ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 2 question 7 discussion

Actual exam question from Microsoft's MS-500
Question #: 7
Topic #: 2
[All MS-500 Questions]

You have a Microsoft 365 E5 subscription and a hybrid Microsoft Exchange Server organization.
Each member of a group named Executive has an on-premises mailbox. Only the Executive group members have multi-factor authentication (MFA) enabled. Each member of a group named Research has a mailbox in Exchange Online.
You need to use Microsoft Office 365 Attack simulator to model a spear-phishing attack that targets the Research group members.
What should you do first?

  • A. From the Microsoft Defender for Identity portal, configure the primary workspace settings.
  • B. From the Microsoft Azure portal, configure the user risk policy settings in Azure AD Identity Protection.
  • C. Enable MFA for the Research group members.
  • D. Migrate the Executive group members to Exchange Online.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by pete26 at Sept. 7, 2022, 7:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
pete26
Highly Voted 2 years, 9 months ago
There is no correct answer here. You need MFA for the account you will be doing the simulation with.
upvoted 9 times
...
jeff1988
Highly Voted 2 years, 9 months ago
Selected Answer: C
becuase the research group has alraedy an exchange online mailbox and you are only targetng the research department so you need to activate mfa for the research deparment
upvoted 7 times
...
Maxx4
Most Recent 2 years ago
Selected Answer: C
To model a spear-phishing attack that targets the Research group members using the Microsoft Office 365 Attack simulator, the first step you should take is: C. Enable MFA for the Research group members. Enabling multi-factor authentication (MFA) for the Research group members adds an extra layer of security to their mailbox accounts and helps protect against unauthorized access, including potential spear-phishing attacks. By enabling MFA, users are required to provide additional verification, such as a code sent to their mobile device or biometric authentication, when signing in to their accounts. Before running the Attack simulator, it's important to ensure that the target users, in this case, the members of the Research group, have MFA enabled. This step enhances their security posture and helps evaluate the effectiveness of their MFA implementation in defending against spear-phishing attacks.
upvoted 1 times
...
chickenroaster
2 years, 4 months ago
Selected Answer: C
All others are wrong
upvoted 1 times
...
ChachaChatra
2 years, 5 months ago
Valid on28/01/23
upvoted 2 times
...
ariania
2 years, 9 months ago
C Because a spearphising campaign. You want them to not only enter the creds, but MFA aswell. MFA is part of Speaphising built in campaign.
upvoted 4 times
chickenroaster
2 years, 4 months ago
MITM attacks trick the user into believing he is connecting to a real website when he is in fact providing his credentials to a fake, lookalike site. The trigger to the connection to the fake login is very often the result of spear-phishing campaigns. MITM attacks can bypass MFA protections because the credentials entered in the fake site are passed on automatically by the hackers into the real one. Any MFA authentication request will also unwittingly be passed on to the hackers. https://www.mantra.ms/blog/beating-mfa
upvoted 1 times
...
...
Broesweelies
2 years, 9 months ago
There is literally no correct answer for this. MFA is only required for the admin when he wants to launch a campaign, not required for the users. Attack simulator is only for the research group so no point in changing the exec mailboxes. The rest of the answers is also incorrect... Maybe this is an old question? https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide
upvoted 5 times
...
mhzayt
2 years, 9 months ago
Selected Answer: D
The right answer is D. Attack Simulator can only be used for mailboxes in Exchange Online.
upvoted 4 times
EaaGleee
2 years, 9 months ago
The attack simulator is done on Reasearch group which is online. So C ?
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel