MS-500 無料問題集「Microsoft 365 Security Administration」
You have a Microsoft 365 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 contains the folders shown in the following table.
At 09:00, you create a Microsoft Cloud App Security policy named Policy1 as shown in the following exhibit.
After you create Policy1, you upload files to Site1 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
At 09:00, you create a Microsoft Cloud App Security policy named Policy1 as shown in the following exhibit.
After you create Policy1, you upload files to Site1 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
You configure the Security Operator role in Azure AD Privileged Identity Management (PIM) as shown in the following exhibit.
You add assignments to the Security Operator role as shown in the following table.
Which users can activate the Security Operator role?
You configure the Security Operator role in Azure AD Privileged Identity Management (PIM) as shown in the following exhibit.
You add assignments to the Security Operator role as shown in the following table.
Which users can activate the Security Operator role?
正解:E
解答を投票する
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You plan to implement Azure Active Directory (Azure AD) Identity Protection.
You need to identify which users can perform the following actions:
Configure a user risk policy.
View the risky users report.
Which users should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to implement Azure Active Directory (Azure AD) Identity Protection.
You need to identify which users can perform the following actions:
Configure a user risk policy.
View the risky users report.
Which users should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
You plan to add a file named ConfidentialHR.docx to a Microsoft SharePoint library.
You need to ensure that a user named Megan Bowen is notified when another user accesses ConfidentialHR.xlsx.
To complete this task, sign in to the Microsoft 365 portal.
You need to ensure that a user named Megan Bowen is notified when another user accesses ConfidentialHR.xlsx.
To complete this task, sign in to the Microsoft 365 portal.
正解:
See explanation below.
Explanation
You need to configure an alert policy.
Go to the Security & Compliance Admin Center.
Navigate to Alerts > Alert Policies.
Click on + New alert policy to create a new policy.
Give the policy a name and select a severity level. For example: Medium.
In the Category section, select Information Governance and click Next.
In the Select an activity section, select Any file or folder activity.
Click Add a condition and select File name.
Type in the filename ConfidentialHR.xlsx and click Next.
In the email recipients section, add Megan Bowen and click Next.
Click Finish to create the alert policy.
Explanation
You need to configure an alert policy.
Go to the Security & Compliance Admin Center.
Navigate to Alerts > Alert Policies.
Click on + New alert policy to create a new policy.
Give the policy a name and select a severity level. For example: Medium.
In the Category section, select Information Governance and click Next.
In the Select an activity section, select Any file or folder activity.
Click Add a condition and select File name.
Type in the filename ConfidentialHR.xlsx and click Next.
In the email recipients section, add Megan Bowen and click Next.
Click Finish to create the alert policy.
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that a user named Allan Deyoung can perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft 365 admin center.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that a user named Allan Deyoung can perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft 365 admin center.
正解:
See explanation below.
Explanation
After signing in to the Microsoft 365 admin center, navigate to the Security & Compliance Center.
In the left pane of the security and compliance center, select Permissions, and then select the checkbox next to eDiscovery Manager.
On the eDiscovery Manager flyout page, do one of the following based on the eDiscovery permissions that you want to assign.
To make a user an eDiscovery Manager: Next to eDiscovery Manager, select Edit. In the Choose eDiscovery Manager section, select the Choose eDiscovery Manager hyperlink, and then select + Add. Select the user (or users) you want to add as an eDiscovery manager, and then select Add. When you're finished adding users, select Done. Then, on the Editing Choose eDiscovery Manager flyout page, select Save to save the changes to the eDiscovery Manager membership.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/assign-ediscovery-permissions?view=o365-worldwi
Explanation
After signing in to the Microsoft 365 admin center, navigate to the Security & Compliance Center.
In the left pane of the security and compliance center, select Permissions, and then select the checkbox next to eDiscovery Manager.
On the eDiscovery Manager flyout page, do one of the following based on the eDiscovery permissions that you want to assign.
To make a user an eDiscovery Manager: Next to eDiscovery Manager, select Edit. In the Choose eDiscovery Manager section, select the Choose eDiscovery Manager hyperlink, and then select + Add. Select the user (or users) you want to add as an eDiscovery manager, and then select Add. When you're finished adding users, select Done. Then, on the Editing Choose eDiscovery Manager flyout page, select Save to save the changes to the eDiscovery Manager membership.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/assign-ediscovery-permissions?view=o365-worldwi
Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have a Microsoft 365 subscription that contains 100 users and a Microsoft 365 group named Group1.
All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Which policies apply to which devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
NOTE: Each correct selection is worth one point.
正解:
Explanation
You discover that Microsoft SharePoint content is shared with users from multiple domains.
You need to allow sharing invitations to be sent only to users in an email domain named contoso.com.
To complete this task, sign in to the Microsoft 365 portal.
You need to allow sharing invitations to be sent only to users in an email domain named contoso.com.
To complete this task, sign in to the Microsoft 365 portal.
正解:
See explanation below.
Explanation
You need to configure the Sharing options in the SharePoint admin center.
Go to the SharePoint admin Center.
Navigate to Policies > Sharing.
In the External Sharing section, click on More external sharing settings.
Tick the Limit external sharing by domain checkbox.
Click the Add domains button.
Select the Allow only specific domains option and type in the domain contoso.com.
Click Save to save the changes.
Explanation
You need to configure the Sharing options in the SharePoint admin center.
Go to the SharePoint admin Center.
Navigate to Policies > Sharing.
In the External Sharing section, click on More external sharing settings.
Tick the Limit external sharing by domain checkbox.
Click the Add domains button.
