Free Access Microsoft.MS-500.v2022-01-31.q161 Practice Test (Page 19)

Question 86

Microsoft 365 E5 licenses. You plan to implement an Advanced Threat Protection (ATP) anti-phishing policy. You need to enable mailbox intelligence for all users. What should you do first?

A.Configure attribute filtering in Microsoft Azure Active Directory Connect (Azure AD Connect).

B.Purchase the ATP add-on.

C.Select Directory extension attribute sync in Microsoft Azure Active Directory Connect {Azure AD Connect).

D.Migrate the on-premises mailboxes to Exchange Online.

Question 87

You have an Azure Active Directory (Azure AD) tenant named Contoso.com that contains the users shown in the following table.

The User Administrator role is configured in Azure AD Privileged Identity Management (PIM) as shown in the following exhibit.

You make User4 eligible for the User Administrator role.
For each of the following statements, Select Yes if the Statement is true. Otherwise, select No./ NOTE: Each correct selection is worth one point.

Question 88

You have the Microsoft conditions shown in the following table.

You have the Azure Information Protection labels shown in the following table.

You have the Azure Information Protection policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question 89

How should you configure Group3? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Question 90

Which IP address space should you include in the MFA configuration?

A.131.107.83.0/28

B.192.168.16.0/20

C.172.16.0.0/24

D.192.168.0.0/20

Correct Answer: B

Explanation/Reference:
Testlet 3
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in
Seattle, and New York.
The company has the offices shown in the following table.

Contoso has IT, human resources (HR), legal, marketing, and finance departments. Contoso uses
Microsoft 365.
Existing Environment
Infrastructure
The network contains an Active Directory domain named contoso.com that is synced to a Microsoft Azure
Active Directory (Azure AD) tenant. Password writeback is enabled.
The domain contains servers that run Windows Server 2016. The domain contains laptops and desktop
computers that run Windows 10 Enterprise.
Each client computer has a single volume.
Each office connects to the Internet by using a NAT device. The offices have the IP addresses shown in
the following table.

Named locations are defined in Azure AD as shown in the following table.

From the Multi-Factor Authentication page, an address space of 198.35.3.0/24 is defined in the trusted IPs
list.
Azure Multi-Factor Authentication (MFA) is enabled for the users in the finance department.
The tenant contains the users shown in the following table.

The tenant contains the groups shown in the following table.

Customer Lockbox is enabled in Microsoft 365.
Microsoft Intune Configuration
The devices enrolled in Intune are configured as shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The Mark devices with no compliance policy assigned as setting is set to Compliant.
Requirements
Technical Requirements
Contoso identifies the following technical requirements:
Use the principle of least privilege