SC-400: Microsoft Information Protection Administrator Part 3
Question #: 149
Topic #: 5
You have a Microsoft 365 E5 subscription that contains a user named User1 and a Microsoft SharePoint Online site named Site1.
You create the alert policy shown in the following exhibit.
To Site1, User1 uploads the files shown in the following table.
How many alerts will be generated in response to the file uploads?
A. 1
B. 2
C. 3
D. 4
E. 5
Selected Answer: B
Question #: 150
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 151
Topic #: 3
You have a Microsoft 365 tenant that uses records management.
You use a retention label to mark legal files stored in a Microsoft SharePoint Online document library as regulatory records.
What can you do to the legal files?
A. Rename the files.
B. Edit the properties of the files.
C. Change the retention label of the files.
D. Copy the content of the files.
Selected Answer: C
Question #: 154
Topic #: 5
You have a Microsoft 365 subscription.
From Microsoft Purview, you plan to create a content search for email messages that have a recipient of either user1@contoso.com or user2.contoso.com.
You need to add a condition to the KQL editor for the content search.
Which KQL query should you add as a condition?
A. Recipients: “user””#1-2””@contoso.com”
B. Recipients: (“user1@contoso.com” “user2@contoso.com”)
C. Recipients: (“user””#1-1””@contoso.com”)
D. Recipients= “user1@contoso.com” OR Recipients= “user2@contoso.com”
Selected Answer: D
Question #: 155
Topic #: 6
You have a Microsoft 365 E5 subscription that uses Privacy risk management.
You need to recommend which type of policy can evaluate the external sharing of personal data on Microsoft SharePoint Online sites.
Which policy type should you recommend?
A. Data overexposure
B. Data transfers
C. Data theft by departing users
D. Data minimization
E. Security policy violations
Selected Answer: B
Question #: 156
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add the application to the unallowed apps list.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 160
Topic #: 5
You have a Microsoft 365 E5 tenant that has data loss prevention (DLP) policies.
You need to create a report that includes the following:
• Documents that have a matched DLP policy.
• Documents that have had a sensitivity label changed.
• Documents that have had a sensitivity label changed.
What should you use?
A. a content search
B. an eDiscovery case
C. communication compliance reports
D. Activity explorer
Selected Answer: D
Question #: 161
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Data Classification service inspection method and send alerts as email.
Does this meet the goal?
A. Yes
B. No
Selected Answer: D
Question #: 162
Topic #: 1
Your company has a Microsoft 365 tenant that uses a domain named contoso.com.
The company uses Microsoft Office 365 Message Encryption (OME) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam.com.
You need to prevent user2@fabrikam.com from accessing the email.
What should you do?
A. Run the Get-MessageTrace cmdlet.
B. Run the Set-OMEMessageRevocation cmdlet.
C. Instruct User1 to delete the email from her Sent Items folder from Microsoft Outlook.
D. Run the New-ComplianceSearchAction cmdlet.
E. Instruct User1 to select Remove external access from Microsoft Outlook on the web.
Selected Answer: A
Question #: 163
Topic #: 3
Your company manufactures parts that are each assigned a unique 12-character alphanumeric serial number. Emails between the company and its customers reference the serial number.
You need to ensure that only Microsoft Exchange Online emails containing the serial numbers are retained for five years.
Which three objects should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a sensitivity label
B. a retention policy
C. an auto-labeling policy
D. a trainable classifier
E. a sensitive info type
F. a retention label
G. a data loss prevention (DLP) policy
Selected Answer: D
Question #: 164
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Built-in DLP inspection method and send alerts to Microsoft Power Automate.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 166
Topic #: 1
You have a Microsoft 365 tenant.
You discover that email does NOT use Microsoft Office 365 Message Encryption (OME).
You need to ensure that OME can be applied to email.
What should you do first?
A. Enable Microsoft Defender for Office 365.
B. Activate Azure Information Protection.
C. Activate Azure Rights Management (Azure RMS).
D. Create an Azure key vault.
Selected Answer: C
Question #: 167
Topic #: 3
You plan to import a file plan to the Microsoft 365 compliance center.
Which object type can you create by importing a records management file plan?
A. retention label policies
B. sensitive info types
C. sensitivity labels
D. retention labels
Selected Answer: B
Question #: 168
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Built-in DLP inspection method and send alerts as email.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 171
Topic #: 5
You have a Microsoft 365 E3 subscription.
You plan to assess compliance with ISO/IEC 27001:2013.
From Compliance Manager, you discover that the ISO/IEC 27001:2013 regulatory template for Microsoft 365 is inactive.
What should you do?
A. Purchase a Microsoft 365 E5 subscription.
B. Add a data connector.
C. Add recommended assessments.
D. Create a trainable classifier.
Selected Answer: A
Question #: 172
Topic #: 2
You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.
From a computer named Computer1, a user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue.
What are two possible causes of the issue? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. The computers are NOT onboarded to the Microsoft 365 compliance center.
B. The Copy to clipboard action is set to Audit only.
C. There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings.
D. The Access by unallowed apps action is set to Audit only.
E. The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.
Selected Answer: CE
Question #: 174
Topic #: 2
You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.
You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:
✑ If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
✑ All other users must be blocked from copying the file.
What should you create?
A. two DLP policies that each contains one DLP rule
B. one DLP policy that contains one DLP rule
C. one DLP policy that contains two DLP rules
Selected Answer: C
Question #: 175
Topic #: 3
You create a retention label that has a retention period of seven years.
You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.
What should you create?
A. a retention label policy of type publish
B. a retention policy that retains files automatically
C. a retention policy that deletes files automatically
D. a retention label policy of type auto-apply
Selected Answer: C
Question #: 177
Topic #: 2
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?
A. From the Exchange admin center, create a data loss prevention (DLP) policy.
B. From the Azure portal, create an Azure Active Directory (Azure AD) Identity Protection policy.
C. From the Microsoft 365 compliance center, create an insider risk policy.
D. From the Cloud App Security portal, create a file policy.
Selected Answer: D
Question #: 178
Topic #: 1
You have a Microsoft 365 tenant.
You create the following:
✑ A sensitivity label
✑ An auto-labeling policy
You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy.
What should you do first?
A. Enable insider risk management.
B. Create a trainable classifier.
C. Run the Enable-TransportRule cmdlet.
D. Run the policy in simulation mode.
Selected Answer: D
Question #: 180
Topic #: 3
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You create the retention label shown in the following exhibit.
Which users can perform a disposition review of content that has Retention1 applied?
A. Admin2 only
B. Admin3 only
C. Admin1 and Admin2 only
D. Admin1 and Admin3 only
E. Admin2 and Admin3 only
F. Admin1, Admin2, and Admin3
Selected Answer: E
Question #: 181
Topic #: 2
Your company has a Microsoft 365 tenant.
The company performs annual employee assessments. The assessment results are recorded in a document named AssessmentTemplate.docx that is created by using a Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named
Assessments.
You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents. The solution must minimize effort.
What should you include in the solution?
A. Create a fingerprint of 100 sample documents in the Assessments folder.
B. Create a sensitive info type that uses Exact Data Match (EDM).
C. Import 100 sample documents from the Assessments folder to a seed folder.
D. Create a fingerprint of AssessmentTemplate.docx.
Selected Answer: D
Question #: 183
Topic #: 2
You have a Microsoft 365 subscription that uses Microsoft Exchange Online.
You need to receive an alert if a user emails sensitive documents to specific external domains.
What should you create?
A. a data loss prevention (DLP) policy that uses the Privacy category
B. a Microsoft Cloud App Security activity policy
C. a Microsoft Cloud App Security file policy
D. a data loss prevention (DLP) alert filter
Selected Answer: D
Question #: 184
Topic #: 1
You have a sensitive information type based on a trainable classifier.
You are unsatisfied with the result of the result of trainable classifier.
You need to retrain the classifier.
