Practice Free SC-401 Exam Online Questions
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.
You have a custom employee information form named Template 1. docx.
You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template 1. docx.
What should you use to create Sensitive1, and in which DLP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties.
You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches the text patterns.
Does this meet the goal?
- A . Yes
- B . No
HOTSPOT
You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abc123.
You need to create a new sensitive info type for the project codes.
How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area . NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
You plan to create an exact data match (EDM) classifier named EDM 1.
You need to grant permissions to hash and upload the sensitive information source table for EDM 1.
What should you create first?
- A . a Microsoft 365 group named EDM_DataUploaders
- B . a Microsoft Entra enterprise application named EDM_DataUploaders
- C . a Microsoft Entra app registration named EDM_DataUploaders
- D . a Microsoft Purview role group named EDM_DataUploaders
- E . a security group named EDM_DataUploaders
You have a Microsoft 365 subscription.
You create and run a content search from the Microsoft Purview portal.
You need to download the results of the content search.
What should you obtain first?
- A . a certificate
- B . a password
- C . a pin
- D . an export key
HOTSPOT
You have a Microsoft 365 E5 tenant that contains the users shown in the following table.
You need to implement sensitivity labels.
Which users can create sensitivity labels, and which portal should the users use? To answer, select the appropriate options in the answer area . NOTE: Each correct selection is worth one point.
HOTSPOT
You have a Microsoft 365 E5 subscription that uses Microsoft Purview.
You need to deploy a compliance solution that will detect the accidental oversharing of information outside of an organization.
The solution must minimize administrative effort.
What should you use? To answer, select the appropriate options in the answer area . NOTE: Each correct selection is worth one point.
SIMULATION
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and select the username below.
To enter your password, place your cursor in the Enter password box and select the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: XXXXXXXXX
If the Microsoft Edge browser or Microsoft 365 portal does not load successfully, select the Microsoft Edge browser icon from the task bar, type the URL “https://admin.microsoft.com”, and press Enter.
The following information is for technical support purposes only:
Lab Instance: XXXXXXXXX
Task 4
You need reduce the number of false-positives generated by the General Data Protection Regulation (GDPR) data loss prevention (DLP) policy.
To run an existing GDPR DLP policy in audit mode. you need to edit the policy in your Microsoft Purview portal and set the policy mode to "simulation" or "test". In the policy configuration, select the option to "Run the policy in simulation mode" or "Test mode" instead of enabling enforcement immediately. This will log any violations without blocking them, allowing you to review the results before a full deployment.
Steps to run a policy in audit (simulation) mode
Step 1: Navigate to DLP policies: Sign in to the Microsoft Purview portal and go to Data loss prevention>Policies.
Step 2: Edit the policy: Select the existing GDPR policy you want to run and choose to edit it.
Step 3: Locate the policy mode settings: In the policy configuration workflow, find the page for policy mode, which may be labeled as "Policy Mode" or "Simulate or turn on the policy".
Step 4: Enable simulation mode: Choose the option to "Run the policy in simulation mode".
Step 5: Configure optional settings: You can also choose to "Show policy tips" in simulation mode to help educate users about potential violations without actually blocking them. [Skip]
Step 6: Save and submit: Proceed through the rest of the wizard and select Next and Submit to save your changes.
Reference: https://learn.microsoft.com/en-us/purview/dlp-learn-about-dlp
HOTSPOT
You create a retention label policy named Contoso Policy that contains the following labels:
• 10 years then delete
• 5 years then delete
• Do not retain
Contoso_Policy is applied to content in Microsoft SharePoint Online sites.
After a couple of days, you discover the following messages on the Properties page of the label policy:
• Status: Off (Error)
• It’s taking longer than expected to deploy the policy
You need to reinitiate the policy.
How should you complete the command? To answer, select the appropriate options in the answer area . NOTE: Each correct selection is worth one point.
You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain United States passport numbers.
Users report that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
- A . Service domains
- B . Unallowed apps
- C . Unallowed browsers
- D . File path exclusions