[Mar-2024] The Microsoft SC-400 Exam Test For Brief Preparation
Revolutionary Guide To Exam Microsoft Dumps
NEW QUESTION # 19
You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Site1.
You have the users shown in the following table.
You create a data loss prevention (DLP) policy for Site1 that detects credit card number information. You configure the policy to use the following protection action:
When content matches the policy conditions, show policy tips to users and send them an email notification.
You use the default notification settings.
To Site1, User1 uploads a file that contains a credit card number.
Which users receive an email notification?
- A. Used, User2, User3, and User4
- B. Used and User4 only
- C. Used and User3 only
- D. Used only
- E. Used and User2 only
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-the-default-dlp-policy?view=o365-w
NEW QUESTION # 20
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches a sensitive info type.
Does this meet the goal?
- A. No
- B. Yes
Answer: B
NEW QUESTION # 21
You have the retention label policy shown in the Policy exhibit. (Click the Policy tab.)
Users apply the retention label policy to files and set the asset ID as shown in the following table.
On December 1. 2020. you create the event shown in the Event exhibit. (Click the Event tab.):
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 22
You have a Microsoft 365 E5 tenant that contains a sensitivity label named label1.
You plan to enable co-authoring for encrypted files.
You need to ensure that files that have label1 applied support co-authoring.
Which two settings should you modify? To answer, select the settings in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-coauthoring?view=o365-worldwide
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/co-authoring-files-with-sensitivity-labels/ba-p/3029768
NEW QUESTION # 23
You have Microsoft 365 ES subscription that has data loss prevention (DLP) implemented.
You plan to export DLP activity by using Activity explorer.
The exported file needs to display the sensitive info type detected for each DLP match.
What should you do in Activity explorer before the data, and in which file exported? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 24
You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Site1.
You have the users shown in the following table.
You create a data loss prevention (DLP) policy for Site1 that detects credit card number information. You configure the policy to use the following protection action:
When content matches the policy conditions, show policy tips to users and send them an email notification.
You use the default notification settings.
To Site1, User1 uploads a file that contains a credit card number.
Which users receive an email notification?
- A. Used, User2, User3, and User4
- B. Used and User4 only
- C. Used and User3 only
- D. Used only
- E. Used and User2 only
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-the-default-dlp-policy?view=o365-w
NEW QUESTION # 25
You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.
What should you recommend?
- A. Use a PowerShell command that pipes the import csv cmdlet to the New-RetentionPolicy cmdlet.
- B. Use EdmUploadAgent.exe to upload a hash of the CSV to a datastore.
- C. Use a PowerShell command that pipes the import-csv cmdlet to the New-Label cmdlet.
- D. From the Microsoft 365 compliance center, import the CSV file to a file plan.
Answer: B
NEW QUESTION # 26
You have a Microsoft 365 tenant that contains the users shown in the following table.
You configure a retention label to trigger a disposition review at the end of the retention period.
Which users can access the Disposition tab in the Microsoft 365 compliance center to review the content?
- A. User3 only
- B. User1 and User3
- C. User3 and User4
- D. User2 only
- E. User1 only
Answer: A
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-and- compliance-center?view=o365-worldwide
NEW QUESTION # 27
You need to implement a solution to encrypt email. The solution must meet the compliance requirements.
What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-sensitive-info-types?view=o365-worldwide
NEW QUESTION # 28
You have a Microsoft 365 E3 subscription.
You plan to audit all Microsoft Exchange Online user and admin activities.
You need to ensure that all the Exchange audit log records are retained for one year.
What should you do?
- A. Create a custom audit retention pol
- B. Modify the record type of the default audit retention policy.
- C. Assign Microsoft 365 Enterprise E5 licenses to all users.
- D. Modify the retention period of the default audit retention policy.
Answer: C
NEW QUESTION # 29
You have a Microsoft 365 E5 subscription that contains a security group named Group1 and the users shown in the following table.
You assign the Compliance Manager roles to the users as shown in the following table.
You add two assessments to Compliance Manager as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 30
You have a Microsoft 365 E5 tenant.
Data loss prevention (DLP) policies are applied to Exchange email, SharePoint sites, and OneDrive accounts locations.
You need to use PowerShell to retrieve a summary of the DLP rule matches from the last seven days.
Which PowerShell module and cmdlet should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/get-dlpdetectionsreport?view=exchange-ps
NEW QUESTION # 31
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You deploy the Endpoint DLP configuration package to the computers.
Does this meet the goal?
- A. No
- B. Yes
Answer: B
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-
worldwide
NEW QUESTION # 32
Your company has a Microsoft 365 tenant that uses a domain named Contoso.com.
You are implementing data loss prevention (DIP).
The company's default browser in Microsoft Edge.
During a recent audit, you discover that some user use Firefox and Google Chromo browsers to upload files labeled as Confidential to a third party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint .Uses are blocked from uploading the confidential files to the site from Microsoft Edge.
You need to ensure that the users cannot upload files labels as Confidential from Firefox and Google Chrome to any cloud services.
NOTE: Each correct selection is worth one point.
- A. From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add contoso.com as an allowed service domain.
- B. Create a DIP policy that applies to the Devices location.
- C. From the Microsoft 3G5 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.
- D. From the Microsoft J6b Endpoint data loss prevention (Endpoint) DLP settings, add: m36Sx0767W-sharepomt.com as a blacked service domain.
- E. From the Microsoft 365 compliance center, onboard the dcvu.es.
Answer: A,C
NEW QUESTION # 33
You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abc123.
You need to create a new sensitive info type for the project codes.
How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://joannecklein.com/2018/08/07/build-and-use-custom-sensitive-information-types-in-office-365/
Topic 1, Fabrikam, Case Study
Overview
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each there may be additional case studies and sections on this exam. You must manage you're your time to ensure that you are able to complete all included on this exam in the time provided.
