GitBit
First lesson
Blog
Sign Up
Microsoft MS-500 Practice Questions
Question
Your organization has a Microsoft 365 tenant with Exchange Online and all mailboxes are housed in Exchange Online. Your organization hires a new admin named John Gruber. You've been tasked with assigning John his Microsoft 365 admin roles. Your manager informs you John will need to configure the retention of all the mailboxes including their deleted items. Your organization adheres to the principle of least privilege.
Your organization has Microsoft 365 tenant with Microsoft 365 E5 licenses. The tenant contains the following users. Your manager has asked you which admins can enable Microsoft Defender for Endpoint roles. Click the check box next to each user that can enable Microsoft Defender for Endpoint roles.
You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription. You need to allow a user named User1 to view ATP reports from the Threat management dashboard. Which role provides User1 with the required role permissions?
Your organization is using a Microsoft 365 tenant. From the Microsoft 365 admin center, you create a new user named John Gruber. You were requested to assign the User Administrator role to John Gruber but before you do your boss wants to know everything the role will give John access to. Which admin centers could you use to view the permissions of an administrator role?
You have a Microsoft 365 tenant that contains a user named John Gruber. You have already created an eDiscovery case named CaseA. You need to allow John Gruber to export CaseA. Your organization requires you to use the principle of least privilege. Which role should you grant to John Gruber to fulfill the request above?
You have a Microsoft 365 subscription that contains a user named User1. You plan to use Compliance Manager. You need to ensure that User1 can assign Compliance Manager roles to users. The solution must use the principle of least privilege. Which role should you assign to User1?
You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. The tenant contains the following users. 📷 You've been tasked with implementing Azure Active Directory (Azure AD) Identity Protection. Before you can implement it your manager has asked you which users can perform the following actions: Configure a user risk policy. View the risky users' report. Which users can perform the tasks listed below?
Your organization has a Microsoft 365 tenant. You've hired a new employee named John Gruber. You manager has asked you to assign John a role in Microsoft 365. John is required to monitor the service health in Microsoft 365 and create service requests. Your organization adheres to the principle of least privilege. What steps do you need to perform?
Your organization hires a new compliance officer named Joe Gruber. Your manager has asked you to configure Joe's access. He'll need to be able to place mailboxes on hold, and perform compliance searches in OneDrive for Business, and SharePoint Online. Your organization adheres to the principle of least privilege. Answer the questions below
Your organization has a Microsoft 365 tenant with Microsoft Defender for Endpoint configured with multiple policies. Your organization has recently hired a new person named John Gruber. Your manager has informed you that John Gruber will need to view the Microsoft Defender for Endpoint reports in the Microsoft 365 Defender dashboard. Which role should you assign John Gruber to grant him the ability to view the Microsoft Defender for Endpoint reports?
Your organization has hired a new admin named John Gruber. Your manager has asked you to give John Gruber the ability to enable and configure Azure AD Privileged Identity Management. Your organization adheres to the principle of least privilege What role should you assign to John Gruber?
Your organization has a Microsoft 365 tenant with auditing enabled. You've been asked to grant John Gruber the ability to review audit logs in your Microsoft 365 tenant. You give John Gruber the Global administrator role. A few days later and learn John Gruber disabled auditing. You re-enable auditing and then remove John Gruber's user account from the Global administrator role. You need to give John Gruber the ability to review audit logs but he can't be given permission to disable auditing. Your organization adheres to the principle of least privilege. Which role should you give to John Gruber?
You have a Microsoft 365 tenant with the following user accounts configured. 📷 User1 is a member, has a city of Seattle, and has no admin roles. User2 is a member, has a city of Sea, and has the password administrator role User3 is a guest, has a city of SEATTLE, and has no admin roles. User4 is a member, has a city of SEAm, and has no admin roles. User5 is a member, has a city of London, and has no admin roles. User6 is a member, has a city of Londer, and has the Customer LockBox Access Approver role. User7 is a member, has a city of Sydney, and has the reports reader role. User8 is a member has a city of Sydney, and has the User administrator role. User9 is a member, has a city of Montreal, and has no admin roles. On what user accounts would User2 be unable to reset passwords?
Your organization has a Microsoft 365 tenant that contains 5,000 mailboxes. Another admin, named John Gruber, has been tasked with searching every mailbox for emails going to a competing company. You need to configure Microsoft 365 so that John Gruber can search through the mailboxes. The solution should not give John Gruber the ability to send emails from any mailbox. What do you need to do to fulfill the request?
Your manager asks you to give John Gruber the ability to assign the reports reader role to other users. Your organization adheres to the principle of least privilege. Which role should you assign to John Gruber?
A new admin has started with your organization the new admin will need to manage Exchange Online. You've been asked to grant the new user the required permissions. What steps should you take to complete the task?
Your organization has a Microsoft 365 tenant with many Microsoft Defender for Office 365 policies configured. Your manager has asked you to grant John Gruber the ability to view Microsoft Defender for Office 365 reports through the dashboard. Which role should you assign to John Gruber?
Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses. Your organization currently uses AD Connect to sync your user accounts from the on-premises AD to Microsoft 365. Your organization is also using Active Directory Federation Services (AD FS) to federate between the on-premises Active Directory (AD) and the Microsoft 365 tenant. Azure AD Connect has the following settings: 📷 Your manager has asked if you can update the configuration so leaked credentials detection can run properly What attribute do you edit?
The network contains an Active Directory forest named gitbit.org. GitBit has a hybrid Microsoft Azure Active Directory (Azure AD) environment. The company maintains some on-premises servers for specific applications, but most end-user applications are provided by a Microsoft 365 E5 subscription. GitBit identifies the following issues: Since last Friday, the IT team has been receiving automated email messages that contain "Unhealthy Identity Synchronization Notification" in the subject line. Several users recently opened email attachments that contained malware. The process to remove the malware was time-consuming. You need to resolve the issue that generates the automated email messages to the IT team. Which tool should you run first?
Your organization has a Microsoft 365 tenant with AD Connect syncing your on-premises AD to Microsoft 365. All computers are running Windows 10 and are configured to use Microsoft Intune. You've been tasked with protecting the VPN. Your manager has asked you to require every computer connecting to the VPN is marked as compliant. What do you need to do first?
Your organization has an on-premises Active Directory domain named gitbit.org Your organization has installed Azure AD Connect on a server to sync your on-premises AD to Microsoft 365. There's an error in the sync. You've been tasked with finding and resolving the error. You need to view Azure AD Connect events. What event logs do you use?
You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit. 📷 Select the response to complete the sentence correctly.
You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit. 📷 Select the option that will properly complete the following sentences
Your organization has an Active Directory domain named gitbit.org. You've installed Azure AD Connect on ServerA which is a server running Windows 2016. There's an error syncing user accounts from your on-premises AD to Microsoft 365. You've been tasked with resolving the error. To start, you RDP to ServerA and open the Directory Service event logs. What location can you use to troubleshoot the AD Connect sync errors?
Your network contains an on-premises Active Directory domain that syncs to Azure Active Directory (Azure AD) as shown in the following exhibit. 📷 The synchronization schedule is configured as shown in the following exhibit. 📷
Your organization has a Microsoft 365 tenant and an on-premises Active Directory (AD) domain. Your organization has installed AD Connect but hasn't enabled the syncing of your on-premises AD to Microsoft 365. Your organization is currently using the default authentication settings. Your manager has asked you to perform the following Have all domain joined computers registered in Azure AD. Configure Microsoft 365 to lock out any user that's currently locked out of the on-premises AD. What two settings will you need to configure to meet the goals listed above?
You've been tasked with configuring groups so they expire unless the group owners renew the group. Where do you go to configure group expiration?
You have a Microsoft 365 tenant with Microsoft E5 licenses. Users and devices are added/removed daily. Users in the sales department change their devices frequently. You've been asked to create three groups with the following requirements. 📷 The solution must minimize administrative effort. How many assigned groups and how many dynamic groups should be created?
You need to configure Microsoft 365 so that all users are required to change their passwords every 100 days. What steps should you take to complete the task?
Your organization has a Microsoft 365 tenant. User accounts are synced from your organization's human resources system to Azure AD. Your organization has five departments that each have their own Microsoft SharePoint Online site. Every user must be granted access to their own department's site. No users should be able to access a site that is not their own respective department's site. Your manager has asked you to configure the security of the SharePoint sites. He's given you the following requirements: Users should be automatically added to the security group corresponding to their department. All group owners must verify their group membership only contains their department's users once a month. How do you configure Microsoft 365 to meet the security requirements?
You have an Azure AD tenant named GitBit.org that contains the following users. 📷 User1 is a global administrator User2 is a user administrator You configure the following group naming policies: The word internal is added to the list of blocked words. You set GitBit- as a prefix. Check the box next to each true statement below.
Your organization has a Microsoft 365 tenant with the following users. 📷 The Microsoft 365 tenant contains the following dynamic groups. 📷 Which users are members of ADGroup1 and ADGroup2?
Your organization has a Microsoft 365 tenant. The security requirements have changed and any admins who manage Microsoft 365 must be limited in their administrative actions for three hours at a time. Global administrators must be exempt from this requirement Your organization's current configuration of Azure AD Privileged Identity Management is shown below. What changes do you need to make to meet the new security requirements?
Your organization has configured multiple conditional access policies to block non-compliant devices from connecting to Microsoft 365 and other services. Some users complain that they cannot access some services due to their devices being non-compliant. Where can you go to check which conditional access policy is blocking the users' login?
All the devices in the Microsoft 365 tenant are managed by using Microsoft Intune. Your organization has purchased an app named AppA. AppA that supports Microsoft's session controls. Your manager asks you to configure AppA so it can be reviewed in real-time. What do you need to do?
Your company has a main office and a Microsoft 365 subscription. You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office. What should you include in the configuration?
Your organization has a Microsoft 365 tenant. Only some of your users must use MFA to access Microsoft SharePoint Online. You need to view which users have used MFA to access SharePoint Online. What do you do?
Your company has a primary office and a Microsoft 365 subscription. You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office. What should you include in the configuration?
Your organization has the offices listed in the following chart. Each office has the following IP addresses. 📷 You've configured named locations in Azure AD as below. 📷 An address space of 198.35.3.0/24 is defined in the trusted IPs list on the Multi-Factor Authentication page. MFA is enabled for the users in the sales department. You are evaluating which sales department users will be prompted for MFA. Select Yes if a statement is true. Otherwise, select No.
Your organization has a Microsoft 365 tenant with the domain name gitbit.org. The MFA configuration is shown below. 📷 Your Microsoft 365 tenant has the following users. 📷 What will happen when User1 and User2 log in?
Your organization has a Microsoft 365 tenant but doesn't have the Azure AD premium licenses. Your manager has asked you to configure MFA on John's user account. You need to ensure John has to use MFA for all authentication requests. What should you do to complete the task? Put the tasks in the correct order in the list.
Your organization uses Microsoft 365. Your organization has multiple office locations with the IP address ranges shown below. 📷 Chicago internal network: 192.168.0.0/20 Chicago perimeter network: 172.16.0.0/24 Chicago external network: 131.107.83.0/28 San Francisco internal network: 192.168.16.0/20 San Francisco perimeter network: 172.16.16.0/24 San Francisco external network: 131.107.16.218/32 Your organization currently uses MFA. Your manager has received a number of complaints about how often they are receiving prompts. The organization's leadership team has decided to exclude the Chicago network. Your manager has asked you to exclude the Chicago network from being required to use MFA. Which IP addresses should you configure in the Trusted IP list for MFA?
Your organization has a Microsoft 365 tenant. You've been tasked with updating the security requirements of the tenant. If an authentication attempt is suspicious, your manager wants MFA to be required regardless of the user's location. What policy do you need to update to meet the security requirements?
You have a Microsoft 365 tenant named GitBit.org that has the following users: 📷 You create an Azure AD Identity Protection sign-in risk policy. You've assigned the policy to GroupA and excluded GroupB. You've set the sign-in risk condition to low and above. You've set the access control to Allow access, require MFA You need to understand how the policy will affect your users. What will happen when one of the user's signs in from an anonymous IP address?
You have a Microsoft 365 E5 subscription. You need to ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use multi-factor authentication (MFA) to request the permissions. What should you use to achieve the goal?
Security Requirements: GitBit identifies the following security requirements: Access to the Azure Active Directory admin center by the user administrators must be reviewed every seven days. If an administrator does not respond to an access request within three days, access must be removed Users who manage Microsoft 365 workloads must only be allowed to perform administrative tasks for up to three hours at a time. Global administrators must be exempt from this requirement Users must be prevented from inviting external users to view company data. Only global administrators and a user named User1 must be able to send invitations Azure Advanced Threat Protection (ATP) must capture security group modifications for sensitive groups, such as Domain Admins in Active Directory Workload administrators must use multi-factor authentication (MFA) when signing in from an anonymous or an unfamiliar location The location of the user administrators must be audited when the administrators authenticate to Azure AD Email messages that include attachments that have malware must be delivered without the attachment The principle of least privilege must be used whenever possible You plan to configure an access review to meet the security requirements for the workload administrators. You create an access review policy and specify the scope and a group. Which other settings should you configure? To answer, select the correct options in the answer area.
Your manager has asked you to configure the following in Microsoft 365. Set guest access to be reviewed every 30 days. Grant John Gruber the ability to invite guests to the Microsoft 365 tenant. Your organization adheres to the principle of least privilege. What should you do?
Access to the Azure AD admin center by any user administrators must be reviewed monthly. The user must lose access if they don't respond within 7 days of the access request. You create an access review policy and specify the scope and group. What other settings do you need to configure?
Your organization uses Microsoft 365. Your organization has recently purchased and applied Microsoft 365 E5 licenses for every user. Your manager has been tasked with securing the Microsoft 365 tenant. He has configured Customer Lockbox to require Microsoft 365 engineers to request your permission to access data in your tenant. Your manager has asked you to teach everyone how to approve Customer Lockbox requests. Where can you go to approve Customer Lockbox requests?
your organization has a Microsoft 365 tenant with the following users. 📷 Your organization has implemented Azure Active Directory (Azure AD) Privileged Identity Management (PIM). From PIM, you see the Application Administrator role has the following users. 📷 PIM is configured to use the following settings for users with the Application Administrator role assigned. Require approval to activate: Yes Approvers: None Check the box next to each true statement.
your organization has a Microsoft 365 tenant that contains the following users. 📷 You configure an Azure AD Identity Protection sign-in risk policy with the following settings: Assigned to Group1 and excludes Group2. Only apply if the user risk level is medium or above. If the user risk level is medium or above allow access but require a password change. The risk level for each user is shown below. 📷 Which users will be required to change their password?
You have a Microsoft 365 E5 subscription that contains the users shown in the following table. Your organization has Customer Lockbox enabled. Which admins will receive a notification when a Microsoft engineer requests access to your organization?
Your organization has a Microsoft 365 tenant. Your manager has asked you to re-configure the Microsoft 365 tenant to meet the following security requirements: Admins need to be informed when the Security administrator role is activated. Users assigned the Security Administrator role need to be automatically removed if they don't log in for 30 days. Which Azure AD PIM setting should you re-configure to meet the security requirements.
You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. A user named John Gruber is configured to receive alerts from Azure AD Identity Protection as shown below. Your tenant contains the following users. 📷 The user sign-in log is shown below 📷 Select Yes if the statement is true. If the statement is not true select No.
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table. 📷 You create and enforce an Azure AD Identity Protection user risk policy that has the following settings: Assignments: Include Group1, Exclude Group2 Conditions: Sign-in risk of Low and above Access: Allow access, Require password change You need to identify how the policy affects User1 and User2. What occurs when User1 and User2 sign in from an unfamiliar location?
Your organization has a Microsoft 365 tenant with a primary domain of gitbit.org Your organization has the following safe links policy. 📷 Which URL can users access from Microsoft Office Online?
You need to protect your organization against phishing attacks. The solution must meet the following requirements: Phishing email messages must be quarantined if the messages are sent from a spoofed domain. As many phishing email messages as possible must be identified. The solution must apply to the current SMTP domain names and any domain names added later. What steps should you take to complete the task?
You have a Microsoft 365 Enterprise E5 subscription. You use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). You plan to use Microsoft Office 365 Attack simulator. What is a prerequisite for running an Attack simulator?
Your organization has recently been breached because a user clicked a link in an email. Your manager has set up a fake phishing site at NotARealSite.com. Your manager wants to track anyone that clicks the link but he doesn't want to block them from accessing the site. You've been tasked with updating the safe links policy. Your manager gives you the following requirement: Track user clicks on any links to NotARealSite.com. What steps need to be completed to fulfill the requirements?
Your organization has a Microsoft 365 tenant with all users hosted in Exchange Online. It's a new tenant and all the defaults are still in place. You manage email security. Where do suspicious emails go?
Your organization has a Microsoft 365 tenant and you've already created a Microsoft Defender Safe Attachments policy. You've configured the policy to quarantine malware. Some users have complained that they go to check their quarantine but the emails are already deleted. Your manager has asked you to change the retention duration for the attachments that end up in quarantine. He needs you to extend the amount of time the emails will be in quarantine. Which threat management policy should you update from the Microsoft Defender admin center?
Your organization has a hybrid Microsoft 365 tenant with an Exchange on-premises server. 📷 User1 has an on-premises mailbox and MFA is required. User2 has an on-premises mailbox and MFA is disabled. User3 has an Exchange Online mailbox and MFA is required. User4 has an Exchange Online mailbox and MFA is disabled. You've been asked to implement Microsoft 365 Attack Simulator but before you do your manager needs to know who can receive the fake threats. Which users should you tell your boss can receive the attack simulation fake threats?
All user users have a Microsoft 365 E5 license. You have a hybrid Microsoft Exchange Server. Some of your user's mailboxes are located in Microsoft 365 while others are located in the on-premises Exchange server You are tasked with setting up and configuring Microsoft Defender for Office 365 anti-phishing policy. Management has asked you to enable mailbox intelligence for all users. What do you need to do to verify all mailboxes have mailbox intelligence enabled and working?
Several users in your organization have called in reporting they received an email that should have had an attachment but there was no attachment. You've been tasked with tracking down why the email attachment has been removed. As far as you know there haven't been any recent changes to your environment. What two places can you go to review the missing attachments?
Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses. You've just implemented a Defender for Office 365 safe attachments policy for your entire organization. Your help desk is getting calls that emails containing attachments are taking a long to be received. You need to reconfigure the safe attachments policy so emails are received more quickly but the attachments still need to be scanned for malware and any attachments with malware must be blocked. How should you reconfigure the safe attachment policy?
Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses. Your manager has asked you to reconfigure the email filter to deliver any emails that contain malware without the attachment. What two options do you need to configure?
You've been tasked with updating the safe links policy. Your manager gives you the following 2 requirements: Block any access to the GitBit.org domain Track user clicks on any links to gitbit.org. What steps need to be completed to fulfill the requirements?
Your manager has asked you to block any access to the site malware.gitbit.org. He wants to ensure you block the site from being opened from within an email or any Microsoft Office application. How can you fulfill his request?
Your organization has a Microsoft 365 tenant. The organization has the offices shown below. 📷 The Microsoft 365 tenant has the following users. 📷 Your tenant has the following Microsoft Cloud App Security policy. 📷 📷 Select Yes for every true statement. Select No for every false statement.
