MS-500 Online Practice Questions and Answers

Correct Answer:

Box 1: Yes

Device2 is in Group2 so Policy2 applies.

Device2 is not compliant with Policy2. However, the device won't be marked as non-compliant until 10 days after the device was enrolled.

Box 2: Yes

Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.

Device1 is compliant with Policy1 but non-compliant with Policy2. However, the device won't be marked as non-compliant until 10 days after the device was enrolled.

Box 3: No

Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.

Device1 is compliant with Policy1 but non-compliant with Policy2.

March 12th is more than 10 days after the device was enrolled so it will now be marked as non-compliant by Policy2.

Correct Answer: See explanation below.

You need to configure the Password Expiration Policy.

1.

Sign in to the Microsoft 365 Admin Center.

2.

In the left navigation pane, expand the Settings section then select the Settings option.

3.

Click on Security and Privacy.

4.

Select the Password Expiration Policy.

5.

Ensure that the checkbox labelled Set user passwords to expire after a number of days is ticked.

6.

Enter 100 in the Days before passwords expire field.

7.

Click Save changes to save the changes.

Correct Answer: See explanation below.

1.

Navigate to Manage Alerts in the Security and Compliance Center.

2.

On the Activity alerts page, click + New.

3.

Complete the following fields to create an activity alert:

The flyout page to create an activity alert is displayed.

a.

Name - Type a name for the alert. Alert names must be unique within your organization.

b.

Description (Optional) - Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins.

c.

Alert type - Make sure the Custom option is selected.

d.

Send this alert when - Click Send this alert when and then configure these two fields:

Activities - Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that's displayed when you search the Office 365 audit log. You can select one or more specific activities or you can click

the activity group name to select all activities in the group. For a description of these activities, see the "Audited activities" section in Search the audit log. When a user performs any of the activities that you've added to the alert, an email

notification is sent.

Users - Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization

performs the activities specified by the alert.

e.

Send this alert to - Click Send this alert, and then click in the Recipients box and type a name to add a user's who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities

box). Note that you are added to the list of recipients by default. You can remove your name from this list.

4. Click Save to create the alert.

The new alert is displayed in the list on the Activity alerts page.

The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide

Correct Answer: B

To enable audit logging: Set-Mailbox -Identity -AuditEnabled $true). After you do this, you can use audit log searches in the Microsoft Purview compliance portal or via the Office 365 Management Activity API.

References: https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps

Correct Answer: D

Connect Intune to Jamf Pro (To connect Intune with Jamf Pro steps are):

1.

Create a new application in Azure. (In the Azure portal, go to Azure Active Directory > App Registrations, and then select New registration.)

2.

Enable Intune to integrate with Jamf Pro. (From MEM admin center, Select Tenant administration > Connectors and tokens > Partner device management... Enable the Compliance Connector for Jamf by pasting the Application ID you

saved during the previous procedure into the Specify the Azure Active Directory App ID for Jamf field).

3.

Configure Conditional Access in Jamf Pro.

Step a. Activate the connection in the Jamf Pro console: Open the Jamf Pro console and navigate to Global Management > Conditional Access. Click the Edit button on the macOS Intune Integration tab.

Step b. In Intune, go to the Partner device management page. Under Connector Settings configure groups for assignment

Reference:

https://docs.microsoft.com/en-us/mem/intune/protect/conditional-access-integrate-jamf

Correct Answer: DE

Reference: https://docs.microsoft.com/en-us/azure/sentinel/roles

Correct Answer: B

Reference: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/configure-event-forwarding

Correct Answer: D

"The device must also be Azure AD joined or hybrid Azure AD joined. The device must also contain at least TPM version 1.2 or the Trusted Platform Module." Reference: https://cloudacademy.com/course/microsoft-365-device-application-protection-2923/configuring-and-managing-windows-device-encryption/

Correct Answer: D

Should change Admin1 to elegible.

"Users who manage Microsoft 365 workloads must only be allowed to perform administrative tasks for up to three hours at a time. Global administrators must be exempt from this requirement" ...as they are EXO admins, they shouldn't be

permanent.

Correct Answer: B

References: https://docs.microsoft.com/en-us/office365/enterprise/fix-problems-with-directory-synchronization