ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 4 question 66 discussion

Actual exam question from Microsoft's MS-500
Question #: 66
Topic #: 4
[All MS-500 Questions]

You have a Microsoft 365 subscription linked to an Azure Active Directory (Azure AD) tenant that contains a user named User1.
You need to grant User1 permission to search Microsoft 365 audit logs. The solution must use the principle of least privilege.
Which role should you assign to User1?

  • A. the Reviewer role in the Microsoft 365 Compliance center
  • B. the View-Only Audit Logs role in the Exchange admin center
  • C. the Compliance Management role in the Exchange admin center
  • D. the Security reader role in the Azure Active Directory admin center
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by billo79152718 at Sept. 16, 2022, 2:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yoton
Highly Voted 2 years, 8 months ago
Selected Answer: D
There is no View-Only Audit logs role in Exchange Admin Center. The documentation for the View-Only Logs role also state that it applies to Exchange Server 2013 https://learn.microsoft.com/en-us/exchange/view-only-audit-logs-role-exchange-2013-help
upvoted 6 times
...
bcquest
Most Recent 2 years ago
Selected Answer: B
Permissions required to use the audit log search tool You must be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log. By default, these roles are assigned to the Compliance Management and Organization Management role groups on the Permissions page in the Exchange admin center. Global administrators in Office 365 and Microsoft 365 are automatically added as members of the Organization Management role group in Exchange Online. For more information, see Manage role groups in Exchange Online. Found here: https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-troubleshooting-scenarios?view=o365-worldwide
upvoted 1 times
...
Eve123
2 years, 2 months ago
Selected Answer: B
"View-Only Audit Logs" "View and export audit reports. Because these reports might contain sensitive information, you should only assign this role to people with an explicit need to view this information." https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/scc-permissions?view=o365-worldwide
upvoted 1 times
...
goape
2 years, 6 months ago
Selected Answer: B
I think given answer is correct, but it isn't a standalone role, you'd need to create a custom role and assign it to that, making the user a member of the new group.
upvoted 1 times
...
iknowit
2 years, 8 months ago
Selected Answer: B
From the link: "To give a user the ability to search the audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group."
upvoted 1 times
...
Chris7910
2 years, 8 months ago
Selected Answer: B
B should be correct
upvoted 1 times
...
t3tnmon
2 years, 8 months ago
Selected Answer: D
D is correct: https://learn.microsoft.com/en-us/microsoft-365/admin/activity-reports/activity-reports?view=o365-worldwide#who-can-see-reports
upvoted 1 times
...
Dan91
2 years, 8 months ago
Correct, according to the provided link.
upvoted 1 times
...
Dinraj
2 years, 8 months ago
Given link contains as mentioned below, as per that B is correct Ans "If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the compliance portal, they won't be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet."
upvoted 1 times
John112669
2 years, 8 months ago
Correct Answer is B as per the link below. "You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log." https://learn.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-worldwide
upvoted 1 times
...
...
FaizulHaque
2 years, 8 months ago
There is no View-Only Audit logs role in Exchange Admin Center. D is the right Answer. Security readers has the ability to read AAD sign-in reports and Audit logs.
upvoted 2 times
yoton
2 years, 8 months ago
I agree with this. The documentation for the View-Only Logs role also state that it applies to Exchange Server 2013 https://learn.microsoft.com/en-us/exchange/view-only-audit-logs-role-exchange-2013-help
upvoted 1 times
...
...
billo79152718
2 years, 8 months ago
correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel