What is the correct name of the Microsoft SC-400 exam?

1. Topic 1, Misc. Questions

You have a Microsoft 365 tenant that uses Microsoft Exchange Online.

You need to recover deleted email messages from a user’s mailbox.

Which two PowerShell cmdlets should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

2. You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.

The Review your settings page is shown in the review exhibit.

You need to review the potential impact of enabling the policy without applying the actions.

What should you do?

3. HOTSPOT

You have a Microsoft 365 E5 tenant that contains three groups named Group1, Group2, and Group3.

You have the users shown in the following table.

You have the sensitivity labels shown in the following exhibit.

You have the label policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

4. HOTSPOT

While creating a retention label, you discover that the following options are missing:

✑ Mark items as a record

✑ Mark items as a regulatory record

You need to ensure that the options are available when you create retention labels in the Microsoft 365 compliance center.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

5. HOTSPOT

You have a Microsoft 365 subscription that contains the users shown in the following table.

You create the data loss prevention (DLP) policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select. No. NOTE: Each correct selection is worth one point.

6. You have a Microsoft SharePoint Online site that contains employee contracts in a document library named Contracts.

The contracts must be treated as records in accordance with your company's records management policy.

You need to implement a solution to automatically mark all the contracts as records when they are uploaded to Contracts.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. (Choose two.)

7. You have a Microsoft 365 tenant that contains the users shown in the following table.

You configure a retention label to trigger a disposition review at the end of the retention period.

Which users can access the Disposition tab in the Microsoft 365 compliance center to review the content?

8. HOTSPOT

While creating a retention label, you discover that the Mark items as a regulatory record option is unavailable.

You need to ensure that the option is available when you create retention labels in the Microsoft Purview compliance portal.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

9. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Data Classification service inspection method and send alerts to Microsoft Power Automate.

Does this meet the goal?

10. DRAG DROP

You need to create a trainable classifier that can be used as a condition in an auto-apply retention label policy.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

11. You are creating an advanced data loss prevention (DLP) rule in a DLP policy named Policy 1 that will have all locations selected.

Which two conditions can you use in the rule? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. (Choose two.)

12. You have a Microsoft 365 tenant.

All Microsoft OneDrive for Business content is retained roe five years.

A user named User1 left your company a year ago, after which the account of User 1 was deleted from Azure Active Directory (Azure AD)

You need to recover an important file that was stored in the OneDrive of User1.

What should you use?

13. You need to create a retention policy to retain all the files from Microsoft Teams channel conversations and private chats.

Which two locations should you select in the retention policy? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.

14. HOTSPOT

You have a Microsoft 365 E5 tenant.

You create sensitivity labels as shown in the Sensitivity Labels exhibit.

The Confidential/External sensitivity label is configured to encrypt files and emails when applied to content.

The sensitivity labels are published as shown in the Published exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

15. You create three sensitivity labels named Sensitivity1, Sensitivity2, and Sensitivity3 and perform the following actions:

✑ Publish Sensitivity1.

✑ Create an auto-labeling policy for Sensitivity2.

You plan to create a file policy named Policy1 in Microsoft Cloud App Security.

Which sensitivity labels can you apply to Microsoft SharePoint Online in Policy1?

16. HOTSPOT

You have Microsoft 365 ES subscription that has data loss prevention (DLP) implemented.

You plan to export DLP activity by using Activity explorer.

The exported file needs to display the sensitive info type detected for each DLP match.

What should you do in Activity explorer before the data, and in which file exported? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

17. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Data Classification service inspection method and send alerts as email.

Does this meet the goal?

18. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Cloud App Security portal, you mark the application as Unsanctioned.

Does this meet the goal?

19. You have a sensitive information type based on a trainable classifier.

You are unsatisfied with the result of the result of trainable classifier.

You need to retrain the classifier.

What should you use in the Microsoft 365 compliance center?

20. You have a Microsoft 365 E5 subscription.

You create a role group named Rote1.

You need to add a role to Role1 that will enable group members to view the metadata of records that were tagged for deletion automatically at the end of the records' retention period. The solution must use the principle of least privilege.

Which role should you add?

21. You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You enroll the computers in Microsoft intune.

Does this meet the goal?

