Free MS-500 Exam Braindumps

- (Exam Topic 4)
You have a Microsoft 365 tenant that is linked to a hybrid Azure Active Directory (Azure AD) tenant named contoso.com.
You need to enable Azure AD Seamless Single Sign-On (Azure AD SSO) for contoso.com. What should you use?

1. A. Azure AD Connect
2. B. the Azure Active Directory admin center
3. C. the Microsoft 365 Security admin center
4. D. the Microsoft 365 admin center

Correct Answer: A
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start

- (Exam Topic 4)
Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?

1. A. Configure auditing in the Office 365 Security & Compliance center.
2. B. Turn off Delayed updates for the Azure ATP sensors.
3. C. Modify the Domain synchronizer candidate’s settings on the Azure ATP sensors.
4. D. Integrate SIEM and Azure ATP.

Correct Answer: C

References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5

- (Exam Topic 4)
You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure Active Directory (Azure AD).
You have a custom compliance manager template named Regulation1. You have the assessments shown in the following table.

Assessment1 has the improvement actions shown in the following table.

Assessment2 has the improvement actions shown in the following table.

You perform the following actions:
Enable multi-factor authentication (MFA) for all users.
Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Solution:
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-setup?view=o365-worldwide https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-improvement-actions?view=o

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
Your network contains an on-premises Active Directory domain and a Microsoft 365 subscription.
You plan to deploy a hybrid Azure Active Directory (Azure AD) tenant that has Azure AD Identity Protection risk policies enabled.
You need to configure Azure AD Connect to support the planned deployment. Which Azure AD Connect authentication method should you select?

1. A. Federation with AD FS
2. B. Federation with PingFederate
3. C. Password Hash Synchronization
4. D. Pass-through authentication

Correct Answer: C

- (Exam Topic 4)
You have a Microsoft 365 ES subscription linked to an Azure Active Directory (Azure AD) tenant The tenant contains a user named User1 and multiple Windows 10 devices. The deuces are Azure AD joined and protected by using BitLocker Drive Encryption (BitLocker). You need to ensure that User1 can perform tip following actions:
View BitLocker recovery keys.
Configure the usage location for the users in tenant.
The solution must use the principle of least privilege.
Which two roles should you assign to User' in the Microsoft 365 admin center? To answer, select the appropriate roles in the answer area.
Each correct selection is one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A