Pass Your SC-400 Exam Easily With 100% Exam Passing Guarantee [2022]
SC-400 Dumps are Available for Instant Access from PrepPDF
How to Register For Exam SC-400: Microsoft Information Protection Administrator?
NEW QUESTION 50
You need to ensure that documents in a Microsoft SharePoint Online site that contain a reference to Project Alpha are retained for two years, and then deleted.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct selection is worth one point.
- A. a publishing label policy
- B. a sensitive info type
- C. a retention policy
- D. a sensitivity label
- E. an auto-apply label policy
- F. a retention label
Answer: E,F
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-retention-labels-automatically?view=o365Worldwide
NEW QUESTION 51
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 52
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.) NOTE: Each correct selection is worth one point.
- A. Schedule EdmUploadAgent.exe to hash and upload a data file that contains employee information.
- B. Create a sensitive info type rule package that contains the EDM classification.
- C. Create a sensitive info type rule package that contains regular expressions.
- D. Define the sensitive information database schema in the CSV format.
- E. Define the sensitive information database schema in the XML format.
Answer: A,B,E
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-custom-sensitive-information-types-with- exact-data-match-based-classification?view=o365-worldwide
NEW QUESTION 53
You are evaluating the technical requirements for the DLP reports.
Which user can currently view the DLP reports?
- A. Admin5
- B. Admin4
- C. Admin3
- D. Admin1
- E. Admin2
Answer: C
NEW QUESTION 54
You create a retention label policy named Contoso_policy that contains the following labels.
* 10 years then delete
* 5 years then delete
* Do not retain
Contoso_Policy is applied to content In Microsoft Sharepoint Online sites.
After a couple of days, yon discover the following messages on the Properties page of the label policy.
* Statue Off (Error)
* It's taking longer than expected to deploy the policy
You need to reinitiate the policy.
How should you complete the command? To answer, select the appropriate options in the; answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/set-retentioncompliancepolicy?view=exchange-p
NEW QUESTION 55
You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.
What should you recommend?
- A. Use EdmUploadAgent.exe to upload a hash of the CSV to a datastore.
- B. Use a PowerShell command that pipes the import-csv cmdlet to the New-Label cmdlet.
- C. Use a PowerShell command that pipes the import csv cmdlet to the New-RetentionPolicy cmdlet.
- D. From the Microsoft 365 compliance center, import the CSV file to a file plan.
Answer: A
NEW QUESTION 56
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Built-in DLP inspection method and send alerts as email.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Explanation
Alerts must be sent to the Microsoft Teams site of the affected department. A Microsoft Power Automate playbook should be used.
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/content-inspection-built-in
https://docs.microsoft.com/en-us/cloud-app-security/flow-integration
NEW QUESTION 57
You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abc123.
You need to create a new sensitive info type for the project codes.
How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://joannecklein.com/2018/08/07/build-and-use-custom-sensitive-information-types-in-office-365/
NEW QUESTION 58
You are configuring a retention label named Label1 as shown in the following exhibit.
You need to ensure that documents that have Label1 applied are deleted three years after the end of your company's fiscal year.
What should you do?
- A. Create a new event type.
- B. Set At the ends of the retention period to Trigger a disposition review.
- C. Modify the Retention period setting.
- D. Select Only delete items when they reach a certain age.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/event-driven-retention?view=o365-worldwide
NEW QUESTION 59
You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain States passport numbers.
Users reports that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
- A. Unallowed browsers
- B. Service domains
- C. Unallowed apps
- D. File path exclusions
Answer: C
NEW QUESTION 60
You have a Microsoft 365 tenant that uses Microsoft Teams.
You create a data loss prevention (DLP) policy to prevent Microsoft Teams users from sharing sensitive information.
You need to identify which locations must be selected to meet the following requirements:
* Documents that contain sensitive information must not be shared inappropriately in Microsoft Teams.
* If a user attempts to share sensitive information during a Microsoft Teams chat session, the message must be deleted immediately.
Which three locations should you select? To answer, select the appropriate locations in the answer area.
(Choose three.)
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide
NEW QUESTION 61
How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://social.technet.microsoft.com/wiki/contents/articles/36527.implement-data-loss-prevention-dlp-in-sharepo
NEW QUESTION 62
You have a Microsoft 365 tenant that uses a domain named canstoso.com.
A user named User1 leaves your company. The mailbox of User1 is placed on Litigation Hold, and then the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to copy the content of the User1 mailbox to a folder in the existing mailbox of another user named User2.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 63
You have a Microsoft OneDrive for Business folder that contains the files shown in the following table.
In Microsoft Cloud App Security, you create a file policy to automatically apply a classification.
What is the effect of applying the policy?
- A. The policy will apply to all the files. The policy will classify only 100 files daily.
- B. The policy will apply to only the .docx and .txt files. The policy will classify the files immediately.
- C. The policy will apply to only the .docx and .txt files. The policy will classify the files within 24 hours.
- D. The policy will apply to only the .docx files. The policy will classify only 100 files daily.
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/azip-integration
NEW QUESTION 64
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip justifications.
What should you recommend?
- A. Configure a Microsoft Power Automate workflow to route DLP notification emails to the compliance department.
- B. Configure an Azure logic app to route DLP notification emails to the compliance department.
- C. Instruct the compliance department users to review the DLP incidents report.
- D. Instruct the compliance department users to review the False positive and override report.
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide
NEW QUESTION 65
You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain States passport numbers.
