Free MS-500 Exam Braindumps (page: 45)

Page 45 of 86

You have a Microsoft 365 E5 subscription.

You need to investigate threats to the subscription by using the Campaigns view in Microsoft Defender for Office 365.

Which types of threats will appear?

  1. phishing only
  2. phishing and malware only
  3. phishing and password attacks only
  4. malware only
  5. malware and password attacks only

Answer(s): B

Explanation:

Campaigns in the Microsoft 365 Defender portal identifies and categorizes coordinated email attacks, including phishing and malware. Microsoft's management of email attacks into discrete campaigns will help you to:

Efficiently investigate and respond to phishing and malware attacks, delivered via email.
Better understand the scope of the email attack targeting your organization.
Show value of Microsoft Defender for Office to decision makers in preventing email threats.
Campaigns lets you see the big picture of an email attack faster and more complete than any human.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/campaigns



You configure several Microsoft Defender for Office 365 policies in a Microsoft 365 subscription.

You need to allow a user named User1 to view Defender for Office 365 reports from the Threat management dashboard.

Which role provides User1 with the required role permissions?

  1. Security reader
  2. Information Protection administrator
  3. Reports reader
  4. Exchange administrator

Answer(s): A

Explanation:

What permissions are needed to view the Defender for Office 365 reports?
You need to be assigned permissions before you can view and use the reports that are described in this article. You have the following options:

* Microsoft 365 Defender role based access control (RBAC): Currently, this option requires membership in the Microsoft 365 Defender Preview program.

* Email & collaboration RBAC in the Microsoft 365 Defender portal: Membership in any of the following role groups:
Organization Management
Security Administrator
*-> Security Reader
Global Reader

* Azure AD RBAC: Membership in the corresponding Azure Active Directory role in the Microsoft 365 admin center gives users the required permissions and permissions for other features in Microsoft 365.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/reports-defender-for-office-365



You have a Microsoft 365 subscription that contains 50 devices. The devices are enrolled in Microsoft Endpoint Manager and have Microsoft Defender for Endpoint enabled.

You need to identify devices that have a pending offline scan.
What should you do?

  1. From the Microsoft 365 Defender portal, review the Threat analytics dashboard.
  2. From the Microsoft Endpoint Manager admin center, review the Antivirus agent status report.
  3. From the Microsoft Endpoint Manager admin center, review the Detected malware report.
  4. From the Microsoft 365 Defender portal, review the Threat & Vulnerability Management dashboard.

Answer(s): D

Explanation:

Dashboard insights
Defender vulnerability management provides both security administrators and security operations teams with unique value, including:

Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
Invaluable device vulnerability context during incident investigations
Built-in remediation processes through Microsoft Intune and Microsoft Endpoint Configuration Manager

Vulnerability management dashboard
* Selected device groups (#/#)
Filter the vulnerability management data you want to see in the dashboard and cards by device groups. What you select in the filter applies throughout the vulnerability management pages.

* Etc.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/tvm-dashboard-insights



You have a Microsoft 365 E5 subscription that contains 500 Windows 10 devices. The subscription uses Microsoft Defender for Endpoint and is integrated with Microsoft Endpoint Manager. All the devices have Defender for Endpoint deployed.

You create a Conditional Access policy as shown in the following table.


You need to ensure that devices that have a machine risk score of high are blocked.
What should you do in Microsoft Endpoint Manager?

  1. Apply a security baseline to all the devices.
  2. Apply an endpoint detection and response policy to the subscription.
  3. Apply a compliance policy to all the devices.
  4. Configure the Compliance policy settings.

Answer(s): A

Explanation:

See Note below.

Monitor device risk and compliance to security baselines
After your organization has deployed Microsoft Defender for Endpoint, you can gain greater insights and protection of your devices by integrating Microsoft Intune with Defender for Endpoint. For mobile devices, this includes the ability to monitor device risk as a condition for access. For Windows devices, you can monitor compliance of these devices to security baselines.

Deploy security baselines and monitor compliance to these settings
To deploy security baselines and monitor compliance to these settings, use the steps in this table.


Note: Monitor device risk as a condition for access
With Microsoft Defender for Endpoint deployed, you can take advantage of threat risk signals. This allows you to block access to devices based on their risk score. Microsoft recommends allowing access to devices with a risk score of medium or below.

For Android and iOS/iPadOS, threat signals can be used within your App Protection Policies (APP).
For all platforms, you can set the risk level in the existing device compliance policies.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/solutions/manage-devices-with-intune-monitor-risk



Page 45 of 86



Post your Comments and Discuss Microsoft MS-500 exam with other Community members:

Romero commented on March 23, 2022
i never use these dumps sites but i had to do it for this exam as it is impossible to pass without using these question dumps.
UNITED STATES
upvote

Darville commented on February 09, 2023
I passed my exam thanks to this brain dumps. The dump is comprehensive and the practice questions were tough but effective.
UNITED STATES
upvote

Con2000 commented on April 25, 2022
This exam dumps is valid in South Africa.
SOUTH AFRICA
upvote

Willard commented on April 23, 2022
The questions are helpful for passing the exam as they are from actual exam but if you want to learn just books.
UNITED KINGDOM
upvote

Romero commented on March 23, 2022
I never use these dumps sites but I had to do it for this exam as it is impossible to pass without using these question dumps.
UNITED STATES
upvote

Manpreet commented on March 23, 2022
I passed the exam today. This exam questions dump is quite accurate.
UNITED STATES
upvote

IT. Boss commented on October 15, 2021
I just logged in to my account and I have officially passed the exam. Gerat job on these exam dumps guys.
CANADA
upvote

Tesla.101 commented on October 15, 2021
The practice questions are precise and spot-on. It helped me pass.
SINGAPORE
upvote

QandA Guy commented on July 20, 2021
I have just passed this exam. So I wanted to thank you guys.
MEXICO
upvote

Lim commented on June 24, 2020
Thank you for releasing the Mac version of the Xengine App. I can practice the questions and simulate the exam on my MacBook now.
SWEDEN
upvote

Romero commented on April 18, 2020
This fukcing dumps are real. Just passed my exam yesterday.
UNITED STATES
upvote

Amanda commented on April 09, 2020
To all you guys out there. First of all stay at home and try to schedule your exam online if available. Second I did mine exam yesterday and got my certificate. The Xengine Software is very cool.
UNITED STATES
upvote

TestGirl commented on October 18, 2019
The file had a lot of the questions from the exam. However, it was missing 15% of the questions from my exam
UNITED STATES
upvote