Summer Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Microsoft SC-401 Administering Information Security in Microsoft 365 Exam Practice Test

Page: 1 / 22
Total 223 questions

Administering Information Security in Microsoft 365 Questions and Answers

Question 1

HOTSPOT

How many files in Site2 can User1 and User2 access after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 1

Options:

Question 2

You need to meet the retention requirement for the users ' Microsoft 365 data.

What is the minimum number of retention policies required to achieve the goal?

Options:

A.

1

B.

2

C.

3

D.

4

E.

6

Question 3

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you assign the Sensitivity Label Administrator role?

Options:

A.

Admin1 only

B.

Admin1 and Admin4 only

C.

Admin1 and Admin5 only

D.

Admin1, Admin2, and Admin3 only

E.

Admin1, Admin2, Admin4, and Admin5 only

Question 4

HOTSPOT

You need to meet the technical requirements for the confidential documents.

What should you create first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 4

Options:

Question 5

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 5

Options:

Question 6

HOTSPOT

You are reviewing policies for the SharePoint Online environment.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 6

Options:

Question 7

You have a Microsoft S65 E5 subscription that contains two users named User! and Admin1 Admin1 manages audit retention policies for the subscription.

You need to ensure that the audit logs of User1 will be retained for 10 years.

What should you do first?

Options:

A.

Assign a Microsoft Purview Audit (Premium) add on license to User1.

B.

Assign a 10 year audit log retention add-on license to Admin1.

C.

Assign a 10-year audit log retention add-on license to User1.

D.

Assign a Microsoft Purview Audit (Premium) add-on license to Admin1.

Question 8

You have a Microsoft 365 tenant.

You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters.

You need to implement a data loss prevention (DLP) solution that meets the following requirements:

● Email messages that contain a single customer identifier can be sent outside your company.

● Email messages that contain two or more customer identifiers must be approved by the company ' s data privacy team.

Which two components should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

a sensitivity label

B.

a sensitive information type

C.

a DLP policy

D.

a retention label

E.

a mail flow rule

Question 9

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

Solution: You run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminAuditLogCmdlets *Mailbox* command.

Does that meet the goal?

Options:

A.

Yes

B.

No

Question 10

You have a Microsoft SharePoint Online site named Site1 that contains a document library. The library contains more than 1,000 documents. Some of the documents are job applicant resumes. All the documents are in the English language.

You plan to apply a sensitivity label automatically to any document identified as a resume. Only documents that contain work experience, education, and accomplishments must be labeled automatically.

You need to identify and categorize the resumes. The solution must minimize administrative effort.

What should you include in the solution?

Options:

A.

a trainable classifier

B.

a keyword dictionary

C.

a function

D.

an exact data match (EDM) classifier

Question 11

You have a Microsoft 365 E5 subscription that contains a Microsoft Teams channel named Channel1. Channel1 contains research and development documents.

You plan to implement Microsoft 365 Copilot for the subscription.

You need to prevent the contents of files stored in Channel1 from being included in answers generated by Copilot and shown to unauthorized users.

What should you use?

Options:

A.

data loss prevention (DLP)

B.

Microsoft Purview insider risk management

C.

Microsoft Purview Information Barriers

D.

sensitivity labels

Question 12

You have a Microsoft 365 E5 subscription that contains a retention policy named RP1 as shown in the following table.

Question # 12

You place a preservation lock on RP1.

You need to modify RP1.

Which two modifications can you perform? Each correct answer presents part of the solution.

NOTE : Each correct selection is worth one point.

Options:

A.

Add locations to the policy.

B.

Delete the policy.

C.

Remove locations from the policy.

D.

Decrease the retention period of the policy.

E.

Disable the policy.

F.

Increase the retention period of the policy.

Question 13

You have a Microsoft 365 E5 subscription that contains a user named User1.

You need to ensure that all email messages that contain attachments are encrypted automatically by using Microsoft Purview Message Encryption.

What should you create?

Options:

A.

a mail flow rule

B.

an information barrier segment

C.

a data loss prevention (DLP) policy

D.

a sensitivity label

Question 14

DRAG DROP

You need to create a trainable classifier that can be used as a condition in an auto-apply retention label policy.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 14

Options:

Question 15

You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.

What should you do?

Options:

A.

From the Microsoft Purview portal create an insider risk policy

B.

From the Microsoft Defender portal create a file policy

C.

From the Microsoft Defender portal, create an activity policy.

D.

From the Microsoft Purview portal, start a data investigation.

Question 16

You have a Microsoft 365 subscription that contains the devices shown in the following table.

Question # 16

From which devices can Microsoft Purview Insider Risk Management capture forensic evidence?

Options:

A.

Device only

B.

Device2 only

C.

Device1 and Device2 only

D.

Device2 and Device3 only

E.

Device1, Device2 and Device3

Question 17

You have two Microsoft 365 subscriptions named Contoso and Fabrikam. The subscriptions contain the users shown in the following table.

Question # 17

You have a sensitivity label named Sensitivity! as shown in the exhibit. (Click the Exhibit tab) you have the files shown in the following table.

Question # 17

For each of the following statements, select yes if the statement is true. Otherwise select No.

NOTE: Each correct selection is worth one point.

Question # 17

Options:

Question 18

You have a Microsoft 365 E5 tenant that contains a user named User1. User1 is assigned the Compliance Administrator role. User1 cannot view the regular expression in the IP Address sensitive info type. You need to ensure that User! can view the regular expression. What should you do?

