[2021] SC-400 Actual Exam Dumps, SC-400 Practice Test
ExamCost SC-400 dumps & Microsoft Certified: Information Protection Administrator Associate sure practice dumps
Skills measured
- The content of this exam was updated on July 23, 2021. Please download the exam skills outline below to see what changed.
- Implement data loss prevention (30-35%)
- Implement information governance (25-30%)
- Implement information protection (35-40%)
Schedule exam
Languages: English, Chinese (Simplified), Japanese, Korean
Retirement date: none
This exam measures your ability to accomplish the following technical tasks: implement information protection; implement data loss prevention; and implement information governance.
NEW QUESTION 30
A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.
From the Cloud App Security portal, you discover the alert shown in the exhibit.
You restore the file from quarantine.
You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.
What should you do?
- A. Modify the policy template.
- B. Assign the Global reader role to the file owners.
- C. Exclude file matching by using a regular expression.
- D. Update the governance action.
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies#create-a-new-file-policy
NEW QUESTION 31
You have the files shown in the following table.
You configure a retention policy as shown in the following exhibit.
The current date is January 1, 2021.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
NEW QUESTION 32
You need to test Microsoft Office 365 Message Encryption (OME) capabilities for your company. The test must verify the following information:
The acquired default template names
The encryption and decryption verification status
Which PowerShell cmdlet should you run?
- A. Test-OAuthConnectivity
- B. Test-Mailflow
- C. Test-IRMConfiguration
- D. Test-ClientAccessRule
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/set-up-new-message-encryption-capabilities?
view=o365-worldwide
NEW QUESTION 33
You have a Microsoft 365 tenant that uses Microsoft Teams.
You create a data loss prevention (DLP) policy to prevent Microsoft Teams users from sharing sensitive information.
You need to identify which locations must be selected to meet the following requirements:
* Documents that contain sensitive information must not be shared inappropriately in Microsoft Teams.
* If a user attempts to share sensitive information during a Microsoft Teams chat session, the message must be deleted immediately.
Which three locations should you select? To answer, select the appropriate locations in the answer area.
(Choose three.)
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide
NEW QUESTION 34
You enable archive mailboxes for all the users at your company.
The Default MRM Policy is shown in the MRM exhibit.
A Microsoft 365 retention label policy is shown in the Label Policy exhibit.
You need to identify the following:
How many years until an email is archived?
What should you modify to change the retention period for archiving?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide#the-principles-of-retention-or-what-takes-precedence
NEW QUESTION 35
How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://social.technet.microsoft.com/wiki/contents/articles/36527.implement-data-loss-prevention-dlp-in-sharepo
NEW QUESTION 36
You have Microsoft 365 E5 tenant that has a domain name of M365x925027.onmicrosoft.com.
You have a published sensitivity label.
The Encryption settings for the sensitivity label are configured as shown in the exhibit.
For each of the following statements, select Yes if statement is true. Otherwise, select No NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Graphical user interface, text, application, email Description automatically generated
Box 1: Yes
When you create a sensitivity label, you can restrict access to content that the label will be applied to. Only users within your organization can open a confidential document or email.
Box 2: No
Assign permissions now has been selected.
Graphical user interface, text, application, email Description automatically generated
Box 3: No
Only co-author and co-owner can print.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-worldwide
https://docs.microsoft.com/en-us/azure/information-protection/configure-usage-rights
NEW QUESTION 37
You have a Microsoft 365 tenant.
A retention hold is applied to all the mailboxes in Microsoft Exchange Online.
A user named User1 leaves your company, and the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to create a new user named User2 and provide User2 with access to the mailbox of User1.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/recover-an-inactive-mailbox?view=o365-worldwide
NEW QUESTION 38
You have a Microsoft 365 tenant that uses data loss prevention (DLP).
You have a custom employee information form named Template 1.docx.
You need to create a classification rule package based on the document fingerprint of Templatel.docx.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
NEW QUESTION 39
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
- A. Edit the policy, remove all the actions in DLP rule 1, and select I'd like to test it out first.
- B. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
- C. Edit the policy, and then select I'd like to test it out first.
- D. Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-dlp-policy-from-a-template?view=o365-wo
NEW QUESTION 40
You create a retention label that has a retention period of seven years.
You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.
What should you create?
- A. a retention policy that deletes files automatically
- B. a retention policy that retains files automatically
- C. a retention label policy of type auto-apply
- D. a retention label policy of type publish
Answer: D
NEW QUESTION 41
You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.
What should you recommend?
- A. Use a PowerShell command that pipes the import-csv cmdlet to the New-Label cmdlet.
- B. Use EdmUploadAgent.exe to upload a hash of the CSV to a datastore.
- C. Use a PowerShell command that pipes the import csv cmdlet to the New-RetentionPolicy cmdlet.
- D. From the Microsoft 365 compliance center, import the CSV file to a file plan.
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/file-plan-manager?view=o365-worldwide#import-re
NEW QUESTION 42
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You enroll the computers in Microsoft intune.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
NEW QUESTION 43
You create a retention policy as shown in the following exhibit.
A user named User1 deletes a file named File1.docx from a Microsoft SharePoint Online site named Site1.
A user named User2 deletes an email and empties the Deleted Items folder in Microsoft Outlook.
Where is the content retained one year after deletion? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
NEW QUESTION 44
You have a Microsoft 365 tenant that uses a domain named canstoso.com.
A user named User1 leaves your company. The mailbox of User1 is placed on Litigation Hold, and then the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to copy the content of the User1 mailbox to a folder in the existing mailbox of another user named User2.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 45
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
NEW QUESTION 46
You need to create a retention policy to retain all the files from Microsoft Teams channel conversations and private chats.
Which two locations should you select in the retention policy? Each correct answer present part of the solution.