Users reports that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
- A. Service domains
- B. Unallowed browsers
- C. Unallowed apps
- D. File path exclusions
Answer: A
Explanation:
You can control whether sensitive files protected by your policies can be uploaded to specific service domains from Microsoft Edge.
If the list mode is set to Block, then user will not be able to upload sensitive items to those domains. When an upload action is blocked because an item matches a DLP policy, DLP will either generate a warning or block the upload of the sensitive item.
If the list mode is set to Allow, then users will be able to upload sensitive items only to those domains, and upload access to all other domains is not allowed.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide
NEW QUESTION 66
You have a Microsoft 365 tenant.
You discover that email does NOT use Microsoft Office 365 Message Encryption (OME).
You need to ensure that OME can be applied to email.
What should you do first?
- A. Enable Microsoft Defender for Office 365.
- B. Create an Azure key vault.
- C. Activate Azure Information Protection.
- D. Activate Azure Rights Management (Azure RMS).
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/set-up-new-message-encryption-capabilities?view=o
NEW QUESTION 67
You are implementing Microsoft Office 365 Message Encryption (OME) for a Microsoft 365 tenant named contoso.com.
You need to meet the following requirements:
* All email to a domain named fabhkam.com must be encrypted automatically.
* Encrypted emails must expire seven days after they are sent-
What should you configure for each requirement? To answer, select the appropriate options NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/email-encryption?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-advanced-expiration?view=o365-worldwide
NEW QUESTION 68
Your company has a Microsoft 365 tenant.
The company performs annual employee assessments. The assessment results are recorded in a document named Assessment I cmplatc.docx that is created by using Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.
You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents.
What should you include in the solution?
- A. Create a fingerprint of AssessmentTemplate.docx.
- B. Import TOO sample documents from the Assessments folder to a seed folder.
- C. Create a fingerprint of TOO sample documents in the Assessments folder.
- D. Create a sensitive info type that uses Exact Data Match (EDM).
Answer: B
NEW QUESTION 69
You need to ensure that documents in a Microsoft SharePoint Online site that contain a reference to Project Alpha are retained for two years, and then deleted.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct selection is worth one point.
- A. a publishing label policy
- B. a sensitive info type
- C. a retention policy
- D. a sensitivity label
- E. an auto-apply label policy
- F. a retention label
Answer: E,F
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-retention-labels-automatically?view=o365- worldwide Implement Information Governance Testlet 2 Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, Boston, and Johannesburg.
Existing Environment
Microsoft 365 Environment
Contoso has a Microsoft 365 E5 tenant. The tenant contains the administrative user accounts shown in the following table.
Users store data in the following locations:
* SharePoint sites
* OneDrive accounts
* Exchange email
* Exchange public folders
* Teams chats
* Teams channel messages
When users in the research department create documents, they must add a 10-digit project code to each document. Project codes that start with the digits 999 are confidential.
SharePoint Online Environment
Contoso has four Microsoft SharePoint Online sites named Site1, Site2, Site3, and Site4.
Site2 contains the files shown in the following table.
Two users named User1 and User2 are assigned roles for Site2 as shown in the following table.
Site3 stores documents related to the company's projects. The documents are organized in a folder hierarchy based on the project.
Site4 has the following two retention policies applied:
* Name: Site4RetentionPolicy1
- Locations to apply the policy: Site4
- Delete items older than: 2 years
- Delete content based on: When items were created
* Name: Site4RetentionPolicy2
- Locations to apply the policy: Site4
- Retain items for a specific period: 4 years
- Start the retention period based on: When items were created
- At the end of the retention period: Do nothing
Problem Statements
Management at Contoso is concerned about data leaks. On several occasions, confidential research department documents were leaked.
Requirements
Planned Changes
Contoso plans to create the following data loss prevention (DLP) policy:
* Name: DLPpolicy1
* Locations to apply the policy: Site2
* Conditions:
- Content contains any of these sensitive info types: SWIFT Code
- Instance count: 2 to any
* Actions: Restrict access to the content
Technical Requirements
Contoso must meet the following technical requirements:
* All administrative users must be able to review DLP reports.
* Whenever possible, the principle of least privilege must be used.
* For all users, all Microsoft 365 data must be retained for at least one year.
* Confidential documents must be detected and protected by using Microsoft 365.
* Site1 documents that include credit card numbers must be labeled automatically.
* All administrative users must be able to create Microsoft 365 sensitivity labels.
* After a project is complete, the documents in Site3 that relate to the project must be retained for 10 years.
NEW QUESTION 70
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches the text patterns.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/exchange/policy-and-compliance/mail-flow-rules/conditions-and-exceptions?vi
NEW QUESTION 71
You plan to create a custom trainable classifier based on an organizational form template.
You need to identity which role based access control (RBAC ) role is required to create the trainable classifier and where to classifier. The solution must use the principle of least privilege.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 72
A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.
From the Cloud App Security portal, you discover the alert shown in the exhibit.
You restore the file from quarantine.
You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.
What should you do?
- A. Update the governance action.
- B. Assign the Global reader role to the file owners.
- C. Exclude file matching by using a regular expression.
- D. Modify the policy template.
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies#create-a-new-file-policy
NEW QUESTION 73
......
Microsoft SC-400 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
Study resources for the Valid SC-400 Braindumps: https://www.preppdf.com/Microsoft/SC-400-prepaway-exam-dumps.html
Latest Microsoft Certified: Information Protection Administrator Associate SC-400 Actual Free Exam Questions: https://drive.google.com/open?id=1pm3dtpYqG-qvzXMT2jZ1teYtJ7K0jtwH