SC-400 Exam Dumps - Microsoft Information Protection Administrator
Task 5
You need to ensure that a group named U.S. Sales can store files containing information subject to General Data Protection Regulation (GDPR) in their OneDrive accounts. All other current GDPR restrictions must remain in effect.
Task 9
You are investigating a data breach.
You need to retain all Microsoft Exchange items in the mailbox of Alex Wilber that contain the word Falcon and were created in the year 2021.
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
• The users must be able to apply a classification of Product1 to the files.
• Any authenticated user must be able to open files classified as Product1.
• files classified as Product1 must be encrypted.
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
Task 3
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
Task 7
You need to create a retention policy that meets the following requirements:
• Applies to Microsoft Teams chat and Teams channel messages of users that have a department attribute of Sales.
• Retains item for five years from the date they are created, and then deletes them.
Task 2
You discover that all users can apply the Confidential - Finance label.
You need to ensure that the Confidential - Finance label is available only to the members of the Finance Team group.
Task 8
You need to retain Microsoft SharePoint files that contain the word Falcon for two years from the date they were created, and then delete them.
Task 10
You plan to create a data loss prevention (DLP) policy that will apply to content containing the following keywords:
• Tailspin
• litware
• Falcon
You need to create a keyword list that can be used in the DLP policy. You do NOT need to create the DLP policy at this time.
You need to meet the technical requirements for the confidential documents.
What should you created first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are evaluating the technical requirements for the DLP reports.
Which user can currently view the DLP reports?
You are reviewing policies for the SharePoint Online environment.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A screenshot of a computer
Description automatically generated with low confidenceYou need to meet the technical requirements for the Site3 documents.
What should you create?
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
You need to meet the technical requirements for the creation of the sensitivity labels. Which administrative users are currently missing the Sensitivity label administrator role?
How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to meet the technical requirements for the Site1 documents.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Graphical user interface, text, application
Description automatically generatedYou need to implement a solution that meets the compliance requirements for the Windows 10 computers.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each coned selection is worth one point.
You need to recommend a solution that meets the sales requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Graphical user interface, text, application, chat or text message
Description automatically generatedYou need to recommend a solution that meets the compliance requirements for Dropbox.
What should you recommend?
You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder. What should you recommend?
You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.
What should you configure in the Microsoft Purview compliance portal?
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip
justifications.
What should you recommend?
You need to recommend a solution that meets the compliance requirements for Dropbox.
What should you recommend?
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)
NOTE: Each correct selection is worth one point.
You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.
What should you recommend?
You plan to import a file plan to the Microsoft 365 compliance center.
Which object type can you create by importing a records management file plan?
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1 and a user named User1. The tenant has auditing enabled You need to ensure that User! can perform disposition reviews. The solution must use the principle of the least privilege What should you do?
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You plan to deploy a Defender for Cloud Apps file policy that will be triggered when the following conditions are met:
• A file is shared externally.
• A file is labeled as internal only.
Which filter should you use for each condition? To answer, drag the appropriate filters to the correct conditions. Each filter may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Cloud App Security portal, you create an app discovery policy.
Does this meet the goal?
You have a Microsoft 365 tenant.
All Microsoft OneDrive for Business content is retained roe five years.
A user named User1 left your company a year ago, after which the account of User 1 was deleted from Azure Active Directory (Azure AD)
You need to recover an important file that was stored in the OneDrive of User1.
What should you use?
You have a Microsoft 365 tenant that uses Microsoft Exchange Online.
You need to recover deleted email messages from a user’s mailbox.
Which two PowerShell cmdlets should you use? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have Microsoft 365 ES subscription that has data loss prevention (DLP) implemented.
You plan to export DLP activity by using Activity explorer.
The exported file needs to display the sensitive info type detected for each DLP match.
What should you do in Activity explorer before the data, and in which file exported? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement a solution to encrypt email. The solution must meet the compliance requirements.
What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Graphical user interface, text, application
Description automatically generatedNote: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the result are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-MailboxFolderPermission -Identity "User1†-User Userl@contoso.com -AccessRights Owner command.
Does that meet the goal?
Your company manufactures parts that are each assigned a unique 12-character alphanumeric serial number. Emails between the company and its customers refer in the serial number.
You need to ensure that ail Microsoft Exchange Online emails containing the serial numbers are retained for five years.
Which three objects should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2.
You plan to configure a retention label named Label1 and apply Label1 to all the files in Site1.
You need to ensure that two years after a file is created in Site1, the file moves automatically to Site2.
How should you configure the Choose what happens after the retention period setting for Label1?
You have a Microsoft 365 E5 subscription that contains a trainable classifier named Trainable1. You plan to create the items shown in the following table.
Which items can use Trainable1?
You create a custom sensitive info type that uses Exact Data Match (EDM).
You plan to periodically update and upload the data used for EDM.
What is the maximum frequency with which the data can be uploaded?
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online document library named Library 1.
You need to declare a collection of files that are stored in Library1 as regulatory records.
What should you use?
You create three sensitivity labels named Sensitivity1, Sensitivity2, and Sensitivity3 and perform the following
actions:
- Publish Sensitivity1.
- Create an auto-labeling policy for Sensitivity2.
You plan to create a file policy named Policy1 in Microsoft Cloud App Security.
Which sensitivity labels can you apply to Microsoft SharePoint Online in Policy1?
You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abc123.
You need to create a new sensitive info type for the project codes.
How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant that uses Microsoft Teams.
You need to ensure that all internal communication is stored for a minimum of seven years.
What should you create first?
You have a Microsoft 365 subscription that contains a Microsoft 365 group named Group1. Group 1 contains 100 users and has dynamic user membership.
All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.
You create a sensitivity label named Label! and publish Label! as the default label for Group1.
You need to ensure that the users in Group! must apply Label! to their email and documents.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
At the end of a project, you upload project documents to a Microsoft SharePoint Online library that contains
many files. The following is a sample of the project document file names:
- aei_AA989.docx
- bci_WS098.docx
- cei_DF112.docx
- ebc_QQ454.docx
- ecc_BB565.docx
All documents that use this naming format must be labeled as Project Documents:
You need to create an auto-apply retention label policy.
What should you use to identify the files?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add the application to the unallowed apps list.
Does this meet the goal?
You have a Microsoft 365 E5 tenant that contains a user named User1.
You need to identify the type and number of holds placed on the mailbox of User1.
What should you do first?