
ネットワークでは、次のオペレーティングシステムが使用されています。
Windows Server 2016
Windows 10エンタープライズ
Windows 8.1エンタープライズ
内部ネットワークには、次の表に示すシステムが含まれています。
Litwareはサードパーティの電子メールシステムを使用しています。
クラウドインフラ
Litwareは最近、すべてのユーザーに対してMicrosoft 365サブスクリプションライセンスを購入しました。
Microsoft Azure Active Directory(Azure AD)Connectがインストールされており、既定の認証を使用している
設定。ユーザーアカウントはまだAzure ADと同期されていません。
次の表に示すMicrosoft 365ユーザーとグループがあります。
計画された変更
Litwareは以下の変更を実装する予定です。
電子メールシステムをMicrosoft Exchange Onlineに移行します。
Azure AD特権ID管理を実装する
セキュリティ要件
Litwareは、以下のセキュリティ要件を特定しています。
すべてのAzure ADユーザーアカウントを含むGroup2という名前のグループを作成します。グループ2は
Windows Analyticsへの制限付きアクセスを提供する
Azure Information Protectionポリシーをパイロットに適用するために使用されるGroup3という名前のグループを作成します。
ユーザーGroup 3にはユーザーアカウントのみを含める必要があります
Azure Advanced Threat Protection(ATP)を使用して、フォレストを標的とするセキュリティ上の脅威を検出します。
Active DirectoryからロックアウトされたユーザーがAzure ADおよびActive Directoryにサインインできないようにする
User1のコンプライアンス管理者ロールの恒久的な適格割り当てを実装する
ドメインに参加しているサーバーにWindows DefenderとWindows Defender ATPを統合する
ゲストユーザーアカウントのAzureリソースへのアクセスを既定で禁止する
ドメインに参加しているすべてのコンピューターがAzure ADに登録されていることを確認する
多要素認証(MFA)の要件
Microsoft Office 365とAzureのセキュリティ機能は、パイロットのAzureユーザーアカウントを使用してテストされます。
MFAをテストするための以下の要件を確認します。
パイロットユーザーは、シカゴオフィスの内部ネットワークからサインインしていない限り、MFAを使用する必要があります。
シカゴオフィスの内部ネットワークでは、MFAを使用しないでください。
認証の試行が疑わしい場合は、ユーザーの場所に関係なくMFAを使用する必要があります。
正当な認証試行の中断は最小限に抑える必要があります
一般的な要件
Litwareは、Active Directoryフォレスト内の追加のサーバーとサービスの展開を最小限に抑えたいと考えています。
NEW QUESTION 73
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an on-premises Active Directory domain named contoso.com.
You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
You use the Application event log on Server1.
Does that meet the goal?
- A. No
- B. Yes
Answer: B
Explanation:
References:
https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-Instance
NEW QUESTION 74
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that a user named Allan Deyoung can perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft 365 admin center.
Answer:
Explanation:
After signing in to the Microsoft 365 admin center, navigate to the Security & Compliance Center.
In the left pane of the security and compliance center, select Permissions, and then select the checkbox next to eDiscovery Manager.
On the eDiscovery Manager flyout page, do one of the following based on the eDiscovery permissions that you want to assign.
To make a user an eDiscovery Manager: Next to eDiscovery Manager, select Edit. In the Choose eDiscovery Manager section, select the Choose eDiscovery Manager hyperlink, and then select + Add. Select the user (or users) you want to add as an eDiscovery manager, and then select Add. When you're finished adding users, select Done. Then, on the Editing Choose eDiscovery Manager flyout page, select Save to save the changes to the eDiscovery Manager membership.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/assign-ediscovery-permissions?view=o365-worldwide
NEW QUESTION 75
You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group.
Which other settings should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 76
You have a Microsoft 365 subscription that uses a default domain name of litwareinc.com.
You configure the Sharing settings in Microsoft OneDrive as shown in the following exhibit.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-off
NEW QUESTION 77
You have a Microsoft 365 subscription.
You enable auditing for the subscription.
You plan to provide a user named Auditor with the ability to review audit logs.
You add Auditor to the Global administrator role group.
Several days later, you discover that Auditor disabled auditing.
You remove Auditor from the Global administrator role group and enable auditing.
