SC-400: Microsoft Information Protection Administrator Part 1
Question #: 5
Topic #: 1
You create three sensitivity labels named Sensitivity1, Sensitivity2, and Sensitivity3 and perform the following actions:
✑ Publish Sensitivity1.
✑ Create an auto-labeling policy for Sensitivity2.
You plan to create a file policy named Policy1 in Microsoft Cloud App Security.
Which sensitivity labels can you apply to Microsoft SharePoint Online in Policy1?
A. Sensitivity1 only
B. Sensitivity1, Sensitivity2, and Sensitivity3
C. Sensitivity2 only
D. Sensitivity1 and Sensitivity2 only
Selected Answer: A
Question #: 6
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You onboard the computers to Microsoft Defender for Endpoint.
Does this meet the goal?
A. Yes
B. No
Selected Answer: A
Question #: 7
Topic #: 9
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip justifications.
What should you recommend?
A. Instruct the compliance department users to review the False positive and override report.
B. Configure a Microsoft Power Automate workflow to route DLP notification emails to the compliance department.
C. Instruct the compliance department users to review the DLP incidents report.
D. Configure an Azure logic app to route DLP notification emails to the compliance department.
Selected Answer: C
Question #: 8
Topic #: 12
You need to recommend a solution that meets the executive requirements.
What should you recommend?
A. From the Microsoft 365 compliance center, create a DLP policy.
B. From the Exchange admin center, enable archive mailboxes.
C. From the Microsoft 365 compliance center, create a retention label.
D. From the Microsoft 365 compliance center, create a retention policy.
Selected Answer: D
Question #: 9
Topic #: 3
You have a Microsoft 365 E5 tenant that contains the policies shown in the following table.
A file named File1 has all the policies applied.
How long will File1 be retained?
A. File1 will be deleted automatically after seven years.
B. File1 will be deleted automatically after five years.
C. File1 will be retained until the file is deleted manually.
D. File1 will be deleted automatically after 10 years.
Selected Answer: D
Question #: 10
Topic #: 7
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)
NOTE: Each correct selection is worth one point.
A. Schedule EdmUploadAgent.exe to hash and upload a data file that contains employee information.
B. Create a sensitive info type rule package that contains the EDM classification.
C. Define the sensitive information database schema in the XML format.
D. Create a sensitive info type rule package that contains regular expressions.
E. Define the sensitive information database schema in the CSV format.
Selected Answer: ABC
Question #: 11
Topic #: 4
You have a Microsoft 365 tenant that has a retention label policy.
You need to configure the policy to meet the following requirements:
• Prevent the disabling or deletion of the policy.
• Ensure that new labels can be added.
• Prevent the removal of labels.
What should you do?
A. Import a file plan.
B. Enable insider risk management.
C. Enable the regulatory record option.
D. Create a preservation lock.
Selected Answer: C
Question #: 12
Topic #: 6
You have a Microsoft 365 E5 subscription that uses Microsoft Teams and contains a user named User1.
You configure Microsoft Purview Information Barriers.
You need to identify which information barrier policies apply to User1.
Which cmdlet should you use?
A. Get-OrganizationSegment
B. Get-InformationBarrierRecipientStatus
C. Get-InformationBarrierPolicy
D. Get-InformationBarrierPoliciesApplicationStatus
Selected Answer: B
Question #: 15
Topic #: 3
You have a Microsoft 365 tenant that uses Microsoft Teams.
You need to ensure that all internal communication is stored for a minimum of seven years.
What should you create first?
A. a retention label
B. a Microsoft SharePoint Online site
C. a Microsoft Exchange Online shared mailbox
D. a retention label policy
Selected Answer: D
Question #: 16
Topic #: 4
You have a Microsoft 365 E5 subscription.
You create a role group named Role1.
You need to add a role to Role1 that will enable group members to view the metadata of records that were tagged for deletion automatically at the end of the records’ retention period. The solution must use the principle of least privilege.
Which role should you add?
A. Review
B. View-Only Retention Management
C. Retention Management
D. Disposition Management
E. Record Management
Selected Answer: D
Question #: 17
Topic #: 1
You have a Microsoft OneDrive for Business folder that contains the files shown in the following table.
In Microsoft Cloud App Security, you create a file policy to automatically apply a classification.
What is the effect of applying the policy?
