CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-500

Free MS-500 Exam Braindumps (page: 43)

Page 43 of 86
PDF with 352 Questions

HOTSPOT (Drag and Drop is not supported)
You have a Microsoft Sentinel workspace that has an Azure Active Directory (Azure AD) connector and an Office 365 connector.

From the workspace, you plan to create an analytics rule that will be based on a custom query and will run a security playbook.

You need to ensure that you can add the security playbook and the custom query to the rule.

What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: Scheduled
Create a custom analytics rule with a scheduled query
1. From the Microsoft Sentinel navigation menu, select Analytics.
2. In the action bar at the top, select +Create and select Scheduled query rule. This opens the Analytics rule wizard.
3. Etc.

Box 2: A trigger
Use triggers and actions in Microsoft Sentinel playbooks.


Reference:

https://docs.microsoft.com/en-us/azure/sentinel/detect-threats-custom
https://docs.microsoft.com/en-us/azure/sentinel/playbook-triggers-actions#microsoft-sentinel-triggers-summary



You have a Microsoft 365 Enterprise E5 subscription.
You use Microsoft Defender for Endpoint.
You need to integrate Microsoft Defender for Office 365 and Microsoft Defender for Endpoint.

Where should you configure the integration?

  1. From the Microsoft 365 admin center, select Settings, and then select Services & add-ins.
  2. From the Microsoft 365 admin center, select Reports and then select Security & Compliance.
  3. From the Microsoft 365 Defender portal, select Settings and then select Security center.
  4. From the Microsoft 365 Defender portal, select Explorer and then select MDE Settings.

Answer(s): D

Explanation:

To integrate Microsoft Defender for Office 365 with Microsoft Defender for Endpoint
Integrating Microsoft Defender for Office 365 with Microsoft Defender for Endpoint is set up in both Defender for Endpoint and Defender for Office 365.

1. Go to the Microsoft 365 Defender portal (https://security.microsoft.com) and sign in.

2. Go to Email & collaboration > Explorer.

3. On the Explorer page, in the upper right corner of the screen, select MDE Settings.

4. In the Microsoft Defender for Endpoint connection flyout that appears, turn on Connect to Microsoft Defender for Endpoint (Toggle on.) and then select Close.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/integrate-office-365-ti-with-mde?view=o365-worldwide



You have a Microsoft 365 E5 subscription that has Microsoft Defender for Cloud Apps enabled.
You need to create an alert in Defender for Cloud Apps when source code is shared externally.

Which type of policy should you create?

  1. activity
  2. Cloud Discovery anomaly detection
  3. access
  4. file

Answer(s): D

Explanation:

Detect externally shared source code
Detect when files that contain content that might be source code are shared publicly or are shared with users outside of your organization.

Prerequisites
You must have at least one app connected using app connectors.

Steps
1. On the Policies page, create a new File policy.

2. Select and apply the policy template Externally shared source code

3. Optional: Customize the list of file Extensions to match your organization's source code file extensions.

4. Optional: Set the Governance actions to be taken on files when a violation is detected. The governance actions available vary between services. For example, in Box, Send policy-match digest to file owner and Put in admin quarantine.

5. Select and apply the policy template


Reference:

https://docs.microsoft.com/en-us/defender-cloud-apps/policies-information-protection#detect-externally-shared-source-code



You have a Microsoft 365 E5 subscription and a hybrid Microsoft Exchange Server organization.

Each member of a group named Executive has an on-premises mailbox. Only the Executive group members have multi-factor authentication (MFA) enabled. Each member of a group named Research has a mailbox in Exchange Online.

You need to use Microsoft 365 Attack simulation training to model a spear-phishing attack that targets the Research group members. The email addresses that you intend to spoof belong to the Executive group members.

What should you do first?

  1. From the Microsoft Azure portal, configure the user risk policy settings in Azure AD Identity Protection.
  2. Migrate the Executive group members to Exchange Online.
  3. Enable MFA for the Research group members.
  4. Enable MFA for your account.
  5. From the Microsoft Defender for Identity portal, configure the primary workspace settings.

Answer(s): D

Explanation:

Module 6 - Lab 1 - Exercise 1 - Conduct a Spear phishing attack
Holly Dickson is concerned that some users in her organization may require education about phishing attacks. In this lab you will use the Microsoft 365 Attack simulator to determine your users’ susceptibility to phishing attacks.

Task 1: Enable Mulit-factor authentication for Holly Dickson
1. On LON-CL1, Go to the Office 365 Security & Compliance center https://protection.office.com and login as Holly Dickson.
2. Click Threat management, and then click Attack simulator.
3. Notice the warning that you must enable multi-factor authentication (MFA). You are about to do a simulated attack and the system wants to confirm your credentials. This is a requirement of the attack simulator. Let’s enable MFA for Holly Dickson.
4. Etc.


Reference:

https://microsoftlearning.github.io/MS-500-Microsoft-365-Security/Instructions/Labs/MS500T00/LAB_AK_06_Lab1_Ex1_Phishing_attack.html



Page 43 of 86



Post your Comments and Discuss Microsoft MS-500 exam with other Community members:

Romero commented on March 23, 2022
i never use these dumps sites but i had to do it for this exam as it is impossible to pass without using these question dumps.
UNITED STATES
upvote

Darville commented on February 09, 2023
I passed my exam thanks to this brain dumps. The dump is comprehensive and the practice questions were tough but effective.
UNITED STATES
upvote

Con2000 commented on April 25, 2022
This exam dumps is valid in South Africa.
SOUTH AFRICA
upvote

Willard commented on April 23, 2022
The questions are helpful for passing the exam as they are from actual exam but if you want to learn just books.
UNITED KINGDOM
upvote

Romero commented on March 23, 2022
I never use these dumps sites but I had to do it for this exam as it is impossible to pass without using these question dumps.
UNITED STATES
upvote

Manpreet commented on March 23, 2022
I passed the exam today. This exam questions dump is quite accurate.
UNITED STATES
upvote

IT. Boss commented on October 15, 2021
I just logged in to my account and I have officially passed the exam. Gerat job on these exam dumps guys.
CANADA
upvote

Tesla.101 commented on October 15, 2021
The practice questions are precise and spot-on. It helped me pass.
SINGAPORE
upvote

QandA Guy commented on July 20, 2021
I have just passed this exam. So I wanted to thank you guys.
MEXICO
upvote

Lim commented on June 24, 2020
Thank you for releasing the Mac version of the Xengine App. I can practice the questions and simulate the exam on my MacBook now.
SWEDEN
upvote

Romero commented on April 18, 2020
This fukcing dumps are real. Just passed my exam yesterday.
UNITED STATES
upvote

Amanda commented on April 09, 2020
To all you guys out there. First of all stay at home and try to schedule your exam online if available. Second I did mine exam yesterday and got my certificate. The Xengine Software is very cool.
UNITED STATES
upvote

TestGirl commented on October 18, 2019
The file had a lot of the questions from the exam. However, it was missing 15% of the questions from my exam
UNITED STATES
upvote