Valid MS-500 Dumps shared by PassLeader for Helping Passing MS-500 Exam! PassLeader now offer the newest MS-500 VCE dumps and MS-500 PDF dumps, the PassLeader MS-500 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader MS-500 dumps with VCE and PDF here: https://www.passleader.com/ms-500.html (412 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader MS-500 dumps from Cloud Storage: https://drive.google.com/open?id=1AMq2tUY1mE3Y-RycYB-rPdtfEC69Sfil
NEW QUESTION 351
Your on-premises network contains a server that runs Windows Server 2019, computers that run Windows 10, macOS, or Linux, and a firewall that utilizes syslog. You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint. All the computers are onboarded to Microsoft Defender for Endpoint. You are implementing Microsoft Defender for Cloud Apps. You need to discover which cloud apps are accessed from the computers.
Solution: You enable Defender for Endpoint and Defender for Cloud Apps integration.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-cloud-app-security-config?view=o365-worldwide
NEW QUESTION 352
Your on-premises network contains a server that runs Windows Server 2019, computers that run Windows 10, macOS, or Linux, and a firewall that utilizes syslog. You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint. All the computers are onboarded to Microsoft Defender for Endpoint. You are implementing Microsoft Defender for Cloud Apps. You need to discover which cloud apps are accessed from the computers.
Solution: You install a Microsoft Defender for Identity sensor on the server.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/defender-cloud-apps/mdi-integration
NEW QUESTION 353
Your on-premises network contains a server that runs Windows Server 2019, computers that run Windows 10, macOS, or Linux, and a firewall that utilizes syslog. You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint. All the computers are onboarded to Microsoft Defender for Endpoint. You are implementing Microsoft Defender for Cloud Apps. You need to discover which cloud apps are accessed from the computers.
Solution: You install a Microsoft Defender for Cloud Apps log collector and collect logs from the firewall.
Does this meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 354
Your on-premises network contains a server that runs Windows Server 2019, computers that run Windows 10, macOS, or Linux, and a firewall that utilizes syslog. You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint. All the computers are onboarded to Microsoft Defender for Endpoint. You are implementing Microsoft Defender for Cloud Apps. You need to discover which cloud apps are accessed from the computers.
Solution: You install an Azure Arc agent on the workstations.
Does this meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 355
You have several Conditional Access policies that block noncompliant devices from connecting to services. You need to identify which devices are blocked by which policies. What should you use?
A. The setting compliance report in the Microsoft Endpoint Manager admin center.
B. Sign-ins in the Azure Active Directory admin center.
C. Activity log in the Cloud App Security portal.
D. Audit logs in the Azure Active Directory admin center.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/troubleshoot-conditional-access
NEW QUESTION 356
You have a Microsoft 365 tenant. You need to implement a policy to enforce the following requirements:
– If a user uses a Windows 10 device that is NOT hybrid Azure Active Directory (Azure AD) joined, the user must be allowed to connect to Microsoft SharePoint Online only from a web browser. The user must be prevented from downloading files or syncing files from SharePoint Online.
– If a user uses a Windows 10 device that is hybrid Azure AD joined, the user must be able connect to SharePoint Online from any client application, download files, and sync files.
What should you create?
A. a conditional access policy in Azure AD that has Client apps conditions configured
B. a conditional access policy in Azure AD that has Session controls configured
C. a compliance policy in Microsoft Endpoint Manager that has the Device Properties settings configured
D. a compliance policy in Microsoft Endpoint Manager that has the Device Health settings configured
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-session
NEW QUESTION 357
You have a Microsoft 365 E5 subscription that contains 100 users. Each user has a computer that runs Windows 10 and either an Android mobile device or an iOS mobile device. All the devices are registered with Azure Active Directory (Azure AD). You enable passwordless authentication for all the users. You need to ensure that the users can sign into the subscription by using passwordless authentication. What should you instruct the users to do on their mobile device first?
A. Install a device certificate.
B. Install a user certificate.
C. Install the Microsoft Authenticator app.
D. Register for self-service password reset (SSPR).
Answer: C
Explanation:
The Authenticator App turns any iOS or Android phone into a strong, passwordless credential.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless
NEW QUESTION 358
Your network contains an on-premises Active Directory domain. The domain contains a domain controller named DC1. You have a Microsoft 365 E5 subscription. You install the Microsoft Defender for Identity sensor on DC1. You need to configure enhanced threat detection in Defender for Identity. The solution must ensure that the following events are collected from DC1:
– 4726 – User Account Deleted
– 4728 – Member Added to Global Security Group
– 4776 – Domain Controller Attempted to Validate Credentials for an Account (NTLM)
What should you do on DC1?
