{"id":81361,"date":"2022-03-03T22:20:25","date_gmt":"2022-03-04T03:50:25","guid":{"rendered":"https:\/\/www.whizlabs.com\/blog\/?p=81361"},"modified":"2022-09-07T22:21:34","modified_gmt":"2022-09-08T03:51:34","slug":"ms-500-exam-microsoft-365-security-questions","status":"publish","type":"post","link":"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/","title":{"rendered":"MS-500 Exam: Microsoft 365 Security Administration Free Questions"},"content":{"rendered":"<p>This blog post provides you updated (Microsoft 365 security certification) <a href=\"https:\/\/www.whizlabs.com\/ms-500-microsoft-365-security-administration\/\">MS-500 exam questions<\/a>. By trying out these free Microsoft 365 security administrator (MS-500) questions and answers, you will learn about the security and compliance solutions which are available for Microsoft 365 and Hybrid environments.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ea7e02;color:#ea7e02\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ea7e02;color:#ea7e02\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#What_to_expect_in_Microsoft_365_Security_Certification\" >What to expect in Microsoft 365 Security Certification?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_threat_protection\" >Domain : Implement and manage threat protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_threat_protection-2\" >Domain : Implement and manage threat protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_threat_protection-3\" >Domain : Implement and manage threat protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_threat_protection-4\" >Domain :Implement and manage threat protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_threat_protection-5\" >Domain : Implement and manage threat protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_information_protection\" >Domain : Implement and manage information protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_information_protection-2\" >Domain : Implement and manage information protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-2\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-3\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-4\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365-2\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_information_protection-3\" >Domain : Implement and manage information protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365-3\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365-4\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365-5\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365-6\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-5\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-6\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-7\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-23\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_threat_protection-6\" >Domain : Implement and manage threat protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-24\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_information_protection-4\" >Domain : Implement and manage information protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-25\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Manage_governance_and_compliance_features_in_Microsoft_365-7\" >Domain : Manage governance and compliance features in Microsoft 365<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-26\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Domain_Implement_and_manage_identity_and_access-8\" >Domain : Implement and manage identity and access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-27\" href=\"https:\/\/www.whizlabs.com\/blog\/ms-500-exam-microsoft-365-security-questions\/#Summary\" >Summary:<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"What_to_expect_in_Microsoft_365_Security_Certification\"><\/span>What to expect in Microsoft 365 Security Certification?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Microsoft 365 security certification tests the capability of an individual who should be able to plan and deploy security strategies in MS 365 and hybrid environments. There are no specific ms-500 prerequisites, if you have interest and knowledge in handling Microsoft 365 security features, you can take up this certification exam.<\/p>\n<h6>Objectives of MS-500 (Microsoft 365 security) Certification Exam:<\/h6>\n<ul>\n<li><em>Identity management and provisioning user access<\/em><\/li>\n<li><em>Managing Governance and Compliance features<\/em><\/li>\n<li><em>Information protection on Microsoft 365 environment<\/em><\/li>\n<li><em>Threat protection management<\/em><\/li>\n<\/ul>\n<p>Let&#8217;s start learning through these exam questions and detailed explanations.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_threat_protection\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage threat protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q1 :<\/span> <span style=\"font-weight: 400;\">You have configured an Azure Sentinel solution and wish to proactively look for security threats using Hunting in the Sentinel Portal. Which query language must you use when searching for threats?\u00a0<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Transact-SQL<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Gremlin query language<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>MySQL<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Kusto query language<\/span><\/p>\n<p><b>Correct Answer: D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Hunting in Azure Sentinel is based on Kusto query language. This is a read-only request to process data and return results. The request is stated in plain text, using a data-flow model designed to make the syntax easy to read, author, and automate. designed to make the syntax easy to read, author, and automate.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-81366\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-1.png\" alt=\"\" width=\"929\" height=\"101\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-1.png 929w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-1-300x33.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-1-768x83.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-1-640x70.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-1-681x74.png 681w\" sizes=\"(max-width: 929px) 100vw, 929px\" \/><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">T-SQL (Transact-SQL) is a set of programming extensions from Sybase and Microsoft that add several features to the Structured Query Language. Some of the tools that use T-SQL are SQL Server Management Studio, Azure Data Studio, SQL Server Data Tools and sqlcmd.<\/span><br \/>\n<b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">Gremlin is a query language used to retrieve data from and modify data in the applications graph. Azure Cosmos DB supports Gremlin.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">MySQL is an open source relational database management system with a client-server model. Azure Database for MySQL supports MySQL.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Azure Sentinel Hunting, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/nb-no\/azure\/sentinel\/hunting\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/nb-no\/azure\/sentinel\/hunting<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_threat_protection-2\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span> <span style=\"font-weight: 400;\">Implement and manage threat protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q2 : As a step to harden your Office 365 security you wish to run Microsoft Office 365 Attack simulator. You configure Microsoft Defender Advanced Threat Protection and assign your users Microsoft 365 Enterprise E5 licenses. What must be configured to run the attack simulator?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Create Conditional Access session control scoped at Office 365<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Assign your users Defender plan 2-licenses<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Configure an identity protection user risk-policy<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Enable multi-factor authentication<\/span><\/p>\n<p><b>Correct Answer: D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Enabling MFA is a prerequisite for running Microsoft Attack Simulator.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81367 size-full\" title=\"Implement and manage threat protection\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2.png\" alt=\"Implement and manage threat protection\" width=\"706\" height=\"475\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2.png 706w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2-300x202.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2-624x420.png 624w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2-537x360.png 537w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2-640x431.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-2-681x458.png 681w\" sizes=\"(max-width: 706px) 100vw, 706px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Since the answer is given in the documentation, the other options are incorrect.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Microsoft Office 365 Attack Simulator, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/attack-simulator?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/attack-simulator?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_threat_protection-3\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage threat protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q3 :<\/span> <span style=\"font-weight: 400;\">You are an IT administrator in a hybrid environment consisting of Windows 10 devices. Most of your users have migrated their mailboxes to Exchange online, but Sales and Marketing still have their mailboxes on premise. All users are assigned Microsoft 365 Enterprise E5 licenses. You wish to take advantage of the security capabilities in Microsoft Defender Advanced Threat Protection, and plan to run the Microsoft Office 365 Attack simulator on users in the Marketing-department. You have enabled MFA for all users. What must you do?