Microsoft Microsoft Certifications SC-400 Questions & Answers
Question 251:
You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
You have a retention label configured as shown in the following exhibit.
You apply the label to the resources. Which items can you delete?
A. Mail1 only
B. File1.docx and File2.xlsx only
C. Mail1 and File1.docx only
D. Mail1 and File2.xlsx only
E. Mail1, File1.docx, and File2.xlsx
Correct Answer: E
In the exhibit we see: During the retention period
*
Retain items even if users delete Choose locations
*
All locations. Includes content in Exchange email, Office 365 Groups, OneDrive and SharePoint documents.
Question 252:
You have a Microsoft 365 subscription.
You have a team named Team1 in Microsoft Teams.
You plan to place all the content in Team1 on hold.
You need to identify which mailbox and which Microsoft SharePoint site collection are associated to Team1.
Which cmdlet should you use?
A. Get-UnifiedGroup
B. Get-TeamChannel
C. Get-MailUser
D. Get-Team
Correct Answer: A
Use the Get-UnifiedGroup cmdlet to view Microsoft 365 Groups in your cloud-based organization. To view members, owners and subscribers for Microsoft 365 Groups, use the Get-UnifiedGroupLinks cmdlet.
This example returns Microsoft 365 Groups that do not have an owner.
Incorrect:
* Get-Team
This cmdlet supports retrieving teams with particular properties/information, including all teams that a specific user belongs to, all teams that have been archived, all teams with a specific display name, or all teams in the organization.
You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters.
You need to implement a data loss prevention (DLP) solution that meets the following requirements:
1.
Email messages that contain a single customer identifier can be sent outside your company.
2.
Email messages that contain two or more customer identifiers must be approved by the company's data privacy team.
Which two components should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a mail flow rule
B. a retention label
C. a DLP policy
D. a sensitive information type
E. a sensitivity label
Correct Answer: AD
Sensitive information type entity definitions
This article is a list of all sensitive information type (SIT) entity definitions. Each link takes you to the definition of that specific SIT and shows what a DLP policy looks for to detect each type.
You have a Microsoft 365 tenant that has data loss prevention (DLP) policies.
You need to review DLP policy matches for the tenant.
What should you use?
A. Content explorer
B. Activity explorer
C. Compliance Manager
D. records management events
Correct Answer: B
Using Endpoint data loss prevention (DLP), Activity explorer gathers *DLP policy matches* events from Exchange, SharePoint, OneDrive, Teams Chat and Channel, on-premises SharePoint folders and libraries, on-premises file shares, and devices running Windows 10, Windows 11, and any of the three most recent major macOS versions.
Note: Activity explorer The data classification overview and content explorer tabs give you visibility into what content has been discovered and labeled, and where that content is. Activity explorer rounds out this suite of functionality by allowing you to monitor what's being done with your labeled content. Activity explorer provides a historical view of activities on your labeled content. The activity information is collected from the Microsoft 365 unified audit logs, transformed, and then made available in the Activity explorer UI. Activity explorer reports on up to 30 days worth of data.
There are more than 30 different filters available for use, some are:
Date range Activity type Location User Sensitivity label Retention label File path *-> DLP policy
Incorrect:
* Content explorer
Content explorer shows a current snapshot of the items that have a sensitivity label, a retention label or have been classified as a sensitive information type in your organization.
How to use content explorer:
Open Microsoft Purview compliance portal > Data classification > Content explorer.
If you know the name of the label, or the sensitive information type, you can type that into the filter box.
Alternately, you can browse for the item by expanding the label type and selecting the label from the list.
Select a location under All locations and drill down the folder structure to the item.
Double-click to open the item natively in content explorer.
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
On January 1, you create the sensitivity label shown in the following table.
On January 2, you publish Label1 to User1.
On January 3, User1 creates a Microsoft Word document named Doc and applies Label to the document.
On January 4, User2 edits Doc1.
On January 15, you increase the content expiry period for Label1 to 28 days.
When will access to Doc1 expire for User2?
A. January 23
B. January 24
C. January 25
D. January 31
Correct Answer: D
Question 257:
You have a Microsoft 365 E5 subscription.
You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.
Solution: You create a retention policy.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Correct Solution: You create an auto-labeling policy for a sensitivity label.
A Microsoft Purview trainable classifier is a tool you can train to recognize various types of content by giving it samples to look at. Once trained, you can use it to identify item for application of Office sensitivity labels, Communications
compliance policies, and retention label policies.
Sensitivity labels
The sensitivity labels can then be applied to Office documents and emails, and other items that support sensitivity labels. Unlike retention labels, which are published to locations such as all Exchange mailboxes, sensitivity labels are published
to users or groups.
To get their work done, people in your organization collaborate with others both inside and outside the organization. This means that content no longer stays behind a firewall—it can roam everywhere, across devices, apps, and services. And
when it roams, you want it to do so in a secure, protected way that meets your organization's business and compliance policies.
Sensitivity labels from Microsoft Purview Information Protection let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered.
Note 2: A résumé, sometimes spelled resume, is a document created and used by a person to present their background, skills, and accomplishments. Résumés can be used for a variety of reasons, but most often they are used to secure new
employment.
Why is a resume a CV?
CV is Latin for Curriculum Vitae (course of life). In the U.S., a C.V is an exhaustive academic summary used for applications for roles in academia, scientific research and medical fields. In Europe, Ireland and New Zealand, the term CV is used to mean the same as a “resume” in the U.S.
You have a Microsoft 365 E5 tenant that contains a user named User1. User1 is assigned the Compliance Administrator role.
User1 cannot view the regular expression in the IP Address sensitive info type.
You need to ensure that User1 can view the regular expression.
What should you do?
A. Assign User1 the Global Reader role.
B. Assign User1 to the Reviewer role group.
C. Instruct User to use the Test function on the sensitive info type.
D. Create a copy of the IP Address sensitive info type and instruct User1 to edit the copy.
Correct Answer: A
Global Reader
Members have read-only access to reports, alerts, and can see all the configuration and settings.
The primary difference between Global Reader and Security Reader is that a Global Reader can access configuration and settings.
Note: Compliance Administrator´
View and edit settings and reports for compliance features.
Incorrect:
Not B:
Reviewer
Members can access review sets in eDiscovery (Premium) cases. Members of this role group can see and open the list of cases on the eDiscovery > Advanced page in the Microsoft Purview compliance portal that they're members of. After
the user accesses an eDiscovery (Premium) case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case
management tasks. Members of this role group can only access the data in a review set.
You need to ensure that any message or document containing a credit card number is deleted automatically 12 months after it was created. The solution must minimize administrative effort.
Which two components should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a sensitivity label
B. an auto-labeling policy for a sensitivity label
C. a retention label
D. an auto-labeling policy for a retention label
E. a sensitive information type (SIT)
Correct Answer: CE
CE: Automatically apply a retention label to retain or delete content Configuring conditions for auto-apply retention labels You can apply retention labels to content automatically when that content contains:
*-> Specific types of sensitive information Specific keywords or searchable properties that match a query you create A match for trainable classifiers
E: Protect credit card numbers Contoso Bank needs to classify the credit card numbers that they issue as sensitive. Their credit cards start with a set of six-digit patterns. They would like to customize the out-of-the-box credit card definition to detect only those credit card numbers starting with their six-digit patterns.
Suggested solution
Create a copy of the credit card SIT. Use the steps to copy and modify an existing SIT using the compliance portal to copy the credit card SIT.
Edit the high confidence pattern. Follow the steps in edit or delete the sensitive information type pattern.
Add the starts with check and add the list of pattern digits (formatted and unformatted). For example, to ensure that the SIT only considers credit cards starting with 411111 and 433512 should be considered valid, add the following to the list 4111
11, 4111-11, 411111, 4335 12, 4335-12, 433512.
Repeat step 2 and 3 for the low confidence pattern.
B. an on-premises Microsoft SharePoint Server site
C. an NFS file share
D. an Azure Files share
Correct Answer: A
How to create a trainable classifier:
1.
Collect between 50-500 seed content items. These must be limited to samples that strongly represent the type of content you want the trainable classifier to positively identify as being in the category.
2.
Place the seed content in a SharePoint Online folder that is dedicated to holding the seed content only. Make note of the site, library, and folder URL.
3.
Sign in to the Microsoft Purview compliance portal with either Compliance admin or Security admin role access and navigate to Data classification > Classifiers.
4.
Choose the Trainable classifiers tab.
5.
Choose Create trainable classifier.
6.
Fill in appropriate values for the Name and Description fields of the category of items you want this trainable classifier to identify.
7.
Pick the SharePoint Online site, library, and folder URL for the seed content site from step 2. Choose Add.
8.
Review the settings and choose Create trainable classifier.
9.
Within 24 hours the trainable classifier will process the seed data and build a prediction model. The classifier status is In progress while it processes the seed data. When the classifier is finished processing the seed data, the status changes to Need test items.
10.
You can now view the details page by choosing the classifier.
11.
Etc.
Note: Timeline
This timeline reflects a sample deployment of trainable classifiers.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-400 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.