A. Install the Azure Monitor agent.
B. Install System Monitor (SYSMON).
C. Configure the Windows Event Collector service.
D. Configure the Advanced Audit Policy Configuration policy.
Answer: D
Explanation:
https://docs.microsoft.com/en-us/defender-for-identity/prerequisites
https://docs.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection
NEW QUESTION 359
You configure several Microsoft Defender for Office 365 policies in a Microsoft 365 subscription. You need to allow a user named User1 to view Microsoft Defender for Office 365 reports in the Threat management dashboard. Which role provides User1 with the required role permissions?
A. Security reader.
B. Compliance administrator.
C. Information Protection administrator.
D. Exchange administrator.
Answer: A
Explanation:
In order to view and use the reports described in this article, you need to be a member of one of the following role groups in the Microsoft 365 Defender portal:
– Organization Management
– Security Administrator
– Security Reader
– Global Reader
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/view-reports-for-mdo
NEW QUESTION 360
You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) connector and a Microsoft Office 365 connector. You need to use a Fusion rule template to detect multistage attacks in which users sign in by using compromised credentials, and then delete multiple files from Microsoft OneDrive. Based on the Fusion rule template, you create an active rule that has the default settings. What should you do next?
A. Add data connectors.
B. Add a workbook.
C. Add a playbook.
D. Create a custom rule template.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook
NEW QUESTION 361
You have an Azure Sentinel workspace. You need to manage incidents based on alerts generated by Microsoft Cloud App Security. What should you do first?
A. From the Cloud App Security portal, configure security extensions.
B. From the Cloud App Security portal, configure app connectors.
C. From the Cloud App Security portal, configure log collectors.
D. From the Microsoft 365 compliance center, add and configure a data connector.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/cloud-app-security/siem-sentinel
NEW QUESTION 362
You have a Microsoft 365 E5 subscription. You need to use Attack simulation training to launch a credential harvest simulation. For which Microsoft 365 workloads can you create a payload?
A. Microsoft Exchange Online only.
B. Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive.
C. Microsoft Teams and Exchange Online only.
D. Microsoft SharePoint Online and OneDrive only.
Answer: D
Explanation:
Create a payload, select a payload type. On the Select type page, the only value that you can currently select is Email.
Incorrect:
Not A, Not B, Not C: Payloads cannot be created for Microsoft Exchange Online.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-payloads
NEW QUESTION 363
You have a Microsoft 365 E5 subscription. You need to prevent users from uploading data loss prevention (DLP)-protected documents to the following third-party websites:
– web1.contoso.com
– web2.contoso.com
The solution must minimize administrative effort. To what should you set the service domains setting for Endpoint DLP?
A. web1.contoso.com and web2.contoso.com
B. contoso.com
C. *.contoso.com
D. web*.contoso.com
Answer: A
Explanation:
An * is a wildcard, for example: *.contoso.com wil include evrything befor .contoso.com and will be blocked.
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about
NEW QUESTION 364
You have a Microsoft 365 subscription that uses Microsoft SharePoint Online. You need to ensure that users can only share files with users at specified partner companies. The solution must minimize administrative effort. What should you do?
A. Limit external sharing by domain.
B. Set External sharing to New and existing guests.
C. Allow only users in specific security groups to share externally.
D. Set File and folder links to Specific people.
Answer: A
Explanation:
You can limit domains by allowing only the domains you specify or by allowing all domains except those you block. To limit domains at the organization level:
1. Go to Sharing in the SharePoint admin center and sign in with an account that has admin permissions for your organization.
2. Under Advanced settings for external sharing, select the Limit external sharing by domain check box, and then select Add domains.
3. To create an allowlist (most restrictive), select Allow only specific domains; to block only the domains you specify, select Block specific domains.
4. List the domains (maximum of 3000) in the box provided, using the format domain.com.
5. Etc.
https://docs.microsoft.com/en-us/sharepoint/restricted-domains-sharing
NEW QUESTION 365
You have a Microsoft 365 E5 subscription. You plan to implement retention policies for Microsoft Teams. Which item types can be retained?
A. voice memos from the Teams mobile client
B. code snippets
C. embedded images
Answer: C
Explanation:
Code snippets, recorded voice memos from the Teams mobile client, thumbnails, announcement images, and reactions from others in the form of emoticons aren’t retained when you use retention policies for Teams.
