Microsoft 365 Security Administration Exam (MS-500) - Microsoft Actual Exam Questions

You have a Microsoft 365 subscription. From the Microsoft 365 admin center, you create a new user. You plan to assign the Reports reader role to the user. You need to see the permissions of the Reports reader role. Which admin center should you use?

You have a Microsoft 365 subscription. You enable auditing for the subscription. You plan to provide a user named Auditor with the ability to review audit logs. You add Auditor to the Global administrator role group. Several days later, you discover that Auditor disabled auditing. You remove Auditor from the Global administrator role group and enable auditing. Be prevented from disabling auditing Use the principle of least privilege Be able to review the audit log To which role group should you add Auditor?

Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled. The security logs of the servers are collected by using a third-party SIEM solution. You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors. You need to ensure that you can detect when sensitive groups are modified and when malicious services are created. What should you do?

HOTSPOT You have a Microsoft 365 subscription that contains two groups named Group' and Group2. You have the compliance assessments shown in the following table.

HOTSPOT You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table. You add internal as a blocked word in the group naming policy for contoso.com. You add Contoso- as prefix in the group naming policy for contoso.com. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.