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Migrate the Marketing group members to Exchange Online<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Set AD Connect in staging mode<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Create a mail-enabled security-group and add the Marketing group members<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Configure the on-premise public IP in the MFA &#8220;trusted IP&#8221; settings<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Attack Simulator only works on cloud-based mailboxes.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81368 size-full\" title=\"Attack Simulator works on cloud-based mailboxes\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-3.png\" alt=\"Attack Simulator works on cloud-based mailboxes\" width=\"884\" height=\"403\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-3.png 884w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-3-300x137.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-3-768x350.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-3-640x292.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-3-681x310.png 681w\" sizes=\"(max-width: 884px) 100vw, 884px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Since the answer is clearly stated in the documentation, all other options are incorrect.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Microsoft Office 365 Attack Simulator, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/attack-simulator?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/attack-simulator?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_threat_protection-4\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\">Implement and manage threat protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q4 : You are responsible for securing your organizations Exchange online environment. To help prevent impersonation attacks, you wish to enable artificial intelligence (AI) as a policy for all users. What should you configure?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Litigation Hold<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Security defaults<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Mailbox intelligence<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Safe attachment policy<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Mailbox intelligence uses the mailbox\u2019s normal traffic patterns to better enable the impersonation detection to catch unusual messages. It is able to recognize if an email is coming from an impersonator and flag it. For example, if you usually receive emails from marketing@contoso.com and an email comes in from an impersonator with the address marketinn@contoso.com, the system will recognize that this is not the correct email address and flag the email.<\/span><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">This is a notification sent from an organization&#8217;s legal team to employees instructing them not to delete electronically stored information that may be relevant to a legal case.<\/span><br \/>\n<b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This is a free security baseline offered by Microsoft.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This is a policy to protect against malicious attachments.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Mailbox Intelligence and other anti-phishing methods, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/set-up-anti-phishing-policies?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/set-up-anti-phishing-policies?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_threat_protection-5\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Implement and manage threat protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q5 : You have a Microsoft 365 subscription and have assigned Microsoft 365 E5 licenses to your users. Some of your users have issues with their exchange online mailboxes, so you submit a support ticket to Microsoft. You want to ensure that Microsoft cannot access your content to perform service operations without your approval. The solution should allow Microsoft Engineers to make a data access request for a limited amount of time. From the Microsoft 365 admin center, what should you enable?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Customer Lockbox<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Whiteboard<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Privacy profile<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Bing data collection<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Office 365 Customer Lockbox is a feature which enables customers to control how a Microsoft support engineer is going to access customer data when investigating and troubleshooting some service issues related to customers Office 365 tenant. This is typically after the customer has raised a ticket with Office 365 Support.<\/span><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This service allows users in your organization to use \u200eMicrosoft Whiteboard\u200e and collaborate on shared whiteboards.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">This service lets you set the privacy statement of your organization.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This service lets you choose whether \u200eBing\u200e can learn from your organization\u2019s search behavior to better its results.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Customer Lockbox, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/customer-lockbox-requests?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/customer-lockbox-requests?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_information_protection\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage information protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q6\u200b :<\/span> <span style=\"font-weight: 400;\">You have a configured a data loss prevention (DLP) with the following settings:<\/span><\/em><\/h4>\n<h4><img decoding=\"async\" class=\"aligncenter wp-image-81369 size-full\" title=\"data loss prevention (DLP)\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1.png\" alt=\"data loss prevention (DLP)\" width=\"1255\" height=\"559\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1.png 1255w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1-300x134.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1-1024x456.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1-768x342.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1-943x420.png 943w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1-640x285.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.1-681x303.png 681w\" sizes=\"(max-width: 1255px) 100vw, 1255px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81370 size-full\" title=\"Choose locations in DLP Policy\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2.png\" alt=\"Choose locations in DLP Policy\" width=\"1148\" height=\"715\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2.png 1148w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2-300x187.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2-1024x638.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2-768x478.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2-674x420.png 674w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2-640x399.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.2-681x424.png 681w\" sizes=\"(max-width: 1148px) 100vw, 1148px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81371 size-full\" title=\"Customize Content in New DLP Policy\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3.png\" alt=\"Customize Content in New DLP Policy\" width=\"1219\" height=\"519\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3.png 1219w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3-300x128.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3-1024x436.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3-768x327.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3-986x420.png 986w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3-640x272.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.3-681x290.png 681w\" sizes=\"(max-width: 1219px) 100vw, 1219px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81372 size-full\" title=\"Detect Sensitive Info in DLP Policy\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4.png\" alt=\"Detect Sensitive Info in DLP Policy\" width=\"1260\" height=\"686\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4.png 1260w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4-300x163.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4-1024x558.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4-768x418.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4-771x420.png 771w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4-640x348.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.4-681x371.png 681w\" sizes=\"(max-width: 1260px) 100vw, 1260px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81373 size-full\" title=\"Customize Access and Override permissions in New DLP Policy\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5.png\" alt=\"Customize Access and Override permissions in New DLP Policy\" width=\"1270\" height=\"540\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5.png 1270w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5-300x128.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5-1024x435.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5-768x327.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5-988x420.png 988w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5-640x272.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.5-681x290.png 681w\" sizes=\"(max-width: 1270px) 100vw, 1270px\" \/><br \/>\n<em><span style=\"font-weight: 400;\">After implementing the policy, your users are reporting that they can still send credit card number information out of the organization by mail. What must you change to ensure that the policy works as intended (stop information within the U.S. Patriot Act from being shared outside of the organization)?