SC-401 Exam Dumps - Administering Information Security in Microsoft 365

To automatically encrypt email messages using Microsoft Purview Message Encryption (OME), administrators must configure mail flow rules (also known as transport rules) in the Exchange admin center. These rules can be configured to check conditions, such as when a recipient is a specific user or when an email contains attachments, and then apply encryption automatically. Sharing policies, Safe Attachments policies, and retention label policies are not used for OME encryption.

In Microsoft Purview Exact Data Match (EDM) classifiers, a primary element is a unique, identifying field used for data matching. EDM allows up to two primary elements per schema.

From the provided table, the Match mode indicates how data is analyzed:

● PP (EU Passport Number) → Likely a primary element because it's unique.

● Name (All Full Names) → Typically not a primary element as names are common.

● DateOfBirth (Single-token) → Usually a secondary element, not unique.

● AccountNumber (Multi-token) → Can be a primary element, as it's a unique identifier.

● Since EDM supports a maximum of two primary elements, the correct answer is 2.

Step 1 – Scenario

You are creating an Exact Data Match (EDM) classifier in Microsoft Purview.

EDM requires preparing a sensitive information source table (such as employee IDs, customer account numbers).

This table must be hashed and uploaded into Microsoft Purview.

Only authorized users can perform this sensitive upload operation.

Step 2 – Required permissions for EDM upload

Microsoft’s documented process states:

To hash and upload EDM source data, you must assign users to the EDM Data Uploaders security group.

This group is a security group created in Microsoft Entra ID (formerly Azure AD).

Membership in this security group grants permission to perform the upload.

📖 Reference: Configure Exact Data Match (EDM) in Microsoft Purview

“To upload the hashed data file to Microsoft Purview, you must add users to a security group named EDM_DataUploaders. This group is required to give permissions for EDM uploads.”

Step 3 – Why not the other options?

A. Microsoft Entra enterprise application → Used for app integration, not EDM uploads.

B. Purview role group → Provides compliance portal permissions but not EDM upload rights.

D. Microsoft Entra app registration → Used for API access, not relevant here.

E. Microsoft 365 group → Collaboration group, not for secure upload rights.

Retention policy tags (MRM) for Exchange Online are applied by the Managed Folder Assistant (MFA). To apply a newly created Exchange retention policy to mailbox items immediately, you manually invoke MFA with Start-ManagedFolderAssistant for the mailbox or set of mailboxes. Creating DLP policies or label policies in Purview does not accelerate MRM processing.

To add a new keyword dictionary in Microsoft Purview Data Loss Prevention (DLP), you must create a Sensitive Information Type (SIT).

Sensitive Info Types (SITs) allow you to define custom detection rules, including keyword dictionaries, regular expressions, and functions for identifying sensitive content in emails, documents, and other Microsoft 365 locations. A keyword dictionary is a list of predefined words/phrases that Microsoft Purview can use to identify and classify content for DLP policies.

Steps to add a keyword dictionary:

1. Go to Microsoft Purview compliance portal

2. Navigate to Data classification > Sensitive info types

3. Create a new sensitive info type

4. Add a keyword dictionary

5. Save and use it in a DLP policy