Microsoft Microsoft Certifications SC-400 Questions & Answers

• Question 271:

  You have a Microsoft 365 subscription.

  From Microsoft Purview, you plan to create a content search for email messages that have a recipient of either [email protected] or user2.contoso.com.

  You need to add a condition to the KQL editor for the content search.

  Which KQL query should you add as a condition?

  A. Recipients: “user””#1-2””@contoso.com”

  B. Recipients: (“[email protected]” “[email protected]”)

  C. Recipients: (“user””#1-1””@contoso.com”)

  D. Recipients= “[email protected]” OR Recipients= “[email protected]”

  Correct Answer: D

• Question 272:

  You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Project1.

  You need to recommend a record management solution that meets the following requirements:

  Retains files in Project1 for a minimum of 10 years

  Once Project1 is complete, retains files for an additional five years before the files are deleted

  Which two components should you include in the recommendation? Each correct answer presents part of the solution.

  NOTE: Each correct selection is worth one point.

  A. a data loss prevention (DLP) policy

  B. an adaptive scope

  C. an event type

  D. a file plan

  E. a sensitivity label

  Correct Answer: CD

• Question 273:

  HOTSPOT

  You have a Microsoft 365 E5 subscription.

  You are evaluating Data Protection Baseline compliance by using Compliance Manager.

  You need to identify improvement actions that meet the following requirements:

  1.

  Provide data loss prevention (DLP) policy recommendations.

  2.

  Provide Data Protection Baseline recommendations.

  Which filter should you use for each requirement? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Solutions

  Provide data loss prevention (DLP) policy recommendations.

  Incorrect:

  *

  Regulations

  *

  Categories

  *

  Testing Source

  Box 2: Regulations

  Provide Data Protection Baseline recommendations.

  Compliance Manager assessments help your organization evaluate its compliance with industry and regional regulations. Setting up the most relevant assessments for your organization can help you implement policies and operational

  procedures to limit your compliance risk. Ready-to-use regulatory templates for over 360 regulations contain the necessary controls and improvement actions for completing the assessment.

  Data Protection Baseline default assessment

  To get you started, Microsoft provides a default assessment for the Microsoft 365 data protection baseline. This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance.

  This baseline draws elements primarily from NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) and ISO (International Organization for Standardization), as well as from FedRAMP (Federal Risk and

  Authorization Management Program) and GDPR (General Data Protection Regulation of the European Union).

  This assessment is used to calculate your initial compliance score the first time you come to Compliance Manager, before you configure any other assessments. Compliance Manager collects initial signals from your Microsoft 365 solutions.

  You'll see at a glance how your organization is performing relative to key data protection standards and regulations, and see suggested improvement actions to take. Compliance Manager becomes more helpful as you build and manage your

  own assessments to meet your organization's particular needs.

  Reference:

  https://learn.microsoft.com/en-us/purview/compliance-manager-assessments

• Question 274:

  HOTSPOT

  You have a Microsoft SharePoint Online site named Site1 that contains the files shown in the following table.

  

  You have a data loss prevention (DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.

  

  You apply DLP1 to Site1.

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: No

  File1 has two IP addresses in it.

  Both Tip2 and Tip3 rules matches. Tip2 has higher priority.

  Note: For the hosted service workloads, like Exchange Online, SharePoint Online and OneDrive for Business, each rule is assigned a priority in the order in which it's created. That means, the rule created first has first priority, the rule created

  second has second priority, and so on.

  When content is evaluated against rules, the rules are processed in priority order. If content matches multiple rules, the first rule evaluated that has the most restrictive action is enforced.

  Box 2: Yes

  File2 has six IP addresses in it.

  Only Rule3 matches.

  Box 3: Yes

  File3 has four IP addresses in it.

  Both Rule2 and Rule3 matches.

  Rule2 has higher priority.

  Reference:

  https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-policy-reference

• Question 275:

  HOTSPOT

  You have a Microsoft 365 tenant.

  You need to create a new sensitive info type for items that contain the following:

  1.

  An employee ID number that consists of the hire date of the employee followed by a three digit number

  2.

  The words “Employee”, “ID”, or “Identification” within 300 characters of the employee ID number

  What should you use for the primary and secondary elements? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Functions

  Primary element

  Need to include use a date function for the primary element.

  Note: Create custom sensitive information types

  The primary element can be a Regular expression with an optional validator, a Keyword list, a Keyword dictionary, or one of the pre-configured Functions.

  Box 2: A keyword list

  Secondary element

  Use a keyword list which includes the words “Employee”, “ID”, or “Identification".

  Reference:

  https://learn.microsoft.com/en-us/purview/sit-learn-about-exact-data-match-based-sits

• Question 276:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

  

  You need to delegate the following tasks:

  1.

  Configure role group assignments for communication compliance.

  2.

  Update and view the status of communication compliance alerts.

  Which users can perform each task? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: User2 only

  Configure role group assignments for communication compliance.

  No - User1: Communication Compliance Analysts

  Analysts of communication compliance that can investigate policy matches, view message meta data, and take remediation actions.

  Yes - User2: Communication Compliance Administrators

  Administrators of communication compliance that can create/edit policies and define global settings.

  No - User3: Communication Compliance Viewers

  Viewer of communication compliance that can access the available reports and widgets.

