Pass the Microsoft SC-400 Exam 2023 - Best SC-400 Preparation Material

Pass the Microsoft SC-400 Exam 2023 – Best SC-400 Preparation Material

Jonnie Karnath2023-05-06T18:05:56+00:00

The Microsoft SC-400 exam is a challenging test that requires a solid understanding of the subject matter. But with the right preparation materials, you can increase your chances of passing the exam on the first try. That’s where Certspot comes in with their latest SC-400 preparation material. Their SC-400 practice exam questions are carefully crafted to cover all the topics and concepts that you’ll need to know to pass the Microsoft Information Protection Administrator exam. The material is updated regularly to ensure that it reflects any changes or updates to the exam. By studying Certspot SC-400 preparation material, you’ll be able to identify any knowledge gaps and focus your studying efforts on those areas. This will help you to study more effectively, ultimately leading to a better chance of passing the exam.

Page 1 of 5

1. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You deploy the Endpoint DLP configuration package to the computers.

Does this meet the goal?

Yes

2. HOTSPOT

You have a Microsoft SharePoint Online site that contains the following files.

Users are assigned roles for the site as shown in the following table.

Which files can User1 and User2 view? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

3. HOTSPOT

You need to recommend an information governance solution that meets the HR requirements for handling employment applications and resumes.

What is the minimum number of information governance solution components that you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

4. You have a Microsoft 365 tenant that uses Microsoft Teams.

You need to ensure that all internal communication is stored for a minimum of seven years.

What should you create first?

a retention label

a Microsoft SharePoint Online site

a Microsoft Exchange Online shared mailbox

a retention label policy

5. You create three sensitivity labels named Sensitivity1, Sensitivity2, and Sensitivity3 and perform the following actions:

✑ Publish Sensitivity1.

✑ Create an auto-labeling policy for Sensitivity2.

You plan to create a file policy named Policy1 in Microsoft Cloud App Security.

Which sensitivity labels can you apply to Microsoft SharePoint Online in Policy1?

Sensitivity1 only

Sensitivity1, Sensitivity2, and Sensitivity3

Sensitivity2 only

Sensitivity1 and Sensitivity2 only

6. HOTSPOT

You have a Microsoft 365 E5 tenant.

You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.

What should you do first? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

7. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You configure a mail flow rule that matches the text patterns.

Does this meet the goal?

Yes

8. Your company has a Microsoft 365 tenant that uses a domain named contoso.com.

You are implementing data loss prevention (DLP).

The company's default browser is Microsoft Edge.

During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint.com. Users are blocked from uploading the confidential files to the site from Microsoft Edge.

You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services.

Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)

NOTE: Each correct selection is worth one point.

From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add m365x076709.sharepoint.com as a blocked service domain.

Create a DLP policy that applies to the Devices location.

From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.

From the Microsoft 365 compliance center, onboard the devices.

From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add contoso.com as an allowed service domain.

9. HOTSPOT

You create a retention policy as shown in the following exhibit.

A user named User1 deletes a file named File1.docx from a Microsoft SharePoint Online site named Site1.

A user named User2 deletes an email and empties the Deleted Items folder in Microsoft Outlook.

Where is the content retained one year after deletion? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

10. You have a Microsoft 365 tenant that has a retention label policy.

You need to configure the policy to meet the following requirements:

• Prevent the disabling or deletion of the policy.

• Ensure that new labels can De added.

• Prevent the removal of labels.

What should you do?

Import a file plan.

Enable insider risk management.

Enable the regulatory record options.

Create a preservation lock.

Page 2 of 5

11. You have a Microsoft 365 tenant.

You have a Microsoft SharePoint Online site that contains employment contracts in a folder named

EmploymentContracts. All the files in EmploymentContracts are marked as records.

You need to recommend a process to ensure that when a record is updated, the previous version of the record is kept as a version of the updated record.

What should you recommend?

Upload an updated file plan that contains the record definition.

Unlock the record, modify the record, and then lock the record.

Create a copy of the record and enter a version in the file metadata.

Create a new label policy associated to an event that will apply to the record.

12. You have a Microsoft 365 E5 tenant that contains a user named User1.

You need to identify the type and number of holds placed on the mailbox of User1.

What should you do first?

From the Microsoft 365 compliance center, create an eDiscovery case.

From Exchange Online PowerShell. run the Gee-Mailbox cmdlet.

From the Microsoft 365 compliance center, run a content search.

From Exchange Online PowerShell. run the Get-HoldCompliancePolicy cmdlet.

13. HOTSPOT

You have a data loss prevention (DLP) policy that has the advanced DLP rules shown in the following table.

You need to identify which rules will apply when content matches multiple advanced DLP rules.