Select the Allow only specific domains option and type in the domain contoso.com.
Click Save to save the changes.
Your company plans to merge with another company.
A user named Debra Berger is an executive at your company.
You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.
To complete this task, sign in to the Microsoft 365 portal.
A user named Debra Berger is an executive at your company.
You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.
To complete this task, sign in to the Microsoft 365 portal.
正解:
See explanation below.
Explanation
You need to run a content search then export the results of the search.
Go to the Microsoft 365 Compliance admin center.
Navigate to Content Search under the Solutions section in the left navigation pane.
Click on + New Search to create a new search.
In the Keywords box, type in 'merger'.
In the Locations section, select Specific locations then click the Modify link.
Click on the Choose users, groups or teams link.
Type Alex Wilber in the search field the select his account from the search results.
Click the Choose button to add the user then click Done.
Click Save to close the locations pane.
Click Save & run to run the search.
The next step is to export the results. Select the search then under Export results to a computer, click Start export.
On the Export the search results page, under Output options, select All items.
Under Export Exchange content as, select One PST file for each mailbox.
Click on Start export. When the export has finished, there will be an option to download the exported PST file.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/content-search?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/export-search-results?view=o365-worldwide
Explanation
You need to run a content search then export the results of the search.
Go to the Microsoft 365 Compliance admin center.
Navigate to Content Search under the Solutions section in the left navigation pane.
Click on + New Search to create a new search.
In the Keywords box, type in 'merger'.
In the Locations section, select Specific locations then click the Modify link.
Click on the Choose users, groups or teams link.
Type Alex Wilber in the search field the select his account from the search results.
Click the Choose button to add the user then click Done.
Click Save to close the locations pane.
Click Save & run to run the search.
The next step is to export the results. Select the search then under Export results to a computer, click Start export.
On the Export the search results page, under Output options, select All items.
Under Export Exchange content as, select One PST file for each mailbox.
Click on Start export. When the export has finished, there will be an option to download the exported PST file.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/content-search?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/export-search-results?view=o365-worldwide
Your network contains an on-premises Active Directory domain. The domain contains the servers shown in the following table.
You have a Microsoft 365 subscription.
You plan to deploy Microsoft Defender for Identity.
You need to deploy the Defender for Identity sensor. The solution must meet the following requirements:
* Support the collection of Event Tracing for Windows (ETW) log entries.
* Use the principle of least privilege.
* Maximize security.
On which servers can you install the sensor, and which type of credentials is required for the sensor? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You plan to deploy Microsoft Defender for Identity.
You need to deploy the Defender for Identity sensor. The solution must meet the following requirements:
* Support the collection of Event Tracing for Windows (ETW) log entries.
* Use the principle of least privilege.
* Maximize security.
On which servers can you install the sensor, and which type of credentials is required for the sensor? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
You have a Microsoft 365 subscription.
You have a site collection named SiteCollection1 that contains a site named Site2. Site2 contains a document library named Customers.
Customers contains a document named Litware.docx. You need to remove Litware.docx permanently.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You have a site collection named SiteCollection1 that contains a site named Site2. Site2 contains a document library named Customers.
Customers contains a document named Litware.docx. You need to remove Litware.docx permanently.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation
Your network contains an Active Directory domain named contoso.com. The domain contains a VPN server named VPN1 that runs Windows Server 2016 and has the Remote Access server role installed.
You have a Microsoft Azure subscription.
You are deploying Azure Advanced Threat Protection (ATP)
You install an Azure ATP standalone sensor on a server named Server1 that runs Windows Server 2016.
You need to integrate the VPN and Azure ATP.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft Azure subscription.
You are deploying Azure Advanced Threat Protection (ATP)
You install an Azure ATP standalone sensor on a server named Server1 that runs Windows Server 2016.
You need to integrate the VPN and Azure ATP.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Reference:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step6-vpn
You have a Microsoft 365 E5 subscription.
Users and device objects are added and removed daily. Users in the sales department frequently change their device.
You need to create three following groups:
The solution must minimize administrative effort.
What is the minimum number of groups you should create for each type of membership? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Users and device objects are added and removed daily. Users in the sales department frequently change their device.
You need to create three following groups:
The solution must minimize administrative effort.
What is the minimum number of groups you should create for each type of membership? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
References:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/users-groups-roles/groups-dyn
You view Compliance Manager as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/meet-data-protection-and-regulatory-reqs-using-m
You need to configure your organization to automatically quarantine all phishing email messages.
To complete this task, sign in to the Microsoft 365 portal.
To complete this task, sign in to the Microsoft 365 portal.
正解:
See explanation below.
Explanation
You need to edit the Anti-Phishing policy.
Go to the Office 365 Security & Compliance admin center.
Navigate to Threat Management > Policy > ATP Anti-Phishing.
Click on Default Policy.
In the Impersonation section, click Edit.
Go to the Actions section.
In the If email is sent by an impersonated user: box, select Quarantine the message from the drop-down list.
In the If email is sent by an impersonated domain: box, select Quarantine the message from the drop-down list.
Click Save to save the changes.
Click Close to close the anti-phishing policy window.
Explanation
You need to edit the Anti-Phishing policy.
Go to the Office 365 Security & Compliance admin center.
Navigate to Threat Management > Policy > ATP Anti-Phishing.
Click on Default Policy.
In the Impersonation section, click Edit.
Go to the Actions section.
In the If email is sent by an impersonated user: box, select Quarantine the message from the drop-down list.
In the If email is sent by an impersonated domain: box, select Quarantine the message from the drop-down list.
Click Save to save the changes.
Click Close to close the anti-phishing policy window.