You have a Microsoft 365 E5 tenant and the Windows 10 devices shown in the following table. To which devices can you apply Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings?

Device1, Device3, and Device4 only

Device1, Device2, Device3, and Device4

Your company has a Microsoft 365 tenant that uses a domain named contoso.com.You are implementing data loss prevention (DLP).The company's default browser is Microsoft Edge.During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint.com.Users are blocked from uploading the confidential files to the site from Microsoft Edge.You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services. Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)NOTE: Each correct selection is worth one point.

From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.

From the Microsoft 365 compliance center, onboard the devices.

From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add m365x076709.sharepoint.com as a blocked service domain.

Create a DLP policy that applies to the Devices location.

From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.

From the Microsoft 365 compliance center, onboard the devices.

From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add contoso.com as an allowed service domain.

You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit. The Review your settings page is shown in the Review exhibit. You need to review the potential impact of enabling the policy without applying the actions.What should you do?

Edit the policy, and then select I'd like to test it out first.

Edit the policy, remove all the actions in DLP rule 1, and select I'd like to test it out first.

Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.

Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.

Edit the policy, and then select I'd like to test it out first.

You are creating an advanced data loss prevention (DLP) rule in a DLP policy named Policy 1 that will have all locations selected.Which two conditions can you use in the rule? Each correct answer presents a complete solution. (Choose two.)NOTE: Each correct selection is worth one point.

Content is shared from Microsoft 365

Document size equals or is greater than

You need to be alerted when users share sensitive documents from Microsoft One Drive to any users outside your company.What should you do?

From the Microsoft 365 compliance center, create a data loss prevention (DLP) policy.

From the Microsoft 365 compliance center, start a data investigation.

From the Microsoft 365 compliance center, create an insider risk policy.

From the Cloud App Security portal, create an activity policy.

You have a Microsoft 365 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table. You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).Which devices support Endpoint DLP?

Device1, Device2, Device3, Device4, and Device5

You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit. From a computer named Computer1, a user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue.What are two possible causes of the issue? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.

The Access by unallowed apps action is set to Audit only.

The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.

The computers are NOT onboarded to the Microsoft 365 compliance center.

The Copy to clipboard action is set to Audit only.

There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings.

The Access by unallowed apps action is set to Audit only.

The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.

You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.All other users must be blocked from copying the file.What should you create?

two DLP policies that each contains one DLP rule

one DLP policy that contains one DLP rule

one DLP policy that contains two DLP rules

You need to be alerted when users share sensitive documents from Microsoft One Drive to any users outside your company.What should you do?

From the Cloud App Security portal, create a file policy.

From the Exchange admin center, create a data loss prevention (DLP) policy.

From the Azure portal, create an Azure Active Directory (Azure AD) Identity Protection policy.

From the Microsoft 365 compliance center, create an insider risk policy.

From the Cloud App Security portal, create a file policy.

Your company has a Microsoft 365 tenant.The company performs annual employee assessments. The assessment results are recorded in a document named AssessmentTemplate.docx that is created by using a Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder namedAssessments.You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents. The solution must minimize effort.What should you include in the solution?

Create a fingerprint of AssessmentTemplate.docx.

Create a fingerprint of 100 sample documents in the Assessments folder.

Create a sensitive info type that uses Exact Data Match (EDM).

Import 100 sample documents from the Assessments folder to a seed folder.

Create a fingerprint of AssessmentTemplate.docx.

You have a Microsoft 365 subscription that uses Microsoft Exchange Online.You need to receive an alert if a user emails sensitive documents to specific external domains.What should you create?

a data loss prevention (DLP) policy that uses the Privacy category

a Microsoft Cloud App Security activity policy

a Microsoft Cloud App Security file policy

a data loss prevention (DLP) alert filter

Microsoft SC-400 Practice Test 1 - Free Online Exam Questions 1-40

Question 1 / 40

You are configuring a data loss prevention (DLP) policy to report when credit card data is found on a Windows 10 device joined to Azure Active Directory (Azure AD).

You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.

What should you configure in the policy rule?

the incident report

an action

user notifications

user overrides

Comment (0)

Microsoft SC-400 Practice Test 1

Question

Drag and Drop

Hot Area

Microsoft SC-400 Practice Tests

Practice Tests