Which rules should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

14. You have a Microsoft OneDrive for Business folder that contains the files shown in the following table.

In Microsoft Cloud App Security, you create a file policy to automatically apply a classification.

What is the effect of applying the policy?

The policy will apply to only the .docx and .txt files. The policy will classify the files within 24 hours.

The policy will apply to all the files. The policy will classify only 100 files daily.

The policy will apply to only the .docx files. The policy will classify only 100 files daily.

The policy will apply to only the .docx and .txt files. The policy will classify the files immediately.

15. You have a Microsoft 365 tenant.

You discover that email does NOT use Microsoft Office 365 Message Encryption (OME).

You need to ensure that OME can be applied to email.

What should you do first?

Enable Microsoft Defender for Office 365.

Activate Azure Information Protection.

Activate Azure Rights Management (Azure RMS).

Create an Azure key vault.

16. You are configuring a retention label named Label1 as shown in the following exhibit.

You need to ensure that documents that have Label1 applied are deleted three years after the end of your company's fiscal year.

What should you do?

Create a new event type.

Select Only delete items when they reach a certain age.

Modify the Retention period setting.

Set At the ends of the retention period to Trigger a disposition review.

17. DRAG DROP

You have a Microsoft 365 tenant.

A new regulatory requirement states that all documents containing a patent ID be labeled, retained for 10 years, and then deleted. The policy used to apply the retention settings must never be disabled or deleted by anyone.

You need to implement the regulatory requirement.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Choose three.)

18. You have a Microsoft 365 E5 tenant and the Windows 10 devices shown in the following table.

To which devices can you apply Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings?

Device1, Device3, and Device4 only

Device1, Device2, Device3, and Device4

Device1 and Device2 only

Device1 and Device3 only

Device1 only

19. You create a retention label that has a retention period of seven years.

You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.

What should you create?

a retention label policy of type publish

a retention policy that retains files automatically

a retention policy that deletes files automatically

a retention label policy of type auto-apply

20. HOTSPOT

You have a Microsoft 365 E5 subscription.

You create an adaptive scope named Scope 1 as shown in the following exhibit.

You create a retention policy named Policy1 that includes Scope1.

To which three locations can you apply Policy1? To answer, select the appropriate locations in the answer area. NOTE: Each correct selection is worth one point.

Page 3 of 5

21. Each product group at your company must show a distinct product logo in encrypted emails instead of the standard Microsoft Office 365 logo.

What should you do to create the branding templates?

Create a Transport rule.

Create an RMS template.

Run the Set-IRMConfiguration cmdlet.

Run the New-OMEConfiguration cmdlet.

22. HOTSPOT

While creating a retention label, you discover that the Mark items as a regulatory record option is unavailable.

You need to ensure that the option is available when you create retention labels in the Microsoft Purview compliance portal.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

23. You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You deploy the unified labeling client to the computers.

Does this meet the goal?

Yes

24. HOTSPOT

How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

25. You need to recommend a solution that meets the executive requirements.

What should you recommend?

From the Microsoft 365 compliance center, create a retention policy.

From the Exchange admin center, enable archive mailboxes.

From the Microsoft 365 compliance center, create a retention label.

From the Microsoft 365 compliance center, create a DLP policy.

26. DRAG DROP

You need to create a trainable classifier that can be used as a condition in an auto-apply retention label policy.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

27. HOTSPOT

You plan to implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You need to identify which end user activities can be audited on the endpoints, and which activities can be restricted on the endpoints.

What should you identify for each activity? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

28. You have a Microsoft 365 E5 tenant.

You need to add a new keyword dictionary.

What should you create?

a trainable classifier

a sensitivity label E3

a sensitive info type

a retention policy

29. HOTSPOT

You create a data loss prevention (DLP) policy that meets the following requirements:

✑ Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat

✑ Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel

Which location should you select for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

30. You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.

What should you recommend?

From the Microsoft 365 compliance center, configure a DLP policy.

From the Microsoft 365 compliance center, configure a Content Search query.

From the Microsoft 365 compliance center, configure an auto-labeling policy.

From Azure Information Protection, configure a content scan job.

Page 4 of 5

31. HOTSPOT

You have a Microsoft 365 subscription that contains the users shown in the following table.

You create the data loss prevention (DLP) policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select. No. NOTE: Each correct selection is worth one point.

32. You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.

The Review your settings page is shown in the review exhibit.

You need to review the potential impact of enabling the policy without applying the actions.

What should you do?

Edit the policy, remove all the actions in DLP rule 1, and select I'd like to test it out first.

Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.

Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.

Edit the policy, and then select I'd like to test it out first.

33. You have a Microsoft 365 tenant.

All Microsoft OneDrive for Business content is retained roe five years.