22. You have a Microsoft 365 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.

You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).

Which devices support Endpoint DLP?

23. HOTSPOT

You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1. Sensitivity1 adds a watermark and a header to content.

You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.

How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

24. You create a retention label that has a retention period of seven years.

You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.

What should you create?

25. You have a Microsoft OneDrive for Business folder that contains the files shown in the following table.

In Microsoft Cloud App Security, you create a file policy to automatically apply a classification.

What is the effect of applying the policy?

26. You have a Microsoft 365 tenant.

You have a Microsoft SharePoint Online site that contains employment contracts in a folder named

EmploymentContracts. All the files in EmploymentContracts are marked as records.

You need to recommend a process to ensure that when a record is updated, the previous version of the record is kept as a version of the updated record.

What should you recommend?

27. HOTSPOT

You are implementing Microsoft Office 365 Message Encryption (OME) for a Microsoft 365 tenant named contoso.com.

You need to meet the following requirements:

• All email to a domain named fabhkam.com must be encrypted automatically.

• Encrypted emails must expire seven days after they are sent-

What should you configure for each requirement? To answer, select the appropriate options. NOTE: Each correct selection is worth one point.

28. HOTSPOT

You create a sensitivity label as shown in the Sensitivity Label exhibit.

You create an auto-labeling policy as shown in the Auto Labeling Policy exhibit.

A user sends the following email:

From: [email protected]

To: [email protected]

Subject: Address List

Message Body:

Here are the lists that you requested.

Attachments:

<<File1.docx>>

<<File2.xml>>

Both attachments contain lists of IP addresses.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

29. At the end of a project, you upload project documents to a Microsoft SharePoint Online library that contains many files.

The following is a sample of the project document file names:

✑ aei_AA989.docx

✑ bci_WS098.docx

✑ cei_DF112.docx

✑ ebc_QQ454.docx

✑ ecc_BB565.docx

All documents that use this naming format must be labeled as Project Documents:

You need to create an auto-apply retention label policy.

What should you use to identify the files?

30. You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You onboard the computers to Microsoft Defender fur Endpoint.

Does this meet the goal?

31. HOTSPOT

You create a data loss prevention (DLP) policy that meets the following requirements:

✑ Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat

✑ Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel

Which location should you select for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

32. You have a Microsoft 365 E5 tenant that uses a domain named contoso.com.

A user named User1 sends link-based, branded emails that are encrypted by using Microsoft Office 365

Advanced Message Encryption to the recipients shown in the following table.

For which recipients can User1 revoke the emails?

33. Your company has a Microsoft 365 tenant.

The company performs annual employee assessments. The assessment results are recorded in a document named Assessment I cmplatc.docx that is created by using Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.

You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents.

What should you include in the solution?

34. You have a Microsoft 365 tenant.

You create the following:

✑ A sensitivity label

✑ An auto-labeling policy

You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy.

What should you do first?

35. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You create a data loss prevention (DLP) policy that has only the Exchange email location selected.

Does this meet the goal?

36. You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain States passport numbers.

Users reports that they cannot upload documents to a travel management website because of the policy.

You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.

Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?

37. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You create a data loss prevention (DLP) policy that has all locations selected.

Does this meet the goal?

38. You have a Microsoft 365 E5 subscription that contains a trainable classifier named Trainable1.

You plan to create the items shown in the following table.

Which items can use Trainable1?

39. You need to provide a user with the ability to view data loss prevention (DLP) alerts in the Microsoft 365 compliance center. The solution must use the principle of least privilege.

Which role should you assign to the use?

40. HOTSPOT

You have a Microsoft 365 tenant that uses a domain named canstoso.com.

A user named User1 leaves your company. The mailbox of User1 is placed on Litigation Hold, and then the account of User1 is deleted from Azure Active Directory (Azure AD).

You need to copy the content of the User1 mailbox to a folder in the existing mailbox of another user named User2.

How should you complete the PowerShell command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

41. You are creating a data loss prevention (DLP) policy that will apply to all available locations. You configure an advanced DLP rule in the policy.

Which type of condition can

you use in the rule?

42. You plan to import a file plan to the Microsoft 365 compliance center.

Which object type can you create by importing a records management file plan?

