Download Microsoft Information Protection Administrator.SC-400.VCEplus.2025-03-07.155q.vcex
| Vendor: | Microsoft |
| Exam Code: | SC-400 |
| Exam Name: | Microsoft Information Protection Administrator |
| Date: | Mar 07, 2025 |
| File Size: | 14 MB |
| Downloads: | 4 |
How to open VCEX files?
Files with VCEX extension can be opened by ProfExam Simulator.
Discount: 20%
Demo Questions
Question 1
Your company has a Microsoft 365 tenant that uses a domain named contoso.com.
You are implementing data loss prevention (DLP).
The company's default browser is Microsoft Edge.
During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint.com.
Users are blocked from uploading the confidential files to the site from Microsoft Edge.
You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services.
Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.
- From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add m365x076709.sharepoint.com as a blocked service domain.
- Create a DLP policy that applies to the Devices location.
- From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.
- From the Microsoft 365 compliance center, onboard the devices.
- From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add contoso.com as an allowed service domain.
Correct answer: CD
Explanation:
Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide
Question 2
You have a Microsoft SharePoint Online site that contains the following files.
Users are assigned roles for the site as shown in the following table.
Which files can User1 and User2 view? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Reference:https://social.technet.microsoft.com/wiki/contents/articles/36527.implement-data-loss-prevention-dlp-in-sharepoint-online.aspx Reference:
https://social.technet.microsoft.com/wiki/contents/articles/36527.implement-data-loss-prevention-dlp-in-sharepoint-online.aspx
Question 3
You have a Microsoft 365 tenant that uses Microsoft Teams.
You create a data loss prevention (DLP) policy to prevent Microsoft Teams users from sharing sensitive information.
You need to identify which locations must be selected to meet the following requirements:
- Documents that contain sensitive information must not be shared inappropriately in Microsoft Teams.
- If a user attempts to share sensitive information during a Microsoft Teams chat session, the message must be deleted immediately.
Which three locations should you select? To answer, select the appropriate locations in the answer area. (Choose three.)
NOTE: Each correct selection is worth one point.
Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide
Question 4
You have a data loss prevention (DLP) policy that has the advanced DLP rules shown in the following table.
You need to identify which rules will apply when content matches multiple advanced DLP rules.
Which rules should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide
Question 5
You need to be alerted when users share sensitive documents from Microsoft One Drive to any users outside your company.
What should you do?
- From the Microsoft 365 compliance center, create a data loss prevention (DLP) policy.
- From the Microsoft 365 compliance center, start a data investigation.
- From the Microsoft 365 compliance center, create an insider risk policy.
- From the Cloud App Security portal, create an activity policy.
Correct answer: A
Explanation:
With a DLP policy, you can identify, monitor, and automatically protect sensitive items.Note:There are several versions of this question in the exam. The question has two possible correct answers:From the Microsoft 365 compliance center, create a data loss prevention (DLP) policy.From the Cloud App Security portal, create a file policy.Other incorrect answer options you may see on the exam include the following:From the Exchange admin center, create a data loss prevention (DLP) policy.From the Microsoft 365 compliance center, create an insider risk policy. From the Azure portal, create an Azure Information Protection policy.Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide With a DLP policy, you can identify, monitor, and automatically protect sensitive items.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
- From the Microsoft 365 compliance center, create a data loss prevention (DLP) policy.
- From the Cloud App Security portal, create a file policy.
Other incorrect answer options you may see on the exam include the following:
- From the Exchange admin center, create a data loss prevention (DLP) policy.
- From the Microsoft 365 compliance center, create an insider risk policy.
- From the Azure portal, create an Azure Information Protection policy.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide
Question 6
You need to protect documents that contain credit card numbers from being opened by users outside your company. The solution must ensure that users at your company can open the documents. What should you use?
- a sensitivity label policy
- a sensitivity label
- a retention policy
- a data loss prevention (DLP) policy
Correct answer: D
Explanation:
Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide
Question 7
You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Site1.
You have the users shown in the following table.
You create a data loss prevention (DLP) policy for Site1 that detects credit card number information.
You configure the policy to use the following protection action:
- When content matches the policy conditions, show policy tips to users and send them an email notification.
- You use the default notification settings.
- To Site1, User1 uploads a file that contains a credit card number.
Which users receive an email notification?
- User1 and User2 only
- User1 and User4 only
- User1, User2, User3, and User4
- User1 only
- User1 and User3 only
Correct answer: D
Explanation:
Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-the-default-dlp-policy?view=o365-worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-the-default-dlp-policy?view=o365-worldwide
Question 8
Note: This question-is part of a series of questions that present the same scenario. Each question-in the series contains a unique solution that might meet the stated goals. Some question-sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question-in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You deploy the Endpoint DLP configuration package to the computers.
Does this meet the goal?
- Yes
- No
Correct answer: A
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365- worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365- worldwide
Question 9
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the Review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
- Edit the policy, remove all the actions in DLP rule 1, and select I'd like to test it out first.
- Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
- Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.
- Edit the policy, and then select I'd like to test it out first.
Correct answer: D
Explanation:
Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-dlp-policy-from-a-template?view=o365-worldwide Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-dlp-policy-from-a-template?view=o365-worldwide
Question 10
Note: This question-is part of a series of questions that present the same scenario. Each question-in the series contains a unique solution that might meet the stated goals. Some question-sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question-in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches a sensitive info type.
Does this meet the goal?
- Yes
- No
Correct answer: A
Question 11
Note: This question-is part of a series of questions that present the same scenario. Each question-in the series contains a unique solution that might meet the stated goals. Some question-sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question-in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has all locations selected.
Does this meet the goal?
- Yes
- No
Correct answer: B
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
HOW TO OPEN VCEX AND EXAM FILES
Use ProfExam Simulator to open VCEX and EXAM files
ProfExam at a 20% markdown
You have the opportunity to purchase ProfExam at a 20% reduced price
Get Now!