検証済みのMS-500テスト問題集と解答で正確な329問 [Q110-Q133]

Share

検証済みのMS-500テスト問題集と解答で正確な329問

Microsoft MS-500テストエンジンPDFで全問無料問題集


MS-500試験は、ITプロフェッショナルがMicrosoft 365セキュリティとコンプライアンスソリューションの専門知識を示す優れた方法です。また、IT業界でのキャリアアップの機会を求める人にとって有用な資格です。雇用者はしばしば、セキュリティ管理者、セキュリティアナリスト、またはコンプライアンスマネージャなどの役割を埋めるためにMS-500認定資格を持つ候補者を探しています。


MS-500試験は、Microsoft 365 Technologiesと協力するセキュリティ管理者と専門家を対象としています。この試験の資格を得るには、候補者がMicrosoft 365セキュリティテクノロジーとMicrosoft 365のセキュリティソリューションの展開、管理、監視の経験を確実に理解している必要があります。この認定試験は、知識とスキルの拡大に熱心な人に理想的です。 Microsoft 365セキュリティ管理と彼らのキャリアを前進させたい。

 

質問 # 110
You view Compliance Manager as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation

Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/meet-data-protection-and-regulatory-reqs-using-m


質問 # 111
You have a Microsoft 365 subscription that contains the users shown in the following table.

You need to ensure that User1, User2 , and User3 can use self-service password reset (SSPR). The solution must not affect User 4.
Solution: You create a conditional access policy for User1, User2, and User3, Does this meet the goal?

  • A. No
  • B. Yes

正解:A

解説:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr


質問 # 112
You need to ensure that all users must change their password every 100 days.
To complete this task, sign in to the Microsoft 365 portal.

正解:

解説:
You need to configure the Password Expiration Policy.
Sign in to the Microsoft 365 Admin Center.
In the left navigation pane, expand the Settings section then select the Settings option.
Click on Security and Privacy.
Select the Password Expiration Policy.
Ensure that the checkbox labelled Set user passwords to expire after a number of days is ticked.
Enter 100 in the Days before passwords expire field.
Click Save changes to save the changes.


質問 # 113
You have a Microsoft 365 subscription. All users use Microsoft Exchange Online.
Microsoft 365 is configured to use the default policy settings without any custom rules.
You manage message hygiene.
Where are suspicious email messages placed by default? To answer, drag the appropriate location to the correct message types. Each location may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

正解:

解説:

Explanation


質問 # 114
You have a Microsoft 365 Tenant.
A conditional access policy is configured for the tenant as shown in the Policy exhibit. (Click the Policy tab.)

The User Administrator role a configured as shown in the Hole setting exhibit (Click the Role setting tab.)

The User Administrator role has the assignments shown in the Assignments exhibit (Click the Assignments tab.)

For each of the following statements, select yes If the statement is true. Otherwise select No.
NOTE Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 115
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:


質問 # 116
You plan to add a file named ConfidentialHR.docx to a Microsoft SharePoint library.
You need to ensure that a user named Megan Bowen is notified when another user accesses ConfidentialHR.xlsx.
To complete this task, sign in to the Microsoft 365 portal.

正解:

解説:
See explanation below.
Explanation
You need to configure an alert policy.
* Go to the Security & Compliance Admin Center.
* Navigate to Alerts > Alert Policies.
* Click on + New alert policy to create a new policy.
* Give the policy a name and select a severity level. For example: Medium.
* In the Category section, select Information Governance and click Next.
* In the Select an activity section, select Any file or folder activity.
* Click Add a condition and select File name.
* Type in the filename ConfidentialHR.xlsx and click Next.
* In the email recipients section, add Megan Bowen and click
* Click Finish to create the alert policy.


質問 # 117
You have a Microsoft 365 tenant.
You need to retain Azure Active Directory (Azure AD) audit logs for two years. Administrators must be able to query the audit log information by using the Azure Active Directory admin center.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Reference:
https://docs.microsoft.com/en-gb/azure/active-directory/reports-monitoring/howto-analyze-activity-logs-log-analytics


質問 # 118
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

You configure the Security Operator role in Azure AD Privileged Identity Management (PIM) as shown in the following exhibit.

You add assignments to the Security Operator role as shown in the following table.

Which users can activate the Security Operator role?

  • A. User3 only
  • B. Used and User2 only
  • C. User2 and User3 only
  • D. User1,User2, and User3
  • E. User2 only

正解:C


質問 # 119
You plan to publish a label that will retain documents in Microsoft OneDrive for two years, and then automatically delete the documents.
You need to create the label.
To complete this task, sign in to the Microsoft Office 365 portal.

