Exam MS-500 topic 1 question 76 discussion

I hate this type of questions. Do I really have to remember them?! You will probably never use it anyway.

Compliance Management You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log. By default, these roles are assigned to the Compliance Management and Organization Management role groups on the Permissions page in the Exchange admin center. Global administrators in Office 365 and Microsoft 365 are automatically added as members of the Organization Management role group in Exchange Online. To give a user the ability to search the audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group. For more information, see Manage role groups in Exchange Online.

View-Only Org Management got 2 permissions: View-Only Config View-Only Recipients Security Reader got 1 permission Answer is D: Got 11 permissions including what is required on the requirement.

https://learn.microsoft.com/en-us/exchange/permissions-exo/permissions-exo

To ensure that User1 can use the Microsoft 365 compliance center to search audit logs and identify which users were added to Microsoft 365 role groups, while adhering to the principle of least privilege, you should add User1 to the Security Reader role group. Correct answer should be B. Security Reader

D is correct

If the only requirement is for User1 to identify which users were added to Microsoft 365 role groups, then the "View-Only Organization Management" role group could be considered as a valid option. This role group provides read-only access to most features in the Microsoft 365 admin center, including the ability to view role group membership. However, if the requirement is specifically to use the Microsoft 365 Compliance Center to search audit logs and identify which users were added to Microsoft 365 role groups, then the "Security Reader" role group would be a more appropriate choice, as it provides access to the Compliance Center and associated workloads, including the ability to search audit logs.

Answer is correct. https://learn.microsoft.com/en-us/exchange/view-only-organization-management-exchange-2013-help

The "Security Reader" role provides the least privilege necessary to search audit logs and view information about role groups, which meets the requirement of using the principle of least privilege. The "View-Only Organization Management" role provides similar permissions, but also allows for viewing other details such as service health, message trace, and reports. Adding User1 to the "Organization Management" role would give them more permissions than necessary and would not follow the principle of least privilege. The "Compliance Management" role is focused on compliance-related tasks such as creating retention policies and doesn't provide the necessary permissions to search audit logs.

Compliance Management. Assigned Roles Audit Logs Compliance Admin Data Loss Prevention Information Rights Management Journaling Message Tracking Retention Management Transport Rules View-Only Audit Logs View-Only Configuration View-Only Recipients View-Only Organization Management Assigned Roles View-Only Configuration View-Only Recipients correct Answer- D

Principle of least privilege means View Only Org Mgmt with View-Only Audit Logs added achieves 'read-only' requirement. All other options have more permissions by default than required. Given answer is correct.

https://admin.exchange.microsoft.com/#/adminRoles click the roles and check permissions. compliance management and org management have access. but compliance management is least priveliged. not to be confused with ordinary audit logs those require reports reader.

https://learn.microsoft.com/en-us/exchange/view-only-audit-logs-role-exchange-2013-help given answer is correct. https://learn.microsoft.com/en-us/exchange/security-and-compliance/exchange-auditing-reports/search-role-group-changes You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "View-only administrator audit logging

The answer is correct. I checked in my lab and the permissions for the view only organisation management have the least permissions in comparison with the compliance management.

https://learn.microsoft.com/en-us/exchange/permissions-exo/permissions-exo#role-based-permissions

Valid on exam October 14, 2022

I think the given answer is correct. Refer to: https://learn.microsoft.com/en-us/exchange/view-only-organization-management-exchange-2013-help