SC-400 Updated Exam Dumps [2022] Practice Valid Exam Dumps Question
SC-400 Sample with Accurate & Updated Questions
Microsoft SC-400 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
Exam SC-400: Microsoft Information Protection Administrator
The Information Protection Administrator plans and implements controls that meet organizational compliance needs. This person is responsible for translating requirements and compliance controls into technical implementation. They assist organizational control owners to become and stay compliant.
They work with information technology (IT) personnel, business application owners, human resources, and legal stakeholders to implement technology that supports policies and controls necessary to sufficiently address regulatory requirements for their organization. They also work with the compliance and security leadership such as a Chief Compliance Officer and Security Officer to evaluate the full breadth of associated enterprise risk and partner to develop those policies.
This person defines applicable requirements and tests IT processes and operations against those policies and controls. They are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.
Part of the requirements for: Microsoft Certified: Information Protection Administrator Associate
NEW QUESTION 28
You plan to create a custom sensitive information type that will use Exact Data Match (EDM).
You need to identify what to upload to Microsoft 365, and which tool to use for the upload.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 29
You need to protect documents that contain credit card numbers from being opened by users outside your company. The solution must ensure that users at your company can open the documents.
What should you use?
- A. a retention policy
- B. a sensitivity label policy
- C. a sensitivity label
- D. a data loss prevention (DLP) policy
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide
NEW QUESTION 30
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You onboard the computers to Microsoft Defender for Endpoint.
Does this meet the goal?
- A. Yes
- B. No
Answer: A
NEW QUESTION 31
You need to create a retention policy to retain all the files from Microsoft Teams channel conversations and private chats.
Which two locations should you select in the retention policy? Each correct answer present part of the solution.
NOTE: Each correct selection is worth one point.
- A. SharePoint sites
- B. Office 365 groups
- C. OneDrive accounts
- D. Exchange email
- E. Team channel messages
- F. Team chats
Answer: A,B
NEW QUESTION 32
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
- A. Admin1, Admin2, Admin4, and Admin5 only
- B. Admin1 only
- C. Admin1, Admin2, and Admin3 only
- D. Admin1 and Admin5 only
- E. Admin1 and Admin4 only
Answer: E
Explanation:
Compliance Data Administrator, Compliance Administrator, and Security Administrator already have the required permissions to create the labels.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-sensitivity-labels?view=o365- worldwide#permissions-required-to-create-and-manage-sensitivity-labels
NEW QUESTION 33
While creating a retention label, you discover that the following options are missing:
* Mark items as a record
* Mark items as a regulatory record
You need to ensure that the options are available when you create retention labels in the Microsoft 365 compliance center.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/declare-records?view=o365-worldwide
https://docs.microsoft.com/en-us/powershell/exchange/connect-to-scc-powershell?view=exchange-ps
NEW QUESTION 34
You have a Microsoft 365 tenant.
You discover that email does NOT use Microsoft Office 365 Message Encryption (OME).
You need to ensure that OME can be applied to email.
What should you do first?
- A. Activate Azure Rights Management (Azure RMS).
- B. Enable Microsoft Defender for Office 365.
- C. Create an Azure key vault.
- D. Activate Azure Information Protection.
Answer: B
NEW QUESTION 35
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip justifications.
What should you recommend?
- A. Configure an Azure logic app to route DLP notification emails to the compliance department.
- B. Instruct the compliance department users to review the DLP incidents report.
- C. Configure a Microsoft Power Automate workflow to route DLP notification emails to the compliance department.
- D. Instruct the compliance department users to review the False positive and override report.
Answer: D
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide
NEW QUESTION 36
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 37
You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.
From a computer named Computer1, 3 user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue. What are two possible causes of the issue? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- A. The Access by unallowed apps action is set to Audit only.
- B. There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DIP) settings.
- C. The Copy to clipboard action is set to Audit only.
- D. The computers are NOT onboarded to the Microsoft 365 compliance center.
- E. The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.
Answer: A,B
NEW QUESTION 38
You have a Microsoft 365 E5 tenant.
You create sensitivity labels as shown in the Sensitivity Labels exhibit.
The Confidential/External sensitivity label is configured to encrypt files and emails when applied to content.
The sensitivity labels are published as shown in the Published exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
NEW QUESTION 39
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Build-in DLP inspection method and send alerts to Microsoft Power Automate.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/dcs-inspection
https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies
NEW QUESTION 40
You have a data loss prevention (DLP) policy that has the advanced DLP rules shown in the following table.
You need to identify which rules will apply when content matches multiple advanced DLP rules.
Which rules should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 41
You are configuring a retention label named Label1 as shown in the following exhibit.
You need to ensure that documents that have Label1 applied are deleted three years after the end of your company's fiscal year.
What should you do?
- A. Select Only delete items when they reach a certain age.
- B. Create a new event type.
- C. Set At the ends of the retention period to Trigger a disposition review.
- D. Modify the Retention period setting.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/event-driven-retention?view=o365-worldwide
NEW QUESTION 42
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
- A. Edit the policy, remove all the actions in DIP rule 1, and select I'd like to test it out first
- B. Edit the policy, and then select I'd like to test it out first.
- C. the policy. remove all the actions in DLP rule 1, and select Yes, turn it on right away.
- D. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
Answer: C
NEW QUESTION 43
You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1.
Sensitivity1 adds a watermark and a header to content.
You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.
How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
NEW QUESTION 44
You have the retention label policy shown in the Policy exhibit. (Click the Policy tab.)
Users apply the retention label policy to files and set the asset ID as shown in the following table.
On December 1. 2020. you create the event shown in the Event exhibit. (Click the Event tab.):
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 45
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
- A. Admin1, Admin2, Admin4, and Admin5 only
- B. Admin1 only
- C. Admin1, Admin2, and Admin3 only
- D. Admin1 and Admin5 only
- E. Admin1 and Admin4 only
Answer: E
NEW QUESTION 46
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Folder path to the file path exclusions excludes certain paths and files from DLP monitoring.
Use the unallowed apps list instead.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide
NEW QUESTION 47
......
How to Register For Exam SC-400: Microsoft Information Protection Administrator?
Pass Microsoft SC-400 Premium Files Test Engine pdf - Free Dumps Collection: https://dumpstorrent.dumpsfree.com/SC-400-valid-exam.html