Free Access Microsoft.MS-500.v2022-10-15.q289 Practice Test (Page 15)

Question 66

You have a Microsoft 365 E5 subscription and a hybrid Microsoft Exchange Server organization.
Each member of a group named Executive has an on-premises mailbox. Only the Executive group members have multi-factor authentication (MFA) enabled. Each member of a group named Research has a mailbox in Exchange Online.
You need to use Microsoft Office 365 Attack simulator to model a spear-phishing attack that targets the Research group members.
The email address that you intend to spoof belongs to the Executive group members.
What should you do first?

A.From Azure ATP admin center, configure the primary workspace settings

B.From the Microsoft Azure portal, configure the user risk settings in Azure AD Identity Protection

C.Enable MFA for the Research group members

D.Migrate the Executive group members to Exchange Online

Question 67

Your company has a Microsoft 365 subscription that contains the usersshown in the following table.

The company implements Windows Defender Advanced Threat Protection (Windows Defender ATP).
Windows Defender ATP includes the roles shown in the following table:

Windows Defender ATP contains the machine groups shown inthe following table:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.

Question 68

You have a Microsoft 365 subscription that contains a user named User1.
You plan to use Compliance Manager.
You need to ensure that User1 can assign Compliance Manager roles to users. The solution must use the principle of least privilege.
Which role should you assign to User1?

A.Compliance Manager Assessor

B.Global Administrator

C.Portal Admin

D.Compliance Manager Administrator

Question 69

You have a Microsoft 365 subscription that uses a default domain name of contoso.com.
Microsoft Azure Active Directory (Azure AD) contains the users shown in the following table.

Microsoft Intune has two devices enrolled as shown in the following table:

Both devices have three apps named App1, App2, and App3 installed.
You create an app protection policy named ProtectionPolicy1 that has the following settings:
* Protected apps: App1
* Exempt apps: App2
* Windows Information Protection mode: Block
You apply ProtectionPolicy1 to Group1 and Group3. You exclude Group2 from ProtectionPolicy1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Question 70

You need to create a policy that identifies content in Microsoft OneDrive that contains credit card numbers.
To complete this task, sign in to the Microsoft 365 portal.

Correct Answer:

You need to configure auto-labeling in 'simulation' mode. In the policy, you can select the 'Credit Card' sensitive info type.
* In the Microsoft 365 compliance center, navigate to sensitivity labels:
Solutions > Information protection
* Select the Auto-labeling (preview) tab.
* Select + Create policy.
* For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy. You can refine your search by using the Show options for dropdown. Or, select Custom policy if the templates don't meet your requirements. Select Next.
* For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.
* For the page Choose locations where you want to apply the label: Select OneDrive. Then select Next.
* For the Define policy settings page: Keep the default of Find content that contains to define rules that identify content to label across all your selected locations. The rules use conditions that include sensitive information types and sharing options. For sensitive information types, you can select both built-in and custom sensitive information types.
* Then select Next.
* For the Set up rules to define what content is labeled page: Select + Create rule and then select Next.
* On the Create rule page, name and define your rule, using sensitive information types and then select Save.
* Click Next.
* For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose a sensitivity label pane, and then select Next.
* For the Decide if you want to run policy simulation now or later page: Select Run policy in simulation mode if you're ready to run the auto-labeling policy now, in simulation mode. Otherwise, select Leave policy turned off. Select Next.
* For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the wizard.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-wo

Other Version: 786Microsoft.MS-500.v2024-04-06.q178; 1862Microsoft.MS-500.v2023-03-20.q101; 1711Microsoft.MS-500.v2023-02-07.q110; 3777Microsoft.MS-500.v2022-06-03.q186; 5330Microsoft.MS-500.v2022-01-31.q161

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 157Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 66

Question 67

Question 68

Question 69

Question 70

Download PDF File