Options:

A.

Assign Used to the Reviewer role group

B.

Create a copy of the IP Address sensitive info type and instruct User1 to edit the copy.

C.

Instruct User1 to use the Test function on the sensitive info type.

D.

Assign User1 the Global Reader role.

Question 19

You have a Microsoft 565 E5 subscription.

You plan to use Microsoft Purview insider risk management.

You need to create an insider risk management policy that will detect data theft from Microsoft SharePoint Online by users that submitted their resignation or are near their employment termination date.

What should you do first?

Options:

A.

Configure a HR data connector.

B.

Configure Office indicators.

C.

Configure a Physical badging connector.

D.

Onboard devices to Microsoft Defender for Endpoint.

Question 20

You have a Microsoft 365 E5 subscription. The subscription contains 500 devices that are onboarded to Microsoft Purview.

You select Activate Microsoft Purview Audit.

You need to ensure that you can track interactions between users and generative AI websites.

What should you deploy to the devices?

Options:

A.

the Microsoft Purview extension

B.

the Microsoft Purview Information Protection client

C.

the Microsoft Defender Browser Protection extension

D.

Endpoint analytics

Question 21

You have Microsoft 365 E5 subscription that uses data loss prevention (DLP) to protect sensitive information.

You have a document named Form.docx.

You plan to use PowerShell to create a document fingerprint based on Form.docx.

You need to first connect to the subscription.

Which cmdlet should you run?

Options:

A.

Connect-IPPSSession

B.

Connect-SPOService

C.

Connect-ExchangeOnline

D.

Connect-MgGraph

Question 22

You have a Microsoft J65 subscription linked to a Microsoft Entra tenant that contains a user named User1. You need to grant User1 permission to search Microsoft 365 audit logs. The solution must use the principle of least privilege. Which role should you assign to User1?

Options:

A.

the Security Reader role in the Microsoft Entra admin center

B.

the Compliance Management role in the Exchange admin center

C.

the View Only Audit Logs role in the Exchange admin center

D.

the Reviewer role in the Microsoft Purview portal

Question 23

You have a Microsoft 365 E5 subscription.

You need to review a Microsoft 365 Copilot usage report.

From where should you review the report?

Options:

A.

Information Protection in the Microsoft Purview portal

B.

the Microsoft 365 admin center

C.

DSPM for Al in the Microsoft Purview portal

D.

the Microsoft Defender portal

Question 24

You have a Microsoft 365 E5 tenant and the Windows Client devices shown in the following table.

Question # 24

To which devices can you apply Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings?

Options:

A.

Device1 only

B.

Device1 and Dev»ce2 only

C.

Device1 and Device3 only

D.

Device1. Device3, and Device4 only

E.

Device1, Devke2. Device3, and Device4

Question 25

You have a Microsoft 365 E5 subscription that contains two users named User! and User2. The subscription has a data loss prevention (DLP) policy named Policy 1.

User2 sends an outbound message that generates a false positive for Policy1.

You need to ensure that User1 can download the message that generated the alert The solution must follow the principle of least privilege.

To which role group should you add User1?

Options:

A.

Data Investigator

B.

Global Reader

C.

eDiscovery Manager

D.

Security Operator

Question 26

You have a Microsoft 36S ES subscription.

From the Microsoft Purview Data Security Posture Management for Al portal, you review the recommendations for Al data security

You plan to create a one-click policy to block elevated risk users from pasting or uploading sensitive data to Al websites

How will the policy be configured? To answer, select the appropriate options in the answer area

NOTE: Each correct selection is worth one point.

Question # 26

Options:

Question 27

You have a Microsoft 36S subscription.

In Microsoft Exchange Online, you configure the mail flow rule shown in the following exhibit.

Question # 27

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Question # 27

Options:

Question 28

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties.

You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.

Solution: You configure a mail flow rule that matches a sensitive info type.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 29

You have the files shown in the following table.

Question # 29

You configure a retention policy as shown > n the exhibit. (Click the Exhibit lab.)

The start of the retention period is based on when items are created. The current date is January 01. 207S.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 29

Options:

Question 30

You have a Microsoft 365 E5 subscription.

You need to create a sensitivity label named Label1. The solution must ensure that users can use Microsoft 365 Copilot to summarize files that have Label1 applied.

Which permission should you select for Label1?

Options:

A.

Export content(EXPORT)

B.

Copy and extract content(EXTRACT)

C.

Edit content(DOCEDIT)

D.

View rights(VIEW)

Question 31

You have a Microsoft 365 subscription.

You have a Microsoft SharePoint Online site named Site1. Site1 has a document library that contains the files shown in the following table.

Question # 31

From the Microsoft Purview compliance portal, for Site1 you create a content search named Search1 that has the date in the YYYY-MM-DD format as shown in the following exhibit.

Question # 31

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 31

Options:

Question 32

You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.

You need to ensure that you receive an alert when a user uploads a document to a third-party cloud storage service.

What should you use?

Options:

A.

an activity policy

B.

a sensitivity label

C.

a file policy

D.

an insider risk policy

Question 33

You have a Microsoft 365 subscription. Auditing is enabled.

A user named User1 is a member of a dynamic security group named Group1.

You discover that User1 is no longer a member of Group1.

You need to search the audit log to identify why User1 was removed from Group1.

Which two activities should you use in the search? To answer, select the appropriate activities in the answer area.

NOTE: Each correct selection is worth one point.

Question # 33

Options:

Page: 1 / 22
Total 223 questions