MS-500

MS-500 Test 1

0%

You're a subscriber to Microsoft 365.

You must recommend a biometric authentication method that does not require a password.

What should your advice include?

Correct! Wrong!

The correct answer:
For Windows 10 devices, Windows Hello for Business introduces a new non-password credential. It employs 2FA/MFA, or multilayered security, which is far more difficult to circumvent than protection based just on the proper username and password combination.

You have an on-premises Active Directory domain and a Microsoft 365 subscription on your network.

You want to set up a hybrid Azure Active Directory (Azure AD) tenancy with Azure Active Directory Identity Protection risk policies enabled.

To support the planned deployment, you must configure Azure AD Connect.

Which authentication mechanism for Azure AD Connect should you use?

Correct! Wrong!

The correct answer:
One of the sign-in methods used to achieve hybrid identity is password hash synchronization. Azure AD Connect synchronizes a hash of a user's password from an on-premises Active Directory instance to an Azure AD instance in the cloud.

You have a number of Conditional Access policies in place that prevent noncompliant devices from accessing services.
You'll need to figure out which policies are blocking particular devices.
What type of material should you use?

Correct! Wrong!

The correct answer:
Sign-ins in the Azure Active Directory admin center

You're working in a Microsoft 365 hybrid environment. Microsoft Intune is used to manage all of the PCs, which run Windows 10.
Create a conditional access policy in Microsoft Azure Active Directory (Azure AD) that allows only Windows 10 computers marked as compliant to connect to the on-premises network through VPN.
What should you start with?

Correct! Wrong!

The correct answer:
From the Azure Active Directory admin center, create a new certificate

You are a subscriber to Microsoft 365 E5.
You must guarantee that users with the Exchange administrator role have time-limited rights and must request authorization using multi-factor authentication (MFA).
What method should you employ in order to reach your objective?

Correct! Wrong!

The correct answer:
Microsoft Azure Active Directory (Azure AD) Privileged Identity Management

You're a subscriber to Microsoft 365.
You can create a new user via the Microsoft 365 admin center.
You intend to give the user the Reports reader role.
The permissions of the Reports reader role must be viewed.
Which administrative center should you go with?

Correct! Wrong!

The correct answer:
Microsoft's Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution for businesses. The backbone of the Office 365 system is Azure Active Directory, which can sync with on-premise Active Directory and offer OAuth authentication to other cloud-based applications.

You have a Microsoft 365 tenancy named contoso.com that is linked to a hybrid Azure Active Directory (Azure AD) tenant.

For contoso.com, you must activate Azure AD Seamless Single Sign-On (Azure AD SSO).

What type of material should you use?

Correct! Wrong!

The correct answer:
Azure AD Connect is a Microsoft on-premises tool that helps you achieve your hybrid identity ambitions. You should also consider the cloud-managed Azure AD Connect cloud sync if you're evaluating how to best meet your goals.

Microsoft Azure Advanced Threat Protection is used by your organisation (ATP). For an Azure ATP sensor named Sensor1, you enable the delayed release of updates. When will Sensor1 be updated after the Azure ATP cloud service is updated?

Correct! Wrong!

The correct answer:
The time difference was 24 hours. The 24 hour delay period has been expanded to 72 hours in ATP release 2.62.

Your Microsoft 365 environment is a mix of the two.
Microsoft Office 365 ProPlus is installed on all machines, which runs Windows 10 Enterprise. Every one of
Active Directory is installed on PCs.
Server1 is a Windows Server 2016 server that you have. The telemetry database is stored on Server 1. You must prohibit Microsoft from receiving personal information from telemetry data.
What's your plan?

Correct! Wrong!

The correct answer:
Configure a registry on the computers