Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Microsoft > Microsoft Certifications > SC-400 > SC-400 Online Practice Questions and Answers

SC-400 Online Practice Questions and Answers

Questions 4

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected

department.

Solution: You use the Data Classification service inspection method and send alerts as email.

Does this meet the goal?

A. Yes

B. No

Buy Now

Correct Answer: A

Alerts must be sent to the Microsoft Teams site of the affected department. A Microsoft Power Automate playbook should be used.

Reference: https://docs.microsoft.com/en-us/cloud-app-security/dcs-inspection https://docs.microsoft.com/en-us/cloud-app-security/flow-integration

Questions 5

Your company has a Microsoft 365 tenant that uses a domain named contoso.

The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.

A user named User1 erroneously sends an email to user2@fabrikam

You need to disable [email protected] from accessing the email.

What should you do?

A. Run the New-ComplianceSearchAction cmdlet.

B. Instruct User1 to delete the email from her Sent Items folder from Microsoft Outlook.

C. Run the Get-MessageTrace Cmdlet.

D. Run the Set-OMEMessageRevocation Cmdlet.

E. instruct User1 to select Remove external access from Microsoft Outlook on the web.

Buy Now

Correct Answer: D

Questions 6

You have a Microsoft 365 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.

You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP). Which devices support Endpoint DLP?

A. Device5 only

B. Device2 only

C. Device 1, Device2, Device3, Device4, and Device5

D. Device3 and Device4 only

E. Device1 and Device2 only

Buy Now

Correct Answer: B

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide

Questions 7

You have a Microsoft 365 E5 tenant that contains the policies shown in the following table.

A file named File1 has all the policies applied. How long will File1 be retained?

A. File1 will be deleted automatically after seven years.

B. File1 will be deleted automatically after five years.

C. File1 will be retained until the file is deleted manually.

D. File1 will be deleted automatically after 10 years.

Buy Now

Correct Answer: D

Retention always takes precedence over permanent deletion, with the longest retention period taking preference. The delete action from a retention label always takes precedence over the delete action from a retention policy. Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide#the-principles-of-retention-or-what-takes-precedence

Questions 8

You have a Microsoft 365 tenant that has a retention label policy. You need to configure the policy to meet the following requirements:

1.

Prevent the disabling or deletion of the policy.

2.

Ensure that new labels can be added.

3.

Prevent the removal of labels. What should you do?

A. Import a file plan.

B. Enable insider risk management.

C. Enable the regulatory record option.

D. Create a preservation lock.

Buy Now

Correct Answer: D

Questions 9

You have a Microsoft 365 E5 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2.

You plan to configure a retention label named Label1 and apply Label1 to all the files in Site1.

You need to ensure that two years after a file is created in Site1, the file moves automatically to Site2.

How should you configure the Choose what happens after the retention period setting for Label1?

A. Run a Power Automate flow

B. Change the label

C. Deactivate retention settings

D. Start a disposition review

Buy Now

Correct Answer: A

Questions 10

HOTSPOT

You have a Microsoft 365 E5 subscription that contains two users named User1 and User2 and a group named Group1. User1 is a member of Group1.

The subscription contains the sensitivity labels shown in the following table.

You have a sensitivity label policy named Policy1 that is published to User1 and User2. The policy includes the following labels:

1.

General

2.

Confidential

3.

Confidential/Low

4.

Confidential/High

5.

Confidential/Medium

For Policy1, the default label for documents is Confidential/Low.

You have a sensitivity label policy named Policy2 that is published to Group1. The policy includes the following labels:

1.

Secret

2.

General

3.

Secret/Low

4.

Secret/High

5.

Secret/Medium

For Policy2, the default label for documents is Secret/Low.

You have a sensitivity label policy named Policy3 that is published to User1 and User2. The policy includes the following labels:

1.

Secret

2.

General

3.

Secret/Low

4.

Secret/High

5.