A. The policy will apply to only the .docx and .txt files. The policy will classify the files within 24 hours.
B. The policy will apply to all the files. The policy will classify only 100 files daily.
C. The policy will apply to only the .docx files. The policy will classify only 100 files daily.
D. The policy will apply to only the .docx and .txt files. The policy will classify the files immediately.
Selected Answer: C
Question #: 18
Topic #: 6
You have a Microsoft 365 E5 subscription.
You are implementing insider risk management.
You need to maximize the amount of historical data that is collected when an event is triggered.
What is the maximum number of days that historical data can be collected?
A. 30
B. 60
C. 90
D. 180
Selected Answer: C
Question #: 19
Topic #: 11
You need to meet the retention requirement for the users’ Microsoft 365 data.
What is the minimum number of retention policies that you should use?
A. 1
B. 2
C. 3
D. 4
E. 6
Selected Answer: B
Question #: 20
Topic #: 2
You have a Microsoft 365 tenant that uses 100 data loss prevention (DLP) policies.
A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations.
You need recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy.
Which report should you recommend?
A. Third-party DLP policy matches
B. DLP policy matches
C. DLP incidents
D. False positive and override
Selected Answer: B
Question #: 21
Topic #: 7
You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.
What should you recommend?
A. From the Microsoft 365 compliance center, configure an auto-labeling policy.
B. From Azure Information Protection, configure a content scan job.
C. From the Microsoft 365 compliance center, configure a Content Search query.
D. From the Microsoft 365 compliance center, configure a DLP policy.
Selected Answer: B
Question #: 22
Topic #: 10
You are evaluating the technical requirements for the DLP reports.
Which user can currently view the DLP reports?
A. Admin4
B. Admin1
C. Admin5
D. Admin2
E. Admin3
Selected Answer: E
Question #: 23
Topic #: 9
You need to recommend a solution that meets the compliance requirements for Dropbox.
What should you recommend?
A. Create a file policy in Cloud App Security that uses the built-in DLP inspection method.
B. Edit an existing retention label that enforces the item deletion settings.
C. Create a retention label that enforces the item deletion settings.
D. Create a DLP policy that applies to devices.
Selected Answer: A
Question #: 24
Topic #: 8
You need to meet the technical requirements for the Site3 documents.
What should you create?
A. a retention policy that has Only delete items when they reach a certain age selected
B. a retention label policy and a retention label that uses an event
C. a sensitive info type that uses a regular expression and a sensitivity label
D. a sensitive info type that uses a dictionary and a sensitivity label
Selected Answer: B
Question #: 28
Topic #: 9
You need to implement a solution that meets the compliance requirements for the Windows 10 computers.
Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.
A. Deploy a Microsoft 365 Endpoint data loss prevention (Endpoint DLP) configuration package to the computers.
B. Configure the Microsoft Intune device enrollment settings.
C. Configure hybrid Azure AD join for all the computers.
D. Configure a compliance policy in Microsoft Intune.
E. Enroll the computers in Microsoft Defender for Endpoint protection.
Selected Answer: AC
Question #: 29
Topic #: 4
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
You need to implement Microsoft Purview data lifecycle management.
What should you create first?
A. a sensitivity label policy
B. a retention label
C. a data loss prevention (DLP) policy
D. an auto-labeling policy
Selected Answer: B
Question #: 30
Topic #: 5
You have a Microsoft 365 E5 subscription that contains a user named User1.
You need to ensure that all email messages that contain attachments are encrypted automatically by using Microsoft Purview Message Encryption.
What should you create?
A. a sensitivity label
B. an information barrier segment
C. a data loss prevention (DLP) policy
D. a mail flow rule
Selected Answer: D
Question #: 31
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Data Classification service inspection method and send alerts to Microsoft Power Automate.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 32
Topic #: 8
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
A. Admin1, Admin2, Admin4, and Admin5 only
B. Admin1, Admin2, and Admin3 only
C. Admin1 only
D. Admin1 and Admin4 only
E. Admin1 and Admin5 only
Selected Answer: D
Question #: 33
Topic #: 3
In Microsoft Exchange Online, you have a retention policy named Policy1 that applies a retention tag named Tag1.
You plan to remove Tag1 from Policy1.
What will occur when you remove the tag from Policy1?
A. The content will remain tagged and the Managed Folder Assistant will process Tag1.
B. Tag1 will be removed if Policy1 applied the tag to the content.
C. The content will remain tagged, but the Managed Folder Assistant will ignore Tag1.
Selected Answer: A
Question #: 38
Topic #: 5
You have a Microsoft 365 E3 subscription.
You plan to audit all Microsoft Exchange Online user and admin activities.