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Encrypt email messages (applies only to content in Exchange)<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Locations<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Choose the information to protect<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Let people who see the tip override the policy<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">In this policy all locations are disabled: Exchange email, SharePoint sites, OneDrive Accounts, Teams chat and channel messages.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You must enable the location of the service you want to impact:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81374 size-full\" title=\"Enable location of the service in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6.png\" alt=\"Enable location of the service in Microsoft 365\" width=\"925\" height=\"504\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6.png 925w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6-300x163.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6-768x418.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6-771x420.png 771w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6-640x350.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-6.6-681x371.png 681w\" sizes=\"(max-width: 925px) 100vw, 925px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Since the answer is given in the documentation, the other options are incorrect.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about implementing DLP policies, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/create-test-tune-dlp-policy?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Create, test, and tune a DLP policy &#8211; Microsoft 365 Compliance | Microsoft Docs<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_information_protection-2\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Implement and manage information protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q7\u200b : You are a global administrator in an organization with a Microsoft 365 subscription. You want to protect the information that is being shared both inside and outside of your organization, so you decide to create Data Loss Prevention policies.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">Your company has a big customer base in France, and you want to make sure email containing France National ID Card information cannot be sent out of your organization. Administrator and the user who is sending the email must be notified when rule match occurs.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">For security reasons you would also like the administrator to be notified whenever someone emails Azure Storage Account Key information within your organization. The user sending the Storage Account Key information must also be notified when rule match occurs.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">You want to restrict users from sharing SWIFT Code from OneDrive outside of your organization, but also enable users to override the policy if needed. Users must state a business justification if they choose to override the policy.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">Lastly you would like the administrator to be notified whenever someone is sharing a .exe file from OneDrive within your organization. The users sending and receiving the file must not be notified.\u00a0<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">What is the minimum number of policies and rules needed to achieve this?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>1 policy, 2 rules<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>2 policy, 2 rules<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>2 policy, 3 rules<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>2 policies, 4 rules<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>E. <\/strong>3 policies, 2 rules<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>F. <\/strong>3 policies, 3 rules<\/span><\/p>\n<p><b>Correct Answer: D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You need to create two DLP policies; one for Exchange (Policy 1) and one for OneDrive (Policy 2).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Within Policy 1 you must create two rules;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">First one for stopping mail containing France National ID Card information from being sent outside the organization.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Second one for notifying the administrator and end user when they send mail containing Azure Storage Account Key information.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For both rules you select notify end user and administrator<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Within Policy 2 you must create two rules;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">First one for restricting sharing of SWIFT Code outside of your organization. Set the details as shown in the exhibit below.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Second one for notifying administrators when .exe files are being shared within your organization. Set the details as shown in the exhibit below.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Policy 1:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81375 size-full\" title=\"Choose locations to apply DLP Policy in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1.png\" alt=\"Choose locations to apply DLP Policy in Microsoft 365\" width=\"1050\" height=\"624\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1.png 1050w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1-300x178.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1-1024x609.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1-768x456.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1-707x420.png 707w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1-640x380.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.1-681x405.png 681w\" sizes=\"(max-width: 1050px) 100vw, 1050px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81376 size-full\" title=\"Customize DLP Rules in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2.png\" alt=\"Customize DLP Rules in Microsoft 365\" width=\"1095\" height=\"787\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2.png 1095w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2-300x216.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2-1024x736.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2-768x552.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2-584x420.png 584w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2-640x460.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.2-681x489.png 681w\" sizes=\"(max-width: 1095px) 100vw, 1095px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Policy 2:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81377 size-full\" title=\"Choose locations to apply the policy\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3.png\" alt=\"Choose locations to apply the policy\" width=\"1045\" height=\"618\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3.png 1045w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3-300x177.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3-1024x606.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3-768x454.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3-710x420.png 710w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3-640x378.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.3-681x403.png 681w\" sizes=\"(max-width: 1045px) 100vw, 1045px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81378 size-full\" title=\"Create rule in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4.png\" alt=\"Create rule in Microsoft 365\" width=\"1012\" height=\"534\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4.png 1012w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4-300x158.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4-768x405.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4-796x420.png 796w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4-640x338.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.4-681x359.png 681w\" sizes=\"(max-width: 1012px) 100vw, 1012px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Details \u201cRestrict sharing of SWIFT Code\u201d:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81379 size-full\" title=\"User overrides Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.5.png\" alt=\"User overrides Microsoft 365\" width=\"612\" height=\"172\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.5.png 612w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-7.5-300x84.png 300w\" sizes=\"(max-width: 612px) 100vw, 612px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Since the answer is given in the documentation, the other options are incorrect.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about DLP policies, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/data-loss-prevention-policies?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/data-loss-prevention-policies?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q8 : You are the IT administrator of an organization with a Microsoft 365 subscription. You need to be notified by email whenever someone is assigned administrative permissions in your Exchange Online organization. How would you configure this from the Security &amp; Compliance admin center?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>From Search &amp; investigation, create an eDiscovery case<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>From Data privacy, create a Data subject request<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>From Records management, create an Event<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>From Alerts, create an alert policy<\/span><\/p>\n<p><b>Correct Answer: D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You need to create an alert policy for Elevation of Exchange admin privilege.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">When enabled the policy generates an alert when someone is assigned administrative permissions in your Exchange Online organization. For example, when a user is added to the Organization Management role group in Exchange Online.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81380 size-full\" title=\"New alert policy Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1.png\" alt=\"New alert policy Microsoft 365\" width=\"1085\" height=\"587\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1.png 1085w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1-300x162.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1-1024x554.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1-768x415.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1-776x420.png 776w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1-640x346.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.1-681x368.png 681w\" sizes=\"(max-width: 1085px) 100vw, 1085px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81381 size-full\" title=\"Elevation of Exchange admin privilege in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.2.png\" alt=\"Elevation of Exchange admin privilege in Microsoft 365\" width=\"579\" height=\"695\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.2.png 579w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.2-250x300.png 250w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-8.2-350x420.png 350w\" sizes=\"(max-width: 579px) 100vw, 579px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Since the answer is given in the documentation, the other options are incorrect.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about alert policies, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/alert-policies?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/alert-policies?view=o365-worldwide<\/span><\/a><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q9 : You have a Microsoft 365 subscription and are planning to install AD Connect to support an Active Directory hybrid identity solution. Your company is using a 3rd party authentication solution that requires smartcards. You need to choose an authentication method for the Azure AD hybrid identity solution. What do you do?\u00a0<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">Solution: You configure Pass-through authentication.<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Yes<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>No<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Pass-through authentication is not compatible with 3rd MFA solutions or smartcards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Pass-through authentication should be used when the password validation must be on-premise, as it relies on local Active Directory for authentication. It is set up by installing an agent on an on-premise server that allows Azure AD to validate local AD passwords and usernames.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Pass-through authentication, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-pta\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-pta<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-2\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q10 : You have a Microsoft 365 subscription and are planning to install AD Connect to support an Active Directory hybrid identity solution. Your company are using a 3rd party authentication solution that requires smartcards. You need to choose an authentication method for the Azure AD hybrid identity solution. What do you do?\u00a0<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">Solution: You configure Password hash synchronization<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Yes<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>No<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Password hash synchronization<\/span> <span style=\"font-weight: 400;\">is not compatible with 3rd MFA solutions or smartcards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Password hash synchronization synchronizes your AD DS user accounts with Microsoft 365 and manages your users on-premises. Hashes of user passwords are synchronized from your AD DS to Azure AD so that the users have the same password on-premises and in the cloud.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Password hash synchronization, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/whatis-phs\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/whatis-phs<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-3\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q11 : You have a Microsoft 365 subscription and are planning to install AD Connect to support an Active Directory hybrid identity solution. Your company are using a 3rd party authentication solution that requires smartcards. You need to choose an authentication method for the Azure AD hybrid identity solution. What do you do?\u00a0<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">Solution: You configure Federated authentication<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Yes<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>No<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Federated authentication can support additional authentication requirements, such as smartcard-based authentication or a third-party multi-factor authentication<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Federated authentication is most common for large organizations with complex authentication requirements. Users have the same password on-premise and in the cloud.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Federated authentication, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/whatis-fed\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/whatis-fed<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-4\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q12\u200b : You have a Microsoft 365 subscription with 30 E5 and 30 E3 available licenses. Your company has 3 departments: IT, Sales and Management. You need to make sure all users in the Management department will be assigned the E5 license automatically with the least amount of management on your end. What should you do?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>In Azure Active Directory, create a security group with dynamic membership rules. Set the rule property to department and value to \u201cManagement\u201d, and then assign the E5 license to the security group<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Assign the license manually when creating the new users<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Create an access review<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Create a powershell script that assigns E5 license to Management-users and run it weekly<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Best approach here is to create a dynamic membership security rule that will automatically include all users in the Management-department.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By assigning the license to the security group, all users within the group will be licensed.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81382 size-full\" title=\"New group in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.1.png\" alt=\"New group in Microsoft 365\" width=\"724\" height=\"514\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.1.png 724w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.1-300x213.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.1-592x420.png 592w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.1-640x454.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.1-681x483.png 681w\" sizes=\"(max-width: 724px) 100vw, 724px\" \/> <img decoding=\"async\" class=\"aligncenter size-full wp-image-81383\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2.png\" alt=\"\" width=\"1493\" height=\"160\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2.png 1493w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2-300x32.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2-1024x110.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2-768x82.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2-640x69.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.2-681x73.png 681w\" sizes=\"(max-width: 1493px) 100vw, 1493px\" \/> <img decoding=\"async\" class=\"aligncenter size-full wp-image-81384\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.3.png\" alt=\"\" width=\"263\" height=\"698\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.3.png 263w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.3-113x300.png 113w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-12.3-158x420.png 158w\" sizes=\"(max-width: 263px) 100vw, 263px\" \/><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This will not assign the licenses automatically and would be time-consuming.<\/span><br \/>\n<b>Option C is incorrect.<\/b><span style=\"font-weight: 400;\"> Access reviews are typically used to scope out user access and assignments.\u00a0 Not the way to go here.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This will not assign the licenses automatically and is time-consuming.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about azure AD dynamics groups, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/enterprise-users\/groups-create-rule\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/enterprise-users\/groups-create-rule<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365-2\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q13\u200b : You are a global administrator in a company with Microsoft 365 E5 licenses assigned to your users. The company is planning onboarding to Azure Sentinel as a solution to proactively detect and stop threats. You will be deploying the solution. What is the first thing you must do?