Updated Microsoft Information Protection Administrator SC-400 Dumps Valid For Passing

1. Topic 1, Misc. Questions

Your company has a Microsoft 365 tenant that uses a domain named contoso.

The company uses Microsoft Office 365 Message Encryption (OMI) to encrypt email sent to users in fabrikam.com.

A user named User1 erroneously sends an email to user2@fabrikam

You need to disable [email protected] from accessing the email.

What should you do?

2. You have a Microsoft 365 E5 subscription that contains a trainable classifier named Trainable1.

You plan to create the items shown in the following table.

Which items can use Trainable1?

3. HOTSPOT

You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1. Sensitivity1 adds a watermark and a header to content.

You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.

How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

4. You have a Microsoft 365 tenant.

You have a Microsoft SharePoint Online site that contains employment contracts in a folder named EmploymentContracts. All the files in EmploymentContracts are marked as records.

You need to recommend a process to ensure that when a record is updated, the previous version of the record is kept as a version of the updated record.

What should you recommend?

5. CORRECT TEXT

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

6. You have a Microsoft 365 E5 tenant.

You need to add a new keyword dictionary.

What should you create?

7. HOTSPOT

You have a Microsoft SharePoint Online site that contains the following files.

Users are assigned roles for the site as shown in the following table.

Which files can User1 and User2 view? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

8. You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1 and a user named User1. The tenant has auditing enabled You need to ensure that User! can perform disposition reviews. The solution must use the principle of the least privilege

What should you do?

9. You have a Microsoft 365 subscription that uses Microsoft Exchange Online.

You need to receive an alert if a user emails sensitive documents to specific external domains.

What should you create?

10. Your company has a Microsoft 365 tenant.

The company performs annual employee assessments. The assessment results are recorded in a document named Assessment I cmplatc.docx that is created by using Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.

You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents.

What should you include in the solution?

11. You are creating a data loss prevention (DLP) policy that will apply to all available locations. You configure an advanced DLP rule in the policy.

Which type of condition can you use in the rule?

12. HOTSPOT

You plan to implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You need to identify which end user activities can be audited on the endpoints, and which activities can be restricted on the endpoints.

What should you identify for each activity? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

13. HOTSPOT

You have a Microsoft 365 E5 subscription.

You create an adaptive scope named Scope 1 as shown in the following exhibit.

You create a retention policy named Policy1 that includes Scope1.

To which three locations can you apply Policy1? To answer, select the appropriate locations in the answer area. NOTE: Each correct selection is worth one point.

14. HOTSPOT

You have a Microsoft 365 E5 subscription.

You have a Microsoft Office 365 Advanced Message Encryption branding template named OME1.

You need to create a Microsoft Exchange Online mail flow rule to apply 0ME1 to email.

How should you configure the rule? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

15. You need to provide a user with the ability to view data loss prevention (DLP) alerts in the Microsoft 365 compliance center. The solution must use the principle of least privilege.

Which role should you assign to the use?

16. In Microsoft Exchange Online, you have a retention policy named Policy1 that applies a retention tag named Tag1.

You plan to remove Tag1 from Policy1.

What will occur when you remove the tag from Policy1?

17. HOTSPOT

You have a Microsoft 365 tenant.

A retention hold is applied to all the mailboxes in Microsoft Exchange Online.

A user named User1 leaves your company, and the account of User1 is deleted from Azure Active Directory (Azure AD).

You need to create a new user named User2 and provide User2 with access to the mailbox of User1.

How should you complete the PowerShell command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

18. HOTSPOT

You have a Microsoft 365 tenant named contoso.com that contains two users named User1 and User2. The tenant uses Microsoft Office 365 Message Encryption (OME).

User1 plans to send emails that contain attachments as shown in the following table.

User2 plans to send emails that contain attachments as shown in the following table.

For which emails will the attachments be protected? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

19. A compliance administrator recently created several data loss prevention (DLP) policies.

After the policies are created, you receive a higher than expected volume of DLP alerts.

You need to identify which rules are generating the alerts.

Which DLP report should you use?

20. You have a Microsoft 365 E5 tenant that contains the policies shown in the following table.

A file named File1 has all the policies applied.

How long will File1 be retained?

21. You have a new Microsoft 365 tenant.

You need to ensure that custom trainable classifiers can be created in the tenant.

To which role should you be assigned to perform the configuration?

22. You need to test Microsoft Office 365 Message Encryption (OME) capabilities for your company.

The test must verify the following information:

The acquired default template names

The encryption and decryption verification status

Which PowerShell cmdlet should you run?

23. HOTSPOT

You have a Microsoft 365 E5 tenant.

You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.

What should you do first? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

24. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You configure a mail flow rule that matches a sensitive info type.

Does this meet the goal?

25. You create a custom sensitive info type that uses Exact Data Match (EDM).

You plan to periodically update and upload the data used for EDM.

What is the maximum frequency with which the data can be uploaded?

26. You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You deploy the unified labeling client to the computers.

Does this meet the goal?

27. You create three sensitivity labels named Sensitivity1, Sensitivity2, and Sensitivity3 and perform the following actions:

✑ Publish Sensitivity1.

✑ Create an auto-labeling policy for Sensitivity2.

You plan to create a file policy named Policy1 in Microsoft Cloud App Security.

Which sensitivity labels can you apply to Microsoft SharePoint Online in Policy1?

28. You receive an email that contains a list of words that will be used few a sensitive information type.

You need to create a file that can be used as the source of a keyword dictionary.

In which format should you save the list?

29. HOTSPOT

You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.

You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.

What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

30. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Cloud App Security portal, you mark the application as Unsanctioned.

Does this meet the goal?

31. You have a Microsoft SharePoint Online site that contains employee contracts in a document library named Contracts.

The contracts must be treated as records in accordance with your company's records management policy.

You need to implement a solution to automatically mark all the contracts as records when they are uploaded to Contracts.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. (Choose two.)

32. You receive an email that contains a list of words that will be used for a sensitive information type.

You need to create a file that can be used as the source of a keyword dictionary.

In which format should you save the list?

33. At the end of a project, you upload project documents to a Microsoft SharePoint Online library that contains many files.

The following is a sample of the project document file names:

✑ aei_AA989.docx

✑ bci_WS098.docx

✑ cei_DF112.docx

✑ ebc_QQ454.docx

✑ ecc_BB565.docx

All documents that use this naming format must be labeled as Project Documents:

You need to create an auto-apply retention label policy.

What should you use to identify the files?

34. You are implementing a data classification solution.

The research department at your company requires that documents containing programming code be labeled as Confidential. The department provides samples of the code from its document library. The solution must minimize administrative effort.

What should you do?

35. HOTSPOT

You have a Microsoft 365 subscription that contains a Microsoft SharePoint site named Site1.

For Site1, users are assigned the roles shown in the following table.

You publish retention labels to Site1 as shown in the following table.

You publish retention labels to Site1 as shown in the following table.

You have the files shown in the following table.

For each of the following statement, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

36. Your company has a Microsoft 365 tenant that uses a domain named contoso.com.

You are implementing data loss prevention (DLP).

The company's default browser is Microsoft Edge.

During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint.com. Users are blocked from uploading the confidential files to the site from Microsoft Edge.

You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services.

Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)

NOTE: Each correct selection is worth one point.

37. You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Site1.

You have the users shown in the following table.

You create a data loss prevention (DLP) policy for Site1 that detects credit card number information.

You configure the policy to use the following protection action:

✑ When content matches the policy conditions, show policy tips to users and send them an email notification.

You use the default notification settings.

To Site1, User1 uploads a file that contains a credit card number.

Which users receive an email notification?

38. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.

Does this meet the goal?

39. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You onboard the computers to Microsoft Defender for Endpoint.

Does this meet the goal?

40. HOTSPOT

You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abc123.

You need to create a new sensitive info type for the project codes.

How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

41. You have a Microsoft 365 tenant that contains the users shown in the following table.

You configure a retention label to trigger a disposition review at the end of the retention period.

Which users can access the Disposition tab in the Microsoft 365 compliance center to review the content?

42. You need to create a retention policy to retain all the files from Microsoft Teams channel conversations and private chats.

Which two locations should you select in the retention policy? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.

43. HOTSPOT

You have a Microsoft 365 E5 tenant.

You create sensitivity labels as shown in the Sensitivity Labels exhibit.

The Confidential/External sensitivity label is configured to encrypt files and emails when applied to content.

The sensitivity labels are published as shown in the Published exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

44. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You create a data loss prevention (DLP) policy that has all locations selected.

Does this meet the goal?

45. HOTSPOT

You have a Microsoft 365 tenant that uses Microsoft Teams.

You create a data loss prevention (DLP) policy to prevent Microsoft Teams users from sharing sensitive information.

You need to identify which locations must be selected to meet the following requirements:

✑ Documents that contain sensitive information must not be shared inappropriately in Microsoft Teams.

✑ If a user attempts to share sensitive information during a Microsoft Teams chat session, the message must be deleted immediately.

Which three locations should you select? To answer, select the appropriate locations in the answer area. NOTE: Each correct selection is worth one point. (Choose three.)

46. HOTSPOT

You have a Microsoft 365 E5 tenant.

Data loss prevention (DLP) policies are applied to Exchange email, SharePoint sites, and OneDrive accounts locations.

You need to use PowerShell to retrieve a summary of the DLP rule matches from the last seven days.

Which PowerShell module and cmdlet should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

47. Your company manufactures parts that are each assigned a unique 12-character alphanumeric serial number. Emails between the company and its customers refer in the serial number.

You need to ensure that ail Microsoft Exchange Online emails containing the serial numbers are retained for five years.

Which three objects should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

48. You are creating an advanced data loss prevention (DLP) rule in a DLP policy named Policy 1 that will have all locations selected.

Which two conditions can you use in the rule? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. (Choose two.)

49. You have a Microsoft 365 E5 tenant that uses a domain named contoso.com.

A user named User1 sends link-based, branded emails that are encrypted by using Microsoft Office 365

Advanced Message Encryption to the recipients shown in the following table.

For which recipients can User1 revoke the emails?

50. You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.

From a computer named Computer1, 3 user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue.

What are two possible causes of the issue? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.