ExamGecko
Login
Home / Microsoft / SC-400 / List of questions
Ask Question

Microsoft SC-400 Practice Test - Questions Answers, Page 4

List of questions

Question 31

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add the application to the unallowed apps list.

Does this meet the goal?

Yes

Yes

No

No
Suggested answer: A

Explanation:

Unallowed apps is a list of applications that you create which will not be allowed to access a DLP protected file.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide

asked 05/10/2024
Vishal Sahare
44 questions

Question 32

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Data Classification service inspection method and send alerts as email.

Does this meet the goal?

Yes

Yes

No

No
Suggested answer: B

Explanation:

Alerts must be sent to the Microsoft Teams site of the affected department. A Microsoft Power Automate playbook should be used.

Reference:

https://docs.microsoft.com/en-us/cloud-app-security/dcs-inspection

https://docs.microsoft.com/en-us/cloud-app-security/flow-integration

asked 05/10/2024
Eli Thompson
33 questions

Question 33

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Built-in DLP inspection method and send alerts to Microsoft Power Automate.

Does this meet the goal?

Yes

Yes

No

No
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/cloud-app-security/content-inspection-built-in

https://docs.microsoft.com/en-us/cloud-app-security/flow-integration

asked 05/10/2024
Issam Boumlic
44 questions

Question 34

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Built-in DLP inspection method and send alerts as email.

Does this meet the goal?

Yes

Yes

No

No
Suggested answer: B

Explanation:

Alerts must be sent to the Microsoft Teams site of the affected department. A Microsoft Power Automate playbook should be used.

Reference:

https://docs.microsoft.com/en-us/cloud-app-security/content-inspection-built-in

https://docs.microsoft.com/en-us/cloud-app-security/flow-integration

asked 05/10/2024
Ana Rosa Abascal Ortega
39 questions

Question 35

Report
Export
Collapse

You have a Microsoft 365 tenant that uses 100 data loss prevention (DLP) policies.

A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations.

You need recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy.

Which report should you recommend?

Third-party DLP policy matches

Third-party DLP policy matches

DLP policy matches

DLP policy matches

DLP incidents

DLP incidents

False positive and override

False positive and override
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide

asked 05/10/2024
Rambo Jhon
40 questions

Question 36

Report
Export
Collapse

You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.

Microsoft SC-400 image Question 36 108430 10052024010922000000

From a computer named Computer1, a user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue.

What are two possible causes of the issue? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

The computers are NOT onboarded to the Microsoft 365 compliance center.

The computers are NOT onboarded to the Microsoft 365 compliance center.

The Copy to clipboard action is set to Audit only.

The Copy to clipboard action is set to Audit only.

There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings.

There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings.

The Access by unallowed apps action is set to Audit only.

The Access by unallowed apps action is set to Audit only.

The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.

The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.
Suggested answer: D, E
asked 05/10/2024
Beena Bamania
34 questions

Question 37

Report
Export
Collapse

You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.

You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:

If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.

All other users must be blocked from copying the file.

What should you create?

two DLP policies that each contains one DLP rule

two DLP policies that each contains one DLP rule

one DLP policy that contains one DLP rule

one DLP policy that contains one DLP rule

one DLP policy that contains two DLP rules

one DLP policy that contains two DLP rules
Suggested answer: A
asked 05/10/2024
Johan Wu
27 questions

Question 38

Report
Export
Collapse

You need to be alerted when users share sensitive documents from Microsoft One Drive to any users outside your company.

What should you do?

From the Exchange admin center, create a data loss prevention (DLP) policy.

From the Exchange admin center, create a data loss prevention (DLP) policy.

From the Azure portal, create an Azure Active Directory (Azure AD) Identity Protection policy.

From the Azure portal, create an Azure Active Directory (Azure AD) Identity Protection policy.

From the Microsoft 365 compliance center, create an insider risk policy.

From the Microsoft 365 compliance center, create an insider risk policy.

From the Cloud App Security portal, create a file policy.

From the Cloud App Security portal, create a file policy.
Suggested answer: D

Explanation:

File Policies allow you to enforce a wide range of automated processes using the cloud provider's APIs. Policies can be set to provide continuous compliance scans, legal eDiscovery tasks, DLP for sensitive content shared publicly, and many more use cases.

Note:

There are several versions of this question in the exam. The question has two possible correct answers:

1. From the Microsoft 365 compliance center, create a data loss prevention (DLP) policy.

2. From the Cloud App Security portal, create a file policy.

Other incorrect answer options you may see on the exam include the following:

From the Microsoft 365 compliance center, start a data investigation.

From the Azure portal, create an Azure Information Protection policy.

Reference:

https://docs.microsoft.com/en-us/defender-cloud-apps/data-protection-policies

asked 05/10/2024
Christian Andrew TANAP
41 questions

Question 39

Report
Export
Collapse

Your company has a Microsoft 365 tenant.

The company performs annual employee assessments. The assessment results are recorded in a document named AssessmentTemplate.docx that is created by using a Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named

Assessments.

You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents. The solution must minimize effort.

What should you include in the solution?

Create a fingerprint of 100 sample documents in the Assessments folder.

Create a fingerprint of 100 sample documents in the Assessments folder.

Create a sensitive info type that uses Exact Data Match (EDM).

Create a sensitive info type that uses Exact Data Match (EDM).

Import 100 sample documents from the Assessments folder to a seed folder.

Import 100 sample documents from the Assessments folder to a seed folder.

Create a fingerprint of AssessmentTemplate.docx.

Create a fingerprint of AssessmentTemplate.docx.
Suggested answer: D

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/document-fingerprinting?view=o365-worldwide

asked 05/10/2024
Dasaret Tillman
40 questions

Question 40

Report
Export
Collapse

You have a Microsoft 365 subscription that uses Microsoft Exchange Online.

You need to receive an alert if a user emails sensitive documents to specific external domains.

What should you create?

a data loss prevention (DLP) policy that uses the Privacy category

a data loss prevention (DLP) policy that uses the Privacy category

a Microsoft Cloud App Security activity policy

a Microsoft Cloud App Security activity policy

a Microsoft Cloud App Security file policy

a Microsoft Cloud App Security file policy

a data loss prevention (DLP) alert filter

a data loss prevention (DLP) alert filter
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-policy-reference?view=o365-worldwide

asked 05/10/2024
Salvatore Andrisani
40 questions
Total 322 questions
Go to page: of 33
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Note: This question-is part of a series of questions that present the same scenario. Each question-in the series contains a unique solution that might meet the stated goals. Some question-sets might have more than one correct solution, while others might not have a correct solution. After you answer a question-in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You are configuring a file policy in Microsoft Cloud App Security. You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department. Solution: You use the Data Classification service inspection method and send alerts to Microsoft Power Automate. Does this meet the goal?
You have a Microsoft 365 subscription. You have a user named User1. Several users have full access to the mailbox of User1. Some email messages sent to User1 appear to have been read and deleted before the user viewed them. When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank. You need to ensure that you can view future sign-ins to the mailbox of User1. YOU run the Set-MailboxFolderPernission -Identity 'User1' -User Userlfcontoso.com -AccessRights Owner command. Does that meet the goal?
You have a Microsoft 365 E5 subscription. You need to identify personal data stored in the subscription and control the transfer of personal data between users and groups. Which type of license should you acquire?
SIMULATION 10 You plan to create a data loss prevention (DLP) policy that will apply to content containing the following keywords: * Tailspin * litware * Falcon You need to create a keyword list that can be used in the DLP policy. You do NOT need to create the DLP policy at this time.
You have a Microsoft 365 tenant that uses Microsoft Exchange Online. You need to recover deleted email messages from a user’s mailbox. Which two PowerShell cmdlets should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant that uses 100 data loss prevention (DLP) policies. A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations. You need recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy. Which report should you recommend?
You have a Microsoft 365 subscription. You have a user named User1. Several users have full access to the mailbox of User1. Some email messages sent to User1 appear to have been read and deleted before the user viewed them. When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank. You need to ensure that you can view future sign-ins to the mailbox of User1. YOU run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminiAuditLogCmdlets 'Mailbox* command. Does that meet the goal?
HOTSPOT You have a Microsoft 365 E5 subscription. You are implementing insider risk management You need to create an insider risk management notice template and format the message body of the notice template. How should you configure the template? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant. You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters. You need to implement a data loss prevention (DLP) solution that meets the following requirements: * Email messages that contain a single customer identifier can be sent outside your company, * Email messages that contain two or more customer identifiers must be approved by the company s data privacy team. Which two components should you include in the solution? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the users shown in the following table. You create the retention label shown in the following exhibit. Which users can perform a disposition review of content that has Retention 1 applied?