You have several Conditional Access policies that block noncompliant devices from connecting to services.
You need to identify which devices are blocked by which policies.
What should you use?
Microsoft 365 Security Administration
Here you have the best Microsoft MS-500 practice exam questions
- Preview the first 5 of 352 questions for free
- These questions were last updated on May 13, 2026
- This site is not affiliated with or endorsed by Microsoft.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
- Source Anchor: objectGUID
- Password Hash Synchronization: Disabled
- Password writeback: Disabled
- Directory extension attribute sync: Disabled
- Azure AD app and attribute filtering: Disabled
- Exchange hybrid deployment: Disabled
User writeback: Disabled -
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Azure AD app and attribute filtering settings.
Does that meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
- Source Anchor: objectGUID
- Password Hash Synchronization: Disabled
- Password writeback: Disabled
- Directory extension attribute sync: Disabled
- Azure AD app and attribute filtering: Disabled
- Exchange hybrid deployment: Disabled
- User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that is associated to a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You use Active Directory Federation Services (AD FS) to federate on-premises Active Directory and the tenant. Azure AD Connect has the following settings:
- Source Anchor: objectGUID
- Password Hash Synchronization: Disabled
- Password writeback: Disabled
- Directory extension attribute sync: Disabled
- Azure AD app and attribute filtering: Disabled
- Exchange hybrid deployment: Disabled
- User writeback: Disabled
You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Source Anchor settings.
Does that meet the goal?
HOTSPOT -
You have a Microsoft 365 subscription that uses a default domain name of contoso.com.
The multi-factor authentication (MFA) service settings are configured as shown in the exhibit. (Click the Exhibit tab.)
In contoso.com, you create the users shown in the following table.
What is the effect of the configuration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
347 more questions await
Unlock the full Microsoft MS-500 question bank
5 of 352 completed1%
Choose your plan
One-time payment · No subscription · No hidden fees
Standard
Quick preparation
$25
30 days access
30 day access to all questions
Instant free updates
Highest passing rate in industry
Printable PDF download
No money-back guarantee
Best Value
Premium
Guaranteed success
$60$35
90 days access
PDF
Printable PDF download
NewSave every question as a PDF for offline study or printing.
90 day access to all questions
Instant free updates
Highest passing rate in industry
Pass guaranteed or money back
100% Money-Back Guarantee
Don't pass? Full refund.
4.9/5
Based on 5,108+ reviews
Trusted by thousands of professionals
Join certified professionals who passed their exams with Examice
Examice helped me pass my AWS certification on the first try! The questions were incredibly similar to the real exam. Comments helped me understand answers I was struggling with.
S
Sarah C.
Cloud Engineer
Great results in a short prep time. Passed on my first attempt.
D
David K.
Network Engineer
I needed to pass an exam for work, and this website delivered. The quality for the price is outstanding, and the support is really good. I passed without issues.
M
Michael R.
Security Analyst
Skeptical at first, but impressed. Every question included clear, detailed explanations.
L
Lisa M.
Solutions Architect
The guarantee gave me confidence to invest in the premium package. Turns out I didn't need it. Passed comfortably. The explanations for each answer were incredibly detailed and helped me grasp security concepts that I'd been struggling with for months.
R
Robert H.
Cybersecurity Consultant
Used Examice for my PMP certification. The questions were well structured and covered all exam domains thoroughly.
J
James T.
IT Manager
After failing my first attempt with other study materials, I switched to Examice and passed confidently on my second attempt.
A
Anna W.
Data Engineer
The premium package was worth it. 90 days of access gave me the flexibility to study when it worked for me, without feeling rushed.
E
Emily J.
DevOps Engineer
Straightforward questions that matched the real exam perfectly. Studied for two weeks and passed with a great score.
K
Karen P.
Systems Administrator
Frequently Asked Questions
Everything you need to know. Contact us for more.
Our Microsoft MS-500 questions are based on real exam experiences and are continuously updated to match the current exam format. We maintain a +99% pass rate because our questions closely mirror what you'll see on the actual exam.
With our Premium package, you get a 100% money-back guarantee. If you don't pass your exam after studying with our materials, simply contact us with your exam results and we'll refund your purchase. Terms and conditions apply, read our full refund policy to learn more.
Our question bank is updated regularly based on feedback from recent exam takers. We typically review and update our content every week with reports about new questions or changes to the exam format.
Standard package access cannot be extended. However, Premium package gives you 90 days which is typically more than enough time to prepare thoroughly. If you need additional time, you can purchase a new package at any time.
This is a one-time payment with no recurring charges. Once you purchase, you get full access to all exam questions for the duration of your package (30 days for Standard, 90 days for Premium). No hidden fees or automatic renewals.
Pass on your first try
All 352questions · Detailed explanations · Printable PDF · 90 days access
Money-back guaranteeSecure checkout
$35
one-time payment