MS-500 : Microsoft 365 Security Administration : Part 08

MS-500 : Microsoft 365 Security Administration : Part 08

  1. You create a label that encrypts email data. Users report that they cannot use the label in Outlook on the web to protect the email messages they send.

    You need to ensure that the users can use the new label to protect their email.

    What should you do?

    • Modify the priority order of label policies
    • Wait six hours and ask the users to try again
    • Create a label policy 
    • Create a new sensitive information type

    Explanation: 
    Admin has to publish labels by creating label policy.

  2. You have a Microsoft 365 subscription that includes a user named Admin1.

    You need to ensure that Admin1 can retain all the mailbox content of users, including their deleted items.

    The solution must use the principle of least privilege.

    What should you do?

    • From the Microsoft 365 admin center, assign the Exchange administrator role to Admin1.
    • From the Exchange admin center, assign the Security Administrator role to Admin1.
    • From the Azure Active Directory admin center, assign the Service administrator role to Admin1.
    • From the Exchange admin center, assign the Recipient Management admin role to Admin1.

  3. You have a hybrid Microsoft 365 environment.

    All computers run Windows 10 Enterprise and have Microsoft 365 Apps for enterprise installed. All the computers are joined to Active Directory.

    You have a server named Server1 that runs Windows Server 2016. Server1 hosts the telemetry database. You need to prevent private details in the telemetry data from being transmitted to Microsoft.

    What should you do?

    • On Server1, run readinessreportcreator.exe
    • Configure a registry entry on Server1
    • Configure a registry entry on the computers 
    • On the computers, run tdadm.exe

  4. Your company has a Microsoft 365 subscription that includes a user named User1.

    You suspect that User1 sent email messages to a competitor detailing company secrets.

    You need to recommend a solution to ensure that you can review any email messages sent by User1 to the competitor, including sent items that were deleted.

    What should you include in the recommendation?

    • Enable In-Place Archiving for the mailbox of User1
    • From the Security & Compliance, perform a content search of the mailbox of User1
    • Place a Litigation Hold on the mailbox of User1 
    • Configure message delivery restrictions for the mailbox of User1

  5. You have a Microsoft 365 subscription.

    Yesterday, you created retention labels and published the labels to Microsoft Exchange Online mailboxes.

    You need to ensure that the labels will be available for manual assignment as soon as possible.

    What should you do?

    • From the Security & Compliance admin center, create a label policy
    • From Exchange Online PowerShell, run Start-RetentionAutoTagLearning
    • From Exchange Online PowerShell, run Start-ManagedFolderAssistant 
    • From the Security & Compliance admin center, create a data loss prevention (DLP) policy

  6. You have a Microsoft 365 subscription.

    Your company uses Jamf Pro to manage macOS devices.

    You plan to create device compliance policies for the macOS devices based on the Jamf Pro data.

    You need to connect Microsoft Endpoint Manager to Jamf Pro.

    What should you do first?

    • From the Azure Active Directory admin center, add a Mobility (MDM and MAM) application.
    • From the Endpoint Management admin center, add the Mobile Threat Defense connector.
    • From the Endpoint Management admin center, configure Partner device management.
    • From the Azure Active Directory admin center, register an application.

  7. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 subscription that contains 1,000 user mailboxes.

    An administrator named Admin1 must be able to search for the name of a competing company in the mailbox of a user named User5.

    You need to ensure that Admin1 can search the mailbox of User5 successfully. The solution must prevent Admin1 from sending email messages as User5.

    Solution: You modify the privacy profile, and then create a Data Subject Request (DSR) case.

    Does this meet the goal?

    • Yes
    • No

  8. SIMULATION

    You need to ensure that administrators can publish a label that adds a footer to email messages and documents.

    To complete this task, sign in to the Microsoft Office 365 portal.

    • See explanation below.
    Explanation:

    You need to configure a Sensitivity label.

