microsoft MS-500 Exam Questions

Questions for the MS-500 were updated on : Jul 20 ,2024

Page 1 out of 25. Viewing questions 1-15 out of 370

Question 1 Topic 1, Case Study 1Case Study Question View Case

An administrator configures Azure AD Privileged Identity Management as shown in the following exhibit.

What should you do to meet the security requirements?

  • A. Change the Assignment Type for Admin2 to Permanent
  • B. From the Azure Active Directory admin center, assign the Exchange administrator role to Admin2
  • C. From the Azure Active Directory admin center, remove the Exchange administrator role to Admin1
  • D. Change the Assignment Type for Admin1 to Eligible
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2 Topic 1, Case Study 1Case Study Question View Case

You need to recommend a solution for the user administrators that meets the security requirements for auditing.
Which blade should you recommend using from the Azure Active Directory admin center?

  • A. Sign-ins
  • B. Azure AD Identity Protection
  • C. Authentication methods
  • D. Access review
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
References: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3 Topic 1, Case Study 1Case Study Question View Case

HOTSPOT
You plan to configure an access review to meet the security requirements for the workload administrators. You create an
access review policy and specify the scope and a group.
Which other settings should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Discussions
0 / 1000

Question 4 Topic 1, Case Study 1Case Study Question View Case

You need to recommend a solution to protect the sign-ins of Admin1 and Admin2.
What should you include in the recommendation?

  • A. a device compliance policy
  • B. an access review
  • C. a user risk policy
  • D. a sign-in risk policy
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5 Topic 1, Case Study 1Case Study Question View Case

You need to resolve the issue that generates the automated email messages to the IT team.
Which tool should you run first?

  • A. Synchronization Service Manager
  • B. Azure AD Connect wizard
  • C. Synchronization Rules Editor
  • D. IdFix
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
References:
https://docs.microsoft.com/en-us/office365/enterprise/fix-problems-with-directory-synchronization

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6 Topic 2, Case Study 2Case Study Question View Case

Which IP address space should you include in the Trusted IP MFA configuration?

  • A. 131.107.83.0/28
  • B. 192.168.16.0/20
  • C. 172.16.0.0/24
  • D. 192.168.0.0/20
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Pilot users must use MFA unless they are signing in from the internal network of the Chicago office. MFA must NOT be used
on the Chicago office internal network. We must therefore use the IP range of the external network.

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7 Topic 2, Case Study 2Case Study Question View Case

HOTSPOT
How should you configure Group3? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Explanation:
Reference: https://docs.microsoft.com/en-us/azure/information-protection/prepare

Discussions
0 / 1000

Question 8 Topic 2, Case Study 2Case Study Question View Case

HOTSPOT
How should you configure Azure AD Connect? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Discussions
0 / 1000

Question 9 Topic 2, Case Study 2Case Study Question View Case

You need to create Group3.
What are two possible ways to create the group?

  • A. a Microsoft 365 group in the Microsoft 365 admin center
  • B. a mail-enabled security group in the Microsoft 365 admin center
  • C. a security group in the Microsoft 365 admin center
  • D. a distribution list in the Microsoft 365 admin center
  • E. a security group in the Azure AD admin center
Answer:

A D

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 10 Topic 3, Case Study 3Case Study Question View Case

HOTSPOT
Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-
membership#supported-values

Discussions
0 / 1000

Question 11 Topic 3, Case Study 3Case Study Question View Case

HOTSPOT
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Discussions
0 / 1000

Question 12 Topic 3, Case Study 3Case Study Question View Case

Which user passwords will User2 be prevented from resetting?

  • A. User6 and User7
  • B. User4 and User6
  • C. User4 only
  • D. User7 and User8
  • E. User8 only
Answer:

E

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Explanation:
Assign the Password admin role to a user who needs to reset passwords for non-administrators and Password
Administrators.
Reference: https://docs.microsoft.com/en-us/microsoft-365/admin/add-users/about-admin-roles?view=o365-worldwide

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 13 Topic 3, Case Study 3Case Study Question View Case

You need to meet the technical requirements for User9. What should you do?

  • A. Assign the Privileged administrator role to User9 and configure a mobile phone number for User9
  • B. Assign the Compliance administrator role to User9 and configure a mobile phone number for User9
  • C. Assign the Security administrator role to User9
  • D. Assign the Global administrator role to User9
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
To implement PIM, you must be a global admin.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-
started#enable-pim

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14 Topic 3, Case Study 3Case Study Question View Case

Which role should you assign to User1?

  • A. Global administrator
  • B. User administrator
  • C. Privileged role administrator
  • D. Security administrator
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Privileged Role Administrator can manage role assignments in Azure Active Directory, as well as within Azure AD Privileged
Identity Management.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#privileged-role-administrator

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15 Topic 4, Case Study 4Case Study Question View Case

HOTSPOT
You need to recommend an email malware solution that meets the security requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Discussions
0 / 1000
To page 2