MICROSOFT MS-500 CERTIFICATION: QUESTIONS, SYLLABUS AND EXAM DETAILS Microsoft MS-500 Exam
EDUSUM.COM Get complete detail on MS-500 exam guide to crack Microsoft 365 Security Administration. You can collect all information on MS-500 tutorial, practice test, books, study material, exam questions, and syllabus. Firm your knowledge on Microsoft 365 Security Administration and get ready to crack MS-500 certification. Explore all information on MS-500 exam with number of questions, passing percentage and time duration to complete test.
WWW.EDUSUM.COM
Introduction to Microsoft 365 Certified - Security Administrator Associate Exam The Microsoft MS-500 Exam is challenging and thorough preparation is essential for success. This exam study guide is designed to help you prepare for the Microsoft 365 Security Administration certification exam. It contains a detailed list of the topics covered on the Professional exam, as well as a detailed list of preparation resources. This study guide for the Microsoft 365 Security Administration will help guide you through the study process for your certification.
MS-500 Microsoft 365 Security Administration Exam Summary ● Exam Name: Microsoft 365 Security Administration ● Exam Code: MS-500
MS-500: Microsoft 365 Security Administration
1
WWW.EDUSUM.COM
● ● ● ● ●
Exam Price: $165 (USD) Duration: 120 mins Number of Questions: 40-60 Passing Score: 700 / 1000 Reference Books: Course MS-500T00-A: Microsoft 365 Security Administration ● Schedule Exam: Pearson VUE ● Sample Questions: Microsoft 365 Security Administration Sample Questions ● Recommended Practice: Microsoft MS-500 Certification Practice Exam
Exam Syllabus: MS-500 Microsoft 365 Certified Security Administrator Associate Topic
Details
Implement and manage identity and access (35-40%) - plan Azure AD authentication options - plan Azure AD synchronization options - monitor and troubleshoot Azure AD Connect events - implement Azure AD group membership - implement password management Secure Identities - manage external identities in Azure AD and Microsoft 365 workloads - implement multi-factor authentication (MFA) by using conditional access policy Implement authentication - manage and monitor MFA methods - plan and implement device authentication methods like Windows Hello - plan for compliance and conditional access policies - configure and manage device compliance policies Implement conditional access - Implement and manage conditional access - test and troubleshoot conditional access policies - plan for roles and role groups Implement roles and role groups - configure roles and role groups - Audit roles for least privileged access Secure Microsoft 365 hybrid environments
MS-500: Microsoft 365 Security Administration
2
WWW.EDUSUM.COM
Topic
Details
Configure and manage identity governance Implement Azure AD Identity Protection
- implement Azure AD Privileged Identity Management - implement and manage entitlement management - implement and manage access reviews - implement user risk policy - implement sign-in risk policy - configure Identity Protection alerts - review and respond to risk events
Implement and manage threat protection (25-30%) Implement and manage Microsoft defender for Identity Implement device threat protection
Implement and manage device and application protection
Implement and manage Microsoft Defender for Office 365
Monitor Microsoft 365 Security with Microsoft Sentinel
- plan a Microsoft Defender for Identity solution - install and configure Microsoft Defender for Identity - monitor and manage Microsoft Defender for Identity - plan a Microsoft Defender for Endpoint solution - implement Microsoft Defender for Endpoint - manage and monitor Microsoft Defender for Endpoint - plan for device and application protection - configure and manage Microsoft Defender Application Guard - configure and manage Microsoft Defender Application Control - configure and manage exploit protection - configure and manage Windows device encryption - configure and manage non-Windows device encryption - implement application protection policies - configure and manage device compliance for endpoint security - configure Microsoft Defender for Office 365 - monitor for and remediate threats using Microsoft Defender for Office 365 - conduct simulated attacks using Attack simulation training - plan and implement Microsoft Sentinel - configure playbooks in Microsoft Sentinel - manage and monitor with Microsoft Sentinel - respond to threats using built-in playbooks in Microsoft Sentinel
MS-500: Microsoft 365 Security Administration
3
WWW.EDUSUM.COM
Topic
Details
Implement and manage Microsoft Defender for Cloud Apps
- plan Microsoft Defender for Cloud Apps implementation - configure Microsoft Defender for Cloud Apps - manage cloud app discovery - manage entries in the Microsoft Defender for Cloud Apps catalog - manage apps in Microsoft Defender for Cloud Apps - configure Microsoft Defender Cloud Apps connectors and OAuth apps - configure Microsoft Defender for Cloud Apps policies and templates - review, interpret and respond to Microsoft Defender for Cloud Apps alerts, reports, dashboards and logs
Implement and manage information protection (10-15%)
Manage sensitive information
Manage Data Loss Prevention (DLP)
Manage data governance and retention