    1. Go to the Security & Compliance Admin Center.
    2. Navigate to Classification > Sensitivity labels.
    3. Click on + Create a label to create a new label.
    4. Give the label a name and description then click Next.
    5. Leave the Encryption option as None and click Next.
    6. On the Content Marking page, tick the checkbox Add a footer.
    7. Click the Customize Text link and add the footer text and click Save (for the question, it doesn’t matter what text you add).
    8. Click Next.
    9. Leave the Auto-labeling for Office apps off and click Next.
    10. Click the Submit button to save your changes.
    11. The label is now ready to be published. Click the Done button to exit the page and create the label.

  9. SIMULATION

    You plan to publish a label that will retain documents in Microsoft OneDrive for two years, and then automatically delete the documents.

    You need to create the label.

    To complete this task, sign in to the Microsoft Office 365 portal.

    • See explanation below.
    Explanation:

    You need to create a retention label.

    1. Go to the Security & Compliance Admin Center.
    2. Navigate to Classification > Retention labels.
    3. Click on + Create a label to create a new label.
    4. Give the label a name and click Next.
    5. On the File plan descriptors, leave all options empty. The options in this page are used for auto-applying the retention label. Click Next.
    6. Turn the Retention switch to On.
    7. Under Retain the content, set the period to 2 years.
    8. Under What do you want to do after this time?, select the Delete the content automatically option.
    9. Click Next.
    10. Click the Create this label button to create the label. The label is now ready to be published to Microsoft OneDrive.

  10. SIMULATION

    You plan to add a file named ConfidentialHR.docx to a Microsoft SharePoint library.

    You need to ensure that a user named Megan Bowen is notified when another user accesses ConfidentialHR.xlsx.

    To complete this task, sign in to the Microsoft 365 portal.

    • See explanation below.
    Explanation:

    You need to configure an alert policy.

    1. Go to the Security & Compliance Admin Center.
    2. Navigate to Alerts > Alert Policies.
    3. Click on + New alert policy to create a new policy.
    4. Give the policy a name and select a severity level. For example: Medium.
    5. In the Category section, select Information Governance and click Next.
    6. In the Select an activity section, select Any file or folder activity.
    7. Click Add a condition and select File name.
    8. Type in the filename ConfidentialHR.xlsx and click Next.
    9. In the email recipients section, add Megan Bowen and click Next.
    10. Click Finish to create the alert policy.

  11. SIMULATION

    You need to create a policy that identifies content in Microsoft OneDrive that contains credit card numbers.

    To complete this task, sign in to the Microsoft 365 portal.

    • See explanation below.
    Explanation:

    You need to configure auto-labeling in ‘simulation’ mode. In the policy, you can select the ‘Credit Card’ sensitive info type.

    1. In the Microsoft 365 compliance center, navigate to sensitivity labels:
    Solutions > Information protection
    2. Select the Auto-labeling (preview) tab.
    3. Select + Create policy.
    4. For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy. You can refine your search by using the Show options for dropdown. Or, select Custom policy if the templates don’t meet your requirements. Select Next.
    5. For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.
    6. For the page Choose locations where you want to apply the label: Select OneDrive. Then select Next.
    7. For the Define policy settings page: Keep the default of Find content that contains to define rules that identify content to label across all your selected locations. The rules use conditions that include sensitive information types and sharing options. For sensitive information types, you can select both built-in and custom sensitive information types.
    8. Then select Next.
    9. For the Set up rules to define what content is labeled page: Select + Create rule and then select Next.
    10. On the Create rule page, name and define your rule, using sensitive information types and then select Save.
    11. Click Next.
    12. For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose a sensitivity label pane, and then select Next.
    13. For the Decide if you want to run policy simulation now or later page: Select Run policy in simulation mode if you’re ready to run the auto-labeling policy now, in simulation mode. Otherwise, select Leave policy turned off. Select Next.
    14. For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the wizard.

  12. SIMULATION

    Your company plans to merge with another company.

    A user named Debra Berger is an executive at your company.

    You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.

    To complete this task, sign in to the Microsoft 365 portal.

    • See explanation below.
    Explanation:

    You need to run a content search then export the results of the search.

