Microsoft MS-500 Exam Questions Instant Access

Question 1

You have a Microsoft 365 E5 subscription.

You implement Advanced Threat Protection (ATP) safe attachments policies for all users.

User reports that email messages containing attachments take longer than expected to be received.

You need to reduce the amount of time it takes to receive email messages that contain attachments. The

solution must ensure that all attachments are scanned for malware. Attachments that have malware must be blocked.

What should you do from ATP?

ASet the action to Block

BAdd an exception

CAdd a condition

DSet the action to Dynamic Delivery

Answer : D

https://docs.microsoft.com/en-us/office365/securitycompliance/dynamic-delivery-and-previewing

Question 2

Your company has a Microsoft 365 subscription.

The company does not permit users to enroll personal devices in mobile device management (MOM).

Users in the sales department have personal iOS devices.

You need to ensure that the sales department users can use the Microsoft Power Bl app from iOS devices to access the Power Bl data in your tenant. The users must be prevented from backing up the app's data to iCIoud.

What should you create?

Aa device compliance policy in Microsoft Endpoint Manager

Ba conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition

Ca conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition

Dan app protection policy in Microsoft Endpoint Manager

Answer : D

Question 3

You have a hybrid Microsoft 365 environment.

All computers run Windows 10 Enterprise and have Microsoft Office 365 ProPlus installed. All the computers

are joined to Active Directory.

You have a server named Server1 that runs Windows Server 2016. Server1 hosts the telemetry database. You

need to prevent private details in the telemetry data from being transmitted to Microsoft.

What should you do?

AOn Server1, run readinessreportcreator.exe

BConfigure a registry on Server1

CConfigure a registry on the computers

DOn the computers, run tdadm.exe

Answer : C

'To allow yourself and other administrators to identify the owners of Office files that have compatibility issues without revealing file names or specific locations, you can enable file obfuscation, which disguises Office file names, titles, and file paths. This setting is configured on the agent, which performs the obfuscation task before uploading data to the shared folder. The data that is stored on the local computer is not obfuscated.' https://docs.microsoft.com/en-us/deployoffice/compat/manage-the-privacy-of-data-monitored-by-telemetry-in-office

Question 4

Which user passwords will User2 be prevented from resetting?

AUser6 and User7

BUser4 and User6

CUser4 only

DUser7 and User8

EUser8 only

Answer : C

Question 5

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in Security & Compliance to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

You run the Set-Maibox -Identity "User1" -AuditEnabled $true command.

Does that meet the goal?

AYes

BNo

Answer : A

https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps

Question 6

You have a Microsoft 365 tenant.

You need to implement a policy to enforce the following requirements:

* If a user uses a Windows 10 device that is NOT hybrid Azure Active Directory (Azure AD) joined, the user must be allowed to connect to Microsoft SharePoint Online only from a web browser. I he user must be prevented from downloading files or syncing files from SharePoint Online.

* If a user uses a Windows 10 device that is hybrid Azure AD joined, the user must be able connect to SharePoint Online from any client application, download files, and sync files.

What should you create?

Aa conditional access policy in Azure AD that has Client apps conditions configured

Ba compliance policy in Microsoft Endpoint Manager that has the Device Health settings configured

Ca compliance policy in Microsoft Endpoint Manager that has the Device Properties settings configured

Da conditional access policy in Azure AD that has Session controls configured

Answer : D

Question 7

You create a label that encrypts email dat

a. Users report that they cannot use the label in Outlook on the web to protect the email messages they send.

You need to ensure that the users can use the new label to protect their email.

What should you do?

AModify the priority order of label policies

BWait six hours and ask the users to try again

CCreate a label policy

DCreate a new sensitive information type

Answer : C

Microsoft 365 Security Administration MS-500 Exam Questions