Free Microsoft 365 Security Administration MS-500 Exam Practice Test

You need to create Group2.What are two possible ways to create the group?

• an Office 365 group in the Microsoft 365 admin center
• a mail-enabled security group in the Microsoft 365 admin center
• a security group in the Microsoft 365 admin center
• a distribution list in the Microsoft 365 admin center
• a security group in the Azure AD admin center

You plan to publish a label that will retain documents in Microsoft OneDrive for two years, and then automatically delete the documents.You need to create the label.To complete this task, sign in to the Microsoft Office 365 portal.

• A . Explanation:
  You need to create a retention label.
  Go to the Security & Compliance Admin Center.
  Navigate to Classification > Retention labels.
  Click on + Create a label to create a new label.
  Give the label a name and click Next.
  On the File plan descriptors, leave all options empty. The options in this page are used for auto-applying the retention label. Click Next.
  Turn the Retention switch to On.
  Under Retain the content, set the period to 2 years.
  Under What do you want to do after this time?, select the Delete the content automatically option.
  Click Next.
  Click the Create this label button to create the label. The label is now ready to be published to Microsoft OneDrive.
  

An administrator plans to deploy several Azure Advanced Threat Protection (ATP) sensors.You need to provide the administrator with the Azure information required to deploy the sensors.What information should you provide?

• an Azure Active Directory Authentication Library (ADAL) token
• the public key
• the access key
• the URL of the Azure ATP admin center

You have a Microsoft 365 subscription.A security manager receives an email message every time a data loss prevention (DLP) policy match occurs.You need to limit alert notifications to actionable DLP events.What should you do?

• From the Security & Compliance admin center, modify the Policy Tips of a DLP policy.
• From the Cloud App Security admin center, apply a filter to the alerts.
• From the Security & Compliance admin center, modify the User overrides settings of a DLP policy.
• From the Security & Compliance admin center, modify the matched activities threshold of an alert policy.

You have a Microsoft 365 E5 subscription that contains a user named Used.You need to ensure that User! can use the Microsoft 365 compliance center to search audit logs and identify which users were added to Microsoft 365 role groups. The solution must use the principle of least privilege.To which role group should you add User1?

• Security Reader
• View-Only Organization Management
• Organization Management
• Compliance Management

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a Microsoft 365 subscription.You have a user named User1. Several users have full access to the mailbox of User1.Some email messages sent to User1 appear to have been read and deleted before the user viewed them.When you search the audit log in Security & Compliance to identify who signed in to the mailbox of User1, the results are blank.You need to ensure that you can view future sign-ins to the mailbox of User1.You run the Set-AuditConfig -Workload Exchange command.Does that meet the goal?

• Yes
• No

You have a Microsoft 365 E5 subscription that contains a user named User1.User1 needs to be able to create Data Subject Requests (DSRs) in the Microsoft 365 compliance center.To which role or role group should you add User1?

• the Compliance Data Administrator role
• the Data Investigator role
• the eDiscovery Manager role
• the Records Management role group

You have multiple Microsoft 365 subscriptions.You need to build an application that will retrieve the Microsoft Secure Score data of each subscription.What should you use?

• the Microsoft Defender for Endpoint API
• the Microsoft Graph Security API
• the Microsoft Office 365 Management API
• the Azure Monitor REST API

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.You have an on-premises Active Directory domain named contoso.com.You install and run Azure AD Connect on a server named Server1 that runs Windows Server.You need to view Azure AD Connect events.You use the Application event log on Server1.Does that meet the goal?

• Yes
• No

You have a Microsoft 365 subscription linked to an Azure Active Directory (Azure AD) tenant that contains a user named User1.You have a Data Subject Request (DSR) case named Case1.You need to allow User1 to export the results of Case1. The solution must use the principle of least privilege.Which role should you assign to User1 for Case1?

• eDiscovery Manager
• Security Operator
• eDiscovery Administrator
• Global Reader