正解:

解説:
You need to create a retention label.
Go to the Security & Compliance Admin Center.
Navigate to Classification > Retention labels.
Click on + Create a label to create a new label.
Give the label a name and click Next.
On the File plan descriptors, leave all options empty. The options in this page are used for auto-applying the retention label. Click Next.
Turn the Retention switch to On.
Under Retain the content, set the period to 2 years.
Under What do you want to do after this time?, select the Delete the content automatically option.
Click Next.
Click the Create this label button to create the label. The label is now ready to be published to Microsoft OneDrive.


質問 # 120
You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure Active Directory (Azure AD).
You have a custom compliance manager template named Regulation1.
You have the assessments shown in the following table.

Assessment1 has the improvement actions shown in the following table.

Assessment2 has the improvement actions shown in the following table.

You perform the following actions:
For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.
Enable multi-factor authentication (MFA) for all users.
Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
Graphical user interface, text, application Description automatically generated

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-setup?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-improvement-actions?view=o3


質問 # 121
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308









You need to prevent any email messages that contain data covered by the U.K. Data Protection Act from being sent to recipients outside of your organization, unless the messages are sent to an external domain named adatum.com.
To complete this task, sign in to the Microsoft 365 admin center.

正解:

解説:
See explanation below.
Explanation
1. After signing into the Microsoft 365 admin center, navigate to Compliance Management in the Exchange Admin center.
2. Click on "Data Loss Prevention" option.
3. To add a new custom DLP policy, Click on (+) plus button to get the context menu
4. Click on "New Custom DLP policy" option, a new window appears where you have to enter policy name, description, state and mode of the requirement details. Click on save button to create policy and continue...
5. You will be back to the "Data Loss Prevention" screen with newly added policy information.
6. Double click on the added row to open the policy details, click on rules option in left part of the screen as depicted
7. Click on (+) plus button to add a new rule. Select the "Block messages with sensitive information" rule.
8. On the following screen, we can add condition, action, exceptions, rule activation and deactivation dates

9. Click on "Select Sensitive information Types" to specify the sensitive information details.

10. Click on (+) plus button and add the following Sensitive information Types:
U.K. National Insurance Number (NINO
U.S. / U.K. Passport Number
SWIFT Code
11. Click on Ok
12. Add an exception for recipients in the adatum.com domain
13. Add recipients for incident reports and click ok
14. Click save
15. Click save
Reference:
https://events.collab365.community/configure-data-loss-prevention-policies-in-exchange-online-in-office-365/


質問 # 122
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308









You need to ensure that a user named Allan Deyoung uses multi-factor authentication (MFA) for all authentication requests.
To complete this task, sign in to the Microsoft 365 admin center.

正解:

解説:
See explanation below.
Explanation
1. Open the Admin Center and go to Users > Active Users
2. Open Multi-factor authentication
Don't select any user yet, just open the Multi-factor authentication screen. You will find the button in the toolbar.

3. Open the Service settingsBefore we start enabling MFA for the users, we first go through the service settings. The button to the settings screen doesn't stand out, but it's just below the title

4. Setup MFA Office 365
A few settings are important here:
* Make sure you check the App password. Otherwise, users can't authenticate in some applications (like the default mail app in Android).
* Also, take a look at the remember function. By default, it is set to 14 days.

5. Enable MFA for Office 365 users
After you have set the settings to your liking click on save and then on users (just below the title Multi-factor authentication).
You see the list of your users again. Here you can select single or multiple users to enable MFA.
At the moment you enable Office 365 MFA for a user it can get the setup screen as soon as the users browse to one of the Office 365 products.

Reference:
https://lazyadmin.nl/office-365/how-to-setup-mfa-in-office-365/


質問 # 123
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings:
Assignments: Include Group1, Exclude Group2
Conditions: Sign in risk of Low and above
Access: Allow access, Require password multi-factor authentication
You need to identify how the policy affects User1 and User2.
What occurs when each user signs in from an anonymous IP address? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:


質問 # 124
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that [email protected] receives an alert when a user establishes a sync relationship to a document library from a computer that is a member of an Active Directory (AD) domain.
To complete this task, sign in to the Microsoft Office 365 admin center.

正解:

解説:
See explanation below.
Explanation
1. Navigate to Manage Alerts in the Security & Compliance Center.
2. On the Activity alerts page, click
The flyout page to create an activity alert is displayed.

3. Complete the following fields to create an activity alert:
a. Name - Type a name for the alert. Alert names must be unique within your organization.
b. Description (Optional) - Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins.
c. Alert type - Make sure the Custom option is selected.
d. Send this alert when - Click Send this alert when and then configure these two fields:
* Activities - Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that's displayed when you search the Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For
* a description of these activities, see the "Audited activities" section in Search the audit log. When a user performs any of the activities that you've added to the alert, an email notification is sent.
* Users - Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert.
e. Send this alert to - Click Send this alert, and then click in the Recipients box and type a name to add a user's who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.
4. Click Save to create the alert.
The new alert is displayed in the list on the

The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide


質問 # 125
Your company has a Microsoft 365 subscription that contains the users shown in the following table.

The company implements Windows Defender Advanced Threat Protection (Windows Defender ATP).
Windows Defender ATP includes the roles shown in the following table:

Windows Defender ATP contains the machine groups shown in the following table:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 126
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that each user can join up to five devices to Azure Active Directory (Azure AD).
To complete this task, sign in to the Microsoft Office 365 admin center.

正解:

解説:
See explanation below.
* After signing into the Microsoft 365 admin center, click Admin centers > Azure Active Directory > Devices.
* Navigate to Device Settings.
* Set the Users may join devices to Azure AD setting to All.
* Set the Additional local administrators on Azure AD joined devices setting to None.
* Set the Users may register their devices with Azure AD setting to All.
* Leave the Require Multi-Factor Auth to join devices setting on it default setting.
* Set the Maximum number of devices setting to 5.
* Set the Users may sync settings and app data across devices setting to All.
* Click the Save button at the top left of the screen.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal
https://docs.microsoft.com/en-us/microsoft-365/compliance/use-your-free-azure-ad-subscription-in-office-365?v


質問 # 127
You have a Microsoft 365 subscription. All users use Microsoft Exchange Online.
Microsoft 365 is configured to use the default policy settings without any custom rules.
You manage message hygiene.
Where are suspicious email messages placed by default? To answer, drag the appropriate location to the correct message types. Each location may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

正解:

解説:

Explanation


質問 # 128
You recently created and published several labels policies in a Microsoft 365 subscription.
You need to view which labels were applied by users manually and which labels wereapplied automatically.
What should you do from the Security & Compliance admin center?

  • A. From Reports, selectDashboard
  • B. From Data governance, selectEvents
  • C. From Search & investigation, selectContent search
  • D. From Search & investigation, select

正解:A

解説:
Explanation
https://docs.microsoft.com/en-us/microsoft-365/compliance/view-label-activity-for-documents


質問 # 129
You have a Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) deployment that has the custom network indicators turned on. Microsoft Defender ATP protects two computers that run Windows
10 as shown in the following table.

Microsoft Defender ATP has the machine groups shown inthe following table.

From Microsoft Defender Security Center, you create the URLs/Domains indicators shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 130
You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription.
You need to allow a user named User1 to view ATP reports in the Threat management dashboard.
Which role provides User1 with the required role permissions?

  • A. Security reader
  • B. Exchange administrator
  • C. Message center reader
  • D. Service administrator
  • E. Information Protection administrator
  • F. Compliance administrator

正解:A

解説:
Explanation/Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/view-reports-for-atp#what-permissions-are- needed-to-view-the-atp-reports


質問 # 131
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password

Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that a global administrator is notified when a document that contains U.S. Health Insurance Portability and Accountability Act (HIPAA) data is identified in your Microsoft 365 tenant.
To complete this task, sign in to the Microsoft Office 365 admin center.

正解:

解説:
1. In the Security & Compliance Center > left navigation > Data loss prevention > Policy > + Create a policy.
2. Choose the U.S. Health Insurance Portability and Accountability Act (HIPAA) template > Next.
3. Name the policy > Next.
4. Choose All locations in Office 365 > Next.
5. At the first Policy Settings step just accept the defaults,
6. After clicking Next, you'll be presented with an additional Policy Settings page Deselect the Show policy tips to users and send them an email notification option.
Select the Detect when content that's being shared contains option, and decrease the number of instances to 1.
Select the Send incident reports in email option.
7. > Next
8. Select the option to turn on the policy right away > Next.
9. Click Create to finish creating the policy.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/what-the-dlp-policy-templates-include?view=o365-worldwide


質問 # 132
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains the users shown in the following table.

You discover that all the users in the subscription can access Compliance Manager reports.
The Compliance Manager Reader role is not assigned to any users.
You need to recommend a solution to prevent a user named User5 from accessing the Compliance Manager reports.
Solution: You recommend modifying the licenses assigned to User5.
Does this meet the goal?

  • A. No
  • B. Yes

正解:B


質問 # 133
......

100%合格率保証付きの素晴らしいMS-500試験問題PDF:https://jp.fast2test.com/MS-500-premium-file.html

手に入れよう!最新MS-500認定有効な試験問題集解答:https://drive.google.com/open?id=1Dd0BQJD6TY7yKtagANZgqTGQhCmYsrAs


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어