Microsoft SC-400 Microsoft Information Protection Administrator Exam Practice Test

Task 5

You need to ensure that a group named U.S. Sales can store files containing information subject to General Data Protection Regulation (GDPR) in their OneDrive accounts. All other current GDPR restrictions must remain in effect.

Task 8

You need to retain Microsoft SharePoint files that contain the word Falcon for two years from the date they were created, and then delete them.

Task 1

You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:

• The users must be able to apply a classification of Product1 to the files.

• Any authenticated user must be able to open files classified as Product1.

• files classified as Product1 must be encrypted.

Task 3

You plan to automatically apply a watermark to the document1 of a project named Falcon.

You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.

Task 4

You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.

Task 9

You are investigating a data breach.

You need to retain all Microsoft Exchange items in the mailbox of Alex Wilber that contain the word Falcon and were created in the year 2021.

Task 6

You plan to implement Endpoint data loss prevention (Endpoint DLP) policies for computers that run Windows.

Users have an application named App1 that stores data locally in a folder named C:\app1\data.

You need to prevent the folder from being monitored by Endpoint DLP.

Task 10

You plan to create a data loss prevention (DLP) policy that will apply to content containing the following keywords:

• Tailspin

• litware

• Falcon

You need to create a keyword list that can be used in the DLP policy. You do NOT need to create the DLP policy at this time.

Task 2

You discover that all users can apply the Confidential - Finance label.

You need to ensure that the Confidential - Finance label is available only to the members of the Finance Team group.

Task 7

You need to create a retention policy that meets the following requirements:

• Applies to Microsoft Teams chat and Teams channel messages of users that have a department attribute of Sales.

• Retains item for five years from the date they are created, and then deletes them.

You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.

Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)

NOTE: Each correct selection is worth one point.

You need to recommend an information governance solution that meets the HR requirements for handling employment applications and resumes.

What is the minimum number of information governance solution components that you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to recommend a solution that meets the executive requirements. What should you recommend?

You need to implement a solution that meets the compliance requirements for the Windows 10 computers.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each coned selection is worth one point.

You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.

What should you recommend?

You need to recommend a solution that meets the compliance requirements for Dropbox.

What should you recommend?

You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.

What should you configure in the Microsoft Purview compliance portal?

You need to implement a solution to encrypt email. The solution must meet the compliance requirements.

What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to recommend a solution that meets the sales requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You need to recommend a solution that meets the compliance requirements for Dropbox.

What should you recommend?

You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder. What should you recommend?

You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip

justifications.

What should you recommend?

You are evaluating the technical requirements for the DLP reports.

Which user can currently view the DLP reports?

At the end of a project you upload project documents to a Microsoft SharePoint Online library that contains many fifes. Files that have the following naming format must be labeled as Project I

• aei_AA989.docx

• bd_WSOgadocx

• cei_DLF112-docx

• ebc_QQ4S4.docx

• ecc_BB565.docx

You plan to create an auto-apply retention label policy.

What should you use to identify the files, and which regular expression should you use? To answer, select the appropriate options in the answer area.

You have a Microsoft 365 E5 subscription. You need to create a subject rights request What can be configured as a search location?

You have a Microsoft 365 tenant that uses data loss prevention (DLP).

You have a custom employee information form named Template 1.docx.

You need to create a classification rule package based on the document fingerprint of Templatel.docx.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.

The subscription contains the resources shown in the following table.

You create a sensitivity label named Label 1.

You need to publish Label! and have the label apply automatically.

To what can you publish Label 1, and to what can Label! be auto-applied? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to provide a user with the ability to view data loss prevention (DLP) alerts in the Microsoft 365 compliance center. The solution must use the principle of least privilege.

Which role should you assign to the use?

You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.

What should you do?

You have a Microsoft 365 E5 subscription.

You plan to use insider risk management to collect and investigate forensic evidence.

You need to enable forensic evidence capturing.

What should you do first?

You have a Microsoft 365 E5 subscription.

You need to apply data loss prevention (DLP) policies to the following:

• Microsoft Exchange Online mailboxes

• Microsoft SharePoint Online sites

• Microsoft Power BI workspaces

• Microsoft OneDrive accounts

• On-premises repositories

What is the minimum number of DLP policies required to achieve the goal?

You have a Microsoft 365 tenant.

You create the following:

A sensitivity label

An auto-labeling policy

You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy.

What should you do first?

You have a Microsoft 365 E5 tenant that contains a user named User1.

You need to identify the type and number of holds placed on the mailbox of User1.

What should you do first?

You have a Microsoft 365 E5 tenant.

You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.

What should you do first? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Your company manufactures parts that are each assigned a unique 12-character alphanumeric serial number. Emails between the company and its customers refer in the serial number.

You need to ensure that ail Microsoft Exchange Online emails containing the serial numbers are retained for five years.

Which three objects should you create? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 tenant.

A new regulatory requirement states that all documents containing a patent ID be labeled, retained for 10 years, and then deleted. The policy used to apply the retention settings must never be disabled or deleted by anyone.

You need to implement the regulatory requirement.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Choose three.)

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to Microsoft Purview.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From Microsoft Defender for Cloud Apps, you create an app discovery policy.

Does this meet the goal?

You have a Microsoft 365 subscription that contains a Microsoft 365 group named Group1. Group 1 contains 100 users and has dynamic user membership.

All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.

You create a sensitivity label named Label! and publish Label! as the default label for Group1.

You need to ensure that the users in Group! must apply Label! to their email and documents.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.

You are implementing insider risk management

You need to create an insider risk management notice template and format the message body of the notice template.

How should you configure the template? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and a sensitivity label named Label1.

The external sharing settings for Site1 are configured as shown in the Site1 exhibit. (Click the Site1 tab.)

The external sharing settings for Label! are configured as shown in the Label1 exhibit. (Click the Label1 tab.)

Label1 is applied to Site1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.

You create an adaptive scope named Scope 1 as shown in the following exhibit.

You create a retention policy named Policy1 that includes Scope1.

To which three locations can you apply Policy1? To answer, select the appropriate locations in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 36d tenant.

You need to create a new sensitive info type for items that contain the following:

• An employee ID number that consists of the hire date of the employee followed by a three-digit number

• The words "Employee", "ID", or "Identification" within 300 characters of the employee ID number

What should you use for the primary and secondary elements? To answer, select the appropriate options in the answer area.

You have a Microsoft 365 E3 subscription.

You plan to audit all Microsoft Exchange Online user and admin activities.

You need to ensure that all the Exchange audit log records are retained for one year.

What should you do?

You have a Microsoft 365 E5 tenant that contains three groups named Group1, Group2, and Group3.

You have the users shown in the following table.

You have the sensitivity labels shown in the following exhibit.

You have the label policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You need to implement an information compliance policy to meet the following requirements:

Documents that contain passport numbers from the United States, Germany, Australia, and Japan must be identified automatically.

When a user attempts to send an email or an attachment that contains a passport number, the user must receive a tooltip in Microsoft Outlook.

Users must be blocked from using Microsoft SharePoint Online or OneDrive for Business to share a document that contains a passport number.

What is the minimum number of sensitivity labels and auto-labeling policies you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You create a retention label that has a retention period of seven years.

You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.

What should you create?