Free SC-401 Questions for Microsoft Administering Information Security in Microsoft 365 SC-401 Exam as PDF & Practice Test Engine
You have a Microsoft 365 E5 subscription that contains four users named User1, User2, User3, and User4 and a file named File1.docx. File1 has a sensitivity label applied. The label is configured as shown in the following table.
Which users can summarize File1 by using Microsoft 365 Copilot?
Which users can summarize File1 by using Microsoft 365 Copilot?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
You have a Microsoft 365 E5 subscription that uses Microsoft Purview.
You create a communication compliance policy named Policy1 and select Detect Microsoft Copilot interactions.
Which two trainable classifiers will be added to Policy1 automatically? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You create a communication compliance policy named Policy1 and select Detect Microsoft Copilot interactions.
Which two trainable classifiers will be added to Policy1 automatically? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Correct Answer: C,E
Vote an answer
Hotspot Question
You have a Microsoft 365 ES subscription that uses Microsoft Exchange Online and Teams.
You need to ensure that when a user sends a message containing a cloud attachment, a retention label is applied to the cloud attachment by using an auto-labeling policy.
How should you configure the retention label to start the retention period, and to which locations should you apply the auto-labeling policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 ES subscription that uses Microsoft Exchange Online and Teams.
You need to ensure that when a user sends a message containing a cloud attachment, a retention label is applied to the cloud attachment by using an auto-labeling policy.
How should you configure the retention label to start the retention period, and to which locations should you apply the auto-labeling policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Labeled
Automatically apply a retention label to retain or delete content
Auto-apply labels to cloud attachments
You might need to use this option if you're required to capture and retain all copies of files in your tenant that are sent over communications by users, or files that are referenced in Copilot for Microsoft 365. You use this option in conjunction with retention policies for the communication services themselves; Exchange, Teams, Viva Engage, and Copilot for Microsoft 365.
Important
When you select a label to use for auto-applying retention labels for cloud attachments, ensure that the label retention setting Start the retention period based on is When items were labeled.
Box 2: Microsoft 365 Group mailboxes & sites only
When you select a label to use for auto-applying retention labels for cloud attachments, make sure the label retention setting Start the retention period based on is When items were labeled.
When you configure the locations for this option, you can select:
* SharePoint classic and communication sites for shared files stored in SharePoint communication sites, team sites that aren't connected by Microsoft 365 groups, and classic sites.
*-> Microsoft 365 Groups for shared files that are stored in team sites connected by Microsoft 365 groups.
* OneDrive accounts for shared files stored in users' OneDrive.
Reference:
https://learn.microsoft.com/en-us/purview/apply-retention-labels-automatically
Hotspot Question
You have a Microsoft 365 subscription.
You identify the following data loss prevention (DLP) requirements:
- Send notifications to users if they attempt to send attachments that
contain an EU Social Security Number (SSN) or Equivalent ID.
- Prevent any email messages that contain credit card numbers from
being sent outside your organization.
- Block the external sharing of Microsoft OneDrive content that
contains EU passport numbers.
- Send administrators email alerts if any rule matches occur.
What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You identify the following data loss prevention (DLP) requirements:
- Send notifications to users if they attempt to send attachments that
contain an EU Social Security Number (SSN) or Equivalent ID.
- Prevent any email messages that contain credit card numbers from
being sent outside your organization.
- Block the external sharing of Microsoft OneDrive content that
contains EU passport numbers.
- Send administrators email alerts if any rule matches occur.
What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
You have a Microsoft 365 E5 subscription. The subscription contains 500 Windows devices that are onboarded to Microsoft Purview.
You need to prevent users from sharing sensitive information with third-party generative AI websites.
Which Microsoft Purview solution should you use?
You need to prevent users from sharing sensitive information with third-party generative AI websites.
Which Microsoft Purview solution should you use?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Hotspot Question
You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
The subscription contains a Windows 11 device named Device1 and has the Microsoft Purview Information Protection client installed. Device1 contains the resources shown in the following table.
You publish a sensitivity label named Label1 to User1 and Group1.
For each of the following statements, select Yes if the statement is true, Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
The subscription contains a Windows 11 device named Device1 and has the Microsoft Purview Information Protection client installed. Device1 contains the resources shown in the following table.
You publish a sensitivity label named Label1 to User1 and Group1.
For each of the following statements, select Yes if the statement is true, Otherwise, select No.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: Yes
png is supported file format.
Box 2: No
Folder2 is the root folder.
Note:
Label and protect one or more files
The label and protection that you apply to a file will stay with a file, even if you email the file outside your organization or save it to another location. You can use the following steps to apply a label for the first time or to change the label for already protected files.
Box 3: Yes
Docx is supported file format.
Note: The following folders are excluded from classifying and labeling by the information protection client:
Windows
Program Files (\Program Files and \Program Files (x86))
\ProgramData
\AppData (for all users)
Reference:
https://learn.microsoft.com/en-us/purview/information-protection-client
You have a Microsoft 365 subscription that contains 100 users and a Microsoft 365 group named Group1.
All users have Windows 11 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
All users have Windows 11 devices and use Microsoft SharePoint Online and Exchange Online.
A sensitivity label named Label1 is published as the default label for Group1.
You add two sublabels named Sublabel1 and Sublabel2 to Label1.
You need to ensure that the settings in Sublabel1 are applied by default to Group1.
What should you do?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Drag and Drop Question
You have a Microsoft 365 E5 subscription.
You need to prevent the sharing of sensitive information in Microsoft Teams.
Which entities can you protect by applying a data loss prevention (DLP) policy to each resource?
To answer, drag the appropriate activities to the correct entity. Each activity may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
You need to prevent the sharing of sensitive information in Microsoft Teams.