A user named User1 left your company a year ago, after which the account of User 1 was deleted from Azure Active Directory (Azure AD)

You need to recover an important file that was stored in the OneDrive of User1.

What should you use?

the Restore-SPODeletedSite PowerShell cmdlet

the OneDrive recycle bin

the Restore-ADObject PowerShell cmdlet

Deleted users in the Microsoft 365 admin center

34. HOTSPOT

You have a Microsoft 365 E5 tenant.

You create sensitivity labels as shown in the Sensitivity Labels exhibit.

The Confidential/External sensitivity label is configured to encrypt files and emails when applied to content.

The sensitivity labels are published as shown in the Published exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

35. You have a Microsoft 365 tenant that uses records management.

You use a retention label to mark legal files stored in a Microsoft SharePoint Online document library as

regulatory records.

What can you do to the legal files?

Remove the retention label of the files.

Edit the properties of the files.

Move the files to a different folder within the document library.

Delete the content from the files.

36. You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1 and a user named User1. The tenant has auditing enabled You need to ensure that User! can perform disposition reviews. The solution must use the principle of the least privilege.

What should you do?

Assign User1 the Compliance Data Administrator role.

Add User1 to the Records Management role group.

Assign User1 the Data Investigator role.

Add User1 to the Content Explorer Content Viewer role group.

37. You have a Microsoft 365 tenant that uses Microsoft Office 365 Message Encryption (OME).

You need to ensure that any emails containing attachments and sent to [email protected] are encrypted automatically by using OME.

What should you do?

From the Exchange admin center, create a new sharing policy.

From the Microsoft 365 security center, create a Safe Attachments policy.

From the Exchange admin center, create a mail flow rule.

From the Microsoft 365 compliance center, configure an auto-apply retention label policy.

38. You have a Microsoft 365 ES tenant that uses Microsoft Teams and contains two users named User1 and User2.

You create a data loss prevention (DLP) policy that is applied to the Teams chat and channel messages location for user1 and user2.

Which Teams entities will have DLP protection? Purview compliance portal?

1:1/n chats and general channels only

1:1/chats and private channels only

1:1/ chats, general channels, and private channels

DLP policy matches

39. 1. Topic 1, Misc. Questions

You have a Microsoft 365 tenant that uses Microsoft Exchange Online.

You need to recover deleted email messages from a user’s mailbox.

Which two PowerShell cmdlets should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Restore-RecoverableItems

Get-MailboxRestoreRequest

Restore-Mailbox

Get-RecoverableItems

Set-MailboxRestoreRequest

40. You are creating a custom trainable classifier to identify organizational product codes referenced in Microsoft 365 content.

You identify 300 files to use as seed content.

Where should you store the seed content?

a Microsoft SharePoint Online folder

a Microsoft OneDrive for Business folder

an Azure file share

Microsoft Exchange Online shared mailbox

Page 5 of 5

41. You have a sensitive information type based on a trainable classifier.

You are unsatisfied with the result of the result of trainable classifier.

You need to retrain the classifier.

What should you use in the Microsoft 365 compliance center?

Labels from Information protection

Labels from Information governance

Content explorer from Data classification

Content search

42. You need to provide a user with the ability to view data loss prevention (DLP) alerts in the Microsoft 365 compliance center. The solution must use the principle of least privilege.

Which role should you assign to the use?

Compliance data administrator

Security operator

Security reader

Compliance administrator

43. You need to create a retention policy to retain all the files from Microsoft Teams channel conversations and private chats.

Which two locations should you select in the retention policy? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.

Team channel messages

OneDrive accounts

SharePoint sites

Exchange email

Office 365 groups

Team chats

44. You have a Microsoft 365 tenant that uses trainable classifiers.

You are creating a custom trainable classifier.

You collect 300 sample file types from various geographical locations to use as seed content. Some of the file samples are encrypted.

You organize the files into categories as shown in the following table.

Which file categories can be used as seed content?

Category4 and Category5 only

Category4 and Category6 only

Category3. and Category5 only

Category1 and Category3 only

45. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.

You are configuring a file policy m Microsoft Defender for Cloud Apps.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who Is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Built-in DIP inspection method and send alerts to Microsoft Power Automate.

Does this meet the goal?

Yes

46. HOTSPOT

You have a Microsoft 365 E5 subscription.

You receive the data loss prevention (DIP) alert shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graph. NOTE: Each correct selection is worth one point.

47. A compliance administrator recently created several data loss prevention (DLP) policies.

After the policies are created, you receive a higher than expected volume of DLP alerts.

You need to identify which rules are generating the alerts.

Which DLP report should you use?

Third-party DLP policy matches

DLP policy matches

DLP incidents

False positive and override

Facebook Twitter LinkedIn Google + Email