43. You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You deploy the unified labeling client to the computers.

Does this meet the goal?

44. HOTSPOT

You plan to create a custom trainable classifier based on an organizational form template.

You need to identity which role based access control (RBAC ) role is required to create the trainable classifier and where to classifier. The solution must use the principle of least privilege.

What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

45. You have a Microsoft 365 tenant that uses the following sensitivity labels:

* Confidential

* Internal

* External

The labels are published by using a label policy named Policy1.

Users report that Microsoft Office for the wen apps do not display the Sensitivity button.

The Sensitivity button appears in Microsoft 365 Apps that are installed locally.

You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.

Solution: You modify the publishing settings of Policy1.

Does the meet the goal?

46. You have a Microsoft 365 tenant that uses trainable classifiers.

You are creating a custom trainable classifier.

You collect 300 sample file types from various geographical locations to use as seed content. Some of the file samples are encrypted.

You organize the files into categories as shown in the following table.

Which file categories can be used as seed content?

47. HOTSPOT

At the end of a project you upload project documents to a Microsoft SharePoint Online library that contains many fifes.

Files that have the following naming format must be labeled as Project I

• aei_AA989.docx

• bd_WSOgadocx

• cei_DLF112-docx

• ebc_QQ4S4.docx

• ecc_BB565.docx

You plan to create an auto-apply retention label policy.

What should you use to identify the files, and which regular expression should you use? To answer, select the appropriate options in the answer area.

48. HOTSPOT

You plan to create a custom sensitive information type that will use Exact Data Match (EDM).

You need to identify what to upload to Microsoft 365, and which tool to use for the upload.

What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

49. You have a Microsoft 365 E5 tenant that contains the policies shown in the following table.

A file named File1 has all the policies applied.

How long will File1 be retained?

50. You have a new Microsoft 365 tenant.

You need to ensure that custom trainable classifiers can be created in the tenant.

To which role should you be assigned to perform the configuration?

51. HOTSPOT

You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.

You need to onboard the devices to Microsoft Purview. The solution must ensure that you can apply Endpoint data loss prevention (Endpoint DLP) policies to the devices.

What can you use to onboard each device? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

52. You need to create a retention policy to delete content after seven years from the following locations:

✑ Exchange email

✑ SharePoint sites

✑ OneDrive accounts

✑ Office 365 groups

✑ Teams channel messages

✑ Teams chats

What is the minimum number of retention policies that you should create?

53. HOTSPOT

You need to implement an information compliance policy to meet the following requirements:

✑ Documents that contain passport numbers from the United States, Germany, Australia, and Japan must be identified automatically.

✑ When a user attempts to send an email or an attachment that contains a passport number, the user must receive a tooltip in Microsoft Outlook.

✑ Users must be blocked from using Microsoft SharePoint Online or OneDrive for Business to share a document that contains a passport number.

What is the minimum number of sensitivity labels and auto-labeling policies you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

54. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.

Does this meet the goal?

55. You have a Microsoft 365 subscription that uses Microsoft Exchange Online.

You need to receive an alert if a user emails sensitive documents to specific external domains.

What should you create?

56. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You configure a mail flow rule that matches a sensitive info type.

Does this meet the goal?

57. HOTSPOT

You have a Microsoft 365 subscription that contains a Microsoft SharePoint site named Site1.

For Site1, users are assigned the roles shown in the following table.

You publish retention labels to Site1 as shown in the following table.

You publish retention labels to Site1 as shown in the following table.

You have the files shown in the following table.

For each of the following statement, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

58. HOTSPOT

You have the files shown in the following table.

You configure a retention policy as shown in the exhibit.

The start of the retention period is based on when items are created. The current date is January 01, 2021.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

59. You have a Microsoft 365 E5 tenant.

You create a data loss prevention (DLP) policy.

You need to ensure that the policy protects documents in Microsoft Teams chat sessions.

Which location should you enable in the policy?

60. HOTSPOT

You have a Microsoft 365 ES subscription.

You plan to create a custom trainable classifier by uploading 1,000 machine-generated files as seed content.

The files have sequential names and are uploaded in one-minute intervals as shown in the following table.

Which files were processed first and last when you created the custom trainable classifier? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.