You need to ensure that all the Exchange audit log records are retained for one year.
What should you do?
A. Modify the record type of the default audit retention policy.
B. Modify the retention period of the default audit retention policy.
C. Create a custom audit retention policy.
D. Assign Microsoft 365 Enterprise E5 licenses to all users.
Selected Answer: D
Question #: 39
Topic #: 9
You need to recommend a solution to configure the Microsoft 365 Records management settings by using the CSV file. The solution must meet the compliance requirements.
What should you recommend?
A. Use EdmUploadAgent.exe to upload a hash of the CSV to a datastore.
B. Use a PowerShell command that pipes the Import-Csv cmdlet to the New-RetentionPolicy cmdlet.
C. From the Microsoft 365 compliance center, import the CSV file to a file plan.
D. Use a PowerShell command that pipes the Import-Csv cmdlet to the New-Label cmdlet.
Selected Answer: A
Question #: 40
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Build-in DLP inspection method and send alerts to Microsoft Power Automate.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 41
Topic #: 4
You have a Microsoft 365 E5 subscription.
You plan to implement retention policies for Microsoft Teams.
Which item types can be retained?
A. voice memos from the Teams mobile client
B. embedded images
C. code snippets
Selected Answer: B
Question #: 42
Topic #: 3
You have a Microsoft 365 E5 tenant that contains a user named User1.
You need to identify the type and number of holds placed on the mailbox of User1.
What should you do first?
A. From the Microsoft 365 compliance center, create an eDiscovery case.
B. From Exchange Online PowerShell, run the Get-Mailbox cmdlet.
C. From the Microsoft 365 compliance center, run a content search.
D. From Exchange Online PowerShell, run the Get-HoldCompliancePolicy cmdlet.
Selected Answer: B
Question #: 45
Topic #: 2
Your company has a Microsoft 365 tenant that uses a domain named contoso.com.
You are implementing data loss prevention (DLP).
The company’s default browser is Microsoft Edge.
During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft
SharePoint Online site that has a URL of https://m365x076709.sharepoint.com. Users are blocked from uploading the confidential files to the site from Microsoft
Edge.
You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services.
Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.
A. From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add m365x076709.sharepoint.com as a blocked service domain.
B. Create a DLP policy that applies to the Devices location.
C. From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.
D. From the Microsoft 365 compliance center, onboard the devices.
E. From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add contoso.com as an allowed service domain.
Selected Answer: CD
Question #: 46
Topic #: 4
You have a Microsoft 365 E5 subscription that contains the adaptive scopes shown in the following table.
You create the retention policies shown in the following table.
Which retention policies support a preservation lock?
A. RPolicy2 only
B. RPolicy3 only
C. RPolicy1 and RPolicy2 only
D. RPolicy1 and RPolicy3 only
E. RPolicy1, RPolicy2, and RPolicy3
Selected Answer: B
Question #: 47
Topic #: 6
You have a Microsoft 365 E5 subscription that uses Microsoft Purview. The subscription contains two groups named Group1 and Group2.
You need to implement a policy to detect messages that present a conflict of interest between the users in Group1 and the users in Group2.
What should you use in the Microsoft Purview compliance portal?
A. Insider risk management
B. Privacy risk management
C. Information barriers
D. Communication compliance
Selected Answer: D
Question #: 48
Topic #: 3
You have a Microsoft 365 tenant that uses Microsoft Exchange Online.
You need to recover deleted email messages from a user’s mailbox.
Which two PowerShell cmdlets should you use? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Restore-RecoverableItems
B. Get-MailboxRestoreRequest
C. Restore-Mailbox
D. Get-RecoverableItems
E. Set-MailboxRestoreRequest
Selected Answer: AD
Question #: 54
Topic #: 5
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You have the core eDiscovery cases shown in the following table.
You need to ensure that Admin3 can create holds in Case1 and Case2. The solution must use the principle of least privilege.
To what should you add Admin3?
A. the Global Administrator role
B. the eDiscovery Manager role group
C. the Compliance Manager Contributors role group
D. the eDiscovery Administrator role group
Selected Answer: D
Question #: 59
Topic #: 6
You have a Microsoft 365 E5 subscription.
You need to identify personal data stored in the subscription and control the transfer of personal data between users and groups.
Which type of license should you acquire?
A. Microsoft Purview Audit (Premium)
B. Priva Privacy Risk Management
C. Microsoft 365 E5 Compliance
D. Priva Subject Rights Requests
Selected Answer: B
Question #: 60
Topic #: 4
You have a Microsoft 365 subscription.
