Skip Navigation Links
 

Microsoft - SC-400: Administering Information Protection and Compliance in Microsoft 365

Sample Questions

Question: 290
Measured Skill: Implement information protection (25–30%)

You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.



You have a custom employee information form named Template1.docx.

You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template1.docx.

What should you use to create Sensitive1, and in which DLP policies can you use Sensitive1?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ACreate Sensitive1 by using: Security & Compliance PowerShell
Use Sensitive1 in: DLP1 and DLP2 only
B Create Sensitive1 by using: Security & Compliance PowerShell
Use Sensitive1 in: DLP1 only
C Create Sensitive1 by using: The Exchange admin center
Use Sensitive1 in: DLP1, DLP2, and DLP3
D Create Sensitive1 by using: The Microsoft Purview compliance portal
Use Sensitive1 in: DLP1 and DLP2 only
E Create Sensitive1 by using: The Microsoft Purview compliance portal
Use Sensitive1 in: DLP1, DLP2, and DLP3
F Create Sensitive1 by using: The SharePoint admin center
Use Sensitive1 in: DLP2 only

Correct answer: E

Explanation:

Document fingerprinting is a Microsoft Purview Data Loss Prevention (DLP) feature that converts a standard form into a sensitive information type (SIT), which you can use in the rules of your DLP policies.

Document fingerprinting makes it easier for you to protect sensitive information by identifying standard forms that are used throughout your organization. 

Document fingerprinting includes the following benefits:

  • DLP can use document fingerprinting as a detection method in Exchange, SharePoint, OneDrive, Teams, and Devices.
  • Document fingerprint features can be managed through the Microsoft Purview user interface.
  • Partial matching is supported.
  • Exact matching is supported.
  • Improved detection accuracy
  • Support for detection in multiple languages, including dual-byte languages such as Chinese, Japanese, and Korean.

Reference: Document fingerprinting



Question: 291
Measured Skill: Implement data lifecycle and records management (10–15%)

You have a Microsoft 365 E5 tenant that contains the objects shown in the following table.



You need to restore a Microsoft Word document that was deleted from the Sales channel by User1.

From where can the document be restored, and how long will the document be retained?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ARestored from: Microsoft OneDrive
Retained for: 10 days
B Restored from: Microsoft Exchange Online
Retained for: 10 days
C Restored from: Microsoft Teams
Retained for: 30 days
D Restored from: Microsoft OneDrive
Retained for: 30 days
E Restored from: Microsoft SharePoint Online
Retained for: 93 days
F Restored from: Microsoft Teams
Retained for: 93 days

Correct answer: E

Explanation:

The deleted file from the Teams channel is located in the recycle bin of the associated SharePoint site and can be restored within 93 days.

References:

Delete and recover files in Microsoft Teams

Restore deleted items from the site collection recycle bin



Question: 292
Measured Skill: Monitor and investigate data and activities by using Microsoft Purview (15–20%)

You have a Microsoft 365 E3 subscription.

You plan to assess compliance with ISO/IEC 27001:2013.

From Compliance Manager, you discover that the ISO/IEC 27001:2013 regulatory template for Microsoft 365 is inactive.

What should you do?

APurchase a Microsoft 365 E5 subscription.
B Add a data connector.
C Add recommended assessments.
D Create a trainable classifier.

Correct answer: A

Explanation:

ISO/IEC 27001 is a security standard that formally specifies an Information Security Management System (ISMS) that is intended to bring information security under explicit management control. As a formal specification, it mandates requirements that define how to implement, monitor, maintain, and continually improve the ISMS. It also prescribes a set of best practices that include documentation requirements, divisions of responsibility, availability, access control, security, auditing, and corrective and preventive measures. Certification to ISO/IEC 27001 helps organizations comply with numerous regulatory and legal requirements that relate to the security of information.

Organizations with Office 365 and Microsoft 365 licenses, and US Government Community (GCC) Moderate, GCC High, and Department of Defense (DoD) customers, have access to Compliance Manager. However, the assessments available to your organization and how you manage assessment templates depends on your licensing agreement.

The Compliance Manager ISO/IEC 27001:2013 regulatory template is a premium template and requires licensing at the at the E5/A5/G5 level.

References:

Microsoft Purview Compliance Manager

What changed with template licensing in December 2022?

ISO/IEC 27001:2013 Information Security Management Standards



Question: 293
Measured Skill: Implement information protection (25–30%)

You have a Microsoft 365 subscription that contains a sensitivity label named Contoso Confidential.

You publish Contoso Confidential to all users.

Contoso Confidential is configured as shown in the following exhibit.



The Encryption settings of Contoso Confidential are configured as shown in the following exhibit.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AIf a user account is disabled, the user will be immediately prevented from opening a file protected by Contoso Confidential: Yes
Guest users will be able to open documents by Contoso Confidential: Yes
Contoso Confidential will be applied automatically to the files stored in Microsoft SharePoint Online: Yes
B If a user account is disabled, the user will be immediately prevented from opening a file protected by Contoso Confidential: Yes
Guest users will be able to open documents by Contoso Confidential: Yes
Contoso Confidential will be applied automatically to the files stored in Microsoft SharePoint Online: No
C If a user account is disabled, the user will be immediately prevented from opening a file protected by Contoso Confidential: Yes
Guest users will be able to open documents by Contoso Confidential: No
Contoso Confidential will be applied automatically to the files stored in Microsoft SharePoint Online: Yes
D If a user account is disabled, the user will be immediately prevented from opening a file protected by Contoso Confidential: No
Guest users will be able to open documents by Contoso Confidential: Yes
Contoso Confidential will be applied automatically to the files stored in Microsoft SharePoint Online: No
E If a user account is disabled, the user will be immediately prevented from opening a file protected by Contoso Confidential: No
Guest users will be able to open documents by Contoso Confidential: No
Contoso Confidential will be applied automatically to the files stored in Microsoft SharePoint Online: Yes
F If a user account is disabled, the user will be immediately prevented from opening a file protected by Contoso Confidential: No
Guest users will be able to open documents by Contoso Confidential: No
Contoso Confidential will be applied automatically to the files stored in Microsoft SharePoint Online: No

Correct answer: D

Explanation:

The label allows offline access for up to 7 days. If a user account is disabled, the user will be able to access the file from an offline location for 7 days.

The label assigns permissions to any authenticated users. This option includes guest users.

The Label is published to all users which allows the users to apply the label manually. Automatic application of the label would require an auto-apply policy.

Reference: Restrict access to content by using sensitivity labels to apply encryption



Question: 294
Measured Skill: Manage insider and privacy risk in Microsoft 365 (15–20%)

You have a Microsoft 365 E5 subscription and use Microsoft Purview.

The subscription contains the following users:
  • User1: Must be able to investigate policy matches, but unable to view the file content related to the match.
  • User2: Must be able to investigate policy matches and view the file content related to the match.
  • User3: Must be able to create, update, and delete Microsoft Priva Privacy Risk Management policies.
You need to add each user to a role group. The solution must follow the principle of least privilege.

To which role group should you add each user?

(To answer, drag the appropriate role groups to the correct users. Each group may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AUser1: Privacy Management Administrators
User2: Privacy Management Investigators
User3: Privacy Management Contributors
B User1: Privacy Management Analysts
User2: Privacy Management Contributors
User3: Privacy Management Investigators
C User1: Privacy Management Viewer
User2: Privacy Management Administrators
User3: Privacy Management Contributors
D User1: Privacy Management Analysts
User2: Privacy Management Investigators
User3: Privacy Management Administrators
E User1: Privacy Management Investigators
User2: Privacy Management Analysts
User3: Privacy Management Contributors
F User1: Privacy Management Viewer
User2: Privacy Management Investigators
User3: Privacy Management Administrators

Correct answer: D

Explanation:

Managing permissions in Defender for Office 365 or Microsoft Purview gives users access to security and compliance and governance features that are available within their respective portals.

The table below provides a brief description of the role groups we can choose from and their assigned roles.

Reference: Roles and role groups in Microsoft Defender for Office 365 and Microsoft Purview





 

Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test

 
 

© Copyright 2014 - 2025 by cert2brain.com