To answer the questions included in a case study, you will need In reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described In the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab. note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Cloud Environment
Fabrikam has a Microsoft 365 tenant that contains the following resources:
* An Azure Active Directory (Azure AD) tenant that syncs to an on-premises Active Directory domain named corp.fabrikam.com
* Microsoft Cloud App Security connectors configured for all supported cloud applications used by the company Some users have company Dropbox accounts.
Compliance Configuration
Fabrikam has the following in the Microsoft 365 compliance center:
* A data loss prevention (DLP) policy is configured. The policy displays a tooltip to users. Users can provide a business justification to override a DLP policy violation.
* The Azure information Protection unified labeling scanner is installed and configured.
* A sensitivity label named Fabrikam Confidential is configured.
An existing third-party records management system is managed by the compliance department.
Human Resources (HR) Management System
The HR department has an Azure SQL. database that contains employee information. Each employee has a unique 12-character alphanumeric ID. The database contains confidential employed attributes including payroll information, date of birth, and personal contact details.
On-premises Environment
You have an on premises file server that runs Windows Server 2019 and stores Microsoft Office documents in a shared folder named Data.
All end-user computers are joined to the corp.fabrinkam.com domain and run a third-party antimalware application.
Sales Contracts
Users in the sales department receive draft sales contracts from customers by email. The sales contracts are written by the customers and are not in a standard format.
Employment Applications
Employment applications and resumes are received by HR department managers and stored in either mailboxes, Microsoft SharePoint Online sites, OneDrive for Business folders, or Microsoft Teams channels.
The employment application form is downloaded from SharePoint Online and a serial number is assigned to each application.
the resumes are written by the applications and in any format.
HR Requirements
You need to create a DLP policy that will notify the HR department of a DLP policy violation if a document that contains confidential employee attributes is shared externally. The DLP policy must use an Exact Data Match (EDM) classification derived from a CSV export of the HR department database.
The HR department identifies the following requirements for handling employment applications:
* Resumes must be identified automatically based on similarities to other resumes received in the past
* Employment applications and resumes must be deleted automatically two years after the applications are received.
* Documents and emails that contain an application serial number must be identified automatically and marked as an employment application.
Sales Requirements
A sensitivity label named Sales Contract must be applied automatically to all draft and finalized sales contracts.
Compliance Requirements
Fabrikam identifies the following compliance requirements:
* All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.
* Users in the compliance department must view the justification provided when a user receives a tooltip notification for a DLP violation.
* If a document that has the Fabrikam Confidential sensitivity label applied is uploaded to Dropbox. the file must be deleted automatically. - The Fabrikam Confidential sensitivity label must be applied to existing Microsoft Word documents in the Data shared folder that have a document footer containing the following string: Company use only.
* Users must be able to manually select that email messages are sent encrypted. The encryption will use Office
365 Message Encryption (OME) v2. Any email containing an attachment that has the Fabrikam Confidential sensitivity label applied must be encrypted automatically by using OME.
* Existing policies configured in the third-party records management system must be replaced by using Records management in the Microsoft 365 compliance center. The compliance department plans to export the existing policies, and then produce a CSV file that contains matching labels and policies that are compatible with records management in Microsoft 365. The CSV file must be used to configure records management in Microsoft 365.
Executive Requirements
You must be able to restore all email received by Fabrikam executives for up to three years after an email is received, even if the email was deleted permanently.
NEW QUESTION # 34
You have a Microsoft 365 tenant that uses records management.
You use a retention label to mark legal files stored in a Microsoft SharePoint Online document library as regulatory records.
What can you do to the legal files?
- A. Change the retention label of the files.
- B. Rename the files.
- C. Copy the content of the files.
- D. Edit the properties of the files.
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/records-management?view=o365-worldwide
NEW QUESTION # 35
You have a Microsoft 365 tenant.
A new regulatory requirement states that all documents containing a patent ID be labeled, retained for 10 years, and then deleted. The policy used to apply the retention settings must never be disabled or deleted by anyone.
You need to implement the regulatory requirement.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Choose three.)
Answer:
Explanation:
1 - Create a retention label.
2 - Create a retention label policy.
3 - Add a preservation lock.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-preservation-lock?view=o365-worldwide
NEW QUESTION # 36
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.) NOTE: Each correct selection is worth one point.
- A. Create a sensitive info type rule package that contains regular expressions.
- B. Create a sensitive info type rule package that contains the EDM classification.
- C. Define the sensitive information database schema in the CSV format.
- D. Schedule EdmUploadAgent.exe to hash and upload a data file that contains employee information.
- E. Define the sensitive information database schema in the XML format.
Answer: B,D,E
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-custom-sensitive-information-types-withexac
NEW QUESTION # 37
You plan to create a custom sensitive information type that will use Exact Data Match (EDM).
You need to identify what to upload to Microsoft 365, and which tool to use for the upload.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 38
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip justifications.
What should you recommend?
- A. Instruct the compliance department users to review the DLP incidents report.
- B. Instruct the compliance department users to review the False positive and override report.
- C. Configure a Microsoft Power Automate workflow to route DLP notification emails to the compliance department.
- D. Configure an Azure logic app to route DLP notification emails to the compliance department.
Answer: B
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide
NEW QUESTION # 39
You plan to create a custom trainable classifier based on an organizational form template.
You need to identity which role based access control (RBAC ) role is required to create the trainable classifier and where to classifier. The solution must use the principle of least privilege.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide#prepare-for-a-custom-trainable-classifier
NEW QUESTION # 40
......
SC-400 Free Study Guide! with New Questions: https://pass4sure.passtorrent.com/SC-400-latest-torrent.html