| |

Microsoft Security Administration(MS-500) Case Study-3

Byadmin@beexam.com

Overview


Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle
and New York.
The company has the offices shown in the following table.

Contoso has IT, human resources (HR), legal, marketing, and finance departments. Contoso uses
Microsoft 365.

Existing Environment


Infrastructure

The network contains an Active Directory domain named contoso.com that is synced to a Microsoft Azure
Active Directory (Azure AD) tenant. Password writeback is enabled.
The domain contains servers that run Windows Server 2016. The domain contains laptops and desktop
computers that run Windows 10 Enterprise.
Each client computer has a single volume.
Each office connects to the Internet by using a NAT device. The offices have the IP addresses shown in the
following table

Named locations are defined in Azure AD as shown in the following table

From the Multi-Factor Authentication page, an address space of 198.35.3.0/24 is defined in the trusted IPs
list.
Azure Multi-Factor Authentication (MFA) is enabled for the users in the finance department.
The tenant contains the users shown in the following table

The tenant contains the groups shown in the following table.
Customer Lockbox is enabled in Microsoft 365.

Microsoft Endpoint Manager Configuration

The devices enrolled in Microsoft Endpoint Manager are configured as shown in the following table
The device compliance policies in Microsoft Endpoint Manager are configured as shown in the following
table:

The device compliance policies have the assignments shown in the following table

The Mark devices with no compliance policy are assigned as the setting is set to Compliant.


Requirements

Technical Requirements

Contoso identifies the following technical requirements:


Use the principle of least privilege
Enable User1 to assign the Reports reader role to users
Ensure that User6 approves Customer Lockbox requests as quickly as possible
Ensure that User9 can enable and configure Azure AD Privileged Identity Management

0 votes, 0 avg
5
Created by admin@beexam.com

Microsoft 365

Microsoft Security Administration(MS-500) Case Study-3

Test your skills in computer security with Microsoft 365 Security Administration

1 / 10

You have several Conditional Access policies that block non-compliant devices from connecting to services.
You need to identify which devices are blocked by which policies.
What should you use?

2 / 10

Which role should you assign to User1?

3 / 10

Which user passwords will User2 be prevented from resetting ?

4 / 10

Which user passwords will User2 be prevented from resetting ?

5 / 10

You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No

A finance department user who has an IP Address from the New York Office will be prompted for Azure MFA credentials.

6 / 10

You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No

A finance department user who has an IP Address from the New York Office will be prompted for Azure MFA credentials.

7 / 10

You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No

A finance department user who works from home who has an IP Address as 193.77.140.140 will be prompted for Azure MFA credentials.

8 / 10

You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

A finance department user who has an IP address from the Montreal office will be prompted for Azure MFA credentials?

9 / 10

Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the
answer area.

ADGroup2

10 / 10

Which users are members of ADGroup1 and ADGroup2? To answer, select the appropriate options in the
answer area.

ADGroup1

Your score is

The average score is 62%

LinkedIn Facebook VKontakte
0%

Similar Posts

|

Everything you want to know about your Internal and External IP Address

Byadmin@beexam.com

You must be aware your computer has two different IP addresses that must be the reason you clicked on this blog to learn more about them. Well if you didn’t know it earlier, it doesn’t matter we will tell you about it. So, let’s start by telling you that there are two types of IP…

| |

Microsoft Security Administration (MS-500) Case Study-8

Byadmin@beexam.com

Overview You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. Four Windows 10 devices are joined to the tenant as shown in the following table. On which devices can you use BitLocker To Go and on which devices can you turn on auto-unlock? To the answer, select the appropriate options in the…

| |

Microsoft Security Administration(MS-500) Case Study-5

Byadmin@beexam.com

Overview Fabrikam, Inc. is a manufacturing company that sells products through partner retail stores. Fabrikam has5,000 employees located in offices throughout Europe. Existing Environment Network Infrastructure The network contains an Active Directory forest named fabrikam.com. Fabrikam has a hybrid Microsoft Azure Active Directory (Azure AD) environment. The company maintains some on-premises servers for specific applications,…

Leave a Reply

Your email address will not be published. Required fields are marked *