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Create a new Log Analytics Workspace<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Upgrade your license to Microsoft Defender for Office 365 plan 2\u00a0<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Create a conditional access policy<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Within Azure Sentinel, connect a data source<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">To enable Azure Sentinel, you must first create a Log Analytics Workspace. After it is created you will add Azure Sentinel to the new workspace:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81385 size-full\" title=\"Add azure sentinel to a workspace in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1.png\" alt=\"Add azure sentinel to a workspace in Microsoft 365\" width=\"1377\" height=\"780\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1.png 1377w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1-300x170.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1-1024x580.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1-768x435.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1-741x420.png 741w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1-640x363.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.1-681x386.png 681w\" sizes=\"(max-width: 1377px) 100vw, 1377px\" \/> <img decoding=\"async\" class=\"aligncenter size-full wp-image-81386\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2.png\" alt=\"\" width=\"1239\" height=\"243\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2.png 1239w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2-300x59.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2-1024x201.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2-768x151.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2-640x126.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-13.2-681x134.png 681w\" sizes=\"(max-width: 1239px) 100vw, 1239px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">After these steps are completed you can start configuring your Sentinel solution by adding data sources.<\/span><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This is not a requirement to deploy Azure Sentinel.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">Creating a conditional access policy is not relevant in this scenario.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">You must first create a Log Analytics Workspace and the add Sentinel to the workspace.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about onboarding to Azure Sentinel, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/quickstart-onboard\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/quickstart-onboard<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_information_protection-3\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage information protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q14\u200b : You are the IT administrator in a company with a Microsoft 365 E5 subscription. Your users are using Dropbox daily, and you want to be able to view the user activity from your organization in Dropbox. What should you configure?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>In Cloud App Security \u2013 App connectors \u2013 Add an app<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>In Azure AD \u2013 register an app<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>In Cloud App Security \u2013 Control \u2013 Templates \u2013 Create a policy<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>In Azure AD \u2013 Create an access package<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can get visibility over the apps your users connect to by using Microsoft Cloud App Security.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You add an app by navigating to App connectors within Cloud App Security, and configuring steps to connect to the app. When the app is connected to gain visibility into the usage.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">See Microsoft documentation:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-81387\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-14.png\" alt=\"\" width=\"961\" height=\"364\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-14.png 961w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-14-300x114.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-14-768x291.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-14-640x242.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-14-681x258.png 681w\" sizes=\"(max-width: 961px) 100vw, 961px\" \/><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">Registering an app in Azure AD is not relevant in this scenario.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">Creating policies within cloud app security allows you to create governance actions and set data loss prevention and file-sharing controls.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">Creating an access package in Azure AD is not relevant in this scenario.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about cloud app security, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/getting-started-with-cloud-app-security\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Deploy Cloud App Security | Microsoft Docs<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365-3\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q15 : You are a global admin in a company with a Microsoft 365 subscription. In Microsoft 365 Compliance Center you have created a new Content Search, and now wish to export the result. What do you need first to export the findings?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>a certificate<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>a shared access key<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>an export key<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>a password<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">After you have created a content search and waited for it to finish, you can export the results (given you have the appropriate role permissions). However, you must first obtain the Export key which will be needed when you download the results:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81388 size-full\" title=\"Test search to be exported in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.1.png\" alt=\"Test search to be exported in Microsoft 365\" width=\"575\" height=\"703\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.1.png 575w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.1-245x300.png 245w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.1-344x420.png 344w\" sizes=\"(max-width: 575px) 100vw, 575px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81389 size-full\" title=\"eDiscovery export tool in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.2.png\" alt=\"eDiscovery export tool in Microsoft 365\" width=\"617\" height=\"239\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.2.png 617w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-15.2-300x116.png 300w\" sizes=\"(max-width: 617px) 100vw, 617px\" \/><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about exporting content searches, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/export-search-results?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/export-search-results?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365-4\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q16\u200b :<\/span> <span style=\"font-weight: 400;\">You are a global admin in a company with a Microsoft 365 subscription. In Microsoft 365 Compliance Center you have created a new Content Search, and you want your helpdesk to be able to export the result. How should you enable them to do this? You must use the principle of least privilege.<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>In Security &amp; Compliance Center, add the users to the eDiscovery Manager role<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>In Office 365 admin center, add the users to the Helpdesk Administrator role<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>In Security &amp; Compliance Center, add the users to the eDiscovery Administrator role<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>In Security &amp; Compliance Center, add the users to the Compliance Administrator role<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">The least privileged role with permission to export content search results are the eDiscovery Manager role.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81390 size-full\" title=\"Roles assignment in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.1.png\" alt=\"Roles assignment in Microsoft 365\" width=\"563\" height=\"519\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.1.png 563w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.1-300x277.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.1-456x420.png 456w\" sizes=\"(max-width: 563px) 100vw, 563px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81391 size-full\" title=\"Table listing eDiscovery-related RBAC roles in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2.png\" alt=\"Table listing eDiscovery-related RBAC roles in Microsoft 365\" width=\"978\" height=\"459\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2.png 978w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2-300x141.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2-768x360.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2-895x420.png 895w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2-640x300.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-16.2-681x320.png 681w\" sizes=\"(max-width: 978px) 100vw, 978px\" \/><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This role will not permit you to export content search results.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">This role will allow you to export content search results, but it is not the least privileged alternative.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This role will not permit you to export content search results.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about content search permissions, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/export-search-results?