What should you use in the Microsoft 365 compliance center?
A. Labels from Information protection
B. Labels from Information governance
C. Content explorer from Data classification
D. Content search
Selected Answer: C
Question #: 185
Topic #: 3
You have a Microsoft 365 E5 subscription.
You need to create static retention policies for the following locations:
• Teams chats
• Exchange email
• SharePoint sites
• Microsoft 365 Groups
• Teams channel messages
What is the minimum number of retention policies required?
A. 1
B. 2
C. 3
D. 4
E. 5
Selected Answer: B
Question #: 187
Topic #: 3
You have a Microsoft 365 tenant that uses records management.
You use a retention label to mark legal files stored in a Microsoft SharePoint Online document library as regulatory records.
What can you do to the legal files?
A. Remove the retention label of the files.
B. Edit the content of the files.
C. Move the files to a different folder within the document library.
D. Change the retention label of the files.
Selected Answer: C
Question #: 188
Topic #: 1
You receive an email that contains a list of words that will be used for a sensitive information type.
You need to create a file that can be used as the source of a keyword dictionary.
In which format should you save the list?
A. a JSON file that has an element for each word
B. an ACCDB database file that contains a table named Dictionary
C. an XLSX file that contains one word in each cell of the first row
D. a text file that has one word on each line
Selected Answer: D
Question #: 191
Topic #: 2
You are configuring a data loss prevention (DLP) policy to report when credit card data is found on a Windows 10 device joined to Azure Active Directory (Azure
AD).
You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.
What should you configure in the policy rule?
A. the incident report
B. an action
C. user notifications
D. user overrides
Selected Answer: B
Question #: 197
Topic #: 3
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
You need to implement a records management solution for the files stored on Site1. The solution must meet the following requirements:
• The files must be retained for seven years.
• Files older than seven years must be deleted automatically.
What should you use to manage the files?
A. a label policy
B. an adaptive scope
C. a file plan
D. a disposition review
Selected Answer: B
Question #: 198
Topic #: 3
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online document library named Library1.
You need to declare a collection of files that are stored in Library1 as regulatory records.
What should you use?
A. a sensitivity label policy
B. a retention label policy
C. a retention policy
D. data loss prevention (DLP) policy
Selected Answer: B
Question #: 199
Topic #: 2
You have a Microsoft 365 E5 tenant and the Windows 10 devices shown in the following table.
To which devices can you apply Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings?
A. Device1, Device3, and Device4 only
B. Device1, Device2, Device3, and Device4
C. Device1 and Device2 only
D. Device1 and Device3 only
E. Device1 only
Selected Answer: C
Question #: 200
Topic #: 1
You have a Microsoft 365 tenant that uses the following sensitivity labels:
• Confidential:
o Internal
o External
The labels are published by using a label policy named Policy1.
Users report that Microsoft Office for the web apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.
You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.
What should you do?
A. Modify the scope of the Confidential label.
B. Modify the publishing settings of Policy1.
C. Enable sensitivity label support for Office files in Microsoft SharePoint Online and OneDrive.
D. Run the Execute-AzureAdLabelSync cmdlet.
Selected Answer: D
Question #: 203
Topic #: 3
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 contains a file named File1.
You have a retention policy named Retention1 that has the following settings:
• Retention items for a specific period
o Retention period: 5 years
o At the end of the retention period: Delete items automatically
Retention1 is applied to Site1.
You need to ensure that File1 is deleted automatically after seven years. The solution must NOT affect the retention of other files on Site1.
What should you do first?
A. Move File1 to a new folder and configure the access control list (ACL) entries for File1.
B. Create a new retention policy.
C. Create and publish a new retention label.
D. Move File1 to a new folder and list the excluded locations for Retention1.
Selected Answer: C
Question #: 204
Topic #: 1
You have a Microsoft 365 E5 tenant.
You need to add a new keyword dictionary.
What should you create?
