microsoft ms-500 practice test

Microsoft 365 Security Administration

Note: Test Case questions are at the end of the exam
Last exam update: Nov 14 ,2024
Page 1 out of 25. Viewing questions 1-15 out of 370

Question 1 Topic 7, Mixed Questions

You create a retention label as in the exhibit and publish the label to SharePoint sites. A file is created in SharePoint on 1
January 2019. Select the best answer.

  • A. A user can delete the file after 1 January 2019
  • B. A user can delete the file after 1 January 2021
  • C. A user can never delete the file
  • D. The file will be deleted automatically after 1 January 2019
  • E. The file will be deleted automatically after 1 January 2021
  • F. The file will never be automatically deleted
Mark Question:
Answer:

C


Explanation:
If a file is classified as a "Record" users cannot delete the file from SharePoint. They can from OneDrive, but the file is
retained in the Preservation Hold library for the duration of the retention period. Once the file reaches the end of the retention
period (if delete is selected as in this policy), the file (record or not) is deleted. It remains recoverable for 93 days.
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/records?view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 2 Topic 7, Mixed Questions

You configure a user to authorize Customer LockBox requests.
Which of the following does the user use?

  • A. O365 Security & Compliance center: Supervision
  • B. M365 Admin Center: View service requests
  • C. M365 Admin Center: Security & compliance
  • D. O365 Security & Compliance center: Data subject requests
  • E. Azure Portal: Key Vault
Mark Question:
Answer:

B


Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/customer-lockbox-requests?view=o365-worldwide#approve-or-
deny-a-customer-lockbox-request

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 3 Topic 7, Mixed Questions

What is the default retention period if you quarantine spam and bulk email messages?

  • A. 7 days
  • B. 15 days
  • C. 30 days
  • D. 90 days
Mark Question:
Answer:

C


Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/manage-quarantined-messages-and-
files?view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4 Topic 7, Mixed Questions

Which of the following components are not required for Azure AD Hybrid Identity with Federated authentication?

  • A. Azure AD Connect
  • B. Federation Proxy
  • C. Federation Server
  • D. Authentication Agent
  • E. Active Directory
Mark Question:
Answer:

D


Explanation:
Only PTA uses an authentication agent.
Reference:
https://docs.microsoft.com/en-za/azure/security/fundamentals/choose-ad-authn

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 5 Topic 7, Mixed Questions

Which of the following items are considered mandatory AAD conditional access conditions? (Choose two.)

  • A. User / group
  • B. Locations
  • C. MFA
  • D. Grant access
  • E. Block access
  • F. Cloud apps
  • G. Client apps
Mark Question:
Answer:

A F


Explanation:
Mandatory conditions:
User / group Cloud apps
Other conditions:
Sign-in risk
Device platforms
Locations
Client apps
Device state
Access controls: Block access Grant access:
- Require MFA
- Require compliant device
- Require hybrid AD joined
- Require approved client app- Require app protection policy
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/technical-reference

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
G
50%
Discussions
vote your answer:
A
B
C
D
E
F
G
0 / 1000

Question 6 Topic 7, Mixed Questions

Which of the following sign-in risks are considered medium risks by AAD Identity Protection? (Choose three.)

  • A. Users with leaked credentials
  • B. Sign-ins from anonymous IP addresses
  • C. Impossible travels to atypical locations
  • D. Sing-ins from an unfamiliar location
  • E. Sign-ins from infected devices
Mark Question:
Answer:

B C D


Explanation:
Leaked creds are high; infected devices are low; everything else is medium
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risk-events

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 7 Topic 7, Mixed Questions

You need to create a group that will be used to provide limited access to SharePoint resources for users.
Which of the following options are available to you to create the group? (Choose two.)

  • A. Using the M365 admin center, create an O365 group
  • B. Using the M365 admin center, create a security group
  • C. Using the M365 admin center, create a distribution list
  • D. Using Azure AD admin center, create a security group
  • E. Using Azure AD admin center, create an O365 group
Mark Question:
Answer:

B D


Explanation:
To control access to resources you must use a security group.
Reference:
https://docs.microsoft.com/en-US/microsoft-365/admin/create-groups/compare-
groups?WT.mc_id=365AdminCSH&view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 8 Topic 7, Mixed Questions

How many retention and sensitivity labels can be applied to an O365 item?

  • A. One retention; one sensitivity
  • B. Up to 15 retention; up to 15 sensitivity
  • C. Unlimited retention; unlimited sensitivity
  • D. One label only – either sensitivity or retention
  • E. One auto-applied retention label; one auto-applied sensitivity; one manually-applied retention; one manually applied sensitivity effectively 4 in total
Mark Question:
Answer:

A


Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/labels?view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 9 Topic 7, Mixed Questions

You are receiving email messages with "Unhealthy Identity Synchronization Notification" in the subject line.
Which of the following tools would you use to investigate this issue by first reviewing the DirSync status?

