A fully updated 2025 SC-400 Exam Dumps exam guide from training expert TestValid
Provides complete coverage of every objective on exam and exam preparation SC-400
Microsoft SC-400, also known as the Microsoft Information Protection Administrator certification exam, is a certification exam that is designed to validate the skills and knowledge of individuals in managing and deploying Microsoft Information Protection solutions. SC-400 exam is intended for individuals who have experience in implementing and managing security and compliance solutions in Microsoft 365 environments.
Microsoft SC-400 Certification Exam consists of 40-60 multiple-choice questions and is timed for 150 minutes. SC-400 exam measures a candidate's ability to manage and implement data protection solutions using Microsoft Information Protection technologies, including Azure Information Protection, Microsoft Cloud App Security, and Compliance Manager. SC-400 exam is designed to test a candidate's knowledge of implementing and managing data protection solutions, configuring security and compliance policies, and monitoring and reporting on compliance.
NEW QUESTION # 45
You create a retention label policy named Contoso_policy that contains the following labels.
* 10 years then delete
* 5 years then delete
* Do not retain
Contoso_Policy is applied to content In Microsoft Sharepoint Online sites.
After a couple of days, yon discover the following messages on the Properties page of the label policy.
* Statue Off (Error)
* It's taking longer than expected to deploy the policy
You need to reinitiate the policy.
How should you complete the command? To answer, select the appropriate options in the; answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/set-retentioncomplian HYPERLINK
"https://docs.microsoft.com/en-us/powershell/module/exchange/set-retentioncompliancepolicy?
view=exchange-ps"cepolicy?view=exchange-ps
NEW QUESTION # 46
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You create an assessment named Assesment1 as shown in the following exhibit.
Which users can update the title of Assessment1, and which users can add User5 to the Compliance Manager Readers role group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 47
You have a Microsoft 365 E5 subscription.
You need to implement a compliance solution that meets the following requirements:
* Captures clips of key security-related user activities, such as the exfiltration of sensitive company data.
* Integrates data loss prevention (OLP) capabilities with insider risk management.
What should you use for each requirement? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 48
You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure AD.
You have a custom compliance manager template named Regulation1.
You have the assessments shown in the following table.
Assessment1 has the improvement actions shown in the following table.
Assessment2 has the improvement actions shown in the following table.
You perform the following actions:
* For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.
* Enable multi-factor authentication (MFA) for all users.
* Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 49
You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.
The subscription contains the users shown in the following table.
You create the mail flow rules shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 50
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Table Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide
NEW QUESTION # 51
You have a Microsoft 365 E5 subscription that contains a data loss prevention (DLP) policy named DLP1. DLP1 contains the DLP rules shown in the table.
You need to ensure that when a document matches all the rules, users will see Tip 2. What should you change?
- A. the If there's a match for this rule, stop processing additional DLP policies and rules setting for Rule3 to Enabled
- B. the priority setting of Rule3 and Rule4 to 0
- C. the priority setting of Rule2 to 0
- D. the priority setting of Rule2 to 2
Answer: C
NEW QUESTION # 52
You have a Microsoft 365 E5 subscription that contains the administrators shown in the following table.
On August 1, 2023, you apply the communication compliance policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 53
You have a Microsoft 365 E5 subscription.
You need to implement a compliance solution that meets the following requirements:
* Captures clips of key security-related user activities, such as the exfiltration of sensitive company data.
* Integrates data loss prevention (OLP) capabilities with insider risk management.
What should you use for each requirement? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 54
You have a Microsoft 365 tenant that uses Microsoft Teams.
You create a data loss prevention (DLP) policy to prevent Microsoft Teams users from sharing sensitive information.
You need to identify which locations must be selected to meet the following requirements:
* Documents that contain sensitive information must not be shared inappropriately in Microsoft Teams.
* If a user attempts to share sensitive information during a Microsoft Teams chat session, the message must be deleted immediately.
Which three locations should you select? To answer, select the appropriate locations in the answer area.
(Choose three.)
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Graphical user interface, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide
NEW QUESTION # 55
You have a Microsoft SharePoint Online site that contains the following files.
Users are assigned roles for the site as shown in the following table.