A. a trainable classifier
B. a sensitivity label
C. a sensitive info type
D. a retention policy
Selected Answer: C
Question #: 205
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You enroll the computers in Microsoft Intune.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 206
Topic #: 3
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1 and a user named User1. The tenant has auditing enabled.
You need to ensure that User1 can perform disposition reviews. The solution must use the principle of the least privilege.
What should you do?
A. Assign User1 the Compliance Data Administrator role.
B. Add User1 to the Records Management role group.
C. Assign User1 the Data Investigator role.
D. Add User1 to the Content Explorer Content Viewer role group.
Selected Answer: A
Question #: 208
Topic #: 3
You have a Microsoft 365 E5 subscription that contains a trainable classifier named Trainable1.
You plan to create the items shown in the following table.
Which items can use Trainable1?
A. Label2 only
B. Label1 and Label2 only
C. Label1 and Policy1 only
D. Label2, Policy1, and DLP1 only
Selected Answer: D
Question #: 209
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You deploy the unified labeling client to the computers.
Does this meet the goal?
A. Yes
B. No
Selected Answer: A
Question #: 218
Topic #: 1
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?
A. From the Microsoft Purview compliance portal, start a data investigation.
B. From the Microsoft Defender for Cloud Apps portal, create a file policy.
C. From the Azure Active Directory admin center, configure an Identity Protection policy.
D. From the Exchange admin center, create a data loss prevention (DLP) policy.
Selected Answer: D
Question #: 220
Topic #: 2
You are creating a data loss prevention (DLP) policy that will apply to all available locations.
You configure an advanced DLP rule in the policy.
Which type of condition can you use in the rule?
A. Keywords
B. Content search query
C. Sensitive info type
D. Sensitive label
Selected Answer: C
Question #: 222
Topic #: 2
You have a Microsoft 365 subscription that contains a Microsoft SharePoint Online site named Site1.
You need to create a data loss prevention (DLP) policy to prevent the sharing of files that contain source code. The solution must minimize administrative effort.
What should you include in the solution?
A. an exact data match (EDM) data classification
B. a sensitive info type that uses a keyword dictionary
C. a sensitive info type that uses regular expressions
D. a trainable classifier
Selected Answer: D
Question #: 223
Topic #: 2
You have a Microsoft 365 E5 subscription that contains a data loss prevention (DLP) policy named DLP1.
DLP1 has a rule that triggers numerous alerts.
You need to reduce the number of alert notifications that are generated. The solution must maintain the sensitivity of DLP1.
What should you do?
A. Change the mode of DLP1 to Test without notifications.
B. Modify the rule and increase the instance count.
C. Modify the rule and configure an alert threshold.
D. Modify the rule and set the priority to the highest value.
Selected Answer: C
Question #: 224
Topic #: 1
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You need to ensure that you receive an alert when a user uploads a document to a third-party cloud storage service.
What should you use?
A. an insider risk policy
B. a file policy
C. a sensitivity label
D. an activity policy
Selected Answer: B
Question #: 227
Topic #: 2
You have a Microsoft 365 E5 tenant.
You create a data loss prevention (DLP) policy.
You need to ensure that the policy protects documents in Microsoft Teams chat sessions.
Which location should you enable in the policy?
A. OneDrive accounts
B. Exchange email
C. Teams chat and channel messages
D. SharePoint sites
Selected Answer: A
Question #: 228
Topic #: 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.
Solution: You create an auto-labeling policy for a retention label.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 229
Topic #: 2
You have a Microsoft SharePoint Online site named Site1 that contains the following files:
• File1.docx
• File2.xlsx
• File3.pdf
You have a retention label named Retention1.
You plan to use an auto-labeling policy to apply Retention1 to any content on Site1 that matches the Targeted Harassment trainable classifier.
To which files will Retention1 be applied?
A. File1.docx only
B. File1.docx and File2.xlsx
C. File1.docx and File3.pdf only
D. File1.docx, File2.xlsx, and File3.pdf
Selected Answer: C
Question #: 230
Topic #: 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.
Solution: You create an auto-labeling policy for a sensitivity label.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
