Valid MS-500 Dumps shared by PassLeader for Helping Passing MS-500 Exam! PassLeader now offer the newest MS-500 VCE dumps and MS-500 PDF dumps, the PassLeader MS-500 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader MS-500 dumps with VCE and PDF here: https://www.passleader.com/ms-500.html (122 Q&As Dumps –> 164 Q&As Dumps –> 210 Q&As Dumps –> 245 Q&As Dumps –> 264 Q&As Dumps –> 330 Q&As Dumps –> 412 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader MS-500 dumps from Cloud Storage: https://drive.google.com/open?id=1AMq2tUY1mE3Y-RycYB-rPdtfEC69Sfil
NEW QUESTION 1
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
– Source Anchor: objectGUID
– Password Hash Synchronization: Disabled
– Password writeback: Disabled
– Directory extension attribute sync: Disabled
– Azure AD app and attribute filtering: Disabled
– Exchange hybrid deployment: Disabled
– User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps
NEW QUESTION 2
You have a Microsoft 365 tenant. You create a label named CompanyConfidential in Microsoft Azure Information Protection. You add CompanyConfidential to a global policy. A user protects an email message by using CompanyConfidential and sends the label to several external recipients. The external recipients report that they cannot open the email message. You need to ensure that the external recipients can open protected email messages sent to them.
Solution: You modify the encryption settings of the label.
Does this meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 3
You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by using Microsoft Intune. You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will allow only Windows 10 computers marked as compliant to establish a VPN connection to the on-premises network. What should you do first?
A. From the Azure Active Directory admin center, create a new certificate.
B. Enable Application Proxy in Azure AD.
C. From Active Directory Administrative Center, create a Dynamic Access Control policy.
D. From the Azure Active Directory admin center, configure authentication methods.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/ad-ca-vpn-connectivity-windows10
NEW QUESTION 4
You have a Microsoft 365 Enterprise E5 subscription. You use Windows Defender Advanced Threat Protection (Windows Defender ATP). You plan to use Microsoft Office 365 Attack simulator. What is a prerequisite for running Attack simulator?
A. Enable multi-factor authentication (MFA)
B. Configure Advanced Threat Protection (ATP)
C. Create a Conditional Access App Control policy for accessing Office 365
D. Integrate Office 365 Threat Intelligence and Windows Defender ATP
Answer: A
Explanation:
https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator
NEW QUESTION 5
Your company has 500 computers. You plan to protect the computers by using Windows Defender Advanced Threat Protection (Windows Defender ATP). Twenty of the computers belong to company executives. You need to recommend a remediation solution that meets the following requirements:
– Windows Defender ATP administrators must manually approve all remediation for the executives.
– Remediation must occur automatically for all other users.
What should you recommend doing from Windows Defender Security Center?
A. Configure 20 system exclusions on automation allowed/block lists.
B. Configure two alert notification rules.
C. Download an offboarding package for the computers of the 20 executives.
D. Create two machine groups.
Answer: D
Explanation:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection
NEW QUESTION 6
You have a Microsoft 365 subscription. You need to create data loss prevention (DLP) queries in Microsoft SharePoint Online to find sensitive data stored in sites. Which type of site collection should you create first?
A. Records Center
B. Compliance Policy Center
C. eDiscovery Center
D. Enterprise Search Center
E. Document Center
Answer: C
Explanation:
https://support.office.com/en-us/article/overview-of-data-loss-prevention-in-sharepoint-server-2016-80f907bb-b944-448d-b83d-8fec4abcc24c
NEW QUESTION 7
You have a Microsoft 365 subscription. You need to enable auditing for all Microsoft Exchange Online users. What should you do?
A. From the Exchange admin center, create a journal rule.
B. Run the Set-MailboxDatabase cmdlet.
C. Run the Set-Mailbox cmdlet.
D. From the Exchange admin center, create a mail flow message trace rule.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing
NEW QUESTION 8
You have a Microsoft 365 subscription. All computers run Windows 10 Enterprise and are managed by using Microsoft Intune. You plan to view only security-related Windows telemetry data. You need to ensure that only Windows security data is sent to Microsoft. What should you create from the Intune admin center?