Which files can User1 and User2 view? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://social.technet.microsoft.com/wiki/contents/articles/36527.implement-data-loss-prevention-dlp-in-sharepoint-online.aspx Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
NEW QUESTION # 56
You are implementing Microsoft Office 365 Message Encryption (OME) for a Microsoft 365 tenant named contoso.com.
You need to meet the following requirements:
* All email to a domain named fabhkam.com must be encrypted automatically.
* Encrypted emails must expire seven days after they are sent-
What should you configure for each requirement? To answer, select the appropriate options NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/email-encryption?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-advanced-expiration?view=o365-worldwide
NEW QUESTION # 57
Your company manufactures parts that are each assigned a unique 12-character alphanumeric serial number. Emails between the company and its customers refer in the serial number.
You need to ensure that ail Microsoft Exchange Online emails containing the serial numbers are retained for five years.
Which three objects should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- A. a retention label
- B. an auto-labeling policy
- C. a retention polity
- D. a data loss prevention (DLP) policy
- E. a trainable classifier
- F. a sensitive info type
- G. a sensitivity label
Answer: B,D,F
NEW QUESTION # 58
Case Study 1 - Fabrikam, Inc
Overview
Fabrikam, Inc. is a consulting company that has a main office in Montreal and six branch offices in New York, Seattle, Miami, Houston, Los Angeles, and Vancouver.
Existing Environment
Cloud Environment
Fabrikam has a Microsoft 365 tenant that contains the following resources:
An Azure Active Directory (Azure AD) tenant that syncs to an on-premises Active Directory domain named corp.fabrikam.com Microsoft Cloud App Security connectors configured for all supported cloud applications used by the company Some users have company Dropbox accounts.
Compliance Configuration
Fabrikam has the following in the Microsoft 365 compliance center:
A data loss prevention (DLP) policy is configured. The policy displays a tooltip to users. Users can provide a business justification to override a DLP policy violation.
The Azure Information Protection unified labeling scanner is installed and configured.
A sensitivity label named Fabrikam Confidential is configured.
An existing third-party records management system is managed by the compliance department.
Human Resources (HR) Management System
The HR department has an Azure SQL database that contains employee information. Each employee has a unique 12-character alphanumeric ID. The database contains confidential employee attributes including payroll information, date of birth, and personal contact details.
On-Premises Environment
You have an on-premises file server that runs Windows Server 2019 and stores Microsoft Office documents in a shared folder named Data.
All end-user computers are joined to the corp.fabrikam.com domain and run a third-party antimalware application.
Business Processes
Sales Contracts
Users in the sales department receive draft sales contracts from customers by email. The sales contracts are written by the customers and are not in a standard format.
Employment Applications
Employment applications and resumes are received by HR department managers and stored in either mailboxes, Microsoft SharePoint Online sites, OneDrive for Business folders, or Microsoft Teams channels.
The employment application form is downloaded from SharePoint Online and a serial number is assigned to each application.
The resumes are written by the applicants and are in any format.
Requirements
HR Requirements
You need to create a DLP policy that will notify the HR department of a DLP policy violation if a document that contains confidential employee attributes is shared externally. The DLP policy must use an Exact Data Match (EDM) classification derived from a CSV export of the HR department database.
The HR department identifies the following requirements for handling employment applications:
Resumes must be identified automatically based on similarities to other resumes received in the past.
Employment applications and resumes must be deleted automatically two years after the applications are received.
Documents and emails that contain an application serial number must be identified automatically and marked as an employment application.
Sales Requirements
A sensitivity label named Sales Contract must be applied automatically to all draft and finalized sales contracts.
Compliance Requirements
Fabrikam identifies the following compliance requirements:
All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.
Users in the compliance department must view the justification provided when a user receives a tooltip notification for a DLP violation.
If a document that has the Fabrikam Confidential sensitivity label applied is uploaded to Dropbox, the file must be deleted automatically.
The Fabrikam Confidential sensitivity label must be applied to existing Microsoft Word documents in the Data shared folder that have a document footer containing the following string: Company use only.
Users must be able to manually select that email messages are sent encrypted. The encryption will use Office 365 Message Encryption (OME) v2. Any email containing an attachment that has the Fabrikam Confidential sensitivity label applied must be encrypted automatically by using OME.