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies-teams?view=o365-worldwide
NEW QUESTION 366
Your company has a Microsoft 365 E5 subscription that uses Microsoft Defender for identity. You plan to create a detection exclusion in Microsoft Defender for Identity. What should you use to create the detection exclusion?
A. Microsoft Defender for Identity portal.
B. Microsoft 365 Compliance center.
C. Microsoft Defender for Cloud Apps portal.
D. Microsoft 365 Defender portal.
Answer: D
Explanation:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-identity/exclusions?view=o365-worldwide#how-to-add-detection-exclusions
NEW QUESTION 367
You have an Azure Sentinel workspace. You need to manage incidents based on alerts generated by Microsoft Defender for Cloud Apps. What should you do first?
A. From the Microsoft Defender for Cloud Apps portal, configure security extensions.
B. From the Microsoft Defender for Cloud Apps portal, configure app connectors.
C. From the Microsoft Defender for Cloud Apps portal, configure log collectors.
D. From the Microsoft 365 Compliance admin center, add and configure a data connector.
Answer: A
Explanation:
Integrating with Microsoft Sentinel: In the Defender for Cloud Apps portal, under the Settings cog, select Security extensions.
https://learn.microsoft.com/en-us/defender-cloud-apps/siem-sentinel
NEW QUESTION 368
You have a Microsoft 365 E5 subscription that has Microsoft Defender for Office 365 enabled. You need to review the zero-hour auto purge (ZAP) configuration for the subscription. Which two threat policies should you review? (Each correct answer presents part of the solution. Choose two.)
A. Safe attachments Built-in protection (Microsoft)
B. Anti-malware (Default) Default
C. Safe links Built-in protection (Microsoft)
D. Anti-spam outbound policy (Default)
E. Office 365 AntiPhish Default (Default)
F. Anti-spam inbound policy (Default)
Answer: BF
Explanation:
ZAP for malware is enabled by default in anti-malware policies.
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide#zero-hour-auto-purge-zap-for-malware
By default, ZAP for phishing is enabled in anti-spam policies.
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide#zero-hour-auto-purge-zap-for-phishing
NEW QUESTION 369
HotSpot
You have a Microsoft 365 E5 subscription. You need to create a role-assignable group. The solution must ensure that you can nest the group. How should you configure the group? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
Box 1: Security only. You can add an existing Security group to another existing Security group (also known as nested groups), creating a member group (subgroup) and a parent group. The member group inherits the attributes and properties of the parent group, saving you configuration time.
Box 2: Assigned only. The membership type for role-assignable groups must be Assigned and can’t be an Azure AD dynamic group.
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-membership-azure-portal
NEW QUESTION 370
HotSpot
You have a Microsoft 365 E5 tenant that contains a published sensitivity label named Sensitivity1. You plan to create an Azure Active Directory group named Group1 and assign Sensitivity1 to Group1. How should you configure Group1? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
Box 1: EnableMIPLabels. The sensitivity label option is only displayed for groups when all the following conditions are met:
* The feature is enabled, EnableMIPLabels is set to True in from the Azure AD PowerShell module.
* The group is a Microsoft 365 group.
* Etc.
Box 2: Microsoft 365. Not ClassificationList. Classic classifications are the old classifications you set up by defining values for the ClassificationList setting in Azure AD PowerShell. When this feature is enabled, those classifications will not be applied to groups.
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-assign-sensitivity-labels
NEW QUESTION 371
Drag and Drop
Your company has two departments named department1 and department2 and a Microsoft 365 E5 subscription. You need to prevent communication between the users in department1 and the users in department2. How should you complete the PowerShell script? (To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Explanation:
Box 1: New-OrganizationSegment. Use the New-OrganizationSegment cmdlet to create organization segments for use with information barrier policies in the Microsoft Purview compliance portal. Organization Segments are not in effect until you apply information barrier policies.
Box 2: New-InformationBarrierPolicy. To define your first blocking policy, use the New-InformationBarrierPolicy cmdlet with the SegmentsBlocked parameter.
https://docs.microsoft.com/en-us/powershell/module/exchange/new-organizationsegment
https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies
NEW QUESTION 372
……
Get the newest PassLeader MS-500 VCE dumps here: https://www.passleader.com/ms-500.html (412 Q&As Dumps)
And, DOWNLOAD the newest PassLeader MS-500 PDF dumps from Cloud Storage for free: https://drive.google.com/open?id=1AMq2tUY1mE3Y-RycYB-rPdtfEC69Sfil