NOTE: Each correct selection is worth one point.
- A. SharePoint sites
- B. Team chats
- C. Office 365 groups
- D. Team channel messages
- E. OneDrive accounts
- F. Exchange email
Answer: A,E
Explanation:
Reference:
https://support.microsoft.com/en-us/office/file-storage-in-teams-df5cc0a5-d1bb-414c-8870-46c6eb76686a
NEW QUESTION 47
You create a data loss prevention (DLP) policy that meets the following requirements:
Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel Which location should you select for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoftteams/sharepoint-onedrive-interact
NEW QUESTION 48
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
- A. Edit the policy, remove all the actions in DLP rule 1, and select I'd like to test it out first.
- B. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
- C. Edit the policy, and then select I'd like to test it out first.
- D. Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-dlp-policy-from-a-template?view=o365-worldwide
NEW QUESTION 49
You have a Microsoft 365 tenant that contains the users shown in the following table.
You configure a retention label to trigger a disposition review at the end of the retention period.
Which users can access the Disposition tab in the Microsoft 365 compliance center to review the content?
- A. User1 and User3
- B. User1 only
- C. User3 and User4
- D. User2 only
- E. User3 only
Answer: E
Explanation:
Reference:
D18912E1457D5D1DDCBD40AB3BF70D5D
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-andcom
NEW QUESTION 50
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.) NOTE: Each correct selection is worth one point.
- A. Define the sensitive information database schema in the CSV format.
- B. Schedule EdmUploadAgent.exe to hash and upload a data file that contains employee information.
- C. Create a sensitive info type rule package that contains regular expressions.
- D. Define the sensitive information database schema in the XML format.
- E. Create a sensitive info type rule package that contains the EDM classification.
Answer: B,D,E
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-custom-sensitive-information-types-withexact-data-match-based-classification?view=o365-worldwide
Topic 1, Fabrikam,
Cloud Environment
Fabrikam has a Microsoft 365 tenant that contains the following resources:
* An Azure Active Directory (Azure AD) tenant that syncs to an on-premises Active Directory domain named corp.fabrikam.com
* Microsoft Cloud App Security connectors configured for all supported cloud applications used by the company Some users have company Dropbox accounts.
Compliance Configuration
Fabrikam has the following in the Microsoft 365 compliance center:
* A data loss prevention (DLP) policy is configured. The policy displays a tooltip to users. Users can provide a business justification to override a DLP policy violation.
* The Azure information Protection unified labeling scanner is installed and configured.
* A sensitivity label named Fabrikam Confidential is configured.
An existing third-party records management system is managed by the compliance department.
Human Resources (HR) Management System
The HR department has an Azure SQL. database that contains employee information. Each employee has a unique 12-character alphanumeric ID. The database contains confidential employed attributes including payroll information, date of birth, and personal contact details.
On-premises Environment
You have an on premises file server that runs Windows Server 2019 and stores Microsoft Office documents in a shared folder named Data.
All end-user computers are joined to the corp.fabrinkam.com domain and run a third-party antimalware application.
Sales Contracts
Users in the sales department receive draft sales contracts from customers by email. The sales contracts are written by the customers and are not in a standard format.
Employment Applications
Employment applications and resumes are received by HR department managers and stored in either mailboxes, Microsoft SharePoint Online sites, OneDrive for Business folders, or Microsoft Segment Teams channels.
The employment application form is downloaded from SharePoint Online and a serial number is assigned to each application.
the resumes are written by the applications and in any format.
HR Requirements
You need to create a DLP policy that will notify the HR department of a DLP policy violation if a document that contains confidential employee attributes is shared externally. The DLP policy must use an Exact Data Match (EDM) classification derived from a CSV export of the HR department database.
The HR department identifies the following requirements for handling employment applications:
* Resumes must be identified automatically based on similarities to other resumes received in the past
* Employment applications and resumes must be deleted automatically two years after the applications are received.
* Documents and emails that contain an application serial number must be identified automatically and marked as an employment application.
Sales Requirements
A sensitivity label named Sales Contract must be applied automatically to all draft and finalized sales contracts.
Compliance Requirements
Fabrikam identifies the following compliance requirements:
* All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.
* Users in the compliance department must view the justification provided when a user receives a tooltip notification for a DLP violation.
* If a document that has the Fabrikam Confidential sensitivity label applied is uploaded to Dropbox. the file must be deleted automatically. - The Fabrikam Confidential sensitivity label must be applied to existing Microsoft Word documents in the Data shared folder that have a document footer containing the following string: Company use only.
* Users must be able to manually select that email messages are sent encrypted. The encryption will use Office 365 Message Encryption (OME) v2. Any email containing an attachment that has the Fabrikam Confidential sensitivity label applied must be encrypted automatically by using OME.
* Existing policies configured in the third-party records management system must be replaced by using Records management in the Microsoft 365 compliance center. The compliance department plans to export the existing policies, and then produce a CSV file that contains matching labels and policies that are compatible with records management in Microsoft 365. The CSV file must be used to configure records management in Microsoft 365.
Executive Requirements
You must be able to restore all email received by Fabrikam executives for up to three years after an email is received, even if the email was deleted permanently.
NEW QUESTION 51
You have a Microsoft 365 tenant that uses a domain named canstoso.com.
A user named User1 leaves your company. The mailbox of User1 is placed on Litigation Hold, and then the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to copy the content of the User1 mailbox to a folder in the existing mailbox of another user named User2.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 52
......
Microsoft SC-400 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
SC-400 Actual Questions and Braindumps: https://www.examcost.com/SC-400-practice-exam.html
Pass SC-400 Exam with Updated SC-400 Exam Dumps PDF 2021: https://drive.google.com/open?id=19fVjNFY37GTdQsJLM4V1ltvY5U11e9a8