    1. Go to the Microsoft 365 Compliance admin center.
    2. Navigate to Content Search under the Solutions section in the left navigation pane.
    3. Click on + New Search to create a new search.
    4. In the Keywords box, type in ‘merger’.
    5. In the Locations section, select Specific locations then click the Modify link.
    6. Click on the Choose users, groups or teams link.
    7. Type Alex Wilber in the search field the select his account from the search results.
    8. Click the Choose button to add the user then click Done.
    9. Click Save to close the locations pane.
    10. Click Save & run to run the search.
    11. The next step is to export the results. Select the search then under Export results to a computer, click Start export.
    12. On the Export the search results page, under Output options, select All items.
    13. Under Export Exchange content as, select One PST file for each mailbox.
    14. Click on Start export. When the export has finished, there will be an option to download the exported PST file.

  13. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 subscription.

    You have a user named User1. Several users have full access to the mailbox of User1.

    Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

    When you search the audit log in Microsoft 365 Compliance to identify who signed in to the mailbox of User1, the results are blank.

    You need to ensure that you can view future sign-ins to the mailbox of User1.

    You run the Set-Mailbox -Identity “User1” -AuditEnabled $true command.

    Does that meet the goal?

    • Yes
    • No

  14. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 subscription.

    You have a user named User1. Several users have full access to the mailbox of User1.

    Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

    When you search the audit log in Microsoft 365 Compliance to identify who signed in to the mailbox of User1, the results are blank.

    You need to ensure that you can view future sign-ins to the mailbox of User1.

    You run the Set-AuditConfig -Workload Exchange command.

    Does that meet the goal?

    • Yes
    • No

  15. You have a Microsoft 365 subscription.

    You have a Microsoft SharePoint Online site named Site1. The files in Site1 are protected by using Microsoft Azure Information Protection.

    From the Security & Compliance admin center, you create a label that designates personal data.

    You need to auto-apply the new label to all the content in Site1.

    What should you do first?

    • From PowerShell, run Set-ManagedContentSettings.
    • From PowerShell, run Set-ComplianceTag.
    • From the Security & Compliance admin center, create a Data Subject Request (DSR).
    • Remove Azure Information Protection from the Site1 files.

  16. You have a Microsoft 365 subscription.

    You need to be notified by email whenever an administrator starts an eDiscovery search.

    What should you do from the Security & Compliance admin center?

    • From Search & investigation, create a guided search.
    • From Events, create an event.
    • From Alerts, create an alert policy.
    • From Search & investigation, create an eDiscovery case.

  17. You have a Microsoft 365 subscription.

    You have a Data Subject Request (DSR) case named Case1.

    You need to ensure that Case1 includes all the email posted by the data subject to the Microsoft Exchange Online public folders.

    Which additional property should you include in the Content Search query?

    • kind:externaldata
    • itemclass:ipm.externaldata
    • itemclass:ipm.post
    • kind:email

  18. You have a Microsoft 365 E5 subscription.

    A security manager receives an email message every time a data loss prevention (DLP) policy match occurs.

    You need to limit alert notifications to actionable DLP events.

    What should you do?

    • From the Security & Compliance admin center, modify the Policy Tips settings of a DLP policy.
    • From the Cloud App Security admin center, apply a filter to the alerts.
    • From the Security & Compliance admin center, modify the User overrides settings of a DLP policy.
    • From the Security & Compliance admin center, modify the matched activities threshold of an alert policy.

  19. HOTSPOT

    You have a Microsoft 365 subscription. Auditing is enabled.

    A user named User1 is a member of a dynamic security group named Group1.

    You discover that User1 is no longer a member of Group1.

    You need to search the audit log to identify why User1 was removed from Group1.

    Which two activities should you use in the search? To answer, select the appropriate activities in the answer area.

    NOTE: Each correct selection is worth one point.

    MS-500 Microsoft 365 Security Administration Part 08 Q19 185 Question
    MS-500 Microsoft 365 Security Administration Part 08 Q19 185 Question
    MS-500 Microsoft 365 Security Administration Part 08 Q19 185 Answer
    MS-500 Microsoft 365 Security Administration Part 08 Q19 185 Answer

  20. You have a Microsoft 365 subscription.

    You create and run a content search from the Security & Compliance admin center.

    You need to download the results of the content search.

    What should you obtain first?

    • an export key
    • a password
    • a certificate
    • a pin
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments