Provide Microsoft MS-500 Dumps Updated Apr 21, 2023 With 300 QA's [Q130-Q147]

Provide Microsoft MS-500 Dumps Updated Apr 21, 2023 With 300 QA's

Latest MS-500 Dumps for Success in Actual Microsoft Certified

Microsoft MS-500 Certification Exam Objectives:

The objectives of the exam are as follows:

To establish a baseline level of knowledge of Microsoft Server 2012 R2 features. Reduce complexity.
To demonstrate an understanding of server role functionality that includes administering, configuring, managing, and troubleshooting Windows Server 2012 R2-based applications, services, roles, and group policies.
To demonstrate an understanding of various methods for implementing security on Windows Server 2012 R2-based computers including isolating network access to specific resources or isolating clients from specific resources on Windows Server 2012 R2-based computers. Details on how to configure and use these tools will be provided in the exam.
To demonstrate an understanding of Active Directory Domain Services (AD DS) concepts, terminology, and functionality of Windows Server 2012 R2-based domain controllers, including configuring forest and domain functional levels.
To demonstrate an understanding of the concepts for installing and configuring Active Directory on Windows Server 2012 R2-based computers. It guides you to successfully install and configure AD DS on a single computer. Azure Active Directory (Azure AD) concepts and functionality are described.
To be able to install and configure file services on Windows Server 2012 R2-based computers, including configuring File Server Resource Manager, Distributed File System (DFS), access-based enumeration, folder redirections using NTFS security settings, quota management using File Server Resource Manager, Branch Cache for shared folders using Network Filesystem (NFS) storage service.

NEW QUESTION 130
You need to ensure that unmanaged mobile devices are quarantined when the devices attempt to connect to Exchange Online.
To complete this task, sign in to the Microsoft 365 portal.

Answer:

Explanation:
See explanation below.
Explanation
You need to configure the Exchange ActiveSync Access Settings.
* Go to the Exchange admin center.
* Click on Mobile in the left navigation pane.
* On the Mobile Device Access page, click the Edit button in the Exchange ActiveSync Access Settings area.
* Select the Quarantine option under When a mobile device that isn't managed by a rule or personal exemption connects to Exchange.
* Optionally, you can configure notifications to be sent to administrators and a message to be sent to the mobile device user when a device is quarantined.
* Click Save to save the changes.

NEW QUESTION 131
Your company has a Microsoft 365 subscription, a Microsoft Azure subscription, and an Azure Active Directory (Azure AD) tenant named contoso.com.
The company has the offices shown in the following table.

The tenant contains the users shown in the following table.

You create the Microsoft Cloud App Security policy shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 132
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308

You need to create an eDiscovery case that places a hold on the mailbox of a user named Allan Deyoung. The hold must retain email messages that have a subject containing the word merger or the word Contoso.
To complete this task, sign in to the Microsoft 365 admin center.

Answer:

Explanation:
1. Navigate to eDiscovery in the Security & Compliance Center, and then click Create a case.
2. On the New Case page, give the case a name, type an optional description, and then click Save. The case name must be unique in your organization.

The new case is displayed in the list of cases on the eDiscovery page. You can hover the cursor over a case name to display information about the case, including the status of the case (Active or Closed), the description of the case (that was created in the previous step), and when the case was changed last and who changed it.
To create a hold for an eDiscovery case:
1. In the Security & Compliance Center, click eDiscovery > eDiscovery to display the list of cases in your organization.
2. Click Open next to the case that you want to create the holds in.
3. On the Home page for the case, click the Hold tab.

4. On the Hold page, click Create.
5. On the Name your hold page, give the hold a name. The name of the hold must be unique in your organization.

6. (Optional) In the Description box, add a description of the hold.
7. Click Next.
8. Choose the content locations that you want to place on hold. You can place mailboxes, sites, and public folders on hold.

* Exchange email - Click Choose users, groups, or teams and then click Choose users, groups, or teams
* again. to specify mailboxes to place on hold. Use the search box to find user mailboxes and distribution groups (to place a hold on the mailboxes of group members) to place on hold. You can also place a hold on the associated mailbox for a Microsoft Team, a Yammer Group, or an Office 365 Group. Select the user, group, team check box, click Choose, and then click Done.
Note
When you click Choose users, groups, or teams to specify mailboxes to place on hold, the mailbox picker that's displayed is empty. This is by design to enhance performance. To add people to this list, type a name (a minimum of 3 characters) in the search box.
9. After configuring a query-based hold, click Next.
10. Review your settings, and then click Create this hold.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/ediscovery-cases?view=o365-worldwide#step-4-pla

NEW QUESTION 133
You have the Microsoft conditions shown in the following table.

You have the Azure Information Protection labels shown in the following table.

You have the Azure Information Protection policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Answer:

Explanation:

NEW QUESTION 134
You have a Microsoft 365 subscription.
You have a Microsoft SharePoint Online site named Site1. The files in Site1 are protected by using Microsoft Azure Information Protection.
From the Security & Compliance admin center, you create a label that designates personal data.
You need to auto-apply the new label to all the content in Site1.
What should you do first?

A. From the Security & Compliance admin center, create a Data Subject Request (DSR).
B. From PowerShell, run Set-ComplianceTag.
C. Remove Azure Information Protection from the Site1 files.
D. From PowerShell, run Set-ManagedContentSettings.