A. a device configuration profile that has device restrictions configured
B. a device configuration profile that has the Endpoint Protection settings configured
C. a device configuration policy that has the System Security settings configured
D. a device compliance policy that has the Device Health settings configured
Answer: A
Explanation:
https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#reporting-and-telemetry
NEW QUESTION 9
HotSpot
You have a Microsoft 365 E5 subscription. From Microsoft Azure Active Directory (Azure AD), you create a security group named Group1. You add 10 users to Group1. You need to apply app enforced restrictions to the members of Group1 when they connect to Microsoft Exchange Online from non-compliant devices, regardless of their location. What should you do? (To answer, select the appropriate options in the answer area.)
NEW QUESTION 10
Drag and Drop
You have a Microsoft 365 subscription. You have a site collection named SiteCollection1 that contains a site named Site2. Site2 contains a document library named Customers. Customers contains a document named Litware.docx. You need to remove Litware.docx permanently. Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
Case Study 1 – Fabrikam, Inc.
Fabrikam, Inc. is manufacturing company that sells products through partner retail stores. Fabrikam has 5,000 employees located in offices throughout Europe. The network contains an Active Directory forest named fabrikam.com. Fabrikam has a hybrid Microsoft Azure Active Directory (Azure AD) environment. The company maintains some on-premises servers for specific applications, but most end-user applications are provided by a Microsoft 365 E5 subscription.
……
NEW QUESTION 51
You need to recommend a solution for the user administrators that meets the security requirements for auditing. Which blade should you recommend using from the Azure Active Directory admin center?
A. Sign-ins
B. Azure AD Identity Protection
C. Authentication methods
D. Access review
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins
NEW QUESTION 52
An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit:
What should you do to meet the security requirements?
A. Change the Assignment Type for Admin2 to Permanent.
B. From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2.
C. From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1.
D. Change the Assignment Type for Admin1 to Eligible.
Answer: D
NEW QUESTION 53
……
Case Study 2 – Litware, Inc.
Litware, Inc. is a financial company that has 1,000 users in its main office in Chicago and 100 users in a branch office in San Francisco. The network contains a single domain forest. The forest functional level is Windows Server 2016. Users are subject to sign-in hour restrictions as defined in Active Directory. The network has the IP address range shown in the following table:
……
NEW QUESTION 56
You need to create Group2. What are two possible ways to create the group? (Choose two.)
A. an Office 365 group in the Microsoft 365 admin center
B. a mail-enabled security group in the Microsoft 365 admin center
C. a security group in the Microsoft 365 admin center
D. a distribution list in the Microsoft 365 admin center
E. a security group in the Azure AD admin center
Answer: CE
NEW QUESTION 57
Which IP address space should you include in the MFA configuration?
A. 131.107.83.0/28
B. 192.168.16.0/20
C. 172.16.0.0/24
D. 192.168.0.0/20
Answer: B
NEW QUESTION 58
……
Case Study 3 – Contoso, Ltd.
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, and New York. The company has the offices shown in the following table:
……
NEW QUESTION 61
Which user passwords will User2 be prevented from resetting?
A. User6 and User7
B. User4 and User6
C. User4 only
D. User7 and User8
E. User8 only
Answer: C
NEW QUESTION 62
Which role should you assign to User1?
A. Global administrator
B. User administrator
C. Privileged role administrator
D. Security administrator
Answer: C
NEW QUESTION 63
……
Get the newest PassLeader MS-500 VCE dumps here: https://www.passleader.com/ms-500.html (122 Q&As Dumps –> 164 Q&As Dumps –> 210 Q&As Dumps –> 245 Q&As Dumps –> 264 Q&As Dumps –> 330 Q&As Dumps –> 412 Q&As Dumps)
And, DOWNLOAD the newest PassLeader MS-500 PDF dumps from Cloud Storage for free: https://drive.google.com/open?id=1AMq2tUY1mE3Y-RycYB-rPdtfEC69Sfil