[Free] EnsurePass Microsoft MS-500 Real Exam Dumps Questions 21-30

February 7, 2020   |   by admin

Get Full Version of the Exam
http://www.EnsurePass.com/MS-500.html

Question No.21

You have a Microsoft 365 subscription.

You need to enable auditing for all Microsoft Exchange Online users. What should you do?

  1. From the Exchange admin center, create a journal rule

  2. Run the Set-MailboxDatabase cmdlet

  3. Run the Set-Mailbox cmdlet

  4. From the Exchange admin center, create a mail flow message trace rule.

Correct Answer: C

Explanation:

https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing

Question No.22

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an on-premises Active Directory domain named contoso.com.

You install and run Azure AD Connect on a server named Server1 that runs Windows Server. You need to view Azure AD Connect events.

You use the Directory Service event log on Server1. Does that meet the goal?

  1. Yes

  2. No

Correct Answer: B

Explanation:

https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-Instance

Question No.23

Several users in your Microsoft 365 subscription report that they received an email message without the attachment. You need to review the attachments that were removed from the messages. Which two tools can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

  1. the Exchange admin center

  2. the Azure ATP admin center

  3. Microsoft Azure Security Center

  4. the Security amp; Compliance admin center

  5. Outlook on the web

Correct Answer: AD

Explanation:

https://docs.microsoft.com/en-us/office365/securitycompliance/manage-quarantined-messages- and-files

Question No.24

You have a hybrid Microsoft Exchange Server organization. All users have Microsoft 365 E5 licenses. You plan to implement an Advanced Threat Protection (ATP) anti-phishing policy. You need to enable mailbox intelligence for all users. What should you do first?

  1. Configure attribute filtering in Microsoft Azure Active Directory Connect (Azure AD Connect).

  2. Purchase the ATP add-on.

  3. Select Directory extension attribute sync in Microsoft Azure Active Directory Connect {Azure AD Connect).

  4. Migrate the on-premises mailboxes to Exchange Online.

Correct Answer: D

Explanation:

https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies

Question No.25

You have a Microsoft 365 subscription.

All computers run Windows 10 Enterprise and are managed by using Microsoft Intune. You plan to view only security-related Windows telemetry data.

You need to ensure that only Windows security data is sent to Microsoft. What should you create from the Intune admin center?

  1. a device configuration profile that has device restrictions configured

  2. a device configuration profile that has the Endpoint Protection settings configured

  3. a device configuration policy that has the System Security settings configured

  4. a device compliance policy that has the Device Health settings configured

Correct Answer: A

Explanation:

https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#reporting-and-telemetry

Question No.26

You have a Microsoft 365 subscription.

All users are assigned a Microsoft 365 E5 license. How long will auditing data be retained?

  1. 30 days

  2. 90 days

  3. 365 days

  4. 5 years

Correct Answer: B

Explanation:

https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security- and-compliance

Question No.27

HOTSPOT

You have a Microsoft 365 subscription. Auditing is enabled.

A user named User1 is a member of a dynamic security group named Group1. You discover that User1 is no longer a member of Group1.

You need to search the audit log to identify why User1 was removed from Group1.

Which two actions should you use in the search? To answer, select the appropriate activities in

the answer area.

NOTE: Each correct selection is worth one point.

image

Correct Answer:

image

Question No.28

You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription.

You need to allow a user named User1 to view ATP reports in the Threat management dashboard.

Which role provides User1with the required role permissions?

  1. Security reader

  2. Message center reader

  3. Compliance administrator

  4. Information Protection administrator

Correct Answer: A

Explanation:

https://docs.microsoft.com/en-us/office365/securitycompliance/view-reports-for-atp#what- permissions-areneeded-to-view-the-atp-reports

Question No.29

Your company has 500 computers.

You plan to protect the computers by using Windows Defender Advanced Threat Protection (Windows Defender ATP). Twenty of the computers belong to company executives.

You need to recommend a remediation solution that meets the following requirements:

image

Windows Defender ATP administrators must manually approve all remediation for the executives

image

Remediation must occur automatically for all other users

What should you recommend doing from Windows Defender Security Center?

  1. Configure 20 system exclusions on automation allowed/block lists

  2. Configure two alert notification rules

  3. Download an offboarding package for the computers of the 20 executives

  4. Create two machine groups

Correct Answer: D

Explanation:

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender- atp/machine-groupswindows-defender-advanced-threat-protection

Question No.30

You have a Microsoft 365 subscription. You need to ensure that users can apply retention labels to individual documents in their Microsoft SharePoint libraries.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  1. From the Cloud App Security admin center, create a file policy.

  2. From the SharePoint admin center, modify the Site Settings.

  3. From the SharePoint amp; Compliance admin center, create a label.

  4. From the SharePoint admin center, modify the records management settings.

  5. From the Security amp; Compliance admin center, publish a label.

Correct Answer: CE

Explanation:

https://docs.microsoft.com/en-us/office365/securitycompliance/protect-sharepoint-online-files- with-office-365-labels-and-dlp

Get Full Version of the Exam
MS-500 Dumps
MS-500 VCE and PDF

Leave Your Comment