SC-400 Microsoft Information Protection Administrator Questions and Answers

Task 6

You plan to implement Endpoint data loss prevention (Endpoint DLP) policies for computers that run Windows.

Users have an application named App1 that stores data locally in a folder named C:\app1\data.

You need to prevent the folder from being monitored by Endpoint DLP.

Task 4

You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.

Task 3

You plan to automatically apply a watermark to the document1 of a project named Falcon.

You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.

You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder. What should you recommend?

You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.

Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)

NOTE: Each correct selection is worth one point.

You need to recommend an information governance solution that meets the HR requirements for handling employment applications and resumes.

What is the minimum number of information governance solution components that you should create? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip

justifications.

What should you recommend?

You need to recommend a solution that meets the compliance requirements for Dropbox.

What should you recommend?

You need to recommend a solution that meets the executive requirements. What should you recommend?

You need to implement a solution to encrypt email. The solution must meet the compliance requirements.

What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.

What should you configure in the Microsoft Purview compliance portal?

You need to recommend a solution that meets the sales requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.

What should you recommend?

You need to recommend a solution that meets the compliance requirements for Dropbox.

What should you recommend?

You need to implement a solution that meets the compliance requirements for the Windows 10 computers.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each coned selection is worth one point.

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you grant the Sensitivity label administrator role?

You are evaluating the technical requirements for the DLP reports.

Which user can currently view the DLP reports?

You need to meet the technical requirements for the creation of the sensitivity labels. Which administrative users are currently missing the Sensitivity label administrator role?

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth is worth one point.

You need to meet the technical requirements for the Site3 documents.

What should you create?

You need to meet the technical requirements for the confidential documents.

What should you created first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You are reviewing policies for the SharePoint Online environment.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE:Each correct selection is worth one point.

How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1. Sensitivity1 adds a watermark and a header to content.

You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.

How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Your company has a Microsoft 365 tenant that uses a domain named contoso.

The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.

A user named User1 erroneously sends an email to user2@fabrikam

You need to disable user2@fabrikam.com from accessing the email.

What should you do?

You are creating a data loss prevention (DLP) policy that will apply to all available locations. You configure an advanced DLP rule in the policy. Which type of condition can you use in the rule?

At the end of a project, you upload project documents to a Microsoft SharePoint Online library that contains

many files. The following is a sample of the project document file names:

aei_AA989.docx

bci_WS098.docx

cei_DF112.docx

ebc_QQ454.docx

ecc_BB565.docx

All documents that use this naming format must be labeled as Project Documents:

You need to create an auto-apply retention label policy.

What should you use to identify the files?

You have a Microsoft 36d tenant.

You need to create a new sensitive info type for items that contain the following:

• An employee ID number that consists of the hire date of the employee followed by a three-digit number

• The words "Employee", "ID", or "Identification" within 300 characters of the employee ID number

What should you use for the primary and secondary elements? To answer, select the appropriate options in the answer area.

You have a Microsoft 365 E5 tenant that contains three groups named Group1, Group2, and Group3.

You have the users shown in the following table.

You have the sensitivity labels shown in the following exhibit.

You have the label policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE:Each correct selection is worth one point.

You receive an email that contains a list of words that will be used few a sensitive information type.

You need to create a file that can be used as the source of a keyword dictionary.

In which format should you save the list?

You create a data loss prevention (DLP) policy that meets the following requirements:

Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat

Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel

Which location should you select for each requirement? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

You need to test Microsoft Office 365 Message Encryption (OME) capabilities for your company. The test must

verify the following information:

The acquired default template names

The encryption and decryption verification status

Which PowerShell cmdlet should you run?

You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Site1.

You have the users shown in the following table.

You create a data loss prevention (DLP) policy for Site1 that detects credit card number information. You configure the policy to use the following protection action:

When content matches the policy conditions, show policy tips to users and send them an email notification.

You use the default notification settings.

To Site1, User1 uploads a file that contains a credit card number.

Which users receive an email notification?

You enable archive mailboxes for all the users at your company.

The Default MRM Policy is shown in the MRM exhibit.

A Microsoft 365 retention label policy is shown in the Label Policy exhibit.

You need to identify the following:

How many years until an email is archived?

What should you modify to change the retention period for archiving?

What should you identify? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

You have a Microsoft E5 365 tenant.

You need to ensure that you can use sensitivity labels to declare regulatory records.

Which PowerShell cmdlet should you run, and which type of policy should you use? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

You have a hybrid Microsoft 365 deployment that contains the users shown in the following table.

You need to perform an eDiscovery content search.

Which user's data can be included in the content search? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

The subscription contains the information barrier segments shown in the following table.

The subscription contains the Microsoft SharePoint Online sites shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You need to implement an information compliance policy to meet the following requirements:

Documents that contain passport numbers from the United States, Germany, Australia, and Japan must be identified automatically.

When a user attempts to send an email or an attachment that contains a passport number, the user must receive a tooltip in Microsoft Outlook.

Users must be blocked from using Microsoft SharePoint Online or OneDrive for Business to share a document that contains a passport number.

What is the minimum number of sensitivity labels and auto-labeling policies you should create? To answer, select the appropriate options in the answer area.

NOTE:Each correct selection is worth one point.

Task 9

You are investigating a data breach.

You need to retain all Microsoft Exchange items in the mailbox of Alex Wilber that contain the word Falcon and were created in the year 2021.

Task 8

You need to retain Microsoft SharePoint files that contain the word Falcon for two years from the date they were created, and then delete them.

Task 1

You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:

• The users must be able to apply a classification of Product1 to the files.

• Any authenticated user must be able to open files classified as Product1.

• files classified as Product1 must be encrypted.

Task 10

You plan to create a data loss prevention (DLP) policy that will apply to content containing the following keywords:

• Tailspin

• litware

• Falcon

You need to create a keyword list that can be used in the DLP policy. You do NOT need to create the DLP policy at this time.