A colleague has been asked to deploy several Microsoft Defender for Identity sensors. He's asked you to give him the Azure information required to deploy the sensors. What information should you provide?
Your organization has a Microsoft 365 tenant with a primary domain of Gitbit.org. Your organization also has an on-premises Active Directory environment that's synced through AD Connect to Microsoft 365. Your organization has an on-premises Active Directory domain with a Windows Server 2019 server named Chicago1. Chicago1 has the Remote Access server role installed. Chicago1 is configured as a Virtual Private Network (VPN) server. Your manager has tasked you with deploying Microsoft Defender for Identity and integrating the VPN with Defender for Identity. You install the Microsoft Defender for Identity sensor on a server named Win2019A. Win2019A is running Windows Server 2019. What should you do?
You have an on-premises infrastructure that contains the following: An Active Directory domain with a domain controller named ServerA. A server named ServerB that's not a domain controller. A security policy is configured that prevents ServerA from connecting to the Internet. ServerB can connect to the Internet. You've been tasked with implementing Microsoft Defender for Identity to monitor ServerA. How should you configure the servers?
Your organization has a Microsoft 365 tenant and has Microsoft Defender for Identity configured. Your manager is concerned about updates causing issues with the updates for Defender for Identity. He asks you if you can delay the updates for Defender for Identity. You explain you can configure the delayed deployment of updates option. You turn the delayed deployment of updates on for a server named ServerA. How long will the delay be for updates to ServerA?
You have a Microsoft 365 tenant that's licensed for Microsoft Defender for Endpoint. You have the following devices enrolled in Microsoft Endpoint Manager. You've integrated Endpoint Manager and Microsoft Defender for Endpoint. You've been tasked with evaluating the risk level for all the devices but before you do your manager asks you a question. Which devices can be evaluated?
You have a Microsoft 365 tenant. You have 500 computers that run Windows 10. You plan to monitor the computers by using Microsoft Defender for Endpoint after the computers are enrolled in Microsoft Intune. You need to ensure that the computers connect to Microsoft Defender for Endpoint. How should you prepare Intune for Microsoft Defender for Endpoint?
Your network contains an on-premises Active Directory domain. The domain contains the servers shown in the following table. 📷 You plan to implement Defender for Identity for the domain. You install a Defender for Identity standalone sensor on Server1. You need to monitor the domain by using Defender for Identity. What should you do?
One of your Microsoft 365 users stores the following files in Microsoft OneDrive. File1.docx ImportantFile2.docx File_Important3.docx Your Microsoft 365 tenant has a Microsoft Cloud App Security file policy that has the filter shown below. Your manager asks you which files with the above policy apply. Check the box next to each file the policy will apply.
A user calls the help desk and informs you that changes were made to several files on his Microsoft OneDrive. He's asked you to get a report of everyone that's modified files in his OneDrive. What do you do?
Your organization has a Microsoft 365 tenant with a SharePoint Online site named Accounting. Accounting has the following files/folders. 📷 At 10:00, you create a Microsoft Cloud App Security policy named PolicyA shown below. 📷 Then you upload the files to the Accounting site Click Yes for each true statement. Click No if the statement is false.
Your organization has a Microsoft Defender for Endpoint deployment with custom network indicators turned on. The table below shows two Windows 10 computers that are protected by Microsoft Defender for Endpoint. 📷 Computer1 has a tag of Kiosk1 Computer2 has a tag of Tag1 The following table shows the machine groups in Microsoft Defender for Endpoint. 📷 Group1 has a rank of 1 and a membership rule of Tag contains a 1 Group2 has a rank of 2 and a membership rule of Name ends with 2 and a tag that equals Tag1 In the following table, you can see the URLs/Domains indicators created from the Microsoft Defender admin center http://www.gitbit.org has a scope of Group1 and is set to alert and block http://microsoft.com has a scope of Group2 and is set to alert and block http://microsoft.com/public has a scope of all machines and is set to allow. For each of the following statements, click yes if the statement is true. If the statement is false click No.
Your organization has an on-premises Active Directory domain that runs Windows Server 2022 servers and has advanced auditing enabled. Your organization is already collecting the servers' security logs using a third-party SIEM solution. Your organization has purchased a Microsoft 365 tenant and your manager has asked you to deploy Microsoft Defender for identity by using standalone sensors. You need to configure the Defender for Identity standalone sensor to detect when certain sensitive groups are updated and any time malicious services are created. How can you fulfill your manager's request?
Your organization has a Microsoft 365 tenant with all computers running Windows 10 and are onboarded to Microsoft Defender for Endpoint. Your organization has a device group named DeviceGroupA. Your manager has asked you to enable delegation for the security settings of the devices in DeviceGroupA. What do you need to do?
Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses assigned to each active user. Your organization is currently using Microsoft Defender for Endpoint. You've deployed Defender for Endpoint to each of your computers using Microsoft Intune. Your manager learns that Microsoft Defender for Office 365 and Microsoft Defender for Endpoint can be integrated. He loves the idea. He has asked you to integrate Microsoft Defender for Office 365 and Microsoft Defender for Endpoint. Where do you configure the integration?
Your organization has a Microsoft 365 tenant with the following users. UserA is a member of Group1 UserB is a member of Group2 UserC is a member of Group3 Your organization implements Microsoft Defender for Endpoint. Microsoft Defender for Endpoint is configured with the following roles. 📷 Microsoft Defender for Endpoints contains the following device groups. 📷 Select Yes if the statement is true. Click No if the statement is false.
You have a Microsoft 365 tenant. In the tenant, you have a user named John Gruber. Inside the tenant you have a conditional access policy with the following settings: Users or workload identities: John Gruber Cloud apps or actions: Office 365 Exchange Online Session: Use Conditional Access App Control. Your manager has asked you to block John Gruber's ability to print. Your manager knows you need a Microsoft Defender for Cloud Apps policy but doesn't know what type. What type of policy should you create in the Microsoft Defender for Cloud Apps admin center?
Your organization is using Microsoft 365 and has 500 computers. You need to protect all the computers using Microsoft Defender for Endpoint. Ten of the devices are used by executives. Your manager explains the requirements to you as follows: Administrators must manually approve all remediation for any of the executives. All other users must have remediation performed automatically. What should you recommend?
You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. Most of your users are required to use an authenticator app to access Microsoft 365. You need to view which users have used an authenticator app to access Microsoft 365. What should you do?
You have a Microsoft 365 tenant with a Microsoft Sentinel workspace. You've been asked by your manager to configure Microsoft 365 so you can manage incidents based on alerts generated by Microsoft Cloud App Security. What do you need to do first?
You have a Microsoft 365 tenant. Your manager asks you to enable auditing for all Microsoft Exchange Online mailboxes/users. What should you do?
You have a Microsoft 365 subscription. You have a user named John Gruber. Several users have full access to the mailbox of John Gruber. Some email messages sent to John Gruber appear to have been read and deleted before the user viewed them. When you search the audit log in Security & Compliance to identify who signed in to the mailbox of John Gruber, the results are blank. You need to ensure that you can view future sign-ins to the mailbox of John Gruber. You run the Set-Maibox -Identity "John Gruber" -AuditEnabled $true command. Does that meet the goal?
Your organization has a Microsoft Sentinel workspace that has a connector configured to Azure AD and Microsoft Office 365. You need to configure a Fusion rule template to detect multistage attacks where users sign in by using compromised credentials. Then they delete multiple files from Microsoft OneDrive. What do you need to do after you create an active rule that has the default settings?
Where can you go to review the location (IP address) when administrators log in to your Microsoft 365 tenant?
You have a Microsoft Sentinel workspace. The workspace has two connectors configured. One for Azure AD and another one for Microsoft Office 365. Your organization has hired a new admin. The new admin will need access to Microsoft Sentinel. Your manager informs you the new admin will need to perform the following: Manage incidents Create and run playbooks Your manager asks you which two roles should you assign to the new user?
Your organization is currently using Microsoft 365. Your manager has asked you where he can go to audit the sign in's of any user with the user administrator role. Where you should tell him to go?
Your organization has a Microsoft 365 tenant with a user named John Gruber. Multiple users have been granted read and manage (full access) to John Gruber's mailbox. John Gruber found a few emails that were sent to him were marked as read and deleted before he had a chance to review them. You've been asked to see who accessed and deleted the emails. You search the audit log in the Microsoft Defender admin center to see who read and deleted the emails but the audit logs are blank. So your manager has asked you to configure the audit logs so your can view who accessed the mailbox in the future. What Exchange PowerShell commands do you need to run to verify you can see the audit logs in the future?
You recently created and published several labels policies in a Microsoft 365 subscription. You need to view which labels were applied by users manually and which labels were applied automatically. What should you do from the Compliance admin center?
You've been tasked to create a group that will be used for publishing sensitivity labels. The group must only contain user accounts. What are the possible ways to create the group?
Your organization has a Microsoft 365 tenant. Your tenant has an information protection label named CompanyConfidential in the Microsoft Compliance admin center. Your tenant has CompanyConfidential applied to a global policy. One of your users protects an email using the CompanyConfidential label and sends the email to an external recipient. The external recipient reports that they cannot open the email. You've been asked to assist the user so the email can be sent to the external recipient. What should you do?
Your organization has a Microsoft 365 tenant that's syncing the users and groups from an on-premises AD using AD Connect. Your company has recently hired a new team of people to manage the sensitivity labels. Your manager has asked you to configure a new group that will be used for publishing sensitivity labels to pilot users. The group must contain only user accounts (excluding guest accounts). The membership of the group should be automatically updated.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the groups shown in the following table. The domain is synced to a Microsoft Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table. You create an Information Protection label policy named Policy1. You need to apply Policy1. To which groups can you apply Policy1?
