1. Home
  2. Microsoft
  3. SC-400

Microsoft Information Protection Administrator

Exam Details

  • Exam Code
    :SC-400
  • Exam Name
    :Microsoft Information Protection Administrator
  • Certification
    :Role-based
  • Vendor
    :Microsoft
  • Total Questions
    :309 Q&As
  • Last Updated
    :May 11, 2024

Microsoft Role-based SC-400 Questions & Answers

  • Question 21:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

    You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

    You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

    Solution: From the Cloud App Security portal, you mark the application as Unsanctioned.

    Does this meet the goal?

    A. Yes

    B. No

  • Question 22:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

    You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

    You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

    Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.

    Does this meet the goal?

    A. Yes

    B. No

  • Question 23:

    You have a Microsoft 365 subscription that uses Microsoft Exchange Online.

    You need to receive an alert if a user emails sensitive documents to specific external domains. What should you create?

    A. a data loss prevention (DLP) policy that uses the Privacy category

    B. a Microsoft Cloud App Security activity policy

    C. a Microsoft Cloud App Security file policy

    D. a data loss prevention (DLP) alert filter

  • Question 24:

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

    You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

    Solution: You configure a mail flow rule that matches the text patterns.

    Does this meet the goal?

    A. Yes

    B. No

  • Question 25:

    You create a retention label that has a retention period of seven years.

    You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.

    What should you create?

    A. a retention label policy of type publish

    B. a retention policy that retains file automatically

    C. a retention policy that deletes files automatically

    D. a retention label policy of type auto-apply

  • Question 26:

    You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.

    From a computer named Computer1, a user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue. What are two possible causes of the issue? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

    A. The computers are NOT onboarded to the Microsoft 365 compliance center.

    B. The Copy to clipboard action is set to Audit only.

    C. There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings.

    D. The Access by unallowed apps action is set to Audit only.

    E. The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.

  • Question 27:

    You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.

    You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:

    1.

    If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.

    2.

    All other users must be blocked from copying the file. What should you create?

    A. two DLP policies that each contains one DLP rule

    B. one DLP policy that contains one DLP rule

    C. one DLP policy that contains two DLP rules

  • Question 28:

    You need to be alerted when users share sensitive documents from Microsoft One Drive to any users outside your company. What should you do?

    A. From the Exchange admin center, create a data loss prevention (DLP) policy.

    B. From the Azure portal, create an Azure Active Directory (Azure AD) Identity Protection policy.

    C. From the Microsoft 365 compliance center, create an insider risk policy.

    D. From the Cloud App Security portal, create a file policy.

  • Question 29:

    Your company has a Microsoft 365 tenant.

    The company performs annual employee assessments. The assessment results are recorded in a document named AssessmentTemplate.docx that is created by using a Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.

    You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents. The solution must minimize effort.

    What should you include in the solution?

    A. Create a fingerprint of 100 sample documents in the Assessments folder.

    B. Create a sensitive info type that uses Exact Data Match (EDM).

    C. Import 100 sample documents from the Assessments folder to a seed folder.

    D. Create a fingerprint of AssessmentTemplate.docx.

  • Question 30:

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

    You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

    You need to ensure that Endpoint DLP policies can protect content on the computers.

    Solution: You onboard the computers to Microsoft Defender for Endpoint.

    Does this meet the goal?

    A. Yes

    B. No

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-400 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.