CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-500

Free MS-500 Exam Braindumps (page: 19)

Page 19 of 86
PDF with 352 Questions

You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.


You configure the Security Operator role in Azure AD Privileged Identity Management (PIM) as shown in the following exhibit.


You add assignments to the Security Operator role as shown in the following table.


Which users can activate the Security Operator role?

  1. User2 only
  2. User3 only
  3. User1 and User2 only
  4. User2 and User3 only
  5. User1, User2, and User3

Answer(s): D



You have a Microsoft 365 tenant.
You need to implement a policy to enforce the following requirements:

-If a user uses a Windows 10 device that is NOT hybrid Azure Active Directory (Azure AD) joined, the user must be allowed to connect to Microsoft SharePoint Online only from a web browser. The user must be prevented from downloading files or syncing files from SharePoint Online.
-If a user uses a Windows 10 device that is hybrid Azure AD joined, the user must be able connect to SharePoint Online from any client application, download files, and sync files.

What should you create?

  1. a conditional access policy in Azure AD that has Client apps conditions configured
  2. a conditional access policy in Azure AD that has Session controls configured
  3. a compliance policy in Microsoft Endpoint Manager that has the Device Properties settings configured
  4. a compliance policy in Microsoft Endpoint Manager that has the Device Health settings configured

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-session



You have a hybrid deployment of Azure Active Directory (Azure AD) that contains two users named User1 and User2.

You need to assign Role Based Access Control (RBAC) roles to User1 and User2 to meet the following requirements:
-Use the principle of least privilege.
-Enable User1 to view sync errors by using Azure AD Connect Health.
-Enable User2 to configure Azure Active Directory Connect Health Settings.

Which two roles should you assign? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  1. The Monitoring Reader role in Azure AD Connect Health to User1
  2. The Security reader role in Azure AD to User1
  3. The Reports reader role in Azure AD to User1
  4. The Contributor role in Azure AD Connect Health to User2
  5. The Monitoring Contributor role in Azure AD Connect Health to User2
  6. The Security operator role in Azure AD to User2

Answer(s): A,E

Explanation:

A: The Monitoring Reader can read all monitoring data (metrics, logs, etc.).

Note: Assign the Monitoring reader role to the Azure Active Directory application on the subscription, resource group or resource you want to monitor.

E: Monitoring Contributor can read all monitoring data and edit monitoring settings.

Incorrect:
Not B: Security Reader can view permissions for Security Center. Can view recommendations, alerts, a security policy, and security states, but cannot make changes

Not D: Contributor grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.


Reference:

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles



You have a Microsoft 365 subscription that contains a user named User1.
You need to assign User1 permissions to search Microsoft Office 365 audit logs.
What should you use?

  1. the Azure Active Directory admin center
  2. the Exchange admin center
  3. the Microsoft 365 Defender portal
  4. the Microsoft 365 Compliance center

Answer(s): B

Explanation:

To give a user the ability to search the audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group.

Incorrect:
Not D: If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the compliance portal, they won't be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet.
You can also use the Exchange admin center (EAC).


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance



Page 19 of 86



Post your Comments and Discuss Microsoft MS-500 exam with other Community members:

Romero commented on March 23, 2022
i never use these dumps sites but i had to do it for this exam as it is impossible to pass without using these question dumps.
UNITED STATES
upvote

Darville commented on February 09, 2023
I passed my exam thanks to this brain dumps. The dump is comprehensive and the practice questions were tough but effective.
UNITED STATES
upvote

Con2000 commented on April 25, 2022
This exam dumps is valid in South Africa.
SOUTH AFRICA
upvote

Willard commented on April 23, 2022
The questions are helpful for passing the exam as they are from actual exam but if you want to learn just books.
UNITED KINGDOM
upvote

Romero commented on March 23, 2022
I never use these dumps sites but I had to do it for this exam as it is impossible to pass without using these question dumps.
UNITED STATES
upvote

Manpreet commented on March 23, 2022
I passed the exam today. This exam questions dump is quite accurate.
UNITED STATES
upvote

IT. Boss commented on October 15, 2021
I just logged in to my account and I have officially passed the exam. Gerat job on these exam dumps guys.
CANADA
upvote

Tesla.101 commented on October 15, 2021
The practice questions are precise and spot-on. It helped me pass.
SINGAPORE
upvote

QandA Guy commented on July 20, 2021
I have just passed this exam. So I wanted to thank you guys.
MEXICO
upvote

Lim commented on June 24, 2020
Thank you for releasing the Mac version of the Xengine App. I can practice the questions and simulate the exam on my MacBook now.
SWEDEN
upvote

Romero commented on April 18, 2020
This fukcing dumps are real. Just passed my exam yesterday.
UNITED STATES
upvote

Amanda commented on April 09, 2020
To all you guys out there. First of all stay at home and try to schedule your exam online if available. Second I did mine exam yesterday and got my certificate. The Xengine Software is very cool.
UNITED STATES
upvote

TestGirl commented on October 18, 2019
The file had a lot of the questions from the exam. However, it was missing 15% of the questions from my exam
UNITED STATES
upvote