Your organization has a Microsoft 365 tenant. Your organization has recently hired an organization to review your compliance requirements. They notice your accountants have a lot of data with different levels of sensitivity. Your team has been asked to create a label for some of the accountants to use. Your manager has asked you to create a sensitivity label. Where do you go to create the label?
Your organization has the sensitive info type data classifications shown below. 📷 Your organization has the Information Protection labels shown below 📷 Your organization has the Information Protection label policies shown below 📷 check the box next to each true statement.
Your organization has a Microsoft 365 tenant. Your manager asks you to configure notifications whenever an administrator starts an eDiscovery search. How do you configure the notifications?
You have a Microsoft 365 subscription. The Global administrator role is assigned to your user account. You have a user named Admin1. You create an eDiscovery case named Case1. You need to ensure that Admin1 can view the results of Case1. What should you do first?
Your organization has a Microsoft 365 tenant with a user named John Gruber. The CEO of your organization believes John Gruber may have sent email messages to one of your rivals with company secrets. You must provide a way to review any emails sent by John Gruber to the rival, even those that were deleted after being sent.
You have a Microsoft 365 subscription. From the Security & Compliance admin center, you create the retention policies shown in the following table. 📷 Policy1 is configured as shown in the following exhibit. 📷 Policy2 is configured as shown in the following exhibit. Select Yes if the statement is true. If the statement is false select No.
You have a Microsoft 365 subscription. You are creating a retention policy named Retention1 as shown in the following exhibit. 📷 You apply Retention1 to SharePoint sites and OneDrive accounts. Select the answer that properly completes the sentences.
You have a Microsoft 365 subscription. Yesterday, you created retention labels and published the labels to Microsoft Exchange Online mailboxes. You need to ensure that the labels will be available for manual assignment as soon as possible. What should you do?
Your organization has a Microsoft 365 tenant. You need to include a sensitive information type in Data Subject Request cases. Which four actions should you perform in sequence?
Your organization has the DLP policy shown below. 📷 What will happen if a user sends an email that contains a credit card number?
You need to prevent any emails that contain information covered by the U.S. Health Insurance Act (HIPAA) from being sent to people outside of your organization unless the messages are sent to an external domain named gitbit.org. What should you do to set it up?
Your organization has a Microsoft 365 tenant with a Microsoft SharePoint Online site named SiteA. An admin has created an eDiscovery case named CaseA that searches SiteA. You have created a new sensitive information type but when you look at CaseA the new sensitive information type is not returning any documents. What do you need to do to fix the case?
You need to ensure that a user named Joe Gruber receives incident reports when email messages that contain data covered by the Canada Health Information Act (HIA) are sent outside of your organization. What steps should you take to complete the task?
You create a data loss prevention (DLP) policy with the following settings: Conditions Sensitive info types: Credit card number, U.S. bank account number, ABA routing number. Shared with people outside your organization User notifications Notify these people: The person who sent the content, the owner of the content, the owner of the SharePoint site or OneDrive account. User overrides Let people who see the tip override the policy and share the content is checked. What happens when a user attempts to send an email message that contains sensitive information?
Your organization has a Microsoft 365 tenant and a database that stores client information. Each client has a unique 10-digit ID field that starts with Git- and then has the 10-digit ID. Your manager has asked you to implement a data loss prevention (DLP) policy that meets the following security requirements: Emails that contain a single client ID can be sent to anyone, including those outside the company. Emails that contain more than 2 client IDs must not be sent until the company's compliance/security team approves them. Which two components should you configure?
Your organization has a Microsoft 365 tenant with the primary domain of gitbit.org OneDrive contains the following files that are shared externally. 📷 A DLP policy is created and assigned to OneDrive, where it is configured with the following rules: First Rule: This applies when content is marked with Label1 and shared with people outside your organization Limit external users' access to the content. Notify the user who shared or last modified the content. Allow overrides from Microsoft 365 services. Priority set to 0 Second Rule: This applies when content is marked with Label1 or Label2 Block everyone from accessing the content excluding the owner and last modifier Priority set to 1 Third Rule: This applies when content is marked with Label2 and shared with people outside my organization Restrict access by blocking people outside your organization. Notify the user who shared or last modified the content. Allow overrides from Microsoft 365 services. Priority set to 2 Click yes if the statement is true. If the statement is false select No.
You have a Microsoft 365 subscription. You identify the following data loss prevention (DLP) requirements: Send notifications to users if they attempt to send attachments that contain EU Social Security Numbers (SSN) or Equivalent ID. Prevent any email messages that contain credit card numbers from being sent outside your organization. Block the external sharing of Microsoft OneDrive content that contains EU passport numbers. Send administrators email alerts if any rule matches occur. What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
Your organization has a Microsoft 365 tenant. Some users access Microsoft SharePoint Online from unmanaged personal devices. Your manager has asked you to prevent the users from downloading, printing, and syncing files from their unmanaged personal devices. What do you need to do?
