Practice Free SC-401 Exam Online Questions

You have a Microsoft 365 E5 subscriptions.

You deploy Microsoft Purview Data Security Posture Management for Al (DSPM for Al).

You need to edit the default policies created as part of the deployment.

Which two Microsoft Purview solutions should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

HOTSPOT

You have a Microsoft 365 subscription.

You plan to deploy an audit log retention policy.

You need to perform a search to validate whether the policy will be applied to the intended entries.

Which two fields should you configure for the search? To answer, select the appropriate fields in the answer area. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

To validate whether an audit log retention policy will apply to the intended entries, you should configure the following fields:

● Date and time range (UTC) ensures that you are searching for audit logs within the time period when the policy should be applied. Audit logs are time-sensitive, and policies affect logs based on their timestamp.

● Record types allows you to filter and search for specific audit log categories (e.g., Exchange, SharePoint, Teams, etc.) that are affected by the retention policy. Selecting the correct record type ensures that the policy is evaluated against the relevant data.

HOTSPOT

You have a Microsoft 365 subscription. Auditing is enabled.

A user named User1 is a member of a dynamic security group named Group1.

You discover that User1 is no longer a member of Group1.

You need to search the audit log to identify why User1 was removed from Group1.

Which two activities should you use in the search? To answer, select the appropriate activities in the answer area. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.

You need to deploy a Microsoft Purview insider risk management solution that will generate an alert

when users share sensitive information on Site1 with external recipients.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct answer is worth one point.

Reveal Solution Hide Solution

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.

You need to deploy a Microsoft Purview insider risk management solution that will generate an alert

when users share sensitive information on Site1 with external recipients.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct answer is worth one point.

Reveal Solution Hide Solution

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers are onboarded to Microsoft Purview.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.

Does this meet the goal?

Reveal Solution Hide Solution