- plan a sensitivity label solution - create and manage sensitive information types - configure Sensitivity labels and policies - configure and use Activity Explorer - use sensitivity labels with Teams, Sharepoint, OneDrive and Office apps - plan a DLP solution - create and manage DLP policies for Microsoft 365 workloads - create and manage sensitive information types - monitor DLP reports - manage DLP notifications - implement Endpoint DLP - plan for data governance and retention - review and interpret data governance reports and dashboards - configure retention labels and policies - configure retention in Microsoft 365 workloads - find and recover deleted Office 365 data - configure and use Microsoft 365 Records Management
MS-500: Microsoft 365 Security Administration
4
WWW.EDUSUM.COM
Topic
Details
Manage governance and compliance features in Microsoft 365 (20-25%) - monitor and manage device security status using Microsoft Endpoint Manager admin center - manage and monitor security reports and Configure and analyze security dashboards using Microsoft 365 Defender portal reporting - plan for custom security reporting with Graph Security API - use secure score dashboards to review actions and recommendations - plan for auditing and reporting - perform audit log search Manage and analyze audit logs - review and interpret compliance reports and and reports dashboards - configure alert policies - plan for content search and eDiscovery - delegate permissions to use search and discovery Discover and respond to tools compliance queries in Microsoft - use search and investigation tools to discover and 365 respond - manage eDiscovery cases - plan for regulatory compliance in Microsoft 365 - manage Data Subject Requests (DSRs) Manage regulatory compliance - administer Compliance Manager in Microsoft 365 compliance center - use Compliance Manager - implement and manage Customer Lockbox - implement and manage communication compliance policies Manage insider risk solutions in - implement and manage Insider risk management Microsoft 365 policies - implement and manage information barrier policies - implement and manage privileged access management
MS-500: Microsoft 365 Security Administration
5
WWW.EDUSUM.COM
Microsoft MS-500 Certification Sample Questions and Answers To make you familiar with Microsoft 365 Security Administration (MS-500) certification exam structure, we have prepared this sample question set. We suggest you to try our Sample Questions for Microsoft 365 Security Administration MS-500 Certification to test your understanding of the Microsoft MS-500 process with a real Microsoft certification exam environment.
MS-500 Microsoft 365 Security Administration Sample Questions:01. When enabling Litigation Hold for a user, what will happen if you do not specify a hold duration? a) The hold will not be enabled. b) The hold will be enabled with a hold duration of 365 days. c) The hold will preserve content indefinitely. d) The hold will be enabled, but will not apply. 02. Other than the Security and Compliance Center, where can you also configure DLP policies? a) Teams Admin Center b) Exchange Admin Center c) The Azure Portal d) The Microsoft 365 Admin Center 03. You need to enable and configure Windows Defender ATP to meet the security requirements. What should you do? a) Download and install the Microsoft Monitoring Agent b) Create the ForceDefenderPassiveMode registry setting c) Configure port mirroring d) Run WindowsDefenderATPOnboardingScript.cmd 04. After creating a hold in an eDiscovery case, how long will it take for the hold settings to take effect? a) 48 hours b) 12 hours c) 24 hours d) 96 hours
MS-500: Microsoft 365 Security Administration
6
WWW.EDUSUM.COM
05. For up to how many days can the audit log can provide information? a) 70 b) 30 c) 90 d) 60 06. How can you best ensure that your permanent break glass account is not targeted by user risk policy and sign-in risk policy? a) Ensure your break glass account is synced with an on-premises AD b) Ensure your break glass account is a cloud-only account c) Ensure your break glass account has a complex password d) Ensure your break glass account is excluded from the user risk policy and the sign-in risk policy 07. How frequently does Azure AD Connect automatically synchronize onpremises AD changes to Azure AD? a) Every 30 minutes b) Once an hour c) Every 20 minutes d) Every 15 minutes 08. You have a Microsoft 365 E5 subscription and 5,000 users. You create several alert policies that are triggered every time activities match rules. You need to create an alert policy that is triggered when the volume of matched activities becomes unusual. What should you do first? a) Enable Microsoft Office 365 auditing b) Enable Microsoft Office 365 analytics c) Enable Microsoft Office 365 Cloud App Security d) Deploy a Microsoft Office 365 add-in to all the users 09. Which of the following is not one of the built-in simulated attacks? a) Spear phishing b) Brute force password c) Password spray d) Whale phishing
MS-500: Microsoft 365 Security Administration
7
WWW.EDUSUM.COM
10. What is the minimum number of days that retention settings can be set in relation to Microsoft Defender ATP? a) 30 days b) 60 days c) 90 days d) 120 days
Answers:Answer 01:- c Answer 02:- b Answer 03:- a Answer 04:- c Answer 05:- c Answer 06:- d Answer 07:- a Answer 08:- b Answer 09:- d Answer 10:- a
MS-500: Microsoft 365 Security Administration
8