You need to ensure that users can apply retention labels to individual documents in their Microsoft SharePoint libraries.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. From the Microsoft Purview compliance portal, create a label.
B. From Microsoft Defender for Cloud Apps, create a file policy.
C. From the Microsoft Purview compliance portal, publish a label.
D. From the SharePoint admin center, modify the Site Settings.
E. From the SharePoint admin center, modify the records management settings.
Selected Answer: AC
Question #: 63
Topic #: 4
You have a Microsoft 365 E5 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2.
You plan to configure a retention label named Label1 and apply Label1 to all the files in Site1.
You need to ensure that two years after a file is created in Site1, the file moves automatically to Site2.
How should you configure the Choose what happens after the retention period setting for Label1?
A. Run a Power Automate flow
B. Change the label
C. Deactivate retention settings
D. Start a disposition review
Selected Answer: A
Question #: 64
Topic #: 6
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
You create an information barrier segment named Segment1.
You need to add Segment1 to Site1.
What should you do first?
A. Run the Set-SPOSite cmdlet.
B. Run the Set-SPOTenant cmdlet.
C. Create an information barrier policy.
D. Modify the permissions of Site1.
Selected Answer: C
Question #: 65
Topic #: 1
You are implementing a data classification solution.
The research department at your company requires that documents containing programming code be labeled as Confidential. The department provides samples of the code from its document library. The solution must minimize administrative effort.
What should you do?
A. Create a custom classifier.
B. Create a sensitive info type that uses Exact Data Match (EDM).
C. Use the source code classifier.
D. Create a sensitive info type that uses a regular expression.
Selected Answer: B
Question #: 66
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You deploy the Endpoint DLP configuration package to the computers.
Does this meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 69
Topic #: 1
You have a new Microsoft 365 tenant.
You need to ensure that custom trainable classifiers can be created in the tenant.
To which role should you be assigned to perform the configuration?
A. Security administrator
B. Security operator
C. Global administrator
D. Compliance administrator
Selected Answer: D
Question #: 70
Topic #: 5
You have a Microsoft 365 E5 subscription.
You need to export the details of a retention label. The export must include the following information:
• Is record
• Is regulatory
• Disposition type
What should you do?
A. From the Microsoft Purview compliance portal, export Compliance Manager assessment actions.
B. From the Microsoft Purview compliance portal export a file plan.
C. From the Microsoft Purview compliance portal, export a disposition review.
D. From PowerShell, run the Export-ActivityExplorerData cmdlet.
E. From PowerShell, run the Get-RetentionEvent cmdlet.
Selected Answer: B
Question #: 71
Topic #: 3
You have a Microsoft SharePoint Online site that contains employee contracts in a document library named Contracts.
The contracts must be treated as records in accordance with your company’s records management policy.
You need to implement a solution to automatically mark all the contracts as records when they are uploaded to Contracts.
Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.
A. Create a sensitivity label.
B. Create a retention label.
C. Configure a default label on the Contracts document library.
D. Create a retention policy.
E. Create a file plan.
F. Create a retention lock.
Selected Answer: CE
Question #: 72
Topic #: 2
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the Review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
A. Edit the policy, remove all the actions in DLP rule 1, and select I’d like to test it out first.
B. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
C. Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.
D. Edit the policy, and then select I’d like to test it out first.
Selected Answer: D
Question #: 81
Topic #: 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has all locations selected.
Does this meet the goal?
A. Yes
B. No
Selected Answer: A
Question #: 82
Topic #: 6
You have a Microsoft 365 E5 subscription that uses Yammer.
You need to create a Microsoft Purview communication compliance policy that will detect inappropriate images in Yammer conversations.
What should you do first?
A. Configure Hybrid Mode for Yammer.
B. Configure Native Mode for Yammer.
C. Configure the Yammer network admin settings.
D. Assign each user a Yammer license.
Selected Answer: B
Question #: 83
Topic #: 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-AuditConfig -Workload Exchange command.
Does that meet the goal?
A. Yes
B. No
Selected Answer: B
Question #: 84
Topic #: 1
You are creating a custom trainable classifier to identify organizational product codes referenced in Microsoft 365 content.
You identify 300 files to use as seed content.
Where should you store the seed content?
A. a Microsoft SharePoint Online folder
B. a Microsoft OneDrive for Business folder
C. an Azure file share
D. Microsoft Exchange Online shared mailbox
Selected Answer: A
