Microsoft - SC-401: Administering Information Security in Microsoft 365
Sample Questions
Question: 266
Measured Skill: Implement data loss prevention and retention (30–35%)
You have a Microsoft 365 subscription.
You need to monitor Microsoft 365 Copilot user prompts and responses for content that has been matched by the Protected Materials trainable classifier.
Which type of policy should you create?| A | Communication compliance |
| B | Data loss prevention (DLP) |
| C | Insider risk management |
| D | Retention |
Correct answer: AExplanation:
Communication Compliance policies define which communications and users are subject to review in your organization, set custom conditions the communications must meet, and specify who should do reviews.
The Communication Compliance Copilot interactions policy template detects harmful user-generated and AI-generated content in applications and services. This detection includes evaluation of user prompts submitted to generative AI services and the inclusion of known text content that might be sensitive to your organization.
The following table describes the classifiers used by the template.
Reference: Create and manage Communication Compliance policies
Question: 267
Measured Skill: Implement information protection (30–35%)
You create a sensitivity label as shown in the following exhibit.
You create an auto-labeling policy as shown in the following exhibit.
A user sends the following email:
- From: user1@contoso.com
- To: user2@fabrikam.com
- Subject: Address List Message
- Body: Here are the lists that you requested.
- Attachments: File1.docx, File2.xml
Both attachments contain lists of IP addresses.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
(NOTE: Each correct selection is worth one point.)
| A | Sensitivity1 is applied to the email: Yes
A watermark is added to File1.docx: Yes
A header is added to File2.xml: Yes |
| B | Sensitivity1 is applied to the email: Yes
A watermark is added to File1.docx: Yes
A header is added to File2.xml: No |
| C | Sensitivity1 is applied to the email: Yes
A watermark is added to File1.docx: No
A header is added to File2.xml: No |
| D | Sensitivity1 is applied to the email: No
A watermark is added to File1.docx: Yes
A header is added to File2.xml: No |
| E | Sensitivity1 is applied to the email: No
A watermark is added to File1.docx: Yes
A header is added to File2.xml: Yes |
| F | Sensitivity1 is applied to the email: No
A watermark is added to File1.docx: No
A header is added to File2.xml: No |
Correct answer: CExplanation:
When you create a sensitivity label, you can automatically assign that label to files and emails when it matches conditions that you specify.
This ability to apply sensitivity labels to content automatically is important because:
You don't need to train your users when to use each of your classifications.
You don't need to rely on users to classify all content correctly.
Users no longer need to know about your policies—they can instead focus on their work.
Specific to auto-labeling for Exchange:
PDF attachments and Office attachments are scanned for the conditions you specify in your auto-labeling policy. When there's a match, the email is labeled but not the attachment.
References:
Apply a sensitivity label to content automatically
Learn about sensitivity labels
Question: 268
Measured Skill: Manage risks, alerts, and activities (30–35%)
You have a Microsoft 365 subscription that contains a user named User1.
You create a Highly Confidential sensitivity label named Label1.
You need to prevent User1 from using Microsoft 365 Copilot to summarize content that has Label1 applied. The solution must ensure that User1 can directly access the content.
Which type of policy should you create?| A | Communication compliance |
| B | Retention |
| C | Data loss prevention (DLP) |
| D | Insider risk management |
Correct answer: CExplanation:
Microsoft Purview Data Loss Prevention (DLP) can help you protect interactions with Microsoft 365 Copilot and Copilot Chat in two ways:
Restrict Microsoft 365 Copilot and Copilot Chat from processing sensitive prompts (preview), you can create a DLP policy to help protect against the use of sensitive information types (SIT), such as credit card numbers, passport identification, or social security numbers in Microsoft Copilot 365 prompts. This includes Microsoft provided SITs and custom SITs that you create. This real-time control helps organizations mitigate data leakage and oversharing risks by preventing Microsoft 365 Copilot and Copilot Chat, including prebuilt agents in Microsoft 365 Copilot and Copilot Chat, from returning a response when prompts contain sensitive data and from using that sensitive data for both internal and external web searches.
Restrict M365 Copilot and Copilot Chat processing sensitive files and emails (generally available), you can create a DLP policy to help protect against the inclusion of files and emails that have sensitivity labels from being used in the response summarization to prompt in Microsoft 365 Copilot and Copilot Chat.
Reference: Learn about using Microsoft Purview Data Loss Prevention to protect interactions with Microsoft 365 Copilot and Copilot Chat
Question: 269
Measured Skill: Implement data loss prevention and retention (30–35%)
You have a Microsoft 365 subscription that has a retention label named Retention1.
The subscription contains the files shown in the following table.
You create an auto-apply a label policy named Policy1 that will automatically apply Retention1 as shown in the following exhibit.
You configure Policy1 to apply Retention1 as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
(NOTE: Each correct selection is worth one point.)| A | Retention1 is applied to File1: Yes
Retention1 is applied to File2: Yes
Retention1 is applied to File3: Yes |
| B | Retention1 is applied to File1: Yes
Retention1 is applied to File2: Yes
Retention1 is applied to File3: No |
| C | Retention1 is applied to File1: Yes
Retention1 is applied to File2: No
Retention1 is applied to File3: Yes |
| D | Retention1 is applied to File1: No
Retention1 is applied to File2: Yes
Retention1 is applied to File3: No |
| E | Retention1 is applied to File1: No
Retention1 is applied to File2: Yes
Retention1 is applied to File3: Yes |
| F | Retention1 is applied to File1: No
Retention1 is applied to File2: No
Retention1 is applied to File3: No |
Correct answer: BExplanation:
Content must either match all conditions of Group1 OR all conditions of Group2 to have the retention policy applied.
File1 is stored in Exchange Online and matches the conditions of Group2 of Policy1. Retention1 is applied to File1.
File2 is stored in SharePoint Online and matches both conditions of Group1 of Policy1. Retention1 is applied to File2.
File3 is stored in Microsoft OneDrive. Policy1 does not apply to OneDrive accounts and Retention1 is not applied to File3.
Question: 270
Measured Skill: Manage risks, alerts, and activities (30–35%)
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?| A | From the Microsoft Defender portal, create a file policy. |
| B | From the Exchange admin center, create a data loss prevention (DLP) policy. |
| C | From the Microsoft Entra admin center, configure an Identity Protection policy. |
| D | From the Microsoft Defender portal, create an activity policy. |
Correct answer: AExplanation:
To help protect sensitive data, and to reduce the risk from oversharing, companies need a way to help prevent their users from inappropriately sharing sensitive data with people who shouldn't have it. This practice is called data loss prevention (DLP).
Data loss prevention can be implemented either by creating data loss prevention (DLP) policies from the Microsoft Purview compliance portal or by Defender for Cloud Apps creating file policies from the Microsoft Defender XDR portal.
Reference: Tutorial: Discover and protect sensitive information in your organization