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/export-search-results?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365-5\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q17\u200b :<\/span> <span style=\"font-weight: 400;\">You are a global admin in a company with a Microsoft 365 subscription. Your users have their mailboxes in Exchange online. You have no archiving solution and wish to enable mailbox archiving within Office 365 for all users. What should you do first?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>In Exchange Online admin center, select Migration -&gt; Batch<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>In Exchange Online admin center, select Organization -&gt; Sharing<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>In Security &amp; Compliance Center, select Information governance -&gt; Archive<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>In Security &amp; Compliance Center, select Information governance -&gt; Retention<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can enable archive for your users by:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Navigate to Security &amp; Compliance Center, select Information governance, select Archive:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Select all mailboxes by clicking on the first one in the list, holding down the Shift key, and then clicking the last one in the list.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In the details pane, under<\/span> <span style=\"font-weight: 400;\">Bulk Edit<\/span><b>, <\/b><span style=\"font-weight: 400;\">click<\/span> <span style=\"font-weight: 400;\">Enable<\/span><b>.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">View the warning and click Enable to start the process.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81392 size-full\" title=\"Warning message in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-17.png\" alt=\"Warning message in Microsoft 365\" width=\"600\" height=\"208\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-17.png 600w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-17-300x104.png 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">This is related to migration workloads from exchange on-premise to exchange online.<\/span><br \/>\n<b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This is related to sharing configurations between yours and other organizations.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This is related to setting up retention policies to determine what items to keep and for how long.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about setting up mailbox archiving, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/set-up-an-archive-and-deletion-policy-for-mailboxes?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/set-up-an-archive-and-deletion-policy-for-mailboxes?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365-6\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q18\u200b :<\/span> <span style=\"font-weight: 400;\">You are a global admin in a company with a Microsoft 365 E5 subscription. You notice that some users have set up email forwarding out of your organization. In response to this you have enabled the \u201cCreation of forwarding\/redirect rule\u201d policy and configured yourself as the recipient of the alerts. However, you find that the number of informational emails received due to the policy feels a bit like spamming and wish to enforce a daily notification limit to 10 emails. What should you configure?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>In Microsoft 365 Compliance center &#8211; Policies \u2013 Alerts Policies, edit the built-in policy<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>In Microsoft 365 Compliance center \u2013 Alerts \u2013 Suppress an alert<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>In Microsoft 365 Compliance center \u2013 Alerts \u2013 Dismiss an alert<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>In Microsoft 365 Compliance center &#8211; Policies \u2013 Alerts Policies, create a new policy<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You should edit the built-in policy and change the daily notification limit to 10:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81393 size-full\" title=\"Creation of Forwarding and redirect rule in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.1.png\" alt=\"Creation of Forwarding and redirect rule in Microsoft 365\" width=\"594\" height=\"311\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.1.png 594w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.1-300x157.png 300w\" sizes=\"(max-width: 594px) 100vw, 594px\" \/> <img decoding=\"async\" class=\"aligncenter wp-image-81394 size-full\" title=\"Edit recipients in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.2.png\" alt=\"Edit recipients in Microsoft 365\" width=\"454\" height=\"571\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.2.png 454w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.2-239x300.png 239w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-18.2-334x420.png 334w\" sizes=\"(max-width: 454px) 100vw, 454px\" \/><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This will only suppress an existing alert.\u00a0<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">This will only dismiss an existing alert.\u00a0<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">There is no need to create a new policy, you should edit the existing built-in policy.\u00a0<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about setting up alert policies, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/alert-policies?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/alert-policies?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-5\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q19 :<\/span> <span style=\"font-weight: 400;\">You have a Microsoft 365 subscription and Azure AD on the Premium P1 tier. You are planning license allocation and want to create a group that will automatically add all users from the Sales-department. What kind of group in Azure Active Directory should you create?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Group type: Security, Membership type: Assigned<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Group type: Security, Membership type: Dynamic Device<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Group type: Security, Membership type: Dynamic User<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Group type: Microsoft 365, Membership type: Assigned<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You should create a security group with the dynamic user membership type, and add the dynamics query:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">(user.department -eq &#8220;Sales&#8221;)<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-81395\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1.png\" alt=\"\" width=\"698\" height=\"518\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1.png 698w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-300x223.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-566x420.png 566w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-80x60.png 80w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-100x75.png 100w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-180x135.png 180w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-238x178.png 238w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-640x475.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.1-681x505.png 681w\" sizes=\"(max-width: 698px) 100vw, 698px\" \/> <img decoding=\"async\" class=\"aligncenter size-full wp-image-81396\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-19.2.png\" alt=\"\" width=\"287\" height=\"136\" \/><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">Assigned membership type will not automatically assign your licenses based on a query.\u00a0\u00a0<\/span><br \/>\n<b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">We are using the attribute \u201cdepartment\u201d which is associated with the Azure AD user, not device.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">For assigning licenses we should use a Security group, not Microsoft 365. Also the membership type is Assigned, which will not let us create a query to assign licenses based on department information.\u00a0\u00a0<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Azure AD dynamics groups, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/enterprise-users\/groups-dynamic-membership\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/enterprise-users\/groups-dynamic-membership<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-6\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q20 :<\/span> <span style=\"font-weight: 400;\">You are the IT administrator of a company with a Microsoft 365 subscription. You have just enabled self-service password reset for all your users. What will be the user experience the next time your users sign in to your tenant?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>There is no user impact after enabling self-service password reset<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Your users will be prompted to enter additional contact information<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Your users will be redirected to Microsoft Store for Business, where they must download the authenticator app<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Your users must update their passwords<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Your users will get a prompt stating \u201cMore information required\u201d, where they need to enter additional contact information that is needed to reset their password in the future.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81397 size-full\" title=\"Implement and manage identity and access in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20.png\" alt=\"Implement and manage identity and access in Microsoft 365\" width=\"985\" height=\"837\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20.png 985w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20-300x255.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20-768x653.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20-494x420.png 494w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20-640x544.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-20-681x579.png 681w\" sizes=\"(max-width: 985px) 100vw, 985px\" \/><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">There is a user impact after enabling the service.\u00a0<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">This will not happen, and the authenticator app is for mobile devices.\u00a0<\/span><br \/>\n<b>Option D is incorrect. <\/b><\/p>\n<p><span style=\"font-weight: 400;\">Your users will not be asked to update their passwords.\u00a0<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about enabling password reset, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/add-users\/let-users-reset-passwords?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/add-users\/let-users-reset-passwords?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-7\"><\/span><span style=\"font-weight: 400;\">Domain :<\/span><span style=\"font-weight: 400;\"> Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q21\u200b : You have a Microsoft 365 subscription, and you are responsible for securing your Office 365 tenant. You want to set your users passwords to expire after 90 days.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">How should you configure this?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>In Microsoft 365 admin center-&gt; Setting -&gt; Org settings<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>In Azure Active Directory \u2013 Password reset &#8211; Customization<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>In Azure Active Directory \u2013 Security \u2013 Security Center<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>In cloud shell &#8211; Get-AzureADUser -All $true | Set-AzureADUser -PasswordPolicies DisablePasswordExpiration<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You should navigate to Microsoft 365 admin center, Settings, Org settings, Security &amp; Privacy and select Password expiration policy<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81398 size-full\" title=\"Microsoft 365 Org settings\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1.png\" alt=\"Microsoft 365 Org settings\" width=\"1275\" height=\"650\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1.png 1275w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1-300x153.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1-1024x522.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1-768x392.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1-824x420.png 824w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1-640x326.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.1-681x347.png 681w\" sizes=\"(max-width: 1275px) 100vw, 1275px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Set the \u201cDays before passwords expire\u201d to 90 days.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81399 size-full\" title=\"Password expiration policy in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.2.png\" alt=\"Password expiration policy in Microsoft 365\" width=\"588\" height=\"436\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.2.png 588w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.2-300x222.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.2-566x420.png 566w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.2-80x60.png 80w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-21.2-100x75.png 100w\" sizes=\"(max-width: 588px) 100vw, 588px\" \/><\/p>\n<p><b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This is where you customize a helpdesk link<\/span><br \/>\n<b>Option C is incorrect.<\/b><span style=\"font-weight: 400;\"> Azure security center is a hub for administering security status and threat protection.<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This command removed password expiration.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about configuring org wide password policy, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/manage\/set-password-expiration-policy?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/manage\/set-password-expiration-policy?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_threat_protection-6\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Implement and manage threat protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q22 : <\/span><span style=\"font-weight: 400;\">You have a Microsoft 365 subscription and Microsoft 365 E5 licenses assigned to your users. You are using Microsoft Defender for Office 365, and you configure a safe attachment policy for your Sales department. You want the emails containing malicious attachments to be delivered without the attachment. How should you configure the policy?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Block<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Replace<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Dynamic Delivery<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Monitor<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You should configure the policy with the Replace-control. When enabled, detected malware attachments will be removed, but the message will be delivered (without the attachment).<\/span><\/p>\n<p><b>Option A is incorrect.\u00a0 <\/b><span style=\"font-weight: 400;\">This control prevents messages with detected malware attachments from being delivered.<\/span><br \/>\n<b>Option C is incorrect.<\/b><span style=\"font-weight: 400;\"> This control replaces the attachment with a placeholder until the Safe attachment scanning is complete. If found to be safe, the attachment is then released to the user.\u00a0<\/span><br \/>\n<b>Option D is incorrect. <\/b><span style=\"font-weight: 400;\">This control only tracks what happens with detected malware.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about Safe attachment configurations, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/safe-attachments?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/safe-attachments?view=o365-worldwide<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_information_protection-4\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Implement and manage information protection<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q23 : <\/span><b>\u00a0<\/b><span style=\"font-weight: 400;\">You have a Microsoft 365 subscription. Your organization is frequently collaborating with external users from different companies. You have created a dynamic group in Azure AD to automatically add new and old guest users.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">How should you configure the rule syntax?<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>(user.objectId -ne null) and (user.userType -eq &#8220;Member&#8221;)<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>(user.objectId -e external) and (user.userType -eq &#8220;Guest&#8221;)<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>(user.objectId -e external) and (user.userType -eq &#8220;Member&#8221;)<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>(user.objectId -ne null) and (user.userType -eq &#8220;Guest&#8221;)<\/span><\/p>\n<p><b>Correct Answer: D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">The correct expression is (user.objectId -ne null) and (user.userType -eq &#8220;Guest&#8221;) \u2013 you are adding all users that have an existing user object ID with the user type \u201cguest\u201d.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81400 size-full\" title=\"Dynamic membership rule in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1.png\" alt=\"Dynamic membership rule in Microsoft 365\" width=\"926\" height=\"577\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1.png 926w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1-300x187.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1-768x479.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1-674x420.png 674w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1-640x399.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-23.1-681x424.png 681w\" sizes=\"(max-width: 926px) 100vw, 926px\" \/><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">This is not a valid expression<\/span><br \/>\n<b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This is not a valid expression.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">This expression will add users with the user type Member \u2013 internal tenant users.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about grouping guest users, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/external-identities\/use-dynamic-groups\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/external-identities\/use-dynamic-groups<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Manage_governance_and_compliance_features_in_Microsoft_365-7\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Manage governance and compliance features in Microsoft 365<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q24 : <\/span><b>\u00a0<\/b><span style=\"font-weight: 400;\">You are a global admin in a company with a Microsoft 365 subscription and Microsoft 365 E5 licenses assigned to your users. You have set up several retention policies and labels. Due to rules defined by regulatory bodies you need to make sure one specific policy cannot be turned off, deleted or made less restrictive.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">What should you configure?\u00a0<\/span><\/em><\/h4>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Azure Resource Group &#8211; Locks<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Litigation Hold<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Azure DevOps release pipeline<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Preservation Locks<\/span><\/p>\n<p><b>Correct Answer: D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">You should configure a preservation lock on the policy that must be protected. This will ensure that it cannot be changed, deleted or turned off.