Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

SC-401 Administering Information Security in Microsoft 365 Questions and Answers

Questions 4

HOTSPOT

You have a Microsoft 365 E5 subscription.

You receive the data loss prevention (DLP) alert shown in the following exhibit.

SC-401 Question 4

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

SC-401 Question 4

Options:

Buy Now
Questions 5

You have a Microsoft 365 alert named Alert2 as shown in the following exhibit.

SC-401 Question 5

You need to manage the status of Alert? To which status can you change Alette?

Options:

A.

The status cannot be changed.

B.

Dismissed only

C.

Investigating only

D.

Active or Investigating only

E.

Investigating. Active, or Dismissed

Buy Now
Questions 6

HOTSPOT

You plan to create a custom sensitive information type that will use Exact Data Match (EDM).

You need to identify what to upload to Microsoft 365, and which tool to use for the upload.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 6

Options:

Buy Now
Questions 7

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

SC-401 Question 7

Which users will Microsoft Purview insider risk management flag as potential high-impact users?

Options:

A.

User1 and User2 only

B.

User2 and User3 only

C.

User1, User2, and User3 only

D.

User1, User2, User3, and User4

Buy Now
Questions 8

You have a Microsoft 36S subscription.

In Microsoft Exchange Online, you configure the mail flow rule shown in the following exhibit.

SC-401 Question 8

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

SC-401 Question 8

Options:

Buy Now
Questions 9

You have a new Microsoft 365 E5 tenant.

You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.

What should you do first? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 9

Options:

Buy Now
Questions 10

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

Solution: You run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminAuditLogCmdlets *Mailbox* command.

Does that meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 11

You have a Microsoft 365 ES subscription that uses Microsoft Teams and contains the users shown in the following table.

SC-401 Question 11

You have the retention policies shown in the following table.

SC-401 Question 11

The users perform the actions shown in the following table.

SC-401 Question 11

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point

SC-401 Question 11

Options:

Buy Now
Questions 12

You have a Microsoft 365 ES subscription.

A security manager receives an email message every time a data loss prevention (DIP) policy match occurs. You need to limit alert notifications to actionable DLP events. What should you do?

Options:

A.

From the Microsoft Defender portal, apply a filter to the alerts.

B.

From the Microsoft Purview portal, modify the Policy Tips settings of a DLP policy.

C.

From the Microsoft Purview portal, modify the matched activities threshold of an alert policy.

D.

From the Microsoft Purview portal, modify the User overrides settings of a DLP policy.

Buy Now
Questions 13

You have a Microsoft 365 subscription.

You have a user named User1 Several users have full access to the mailbox of User1.

Some email messages sent to User 1 appeal to have been read and deleted before the user viewed them

When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User l. the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

Solution: You run the Set-AuditConfig -Workload Exchange command.

Does that meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 14

You have a Microsoft 365 ES subscription.

You have a Microsoft SharePoint Online document library that contains Microsoft Word and Excel documents. The documents contain the following types of information:

• Credit card numbers

• Physical addresses in the UK

• National hearth service numbers from the UK

• Sensitive projects that contain the following words: Project Tailspin. Project Contoso, and Project falcon

You have email messages m Microsoft Exchange Online that contain the following information types:

• Credit card numbers

• User sign-in credentials

• National health service numbers from the UK

You plan to use sensitive information types (SITs) for compliance policies.

What is the minimum number of SITs required to classify all the information types?

Options:

A.

2

B.

5

C.

7

D.

10

Buy Now
Questions 15

You need to provide a user with the ability to view data loss prevention (DIP) alerts in the Microsoft Purview portal. The solution must use the principle of least privilege.

Which role should you assign to the user?

Options:

A.

Compliance Administrator

B.

Security Reader

C.

Security Operator

D.

Compliance Data Administrator

Buy Now
Questions 16

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers are onboarded to Microsoft Purview.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From Microsoft Defender for Cloud Apps, you create an app discovery policy.

Does this meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 17

DRAG DROP

You have a Microsoft 365 E5 subscription that has data loss prevention (DLP) implemented.

You need to create a custom sensitive info type. The solution must meet the following requirements:

● Match product serial numbers that contain a 10-character alphanumeric string.

● Ensure that the abbreviation of SN appears within six characters of each product serial number.

● Exclude a test serial number of 1111111111 from a match.

Which pattern settings should you configure for each requirement? To answer, drag the appropriate settings to the correct requirements. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

SC-401 Question 17

Options:

Buy Now
Questions 18

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties.

You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.

Solution: You configure a mail flow rule that matches a sensitive info type.

Does this meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 19

You have a Microsoft 36515 subscription tha1 contains a Microsoft SharePoint Online site named Site1 Site1 contains three tiles named File1. File2 and File3.

You create the data loss prevention (DIP) policies shown in the following table.

SC-401 Question 19

The DIP rule matches for each tile are shown in the following table.

SC-401 Question 19

How many DIP policy matches events will be added to Activity explorer, and how many policy matches will be added to the DLP incidents report? To answer, select the appropriate options m the answer area.

SC-401 Question 19

Options:

Buy Now
Questions 20

You have a Microsoft 365 E5 subscription that contains a trainable classifier named Trainable1.

You plan to create the items shown in the following table.

SC-401 Question 20

Which items can use Trainable 1?

Options:

A.

Label2 only

B.

Label1 and Label2 only

C.

Label1 and Policy1 only

D.

Label2, Policy1, and DLP1 only

E.

Label1, Label2, Policy1, and DLP1

Buy Now
Questions 21

HOTSPOT

How many files in Site2 can User1 and User2 access after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 21

Options:

Buy Now
Questions 22

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you assign the Sensitivity Label Administrator role?

Options:

A.

Admin1 only

B.

Admin1 and Admin4 only

C.

Admin1 and Admin5 only

D.

Admin1, Admin2, and Admin3 only

E.

Admin1, Admin2, Admin4, and Admin5 only

Buy Now
Questions 23

You need to meet the retention requirement for the users' Microsoft 365 data.

What is the minimum number of retention policies required to achieve the goal?

Options:

A.

1

B.

2

C.

3

D.

4

E.

6

Buy Now
Questions 24

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

SC-401 Question 24

Options:

Buy Now
Exam Code: SC-401
Exam Name: Administering Information Security in Microsoft 365
Last Update: Jun 10, 2025
Questions: 121

PDF + Testing Engine

$61.25  $174.99

Testing Engine

$47.25  $134.99
buy now SC-401 testing engine

PDF (Q&A)

$40.25  $114.99
buy now SC-401 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 13 Jun 2025