Free Access Microsoft.MS-500.v2022-01-31.q161 Practice Test (Page 17)

Question 76

You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) connector and a Microsoft Office 365 connector.
You need to use a Fusion rule template to detect multistage attacks in which users sign in by using compromised credentials, and then delete multiple files from Microsoft OneDrive.
Based on the Fusion rule template, you create an active rule that has the default settings.
What should you do next?

A.Add data connectors.

B.Add a workbook.

C.Add a playbook.

D.Create a custom rule template.

Question 77

Your company has a Microsoft 365 subscription that contains the users shown in the following table.

The company implements Windows Defender Advanced Threat Protection (Windows Defender ATP). Windows Defender ATP includes the roles shown in the following table:

Windows Defender ATP contains the machine groups shown in the following table:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Question 78

Your network contains an on-premises Active Directory domain. The domain contains the servers shown in the following table.

You plan to implement Azure Advanced Threat Protection (ATP) for the domain.
You install an Azure ATP standalone sensor on Server1.
You need to monitor the domain by using Azure ATP.
What should you do?

A.Configure port mirroring for DC1.

B.Configure port mirroring for Server 1.

C.Install the Microsoft Monitoring Agent on Server!.

D.Install the Microsoft Monitoring Agent on DC1.

Question 79

Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.
The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.
You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.
What should you do?

A.Configure Azure ATP notifications

B.Configure Event Forwarding on the domain controllers

C.Configure auditing in the Office 365 Security & Compliance center

D.Modify the Domain synchronizer candidate settings on the Azure ATP sensors

Question 80

You need to create a policy that identifies content in Microsoft OneDrive that contains credit card numbers.
To complete this task, sign in to the Microsoft 365 portal.

Correct Answer:

See explanation below.
Explanation
You need to configure auto-labeling in 'simulation' mode. In the policy, you can select the 'Credit Card' sensitive info type.
* In the Microsoft 365 compliance center, navigate to sensitivity labels:
Solutions > Information protection
* Select the Auto-labeling (preview) tab.
* Select + Create policy.
* For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy. You can refine your search by using the Show options for dropdown. Or, select Custom policy if the templates don't meet your requirements. Select Next.
* For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.
* For the page Choose locations where you want to apply the label: Select OneDrive. Then select Next.
* For the Define policy settings Find content that contains to define rules that identify content to label across all your selected locations. The rules use conditions that include sensitive information types and sharing options. For sensitive information types, you can select both built-in and custom sensitive information types.
* Then select Next.
* For the Set up rules to define what content is labeled + Create rule and then select Next.
* On the Create rule page, name and define your rule, using sensitive information types and then select Save.
* Click Next.
* For the Choose a label to auto-apply , select a label from the Choose a sensitivity label pane, and then select
* For the Decide if you want to run policy simulation now or later page: Select Run policy in simulation mode if you're ready to run the auto-labeling policy now, in simulation mode. Otherwise, select Leave policy turned off. Select Next.
* For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the wizard.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-wo

Other Version: 786Microsoft.MS-500.v2024-04-06.q178; 1862Microsoft.MS-500.v2023-03-20.q101; 1711Microsoft.MS-500.v2023-02-07.q110; 4578Microsoft.MS-500.v2022-10-15.q289; 3777Microsoft.MS-500.v2022-06-03.q186

Latest Upload: 100Oracle.1z0-1196-25.v2025-09-12.q18; 100NetworkAppliance.NS0-162.v2025-09-12.q86; 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 173TheSecOpsGroup.CNSP.v2025-09-08.q20; 240CFAInstitute.ESG-Investing.v2025-09-08.q173; 236PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 76

Question 77

Question 78

Question 79

Question 80

Download PDF File