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can enable Preservation Lock by connecting to Security &amp; Compliance Powershell and use the<\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/powershell\/module\/exchange\/set-retentioncompliancepolicy\" target=\"_blank\" rel=\"noopener\"> <span style=\"font-weight: 400;\">Set-RetentionCompliancePolicy<\/span><\/a><span style=\"font-weight: 400;\"> cmdlet with the name of the policy:<\/span><\/p>\n<p><i><span style=\"font-weight: 400;\">Set-RetentionCompliancePolicy -Identity &#8220;&lt;Name of Policy&gt;&#8221; \u2013RestrictiveRetention $true<\/span><\/i><\/p>\n<p><b>Option A is incorrect. <\/b><span style=\"font-weight: 400;\">This feature prevents deletion of resource groups.<\/span><br \/>\n<b>Option B is incorrect. <\/b><span style=\"font-weight: 400;\">This service places a mailbox on hold for a specified timeframe.<\/span><br \/>\n<b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">Azure DevOps release pipelines are used for releasing a built artifact to for instance Azure.\u00a0<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about preservation locks, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-za\/microsoft-365\/compliance\/retention-preservation-lock?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Use Preservation Lock to restrict changes to retention policies and retention label policies &#8211; Microsoft 365 Compliance | Microsoft Docs<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Domain_Implement_and_manage_identity_and_access-8\"><\/span><span style=\"font-weight: 400;\">Domain : <\/span><span style=\"font-weight: 400;\">Implement and manage identity and access<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><em><span style=\"font-weight: 400;\">Q25 : <\/span><b>\u00a0<\/b><span style=\"font-weight: 400;\">You are creating an Azure AD conditional access policy. You want to enforce multi-factor authentication for a selected set of users when logging on to sharepoint online.<\/span><\/em><br \/>\n<em><span style=\"font-weight: 400;\">Which controls should you configure?<\/span><\/em><\/h4>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81401 size-full\" title=\"Conditional Access policy in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.1.png\" alt=\"Conditional Access policy in Microsoft 365\" width=\"358\" height=\"687\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.1.png 358w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.1-156x300.png 156w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.1-219x420.png 219w\" sizes=\"(max-width: 358px) 100vw, 358px\" \/><\/p>\n<p><span style=\"font-weight: 400;\"><strong>A. <\/strong>Users and groups<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>B. <\/strong>Cloud apps or actions<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>C. <\/strong>Conditions<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>D. <\/strong>Grant<\/span><br \/>\n<span style=\"font-weight: 400;\"><strong>E. <\/strong>Session<\/span><\/p>\n<p><b>Correct Answers: A, B and D<\/b><\/p>\n<p><b>Explanation:<\/b><span style=\"font-weight: 400;\">\u00a0 <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Under Users and groups, you target the selected users:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81402 size-full\" title=\"Control user access in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.2.png\" alt=\"Control user access in Microsoft 365\" width=\"637\" height=\"572\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.2.png 637w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.2-300x269.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.2-468x420.png 468w\" sizes=\"(max-width: 637px) 100vw, 637px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Under Cloud apps or actions, you select Sharepoint online:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-81403\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.3.png\" alt=\"\" width=\"600\" height=\"409\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.3.png 600w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.3-300x205.png 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Under Grant you select the action that will be enforced, in this case granting access after MFA authentication:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-81404 size-full\" title=\"Control user access enforcement in Microsoft 365\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.4.png\" alt=\"Control user access enforcement in Microsoft 365\" width=\"320\" height=\"508\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.4.png 320w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.4-189x300.png 189w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/ms-500-25.4-265x420.png 265w\" sizes=\"(max-width: 320px) 100vw, 320px\" \/><\/p>\n<p><b>Option C is incorrect. <\/b><span style=\"font-weight: 400;\">Conditions control user access based on signals from conditions like risk, device platform, location, client apps, or device state.<\/span><br \/>\n<b>Option E is incorrect. <\/b><span style=\"font-weight: 400;\">Sessions<\/span> <span style=\"font-weight: 400;\">Control user access based on session controls to enable limited experiences within specific cloud applications.<\/span><\/p>\n<p><b>Reference: <\/b><span style=\"font-weight: 400;\">To know more about password enabling MFA in Conditional access, please refer to the link below: <\/span><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/tutorial-enable-azure-mfa\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/tutorial-enable-azure-mfa<\/span><\/a><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Hope you have learned the Microsoft 365 security certification questions. If you are looking for Microsoft 365 Security Administration training, then this blog post can help you in building confidence for passing the actual exam. As a part of your MS-500 preparation, you should also give a try on MS-500 practice tests which have similar questions related to the real exam and a detailed study guide. Keep learning !<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This blog post provides you updated (Microsoft 365 security certification) MS-500 exam questions. By trying out these free Microsoft 365 security administrator (MS-500) questions and answers, you will learn about the security and compliance solutions which are available for Microsoft 365 and Hybrid environments. What to expect in Microsoft 365 Security Certification? Microsoft 365 security certification tests the capability of an individual who should be able to plan and deploy security strategies in MS 365 and hybrid environments. There are no specific ms-500 prerequisites, if you have interest and knowledge in handling Microsoft 365 security features, you can take up [&hellip;]<\/p>\n","protected":false},"author":359,"featured_media":81489,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[4828],"tags":[4830,4829],"class_list":["post-81361","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-365","tag-microsoft-365-security-certification-exam","tag-ms-500-exam-questions"],"uagb_featured_image_src":{"full":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",600,315,false],"thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions-150x150.jpg",150,150,true],"medium":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions-300x158.jpg",300,158,true],"medium_large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",600,315,false],"large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",600,315,false],"1536x1536":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",600,315,false],"2048x2048":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",600,315,false],"profile_24":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",24,13,false],"profile_48":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",48,25,false],"profile_96":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",96,50,false],"profile_150":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",150,79,false],"profile_300":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",300,158,false],"tptn_thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions-250x250.jpg",250,250,true],"web-stories-poster-portrait":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",600,315,false],"web-stories-publisher-logo":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",96,50,false],"web-stories-thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Microsoft-MS-500-Exam-Questions.jpg",150,79,false]},"uagb_author_info":{"display_name":"Abilesh Premkumar","author_link":"https:\/\/www.whizlabs.com\/blog\/author\/abilesh\/"},"uagb_comment_info":24,"uagb_excerpt":"This blog post provides you updated (Microsoft 365 security certification) MS-500 exam questions. By trying out these free Microsoft 365 security administrator (MS-500) questions and answers, you will learn about the security and compliance solutions which are available for Microsoft 365 and Hybrid environments. What to expect in Microsoft 365 Security Certification? Microsoft 365 security&hellip;","_links":{"self":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/81361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/users\/359"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/comments?post=81361"}],"version-history":[{"count":9,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/81361\/revisions"}],"predecessor-version":[{"id":88241,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/81361\/revisions\/88241"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media\/81489"}],"wp:attachment":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media?parent=81361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/categories?post=81361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/tags?post=81361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}