* Be prevented from disabling auditing
* Use the principle of least privilege
* Be able to review the audit log
To which role group should you add Auditor?
- A. Security administrator
- B. Security reader
- C. Compliance administrator
- D. Security operator
Answer: D
Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center
NEW QUESTION 78
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Answer:
Explanation:
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to prevent any email messages that contain data covered by the U.K. Data Protection Act from being sent to recipients outside of your organization, unless the messages are sent to an external domain named adatum.com.
To complete this task, sign in to the Microsoft 365 admin center.
U. K. National Insurance Number (NINO
U. S. / U.K. Passport Number
9. Click on "Select Sensitive information Types" to specify the sensitive information details.
10. Click on (+) plus button and add the following Sensitive information Types:
Reference:
https://events.collab365.community/configure-data-loss-prevention-policies-in-exchange-online-in-office-365/
NEW QUESTION 79
Which role should you assign to User1?
- A. Security administrator
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-give-access-to-pim - B. User administrator
- C. Privileged role administrator
- D. Global administrator
Answer: A
NEW QUESTION 80
You have the Microsoft conditions shown in the following table.
You have the Azure Information Protection labels shown in the following table.
You have the Azure Information Protection policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
Explanation
NEW QUESTION 81
Your company has a Microsoft 365 subscription.
The company forbids users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices
to access the Power BI data in your tenant.
The users must be prevented from backing up the app's data to iCloud.
What should you create?
- A. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps
condition - B. an app protection policy in Microsoft Intune
- C. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state
condition - D. a device compliance policy in Microsoft Intune
Answer: B
Explanation:
Explanation/Reference:
Testlet 1
Overview
Fabrikam, Inc. is manufacturing company that sells products through partner retail stores. Fabrikam has
5,000 employees located in offices throughout Europe.
Existing Environment
Network Infrastructure
The network contains an Active Directory forest named fabrikam.com. Fabrikam has a hybrid Microsoft
Azure Active Directory (Azure AD) environment.
The company maintains some on-premises servers for specific applications, but most end-user
applications are provided by a Microsoft 365 E5 subscription.
Problem Statements
Fabrikam identifies the following issues:
Since last Friday, the IT team has been receiving automated email messages that contain "Unhealthy
Identity Synchronization Notification" in the subject line.
Several users recently opened email attachments that contained malware. The process to remove the
malware was time consuming.
Requirements
Planned Changes
Fabrikam plans to implement the following changes:
Fabrikam plans to monitor and investigate suspicious sign-ins to Active Directory
Fabrikam plans to provide partners with access to some of the data stored in Microsoft 365
Application Administration
Fabrikam identifies the following application requirements for managing workload applications:
User administrators will work from different countries
User administrators will use the Azure Active Directory admin center
Two new administrators named Admin1 and Admin2 will be responsible for managing Microsoft
Exchange Online only
Security Requirements
Fabrikam identifies the following security requirements:
Access to the Azure Active Directory admin center by the user administrators must be reviewed every
seven days. If an administrator fails to respond to an access request within three days, access must be
removed
Users who manage Microsoft 365 workloads must only be allowed to perform administrative tasks for
up to three hours at a time. Global administrators must be exempt from this requirement
Users must be prevented from inviting external users to view company data. Only global administrators
and a user named User1 must be able to send invitations
Azure Advanced Threat Protection (ATP) must capture security group modifications for sensitive
groups, such as Domain Admins in Active Directory
Workload administrators must use multi-factor authentication (MFA) when signing in from an
anonymous or an unfamiliar location
The location of the user administrators must be audited when the administrators authenticate to Azure
AD
Email messages that include attachments containing malware must be delivered without the
attachment
The principle of least privilege must be used whenever possible
Testlet 2
Overview
Litware, Inc. is a financial company that has 1,000 users in its main office in Chicago and 100 users in a
branch office in San Francisco.
Existing Environment
Internal Network Infrastructure
The network contains a single domain forest. The forest functional level is Windows Server 2016.
Users are subject to sign-in hour restrictions as defined in Active Directory.
The network has the IP address range shown in the following table.
The offices connect by using Multiprotocol Label Switching (MPLS).
The following operating systems are used on the network:
Windows Server 2016
Windows 10 Enterprise
Windows 8.1 Enterprise
The internal network contains the systems shown in the following table.
Litware uses a third-party email system.
Cloud Infrastructure
Litware recently purchased Microsoft 365 subscription licenses for all users.
Microsoft Azure Active Directory (Azure AD) Connect is installed and uses the default authentication
settings. User accounts are not yet synced to Azure AD.
You have the Microsoft 365 users and groups shown in the following table.
Planned Changes
Litware plans to implement the following changes:
Migrate the email system to Microsoft Exchange Online
Implement Azure AD Privileged Identity Management
Security Requirements
Litware identities the following security requirements:
Create a group named Group2 that will include all the Azure AD user accounts. Group2 will be used to
provide limited access to Windows Analytics
Create a group named Group3 that will be used to apply Azure Information Protection policies to pilot
users. Group3 must only contain user accounts
Use Azure Advanced Threat Protection (ATP) to detect any security threats that target the forest
Prevent users locked out of Active Directory from signing in to Azure AD and Active Directory
Implement a permanent eligible assignment of the Compliance administrator role for User1
Integrate Windows Defender and Windows Defender ATP on domain-joined servers
Prevent access to Azure resources for the guest user accounts by default
Ensure that all domain-joined computers are registered to Azure AD
Multi-factor authentication (MFA) Requirements
Security features of Microsoft Office 365 and Azure will be tested by using pilot Azure user accounts.
You identify the following requirements for testing MFA.
Pilot users must use MFA unless they are signing in from the internal network of the Chicago office.
MFA must NOT be used on the Chicago office internal network.
If an authentication attempt is suspicious, MFA must be used, regardless of the user location
Any disruption of legitimate authentication attempts must be minimized
General Requirements
Litware want to minimize the deployment of additional servers and services in the Active Directory forest.
NEW QUESTION 82
You install Azure ATP sensors on domain controllers.
You add a member to the Domain Admins group. You view the timeline in Azure ATP and discover that information regarding the membership change is missing.
You need to meet the security requirements for Azure ATP reporting.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-advanced-audit-policy
NEW QUESTION 83
You have a Microsoft 365 subscription.
A user reports that changes were made to several files in Microsoft OneDrive.
You need to identify which files were modified by which users in the user's OneDrive.
What should you do?
- A. From the Azure Active Directory admin center, open the audit log
- B. From Security & Compliance, perform an eDiscovery search
- C. From the OneDrive admin center, select
- D. From Microsoft Cloud App Security, open the activity log
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/activity-filters
NEW QUESTION 84
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in Security & Compliance to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
You run the Set-AuditConfig -Workload Exchangecommand.
Does that meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Explanation/Reference:
References:
https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-audit/set-auditconfig?
view=exchange-ps
NEW QUESTION 85
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deductedfrom your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage yourtime appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click onthe password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password:#HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
Thefollowing information is for technical support only:
Lab instance:11122308
You need to create an eDiscovery case that places a hold on the mailbox of a user named Allan Deyoung.
The hold must retain email messages that have a subject containing the word merger or the word Contoso.
To complete this task, sign in to the Microsoft 365 admin center.
Answer:
Explanation:
See explanation below.
Explanation
1. Navigate toeDiscoveryin the Security & Compliance Center, and then clickCreate a case.
2. On theNew Casepage, give the case a name, type an optional description, and then clickSave. The case name must be unique in your organization.
The new case is displayed in the list of cases on the page. You can hover the cursor over a case name to display information about the case, including the status of the case (ActiveorClosed), the description of the case (that was created in the previous step), and when the casewas changed last and who changed it.
To create a hold for an eDiscovery case:
1. In the Security & Compliance Center, click to display the list of cases in your organization.
2. ClickOpennext to the case that you want to createthe holds in.
3. On theHomepage for the case, click theHoldtab.
4. On theHoldpage, clickCreate.
5. On theName your holdpage, give the hold a name. The name of the hold must be unique in your organization.
6. (Optional) In theDescriptionbox, add a description of the hold.
7. ClickNext.
8. Choose the content locations that you want to place on hold. You can place mailboxes, sites, and public folders on hold.
