Download Microsoft.MS-500.Prep4Sure.2019-08-25.47q.vcex

Download Exam

File Info

Exam Microsoft 365 Security Administration
Number MS-500
File Name Microsoft.MS-500.Prep4Sure.2019-08-25.47q.vcex
Size 1 MB
Posted Aug 25, 2019
Download Microsoft.MS-500.Prep4Sure.2019-08-25.47q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

Which IP address space should you include in the MFA configuration?


  1. 131.107.83.0/28
  2. 192.168.16.0/20 
  3. 172.16.0.0/24
  4. 192.168.0.0/20
Correct answer: B
Explanation:



Question 2

Which user passwords will User2 be prevented from resetting?


  1. User6 and User7
  2. User4 and User6
  3. User4 only
  4. User7 and User8
  5. User8 only
Correct answer: C



Question 3

You need to meet the technical requirements for User9. What should you do?


  1. Assign the Privileged administrator role to User9 and configure a mobile phone number for User9
  2. Assign the Compliance administrator role to User9 and configure a mobile phone number for User9
  3. Assign the Security administrator role to User9
  4. Assign the Global administrator role to User9
Correct answer: D



Question 4

Which role should you assign to User1?


  1. Global administrator
  2. User administrator
  3. Privileged role administrator
  4. Security administrator
Correct answer: C
Explanation:



Question 5

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.  
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
  • Source Anchor: objectGUID
  • Password Hash Synchronization: Disabled 
  • Password writeback: Disabled 
  • Directory extension attribute sync: Disabled 
  • Azure AD app and attribute filtering: Disabled 
  • Exchange hybrid deployment: Disabled 
  • User writeback: Disabled 
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.  
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?


  1. Yes
  2. No
Correct answer: A
Explanation:
References:https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps
References:
https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps



Question 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.  
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
  • Source Anchor: objectGUID
  • Password Hash Synchronization: Disabled 
  • Password writeback: Disabled 
  • Directory extension attribute sync: Disabled 
  • Azure AD app and attribute filtering: Disabled 
  • Exchange hybrid deployment: Disabled 
  • User writeback: Disabled 
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.  
Solution: You modify the Source Anchor settings.   
Does that meet the goal?


  1. Yes
  2. No
Correct answer: B



Question 7

You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by using Microsoft Intune.  
You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will allow only Windows 10 computers marked as compliant to establish a VPN connection to the on-premises network.  
What should you do first?


  1. From the Azure Active Directory admin center, create a new certificate
  2. Enable Application Proxy in Azure AD
  3. From Active Directory Administrative Center, create a Dynamic Access Control policy 
  4. From the Azure Active Directory admin center, configure authentication methods
Correct answer: A
Explanation:
Reference:https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/ad-ca-vpn-connectivity-windows10
Reference:
https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/ad-ca-vpn-connectivity-windows10



Question 8

You have a Microsoft 365 subscription.  
From the Microsoft 365 admin center, you create a new user.  
You plan to assign the Reports reader role to the user.  
You need to see the permissions of the Reports reader role.  
Which admin center should you use?


  1. Azure Active Directory
  2. Cloud App Security
  3. Security & Compliance
  4. Microsoft 365
Correct answer: A



Question 9

You have a Microsoft 365 subscription.  
You need to ensure that all users who are assigned the Exchange administrator role have multi-factor authentication (MFA) enabled by default.  
What should you use to achieve the goal? 


  1. Security & Compliance permissions
  2. Microsoft Azure Active Directory (Azure AD) Privileged Identity Management
  3. Microsoft Azure AD group management
  4. Microsoft Office 365 user management
Correct answer: B



Question 10

Your company has a Microsoft 365 subscription.  
The company forbids users to enroll personal devices in mobile device management (MDM).  
Users in the sales department have personal iOS devices.  
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.  
The users must be prevented from backing up the app’s data to iCloud.  
What should you create?


  1. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition
  2. an app protection policy in Microsoft Intune
  3. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition
  4. a device compliance policy in Microsoft Intune
Correct answer: B









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files