Skip Navigation Links
 

Microsoft - MS-500: Microsoft 365 Security Administration

Sample Questions

Question: 161
Measured Skill: Manage governance and compliance features in Microsoft 365 (25-30%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You plan to create a script to automate user mailbox searches. The script will search the mailbox of a user named Allan Deyoung for messages that contain the word injunction.

You need to create the search that will be included in the script.

What should you do?

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

We need to create a content search using the Compliance Admin Center or the New-ComplianceSearch cmdlet. The search, once created, can be run from a script using the Start-ComplianceSearch cmdlet specifing the name of the search as identity (e.g. Start-ComplianceSearch -Identity AllanDeyoung)

Step 01: From the Microsoft 365 Admin Center open the Compliance Admin Center. Click "Content search" then click "+Guided search".

Step 02: Enter a name for the new search and click "Next".

Step 03: Include Allan Deyoung. Then click "Next".

Step 04: Type in the keyword and click "Finish". The task is completed.

You can run the search from a script using the following code:

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Import-Module MSOnline
Get-ComplianceSearch -Identity "AllanDeyoung"
Start-ComplianceSearch -Identity "AllanDeyoung"
Remove-PSSession $Session

Reference: Use Compliance Search to search all mailboxes in Exchange Server



Question: 162
Measured Skill: Implement and manage information protection (15-20%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to ensure that when users tag documents as classified, a classified watermark is applied to the documents.

What should you do?

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

This is a two step process. First, we need to create a sensitivity label that applies a watermark for visual marking. Second, we need to publish the label to all users in our tenant. We can do this using the Compliance Admin Center, the Compliance & Security Admin Center or Azure Information Protection (AIP).

Step 01: From the Microsoft 365 Admin Center open the Compliance Admin Center. Click "Information protection" then click "+Create a label".

Step 02: Enter the name and a description for the new label and click "Next".

Step 03: Click "Next".

Step 04: Enable content marking and check the "Add a watermark" check box. Then click the "Customize text" link.

Step 05: Enter a watermark text and click "Save". Then click "Next".

Step 06: Click "Next".

Step 07: Click "Submit".

Step 08 Click "Done".

Step 09: Now we will publish the label. Click "Publish labels".

Step 10: Select the newly created label to publish. Then click "Next".

Step 11: The label will be published to all users by default. Click "Next".

Step 12: Click "Next".

Step 13: Enter a name for the new policy and click "Next".

Step 14: Click "Submit" to publish the label.

Step 15: The label has been published. Click "Done" to complete the task.

Reference: How to configure a label for visual markings for Azure Information Protection



Question: 163
Measured Skill: Implement and manage information protection (15-20%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to ensure that email messages in Exchange Online and documents in SharePoint Online are retained for eight years.

What should you do?

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

We need to create and configure a retention policy that applies to Exchange Online and SharePoint Online.

Step 01: From the Microsoft 365 Admin Center open the Compliance Admin Center. Click "Information governance", then switch to "Retention" and click "+New retention policy".

Step 02: Enter a name for the new policy and click "Next".

Step 03: Change the retention period to 8 years. Then click "Next".

Step 04: Apply the policy to Exchange email and SharePoint sites only. Then click "Next".

Step 05: Review your settings. Then click "Create this policy" to complete the task.



Question: 164
Measured Skill: Implement and manage identity and access (30-35%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to ensure that all users must change their password every 100 days.

To complete this task, sign in to the Microsoft 365 portal.

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

We need to need to configure the Password Expiration Policy.

Step 01: From the Microsoft 365 Admin Center expand "Settings", then click "Org settings" and switch to the "Security & privacy" tab. Open the "Password expiration policy" to edit.

Step 02: Enable the "Set user passwords to expire after a number of days" option and set the "Days before passwords expire" option to 100 days (the default is 90). Then click "Save changes".

Step 03: The task is complete.



Question: 165
Measured Skill: Implement and manage identity and access (30-35%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to ensure that a user named Grady Archie can monitor the service health of your Microsoft 365 tenant. The solution must use the principle of least privilege.

To complete this task, sign in to the Microsoft 365 portal.

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

People who are assigned the global admin or service support admin role can view service health. In order to ensure that Grady Archie can view the health of your Microsoft services, including Office on the web, Yammer, Microsoft Dynamics CRM, and mobile device management cloud services, on the Service health page in the Microsoft 365 admin center, we need to add him to the service support admin role.

Step 01: From the Microsoft 365 Admin Center expand "Users" and click "Active users". Search for Grady Archie and click on the found user account. From the properties of the account, click "Manage roles".

Step 02: Enable the "Admin center access" option and assign the "Service support admin" role. Then click "Save changes".

Step 03: The task is complete.

Reference: How to check Microsoft 365 service health





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2020 by cert2brain.com