Free MS-500 sample questions for the Microsoft 365 Security Administration exam. No account required: study at your own pace.
Want an interactive quiz? Take the full MS-500 practice testLooking for more? Click here to get the full PDF with 152+ practice questions for $10 for offline study and deeper preparation.
You recently created and published several label policies in a Microsoft 365 subscription. You need to view which labels were applied by users manually and which labels were applied automatically. What should you do from the Microsoft 365 Compliance center?
You configure several Advanced Threat Protection (ATP) policies in a Microsoft 365 subscription. You need to allow a user named User1 to view ATP reports in the Threat management dashboard. Which role provides User1 with the required role permissions?
You need to enable and configure Microsoft Defender for Endpoint to meet the security requirements. What should you do?
Which IP address space should you include in the Trusted IP MFA configuration?
You have an Azure Active Directory (Azure AD) tenant that has a Microsoft 365 subscription. You recently configured the tenant to require multi-factor authentication (MFA) for risky sign-ins. You need to review the users who required MFA. What should you do?
You have a Microsoft 365 subscription. You have a team named Team1 in Microsoft Teams. You plan to place all the content in Team1 on hold. You need to identify which mailbox and which Microsoft SharePoint site collection are associated to Team1. Which cmdlet should you use?
You configure several Microsoft Defender for Office 365 policies in a Microsoft 365 subscription. You need to allow a user named User1 to view Defender for Office 365 reports from the Threat management dashboard. Which role provides User1 with the required role permissions?
Your company has 500 computers. You plan to protect the computers by using Microsoft Defender for Endpoint. Twenty of the computers belong to company executives. You need to recommend a remediation solution that meets the following requirements: ✑ Microsoft Defender for Endpoint administrators must manually approve all remediation for the executives ✑ Remediation must occur automatically for all other users What should you recommend doing from Microsoft 365 Defender portal?
You have a Microsoft 365 E5 subscription. You plan to implement retention policies for Microsoft Teams. Which item types can be retained?
You have a Microsoft 365 E5 subscription that uses Azure Active Directory (Azure AD) Privileged Identity Management (PIM). A user named User1 is eligible for the User Account Administrator role. You need User1 to request to activate the User Account Administrator role. From where should User1 request to activate the role?
You have a Microsoft 365 subscription. You have a Microsoft SharePoint Online site named Site1. You have a Data Subject Request (DSR) case named Case1 that searches Site1. You create a new sensitive information type. You need to ensure that Case1 returns all the documents that contain the new sensitive information type. What should you do?
You have a hybrid Azure Active Directory (Azure AD) tenant that has pass-through authentication enabled. You plan to implement Azure AD Identity Protection and enable the user risk policy. You need to configure the environment to support the user risk policy. What should you do first?
You have a Microsoft 365 E5 subscription that contains a user named User1. You need to ensure that User1 can configure an Azure Active Directory (Azure AD) Identity Protection user risk policy and receive Azure AD Identity Protection alerts. The solution must use the principle of least privilege. Which role should you assign to User1?
Your company has a Microsoft 365 subscription that includes a user named User1. You suspect that User1 sent email messages to a competitor detailing company secrets. You need to recommend a solution to ensure that in the future you can review any email messages sent by User1 to the competitor, including sent items that were deleted. What should you include in the recommendation?
You have a Microsoft 365 E5 subscription. You need to enable support for sensitivity labels in Microsoft SharePoint Online. What should you use?
Your company has a Microsoft 365 E5 subscription that uses Microsoft Defender for identity. You plan to create a detection exclusion in Microsoft Defender for Identity. What should you use to create the detection exclusion?
You have a Microsoft 365 E5 subscription. A user reports that changes were made to several files in Microsoft OneDrive. You need to identify which files were modified by which users in the user's OneDrive. What should you do?
You have a Microsoft 365 subscription that contains 100 users and a Microsoft 365 group named Group1. All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online. A sensitivity label named Label1 is published as the default label for Group1. You add two sublabels named Sublabel1 and Sublabel2 to Label1. You need to ensure that the settings in Sublabel1 are applied by default to Group1. What should you do?
You have a Microsoft 365 E5 subscription. You need to use Attack simulation training to launch a credential harvest simulation. For which Microsoft 365 workloads can you create a payload?
Your company has a main office and a Microsoft 365 subscription. You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office. What should you include in the configuration?
Download the complete MS-500 study bundle with 152+ questions in a single printable PDF.