  • A. IdFix
  • B. Office 354 Admin Center
  • C. Azure AD Connect wizard
  • D. Active Directory Users and Computers
  • E. Azure portal
Mark Question:
Answer:

B


Explanation:
Reference:
https://docs.microsoft.com/en-us/office365/enterprise/identify-directory-synchronization-errors

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 10 Topic 7, Mixed Questions

You are testing the impact of Windows diagnostic data sent to Microsoft at different levels by changing the registry on your
own computer.
What elements do you configure? (Choose all that apply.)

  • A. Registry key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Data Collection
  • B. Registry key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\EventLog
  • C. Registry key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\SettingSync
  • D. Value Name: (Default)
  • E. Value Name: EnablePeerCaching
  • F. Value Name: AllowTelemetry
  • G. Value Type: String
  • H. Value Type: Binary
  • I. Value Type: DWORD (32-bit) Value
  • J. Value Data: "Enhanced" K. Value Data: 2 L. Value Data: 1
Mark Question:
Answer:

A F I K


Explanation:
These are also the registry entry made when Intune pushes a device configuration profile to a W10 machine.
Reference:
https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#use-registry-
editor-to-set-the-diagnostic-data-level

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
G
50%
H
50%
I
50%
J
50%
Discussions
vote your answer:
A
B
C
D
E
F
G
H
I
J
0 / 1000

Question 11 Topic 7, Mixed Questions

As part of your GDPR responsibilities, a user makes a formal request for you to provide a copy of all personal data held in
Office 365. You're enlisting the help of your compliance team and you are planning to minimize the number of actions.
Which of these actions do you take? (Choose all that apply.)

  • A. Assign eDiscovery permissions to case members
  • B. Create a Data Subject Request (DSR)
  • C. Create an eDiscovery case
  • D. Add members to the case
  • E. Modify search query
  • F. Save search query
  • G. Run search query
  • H. Place data sources on hold
  • I. Create a report
  • J. Export the data
Mark Question:
Answer:

A B D G J


Explanation:
Be sure to also know the order of operations in case you have to arrange fewer options in the correct order.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/manage-gdpr-data-subject-requests-with-the-dsr-case-
tool?view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
G
50%
H
50%
I
50%
J
50%
Discussions
vote your answer:
A
B
C
D
E
F
G
H
I
J
0 / 1000

Question 12 Topic 7, Mixed Questions

Which role do you need if you want to view alerts in the data governance and DLP categories? You must implement the
principle of least privilege.

  • A. Record Management
  • B. Compliance Administrator
  • C. Global Administrator
  • D. Security Reader
  • E. Security Administrator
Mark Question:
Answer:

B


Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies?view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 13 Topic 7, Mixed Questions

Which of the following device platforms can be enrolled through the Device Enrolment Program (DEP)?

  • A. Android
  • B. Android for Work
  • C. iOS
  • D. Windows 8.1
  • E. Windows 10
Mark Question:
Answer:

C


Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-program-enroll-ios

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 14 Topic 7, Mixed Questions

Which of the following Windows 10 Enterprise features provides identity protection?

  • A. Windows Hello
  • B. Credential Guard
  • C. Device Guard
  • D. Defender Antivirus
  • E. Defender ATP
Mark Question:
Answer:

B


Explanation:
Reference:
https://docs.microsoft.com/en-us/windows/security/identity-protection/

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 15 Topic 7, Mixed Questions

You are the M365 administrator for your organization. Your company has created a policy that requires that the mailboxes of
employees that have left the organization be retained for content searches for three years and then be automatically deleted.
You also need the licenses assigned to the users to be available for reassignment to new employees.
Select all the actions that will accomplish this task. Every selection is part of the overall solution. (Choose two.)

  • A. Delete the user account
  • B. Block the user account
  • C. Assign an AIP policy
  • D. Assign a retention policy
  • E. Create an eDiscovery case
Mark Question:
Answer:

A D


Explanation:
Blocking the user account will prevent logins, but not release the license you must delete the account to release the
license. You could alternatively block and manually release the license, but that is not one of the answer options.
AIP is for protection (classify, label and encrypt), not retention. It can also not auto-delete things. You must use a retention
label.
It is not required to open an eDiscovery case yet. It will be possible in future, but not needed to meet the objectives of the
question.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/inactive-mailboxes-in-office-365?view=o365-worldwide

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000
To page 2