ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 1 question 48 discussion

Actual exam question from Microsoft's MS-500
Question #: 48
Topic #: 1
[All MS-500 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that contains a user named User1.
The Azure Active Directory (Azure AD) Identity Protection risky users report identifies User1.
For User1, you select Confirm user compromised.
User1 can still sign in.
You need to prevent User1 from signing in. The solution must minimize the impact on users at a lower risk level.
Solution: You configure the sign-in risk policy to block access when the sign-in risk level is high.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-investigate-risk
by dwilding at Sept. 28, 2022, 3:48 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AVN1711
1 year, 9 months ago
to Moderator, please disregard it
upvoted 1 times
...
AVN1711
1 year, 9 months ago
Selected Answer: A
Hi everyone, I am a bit confused. Regarding to this: "How do the feedback mechanisms in Identity Protection work? Confirm compromised (on a sign-in) – Informs Azure AD Identity Protection that the sign-in wasn't performed by the identity owner and indicates a compromise. Upon receiving this feedback, we move the sign-in and user risk state to Confirmed compromised and risk level to High.(https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/troubleshooting-identity-protection-faq)" So, after you selected Confirm user compromised and set the policy to block user with risk level High, he should be blocked for sign-ins, right? I think right answer is A (Yes)
upvoted 1 times
...
McMac
2 years ago
Should be 'Yes' as compromised user is ''High' risk and doesn't affect lower risk users
upvoted 1 times
...
Brigg5
2 years, 1 month ago
Tricky Question. The user has been identified as a "Risky User" this is completely separate from "Risky Sign-ins." So the policy has zero affect on the user. The answer is NO.
upvoted 1 times
...
H0TDOGG
2 years, 2 months ago
My understanding here after reading the comments. If we set Sign-in risk Policy to block high risk users, this will in fact block User1, as User1 was flagged as compromised, moving his account into a High risk stake. The catch is, there should be zero impact on ALL other users. Enabling the policy could/will block other users in the high-risk category also. The policy will do the job and block User1, but it could block User16 as a random choice, who is working over seas, as an example. So technically, no this will not remedy the issue. To remediate, block the user directly in User1's config in AAD.
upvoted 1 times
...
Dhamus
2 years, 2 months ago
Being a compromised user, we are talking about a High Risk user, why is the answer No?
upvoted 1 times
...
keithtemplin
2 years, 4 months ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-remediate-unblock#confirm-a-user-to-be-compromised This link show specific steps to take after the user is confirmed compromised
upvoted 1 times
...
hpl1908
2 years, 4 months ago
Selected Answer: B
The solution must minimize the impact on users at a *lower risk level*. Solution: You configure the sign-in risk policy to block access when the sign-in risk level is *high*. So the answer is No
upvoted 1 times
...
costaluisc
2 years, 4 months ago
The requirement is "You need to prevent User1 from signing in". So we need an action that only affects that user.
upvoted 1 times
...
Paul_white
2 years, 5 months ago
It may not make sense, but i will say the solution must minimize impact to other low risk users, this solution may impact another high risk user, so it would make sense to directly block access to specific user by going to Access and selecting the specific user and blocking their access as opposed to configuring a policy.
upvoted 1 times
...
JonK
2 years, 6 months ago
I am missing something here and the cited article does not make the answer apparent. Anyone have info what the missing item here is that will make this answer make sense?
upvoted 1 times
...
dwilding
2 years, 9 months ago
"The solution must minimize the impact on users at a lower risk level"
upvoted 1 times
abill
2 years, 5 months ago
I Still dont understand how this is correct as this user is at high risk it doesnt impact users at lower risk level? So shouldnt it be yes
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel