MS-500 Exam Dumps - Microsoft 365 Security Administration

Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You have a Microsoft 365 tenant. You create a label named CompanyConfidential in Microsoft Azure

Information Protection.

You add CompanyConfidential to a global policy.

A user protects an email message by using CompanyConfidential and sends the label to several external

recipients. The external recipients report that they cannot open the email message.

You need to ensure that the external recipients can open protected email messages sent to them.

Solution: You modify the encryption settings of the label.

Does this meet the goal?

You have a Microsoft 365 subscription.

You are creating a retention policy named Retention1 as shown in the following exhibit.

You apply Retention1 to SharePoint sites and OneDrive accounts.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.

You plan to implement Microsoft Sentinel to create incidents based on:

• Azure Active Directory (Azure AD) Identity Protection alerts

• Correlated events from the DeviceProcessEvents table

Which analytic rule types should you use for each incident type? To answer, drag the appropriate rule types to the correct incident types. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

You have a Microsoft 365 E5 subscription and an Sentinel workspace named Sentinel1.

You need to launch the Guided investigation – Process Alerts notebooks= in Sentinel.

What should you create first?

You have a Microsoft 365 Enterprise E5 subscription.

You use Windows Defender Advanced Threat Protection (Windows Defender ATP).

You need to integrate Microsoft Office 365 Threat Intelligence and Windows Defender ATP.

Where should you configure the integration?

You have a Microsoft 365 alert named Alert?

as shown in the following exhibit.

You need to manage the status of Alert2. To which status can you change Alert2?

You have a Microsoft 365 E5 subscription that contains 100 users. Each user has a computer that runs Windows 10 and either an Android mobile device or an iOS mobile device. All the devices are registered with Azure AD.

You enable passwordless authentication for all the users.

You need to ensure that the users can sign in to the subscription by using passwordless authentication.

What should you instruct the users to do on their mobile device first?

You need to ensure that unmanaged mobile devices are quarantined when the devices attempt to connect to Exchange Online.

To complete this task, sign in to the Microsoft 365 portal.