Microsoft Administering Information Security in Microsoft 365 - SC-401 Exam Questions
QUESTION NO: 1
You have a Microsoft 365 E5 subscription. The subscription contains a user named User1 and the sensitivity labels shown in the following table.
You publish the labels to User1.
The subscription contains the files shown in the following table.
Which files can Microsoft 365 Copilot summarize for User1?
You have a Microsoft 365 E5 subscription. The subscription contains a user named User1 and the sensitivity labels shown in the following table.
You publish the labels to User1.
The subscription contains the files shown in the following table.
Which files can Microsoft 365 Copilot summarize for User1?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 2
You have a Microsoft 365 subscription that contains 100 users and a Microsoft 365 group named Group1.
All users have Windows 11 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
You have a Microsoft 365 subscription that contains 100 users and a Microsoft 365 group named Group1.
All users have Windows 11 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
You receive an email that contains a list of words that will be used for a sensitive information type.
You need to create a file that can be used as the source of a keyword dictionary.
In which format should you save the list?
You receive an email that contains a list of words that will be used for a sensitive information type.
You need to create a file that can be used as the source of a keyword dictionary.
In which format should you save the list?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
You have a Microsoft 365 E5 subscription. Microsoft Priva Privacy Risk Management licenses are assigned to all users.
You need to review and delete all the personal data that relates to a former employee. The solution must minimize administrative effort.
What should you do first?
You have a Microsoft 365 E5 subscription. Microsoft Priva Privacy Risk Management licenses are assigned to all users.
You need to review and delete all the personal data that relates to a former employee. The solution must minimize administrative effort.
What should you do first?
Correct Answer: A
QUESTION NO: 5
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
You plan to implement insider risk management and capture forensic evidence.
Which devices support the collection of forensic evidence, and what should you do to prepare each supported device? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
You plan to implement insider risk management and capture forensic evidence.
Which devices support the collection of forensic evidence, and what should you do to prepare each supported device? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Device1 and Device2 only.
Microsoft 365 Insider Risk Management supports the capture of forensic evidence from Windows
10 and Windows 11 Enterprise client devices and Azure Virtual Desktop (AVD) session hosts. For Windows devices, you must install the Microsoft Purview client, while for AVD, session hosts must meet specific hardware and configuration requirements, including being Microsoft Entra ID- joined.
Box 2: Onboard the devices to Microsoft Purview and install the Microsoft Purview Client Devices must be onboarded and have the Microsoft Purview client installed: Before forensic evidence can collect and store clips captured for eligible users, their devices must be onboarded to the Microsoft Purview portal. Additionally, each device must have the Microsoft Purview Client installed. These prerequisites enable support for both online and offline device capturing.
Reference:
https://learn.microsoft.com/en-us/purview/insider-risk-management-forensic-evidence
QUESTION NO: 6
You have a Microsoft 365 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2.
You plan to use policies to meet the following requirements:
- Add a watermark of Confidential to a document if the document
contains the words Project1 or Project2.
- Retain a document for seven years if the document contains credit
card information.
- Add a watermark of Internal Use Only to all the documents stored on
Site2.
- Add a watermark of Confidential to all the documents stored on Site1.
You need to recommend the minimum number of sensitive info types required.
How many sensitive info types should you recommend?
You have a Microsoft 365 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2.
You plan to use policies to meet the following requirements:
- Add a watermark of Confidential to a document if the document
contains the words Project1 or Project2.
- Retain a document for seven years if the document contains credit
card information.
- Add a watermark of Internal Use Only to all the documents stored on
Site2.
- Add a watermark of Confidential to all the documents stored on Site1.
You need to recommend the minimum number of sensitive info types required.
How many sensitive info types should you recommend?
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 7
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties.
You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches a sensitive info type.
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties.
You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches a sensitive info type.
Does this meet the goal?
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 8
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.
You have a custom employee information form named Template1.docx.
You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template1.docx.
What should you use to create Sensitive1, and in which DLP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.
You have a custom employee information form named Template1.docx.
You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template1.docx.
What should you use to create Sensitive1, and in which DLP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.
Correct Answer:
Explanation:
Box 1: Microsoft Purview portal
Box 2: DLP1, DLP2, and DLP3
DLP can use document fingerprinting as a detection method in Exchange, SharePoint, OneDrive, Teams, and Devices.
Reference:
https://learn.microsoft.com/en-us/purview/sit-document-fingerprinting
QUESTION NO: 9
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You plan to create a Microsoft Purview insider risk management case named Case1.
Which insider risk management object should you select first, and which users will be added as contributors for Case1 by default?
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You plan to create a Microsoft Purview insider risk management case named Case1.
Which insider risk management object should you select first, and which users will be added as contributors for Case1 by default?
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: An alert
To create a case in Microsoft Purview insider risk management, you always start from an alert.
Box 2: Admin2 and Admin3 only
Only Admin2 and Admin3 are added as contributors by default, because their roles involve investigation and analysis.
QUESTION NO: 10
You have a Microsoft 365 E5 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.
You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).
Which devices support Endpoint DLP?
You have a Microsoft 365 E5 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.
You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).
Which devices support Endpoint DLP?
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 11
Hotspot Question
You have a Microsoft 365 E5 subscription that has data loss prevention (DLP) implemented.
You plan to export DLP activity by using Activity explorer.
The exported file needs to display the sensitive info type detected for each DLP rule match.
What should you do in Activity explorer before exporting the data, and in which file format is the file exported? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hotspot Question
You have a Microsoft 365 E5 subscription that has data loss prevention (DLP) implemented.
You plan to export DLP activity by using Activity explorer.
The exported file needs to display the sensitive info type detected for each DLP rule match.
What should you do in Activity explorer before exporting the data, and in which file format is the file exported? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: To include the sensitive info type detected for each DLP rule match, you need to add a custom column in Activity Explorer. This ensures that the exported file contains specific details about the detected sensitive information types.
Box 2: DLP activity exports from Activity Explorer are always in CSV (Comma-Separated Values) format. This format allows for easy data analysis and reporting in Excel or other data-processing tools.