Secret/Medium

For Policy3, the default label for documents is Secret/Medium.

The order of the policies is shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Questions 11

HOTSPOT

You have a Microsoft 365 E5 subscription that contains the administrators shown in the following table.

On August 1, 2023, you apply the communication compliance policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Hot Area:

Buy Now

Correct Answer:

Questions 12

HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide

Questions 13

DRAG DROP

You have a Microsoft 365 E5 subscription.

You need to configure Microsoft Priva Privacy Risk Management polices to generate alerts for the following scenarios:

1.

Scenario1: Personal customer data is stored in files located on publicly accessible Microsoft SharePoint Online sites

2.

Scenario2: Personal customer data is discussed in a Microsoft Teams chat.

3.

Scenario3: Personal customer data is emailed outside of an organization.

Which policy template should you use for each scenario? To answer, drag the appropriate policy templates to the correct scenarios. Each template may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Buy Now

Correct Answer:

Box 1: Data overexposure Scenario: Personal customer data is stored in files located on publicly accessible Microsoft SharePoint Online sites

Data overexposure policies in Privacy Risk Management Your organization may store content at various levels of access, including areas that are publicly accessible and others that are restricted. Data overexposure policies can help you detect and handle situations in which data stored by your organization is insufficiently secure. For example, if access to an internal site is open to too many people or your permissions settings have not been maintained, personal data stored on that site may be vulnerable to a breach. Data overexposure policies can evaluate your data for these risks and alert you to potential issues.

When a policy match is detected, you can send users email notifications that include remediation options to resolve issues. For data overexposure, these include making content items private, notifying content owners, or tagging items for further review.

Box 2: Data transfer

Scenario2: Personal customer data is discussed in a Microsoft Teams chat.

Default data transfer policy settings

A data transfer policy created from the template will detect:

*-> (Box 2) Teams. Example: sending a Teams chat message containing personal data to a recipient who's outside of your organization.

*-> (Box 3 When personal data within your organization is transferred to or shared with a recipient or location outside of your organization.

When personal data is shared externally from any of these locations within your organization:

Exchange. Example: sending an email containing personal data to a recipient email address that's outside of your organization.

OneDrive and SharePoint. Examples: sending a link to a file or site that contains personal data to someone outside of your organization; copying or moving a file to a OneDrive or SharePoint location that sits outside of your organization.

Box 3: Data transfer

Scenario3: Personal customer data is emailed outside of an organization.

Note: Data transfer policies in Privacy Risk Management

Transferring personal data presents risks, especially when transferred outside of your organization, or sent between certain departments or geographic locations within your organization. For example, if the data is sent via unencrypted emails

or to unauthorized recipients, the data may no longer be secure. Data transfer activities like these can have regulatory impact or may violate established organizational privacy practices.

Data transfer policies in Privacy Risk Management allow you to monitor for personal data transfers outside of your organization, as well as internal transfers between different departments or countries or regions. When a policy match is

detected, you can send users email notifications that allow them to take corrective action right in the email, such as making content items private, notifying content owners, or tagging items for further review.

Incorrect:

* Data minimization Data minimization policies in Privacy Risk Management Data minimization policies focus on the age of your content and how long it has been since it was last modified. Monitoring for personal data that's still being retained in older, unused content can help you better manage your stored data and reduce risks.

Privacy Risk Management allows you to create policies to monitor data that hasn't been modified within a timeframe that you select. When a policy match is detected, you can send users email notifications with remediation options include marking items for deletion, notifying content owners, or tagging items for further review.

Reference: https://learn.microsoft.com/en-us/privacy/priva/risk-management-policy-data-overexposure https://learn.microsoft.com/en-us/privacy/priva/risk-management-policy-data-minimization https://learn.microsoft.com/en-us/privacy/priva/risk-management-policy-data-transfer

Exam Code: SC-400
Exam Name: Microsoft Information Protection Administrator
Last Update: Jun 06, 2025
Questions: 362

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.