Which entities can you protect by applying a data loss prevention (DLP) policy to each resource?
To answer, drag the appropriate activities to the correct entity. Each activity may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Reference:
https://learn.microsoft.com/en-us/purview/dlp-microsoft-teams
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company. What should you do?
Correct Answer: A
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
SIMULATION
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and select the username below.
To enter your password, place your cursor in the Enter password box and select the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: XXXXXXXXX
If the Microsoft Edge browser or Microsoft 365 portal does not load successfully, select the Microsoft Edge browser icon from the task bar, type the URL "https://admin.microsoft.com", and press Enter.
The following information is for technical support purposes only:
Lab Instance: XXXXXXXXX
Task 5
You need to simulate applying the Confidential - Finance label to all the content in the Exchange emails, the SharePoint sites, and the OneDrive accounts that contain the Credit Card Number sensitive info type.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and select the username below.
To enter your password, place your cursor in the Enter password box and select the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: XXXXXXXXX
If the Microsoft Edge browser or Microsoft 365 portal does not load successfully, select the Microsoft Edge browser icon from the task bar, type the URL "https://admin.microsoft.com", and press Enter.
The following information is for technical support purposes only:
Lab Instance: XXXXXXXXX
Task 5
You need to simulate applying the Confidential - Finance label to all the content in the Exchange emails, the SharePoint sites, and the OneDrive accounts that contain the Credit Card Number sensitive info type.
Correct Answer:
Simulation mode is supported for auto-labeling policies and woven into the workflow. You can't automatically label documents and emails until your policy has run at least one simulation.
Workflow for an auto-labeling policy:
1. Create and configure an auto-labeling policy.
2. Run the policy in simulation mode, which can take 12 hours to complete. The completed simulation triggers an email notification that's sent to the user configured to receive activity alerts.
3. Review the results, and if necessary, refine your policy.
4. Repeat step 3 as needed.
5. Deploy in production.
Creating an auto-labeling policy
Step 1: Sign in to the Microsoft Purview portal > Solutions > Information Protection > Policies > Auto-labeling policies.
Step 2: Select + Create auto-labeling policy. This starts the New policy configuration:
Step 3: For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose a sensitivity label pane, and then select Next.
Step 4: For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy [Select Confidential - Finance label]. You can refine your search by using the search or dropdown box for countries or regions. Or, select Custom policy if the templates don't meet your requirements. Select Next.
Step 5: For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.
Step 6: For the page Assign admin units: [Keep default]
If you don't want to restrict the policy by using administrative units, or your organization hasn't configured administrative units, keep the default of Full directory.
Step 7: For the page Choose locations where you want to apply the label: Select and specify locations for Exchange, SharePoint, and OneDrive.
Step 8: For the Set up common or advanced rules page: Keep the default of Common rules to define rules that identify content to label across all your selected locations. If you need different rules per location, including some rules that are only available for Exchange, or SharePoint sites and OneDrive accounts, select Advanced rules. Then select Next. [select Advanced rules. Then select Next]
8a. To select a sensitive information type or trainable classifier as a condition, under Content contains, select Add, and then choose Sensitive info types or Trainable classifiers.
8b. Select the the Credit Card Number sensitive info type.
Step 9: Depending on your previous choices, you'll now have an opportunity to create new rules by using conditions and exceptions. [Skip] Step 10: If your policy includes the Exchange location: Specify optional configurations [Skip] Step 11: For the Decide if you want to test out the policy now or later page: Select Run policy in simulation mode if you're ready to run the auto-labeling policy now, in simulation mode.
Step 12: For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the configuration.
Reference:
https://learn.microsoft.com/en-us/purview/apply-sensitivity-label-automatically
Workflow for an auto-labeling policy:
1. Create and configure an auto-labeling policy.
2. Run the policy in simulation mode, which can take 12 hours to complete. The completed simulation triggers an email notification that's sent to the user configured to receive activity alerts.
3. Review the results, and if necessary, refine your policy.
4. Repeat step 3 as needed.
5. Deploy in production.
Creating an auto-labeling policy
Step 1: Sign in to the Microsoft Purview portal > Solutions > Information Protection > Policies > Auto-labeling policies.
Step 2: Select + Create auto-labeling policy. This starts the New policy configuration:
Step 3: For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose a sensitivity label pane, and then select Next.
Step 4: For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy [Select Confidential - Finance label]. You can refine your search by using the search or dropdown box for countries or regions. Or, select Custom policy if the templates don't meet your requirements. Select Next.
Step 5: For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.
Step 6: For the page Assign admin units: [Keep default]
If you don't want to restrict the policy by using administrative units, or your organization hasn't configured administrative units, keep the default of Full directory.
Step 7: For the page Choose locations where you want to apply the label: Select and specify locations for Exchange, SharePoint, and OneDrive.
Step 8: For the Set up common or advanced rules page: Keep the default of Common rules to define rules that identify content to label across all your selected locations. If you need different rules per location, including some rules that are only available for Exchange, or SharePoint sites and OneDrive accounts, select Advanced rules. Then select Next. [select Advanced rules. Then select Next]
8a. To select a sensitive information type or trainable classifier as a condition, under Content contains, select Add, and then choose Sensitive info types or Trainable classifiers.
8b. Select the the Credit Card Number sensitive info type.
Step 9: Depending on your previous choices, you'll now have an opportunity to create new rules by using conditions and exceptions. [Skip] Step 10: If your policy includes the Exchange location: Specify optional configurations [Skip] Step 11: For the Decide if you want to test out the policy now or later page: Select Run policy in simulation mode if you're ready to run the auto-labeling policy now, in simulation mode.
Step 12: For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the configuration.
Reference:
https://learn.microsoft.com/en-us/purview/apply-sensitivity-label-automatically
0
0
0
10