  Box 2: User3 only

  Update and view the status of communication compliance alerts.

  No - User1: Communication Compliance Analysts

  Analysts of communication compliance that can investigate policy matches, view message meta data, and take remediation actions.

  No - User2: Communication Compliance Administrators

  Administrators of communication compliance that can create/edit policies and define global settings.

  Yes - User3: Communication Compliance Viewers

  Viewer of communication compliance that can access the available reports and widgets.

  Reference:

  https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/scc-permissions

• Question 277:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

  

  The subscription contains the information barrier segments shown in the following table.

  

  The subscription contains the Microsoft SharePoint Online sites shown in the following table.

  

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Yes

  Yes - User1 can access Site1.

  User1 is a member of the Finance department.

  Segment1 has the user group filter: department -eq 'Finance'

  User1 is in Segment1.

  Site1 is in Segment1.

  User1 can access Site1.

  Box 2: No

  No - User2 can access Site2.

  User2 is a member of the IT department.

  User2 is not in any segment.

  Site2 is in Segment2.

  Box 3: Yes

  Yes - User3 can access Site2.

  User3 is a member of the Marketing department.

  Segment2 has the user group filter: department -eq 'Marketing'

  User3 is in Segment2.

  Site2 is in Segment2.

  User3 can access Site2.

  Reference:

  https://learn.microsoft.com/en-us/purview/information-barriers-policies

• Question 278:

  HOTSPOT

  You have two Microsoft 365 subscriptions named Contoso and Fabrikam. The subscriptions contain the users shown in the following table.

  

  You have a sensitivity label named Sensitiviy1 as shown in the exhibit. (Click the Exhibit tab.)

  

  You have the files shown in the following table.

  

  For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Yes

  Yes - User1 can remove the encryption from File1.

  User1 is in the Contoso subscription, and has the email address [email protected]

  Sensitivity label Sensitiviy1 has assigned contoso.com users Co-owner permissions.

  For File1 has Sensitiviy1 been automaticallyapplied by using an auto-labeling policy.

  Box 2: Yes

  Yes - User2 can remove the encryption from File3.

  User2 is in the Contoso subscription, and has the email address [email protected]

  Sensitivity label Sensitiviy1 has assigned contoso.com users Co-owner permissions.

  For File3 has Sensitiviy1 been applied by User1.

  Box 3: No

  No - User3 can print File2.

  User3 is in the Fabrikam subscription, and has the email address [email protected]

  Sensitivity label Sensitiviy1 has assigned fabrikam.com users reviewer permissions.

  For File2 has Sensitiviy1 been applied by User2.

  Reference:

  https://learn.microsoft.com/en-us/purview/encryption-sensitivity-labels

• Question 279:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.

  You create a sensitivity label that has the following settings:

  1.

  Name: Sensitivity1

  2.

  Define the scope for this label: Items

  3.

  Choose protection settings for files and emails: Mark the content of files

  - Add custom headers, footers, and watermarks to files and emails that have this label applied You make Sensitivity available to User1. User1 performs the following actions:

  1.

  Creates a new email

  2.

  Adds a file named File1.docx as an attachment to the email

  3.

  Applies Sensitivity1 to the email

  4.

  Sends the email to User2

  How will the email and the attachment be marked? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Marked with a header, a footer, and a header Email: Note: Should probably be: Marked with a header, a footer, and a watermark

  You can use sensitivity labels to:

  * Provide protection settings that include encryption and content markings. For example, apply a "Confidential" label to a document or email, and that label encrypts the content and applies a "Confidential" watermark. Content markings include headers and footers as well as watermarks, and encryption can also restrict what actions authorized people can take on the content.

  Box 2: Not marked

  Reference: https://learn.microsoft.com/en-us/purview/sensitivity-labels

• Question 280:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that uses Microsoft Exchange Online and Teams.

  You need to ensure that when a user sends a message containing a cloud attachment, a retention label is applied to the cloud attachment by using auto-labeling policy.

  How should you configure the retention label to start the retention period, and to which locations should you apply the auto-labeling policy? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  Hot Area:

  

  Correct Answer:

  

  Box 1: Labeled

  Start the retention period based on when the items were:

  Automatically apply a retention label to retain or delete content

  Auto-apply labels to cloud attachments

  You might need to use this option if you're required to capture and retain all copies of files in your tenant that are sent over communications by users, or files that are referenced in Copilot for Microsoft 365. You use this option in conjunction

  with retention policies for the communication services themselves; Exchange, Teams, Viva Engage, and Copilot for Microsoft 365.

  Important

  When you select a label to use for auto-applying retention labels for cloud attachments, ensure that the label retention setting Start the retention period based on is When items were labeled.

  Box 2: Microsoft 365 Group mailboxes and sites only

  Locations:

  When you select a label to use for auto-applying retention labels for cloud attachments, make sure the label retention setting Start the retention period based on is When items were labeled.

  When you configure the locations for this option, you can select:

  *

  SharePoint classic and communication sites for shared files stored in SharePoint communication sites, team sites that aren't connected by Microsoft 365 groups, and classic sites. *-> Microsoft 365 Groups for shared files that are stored in team sites connected by Microsoft 365 groups.

  *

  OneDrive accounts for shared files stored in users' OneDrive.

  Reference: https://learn.microsoft.com/en-us/purview/apply-retention-labels-automatically