Exchange email- ClickChoose users, groups, or teamsand then clickChoose users, groups, or teamsagain. to specify mailboxes to place on hold. Use the search box to find user mailboxes and distribution groups (to place a hold on the mailboxes of group members) to place on hold. You can also place a hold on the associated mailbox for a Microsoft Team, a Yammer Group, or an Office 365 Group. Select the user, group, team check box, clickChoose, and then clickDone.
Note
When you clickChoose users, groups, or teamstospecify mailboxes to place on hold, the mailbox picker that's displayed is empty. This is by design to enhance performance. To add people to this list, type a name (a minimum of 3 characters) in the search box.
9. After configuring a query-based hold, clickNext.
10. Review your settings, and then click
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/ediscovery-cases?view=o365-worldwide#step-4-pl
NEW QUESTION 86
You need to recommend an email malware solution that meets the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION 87
Your company has a Microsoft 365 subscription that contains the users shown in the following table.
The company implements Windows Defender Advanced Threat Protection (Windows Defender ATP). Windows Defender ATP includes the roles shown in the following table:
Windows Defender ATP contains the machine groups shown in the following table:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 88
......
Skills measured
- Implement and manage information protection (15-20%)
- Manage governance and compliance features in Microsoft 365 (25-30%)
- The content of this exam was updated on July 26, 2021. Please download the exam skills outline below to see what changed.
- Implement and manage threat protection (20-25%)
- Implement and manage identity and access (30-35%)
Topic areas and details
This Microsoft test measures one’s ability to accomplish particular technical tasks. You should go through the exam blueprint to understand the components of each topic before you choose your study materials. The domains of Microsoft MS-500 include the following:
- Implement identity and access (30-35%):
This is the topic with the highest percentage of the content coverage. In this domain, you will be evaluated on how successfully you can secure identities and Microsoft 365 hybrid environments. Other subtopics include the measurement of skills in implementing conditional access, authentication methods, Azure AD Privileged Identity Management, Azure AD Identity Protection, and role-based access control.
These tasks cover the abilities to monitor PIM history and alerts, implement user risk policy, plan Azure AD synchronization and authentication options, as well as implement, monitor, and manage MFA. It is also important to be able to manage and configure identity governance and implement Azure AD group membership. Planning, configuring, and auditing roles are also the tasks that are essential for the certified specialists.
- Manage threat protection (20-25%):
This area includes the students’ knowledge of how to implement device threat protection solutions, manage device, application protection, and Office 365 ATP, as well as monitor Microsoft 365 Security with Azure Sentinel. The management and configuration of Microsoft Defender Application Control and Microsoft Defender Application Guard are the processes that you will need to perform quickly and successfully. The candidates should also be able to configure Azure ATP, Secure Boot, and Office 365 ATP. As a certified specialist, you will have to plan Microsoft Defender ATP solutions and respond to threats in Azure Sentinel as well. Also, you need to have expertise in configuring and managing Windows and non-Windows device encryption.
- Manage governance and compliance features in Microsoft 365 (25-30%):This is another big section of the whole exam content. It covers the areas that include the configuration and analysis of security reporting, management of data privacy regulation compliance, analysis of audit reports and logs, as well as management of the investigation, search, data governance, and retention. An accredited specialist needs to have skills in managing Data Subject Requests, finding and recovering deleted Office 365 data, planning for auditing and reporting, as well as managing eDiscovery cases.
- Implement information protection (15-20%):
The questions from this topic area will include the content about security of data access within Office 365, implementation and management of Microsoft Cloud App Security, and management of sensitivity labels and data loss prevention. Managing apps in Cloud App Security, configuring B2B sharing for the external users, as well as implementing Customer Lockbox and managing it are also very important abilities. Other tasks that a potential applicant should be able to perform include the usage of sensitivity labels with Office apps, OneDrive, Teams, and Sharepoint. They also measure your ability to configure Oauth apps and Cloud App Security connectors as well as respond to Cloud App Security logs, dashboards, reports, and alerts.
Use Valid New MS-500 Test Notes & MS-500 Valid Exam Guide: https://www.suretorrent.com/MS-500-exam-guide-torrent.html
MS-500 exam torrent Microsoft study guide: https://drive.google.com/open?id=1AEC7uKp5ZDoMje1RTX9WpFlHQvnIqXn-