Your organization has a Microsoft 365 tenant with a primary domain of GitBit.org Your organization works with a partner company named Uber Bikes. Your Microsoft OneDrive settings haven't been changed. You need to allow your users to share files from Microsoft OneDrive with specific users at Uber Bikes but prevent your users from sharing files with anyone else. What settings should you change in the SharePoint Online admin center?
your organization has a Microsoft 365 tenant. Most of your users access Microsoft SharePoint Online from unmanaged personal devices. You've been tasked with preventing users from downloading, printing, and syncing files to unmanaged devices. What should you do to fulfill the task?
Someone in your organization was caught sending company secrets to a competitor. They were sharing SharePoint files with people in a competitor's organization. Your manager is informed and decides the best course of action is to limit who users can share content with. He knows the only legitimate organization users should be sharing files with is a company called gitbit.org He has asked you to block sharing invitations to any external users except users from gitbit.org. How do you complete the task?
Your organization has a Microsoft 365 tenant with a domain of gitbit.org. You configure the Sharing settings in Microsoft SharePoint Online as below. Select the correct answers below
The devices enrolled in Intune are configured as shown in the following table: 📷 The device compliance policies in Intune are configured as shown in the following table: 📷 The device compliance policies have the assignments shown in the following table: 📷 The Mark devices with no compliance policy are assigned as Compliant. You are evaluating which devices are compliant with Intune. Check the box if the device is compliant
You have a Microsoft 365 tenant with the following devices enrolled in Intune. 📷 You've configured the following compliance policies in Intune including the groups they are assigned to: 📷 What policies will apply to which devices?
Your organization has a Microsoft 365 tenant. All the computers in your organization are running Windows 10. Every computer is joined to the domain and has Microsoft Intune installed. Your organization has updated its IT policy. Your new IT policy says only required telemetry data should be sent to Microsoft. You've been tasked with configuring the policy. How do you create the policy and apply it to all your Windows devices?
Your company has a Microsoft 365 subscription. The company does not permit users to enroll personal devices in mobile device management (MDM). Users in the sales department have personal iOS devices. You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant. The users must be prevented from backing up the app data to iCloud. What should you create?
Your organization has a Microsoft 365 tenant with a default domain of gitbit.org Your organization's Azure AD contains the following users. Your organization's Microsoft Endpoint Manager admin center shows the following devices enrolled. Both devices have three apps named AppA, AppB, and AppC installed. You create an app protection policy named ProtectionPolicyA that has the following settings: Protected apps: AppA Exempt apps: AppB Windows Information Protection mode: Block You apply ProtectionPolicyA to GroupA and GroupC. You exclude GroupB from ProtectionPolicyA. Check the box next to each true statement
Your organization has a Microsoft 365 tenant with a primary domain of gitbit.org The following Windows 10 devices are joined to Azure AD.
Your organization has Microsoft 365 tenant configured with a hybrid on-premises Exchange server. Every user in your organization has a Windows 10 computer that's joined to the domain and has the latest version of Microsoft Office installed. All computers in the organization run Windows 10 Enterprise, are joined to the domain, and use Microsoft Office 365 ProPlus. You have a server named ServerA that runs Windows Server 2016 and hosts the telemetry database. You've been tasked with preventing private details in the telemetry data from being sent to Microsoft. What should you do?
You need to ensure that unmanaged mobile devices are quarantined when the devices attempt to connect to Exchange Online. What steps should you take to complete the task?
Your organization has a Microsoft 365 tenant with devices registered in Azure AD. The devices are managed by using Microsoft Intune. Your manager asks you to enable and configure Windows Defender Exploit Guard (Windows Defender EG) on the devices. Which type of device configuration profile should you use?
Your manager has asked you to set up the Microsoft 365 tenant so users can only join 5 devices to the tenant. What do you need to do to configure it? Put the answers in the correct order
Your organization has a Microsoft 365 tenant named GitBit.org that contains the following users. 📷 Your organization has registered the following devices in Azure AD. 📷 You create the app protection policies in the Microsoft Endpoint Manager admin center as shown below. 📷 Check the box next to each true statement below.
You have a Microsoft 365 tenant with Defender for Endpoint. Intune is set up and installed on your Windows 10 devices. You open the Microsoft Endpoint Manager admin center and create an attack surface reduction policy. The policy is shown in the image below. Use the dropdowns below to complete the statement.
Your organization has a Microsoft 365 tenant. Your manager has asked you to set up app-enforced restrictions for 20 users so they can't download attachments unless they are on a compliant device. From the Azure AD admin center, you create a security group called GroupA. What are the next two steps you need to take? Select the correct options below.
You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. Your organization uses Intune and it's managed through the Microsoft Endpoint Manager admin center. You've already configured the compliance policy settings as below. 📷 On April 1, 2022, you create the device compliance policies shown below 📷 On April 5, 2022, users enroll the following Windows 10 devices in Intune. 📷 Check the boxes below if the statements are true.
Did you like the site?