Answer: C

Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/apply-labels-to-personal-data-in-office-365

NEW QUESTION 135
You have a Microsoft 365 subscription that uses a default domain name of litwareinc.com.
You configure the Sharing settings in Microsoft OneDrive as shown in the following exhibit.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-off

NEW QUESTION 136
You have a Microsoft 365 subscription that contains several Windows 10 devices. The devices are managed by using Microsoft Endpoint Manager.
You need to enable Windows Defender Exploit Guard (Windows Defender EG) on the devices.
Which type of device configuration profile should you use?

A. Endpoint protection
B. Identity protection
C. Windows Defender ATP
D. Device restrictions

Answer: A

Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-windows-10

NEW QUESTION 137
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains the users shown in the following table.

You discover that all the users in the subscription can access Compliance Manager reports.
The Compliance Manager Readerrole is not assigned to any users.
You need to recommend a solution to prevent a user named User5 from accessing the Compliance Manager reports.
Solution: You recommend assigning the Compliance Manager Reader role to User1.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 138
You need to configure threat detection for Active Directory. The solution must meet the security requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Topic 2, Fabrikam inc.
Existing Environment
Network Infrastructure
The network contains an Active Directory forest named fabrikam.com. Fabrikam has a hybrid Microsoft Azure Active Directory (Azure AD) environment.
The company maintains some on-premises servers for specific applications, but most end-user applications are provided by a Microsoft 365 E5 subscription.
Problem Statements
Fabrikam identifies the following issues:
Since last Friday, the IT team has been receiving automated email messages that contain "Unhealthy Identity Synchronization Notification" in the subject line.
Several users recently opened email attachments that contained malware. The process to remove the malware was time consuming.
Requirements
Planned Changes
Fabrikam plans to implement the following changes:
Fabrikam plans to monitor and investigate suspicious sign-ins to Active Directory Fabrikam plans to provide partners with access to some of the data stored in Microsoft 365 Application Administration Fabrikam identifies the following application requirements for managing workload applications:
User administrators will work from different countries
User administrators will use the Azure Active Directory admin center
Two new administrators named Admin1 and Admin2 will be responsible for managing Microsoft Exchange Online only Security Requirements Fabrikam identifies the following security requirements:
Access to the Azure Active Directory admin center by the user administrators must be reviewed every seven days. If an administrator fails to respond to an access request within three days, access must be removed Users who manage Microsoft 365 workloads must only be allowed to perform administrative tasks for up to three hours at a time. Global administrators must be exempt from this requirement Users must be prevented from inviting external users to view company data. Only global administrators and a user named User1 must be able to send invitations Azure Advanced Threat Protection (ATP) must capture security group modifications for sensitive groups, such as Domain Admins in Active Directory Workload administrators must use multi-factor authentication (MFA) when signing in from an anonymous or an unfamiliar location The location of the user administrators must be audited when the administrators authenticate to Azure AD Email messages that include attachments containing malware must be delivered without the attachment The principle of least privilege must be used whenever possible

NEW QUESTION 139
You have a Microsoft 365 subscription for a company named Contoso, Ltd. All data is in Microsoft 365.
Contoso works with a partner company named Litware, Inc. Litware has a Microsoft 365 subscription.
You need to allow users at Contoso to share files from Microsoft OneDrive to specific users at Litware.
Which two actions should you perform from the OneDrive admin center? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Change the permissions for OneDrive External sharing to the least permissive level
B. Modify the Sync settings
C. Decrease the permission level for OneDrive External sharing
D. Modify the Device access settings
E. Increase the permission level for OneDrive External sharing
F. Modify the Links settings

Answer: C,F

Explanation:
Reference:
https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-off

NEW QUESTION 140
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the groups shown in the following table.

The domain is synced to a Microsoft Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.

You create an Azure Information Protection policy named Policy1.
You need to apply Policy1.
To which groups can you apply Policy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/information-protection/prepare

NEW QUESTION 141
Your company has a Microsoft 365 subscription.
The company does not permit users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.
The users must be prevented from backing up the app's data to iCloud.
What should you create?

A. a device compliance policy in Microsoft Endpoint Manager
B. an app protection policy in Microsoft Endpoint Manager
C. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition
D. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition

Answer: B

NEW QUESTION 142
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You add internal as a blocked word in the group naming policy for contoso.com.
You add Contoso- as prefix in the group naming policy for contoso.com.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

User Admin and Global Admin are exempt from group password policies.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/solutions/groups-naming-policy?view=o365-worldwide

NEW QUESTION 143
You have a Microsoft 365 tenant.
You create an attack surface reduction policy that uses an application control profile as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 144
Your company plans to merge with another company.
A user named Debra Berger is an executive at your company.
You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.
To complete this task, sign in to the Microsoft 365 portal.

Answer:

Explanation:
See explanation below.
Explanation
You need to run a content search then export the results of the search.
* Go to the Microsoft 365 Compliance admin center.
* Navigate to Content Search under the Solutions section in the left navigation pane.
* Click on + New Search to create a new search.
* In the Keywords box, type in 'merger'.
* In the Locations section, select link.
* Click on the Choose users, groups or teams
* Type Alex Wilber in the search field the select his account from the search results.
* Click the Choose button to add the user then click
* Click Save to close the locations pane.
* Click Save & run to run the search.
* The next step is to export the results. Select the search then under Export results to a computer, click Start export.
* On the Export the search results All items.
* Under Export Exchange content as, One PST file for each mailbox.
* Click on Start export. When the export has finished, there will be an option to download the exported PST file.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/content-search?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/export-search-results?view=o365-worldwide

NEW QUESTION 145
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You need to identify which user can enable Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) roles.
Which user should you identify?

A. User1
B. User3
C. User2
D. User4

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/rbac

NEW QUESTION 146
You are evaluating which devices are compliant in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.