Existing policies configured in the third-party records management system must be replaced by using Records management in the Microsoft 365 compliance center. The compliance department plans to export the existing policies, and then produce a CSV file that contains matching labels and policies that are compatible with records management in Microsoft 365.
The CSV file must be used to configure records management in Microsoft 365.
Executive Requirements
You must be able to restore all email received by Fabrikam executives for up to three years after an email is received, even if the email was deleted permanently.
Drag and Drop Question
You need to recommend a solution that meets the sales requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Choose three.)
Answer:
Explanation:
Explanation:
We have to know how to detect and classify the sales contract, these contracts are written by customers and they are not in a standard format so a Fingerprint wont work.
We need a trainable classifier.
Upload the samples of the contracts in SharePoint Online as seed content.
Create a trainable classifier that will use the seed content to detect the contracts.
Create an auto-labeling policy to automatically apply the sensitvity label.
NEW QUESTION # 59
You have a Microsoft 365 E5 subscription. Microsoft Priva Privacy Risk Management licenses are assigned to all users.
You need to review and delete all the personal data that relates to a former employee. The solution must minimize administrative effort.
What should you do first?
- A. Purchase a Microsoft Priva Subject Rights Requests license.
- B. Create a retention policy.
- C. From Data matching, add a personal data schema for the data profile.
- D. Create an eDiscovery (Standard) case.
Answer: B
NEW QUESTION # 60
You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.
From a computer named Computer1, 3 user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue. What are two possible causes of the issue? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- A. There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DIP) settings.
- B. The Copy to clipboard action is set to Audit only.
- C. The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.
- D. The computers are NOT onboarded to the Microsoft 365 compliance center.
- E. The Access by unallowed apps action is set to Audit only.
Answer: A,C
NEW QUESTION # 61
You have a Microsoft 365 E5 subscription.
You need to meet the following requirements:
* Prevent the sharing of files between the users in a department named department1 and the users in a department named department2.
* Generate an alert if a user downloads large quantities of sensitive customer data.
Which type of policy should you use for each requirement? To answer, drag the appropriate policy types to the correct requirements. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 62
You have a Microsoft 365 ES subscription the uses Microsoft Priva.
You plan to create the Privacy risk management policies shown in the following table.
Which policies can send email notifications, and which policies can show policy tips m Microsoft Teams when a policy match is detected? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 63
You have a Microsoft 36d tenant.
You need to create a new sensitive info type for items that contain the following:
* An employee ID number that consists of the hire date of the employee followed by a three-digit number
* The words "Employee", "ID", or "Identification" within 300 characters of the employee ID number What should you use for the primary and secondary elements? To answer, select the appropriate options in the answer area.
Answer:
Explanation:
NEW QUESTION # 64
You plan to implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You need to identify which end user activities can be audited on the endpoints, and which activities can be restricted on the endpoints.
What should you identify for each activity? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide
NEW QUESTION # 65
You have a Microsoft 365 E5 subscription that contains the adaptive scopes shown in the following table.
You create the retention policies shown in the following table.
Which retention policies support a preservation lock?
- A. RPolicy2only
- B. RPolicy3only
- C. RPolicy1, RPolicy2, and RPolicy3
- D. RPolicy1 and RPolicy3 only
- E. RPolicy1l and RPolicy2 only
Answer: D
NEW QUESTION # 66
You have a Microsoft 365 tenant that uses data loss prevention (DLP) to protect sensitive information.
You create a new custom sensitive info type that has the matching element shown in the following exhibit.
The supporting elements are configured as shown in the following exhibit.
The confidence level and character proximity are configured as shown in the following exhibit.
For each of the following statements, select Yes if statement is true. Otherwise, select No
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-custom-sensitive-information-type?view=o365-worldwide
NEW QUESTION # 67
You have a Microsoft 365 E5 subscription. The subscription has a trainable classifier that is used to automatically apply a retention label.
You need to retrain the classifier.
What should you use in the Microsoft Purview portal?
- A. Content explorer
- B. Records management
- C. Activity explorer
- D. Content search
Answer: B
NEW QUESTION # 68
......
Tested Material Used To SC-400: https://pass4sure.testvalid.com/SC-400-valid-exam-test.html