SC-400 Exam Dumps – Reliable Way to Pass and Get Certified

1. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 E5 subscription.

You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.

Solution: You create a retention policy.

Does this meet the goal?

2. You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

YOU run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminiAuditLogCmdlets "Mailbox* command.

Does that meet the goal?

3. You have a Microsoft 365 E5 tenant.

You create a data loss prevention (DLP) policy.

You need to ensure that the policy protects documents in Microsoft Teams chat sessions.

Which location should you enable in the policy?

4. You need to protect documents that contain credit card numbers from being opened by users outside your company. The solution must ensure that users at your company can open the documents.

What should you use?

5. You have a Microsoft 365 tenant that uses Microsoft Office 365 Message Encryption (OME).

You need to ensure that any emails containing attachments and sent to [email protected] are encrypted automatically by using OME.

What should you do?

6. HOTSPOT

You have a Microsoft 365 E5 subscription.

You are implementing insider risk management

You need to create an insider risk management notice template and format the message body of the notice template.

How should you configure the template? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

7. You need to implement a solution that meets the compliance requirements for the Windows 10 computers.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each coned selection is worth one point.

8. Topic 2, Contoso Case Study



Overview

Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, Boston, and Johannesburg.



Microsoft 365 Environment

Contoso has a Microsoft 365 FS tenant the tenant contains the administrative user accounts shown in the following table.







Users store data In the following locations:

• SharePoint sites

• OneDrive accounts

• Exchange email

• Exchange public folders

• Teams chats

• Teams channel messages

When users in the research department create documents, they must add a 10-dig>t project code to each document. Project codes that start with the digits 999 are confidential.



SharePoint Online Environment

Contoso has four Microsoft SharePoint Online sites named Site1. Site2. Site3. and Site4.

Site2 contains the files shown in the following table.





Two users named User1 and User2 are assigned roles for Site2 as shown in the following table.





Sile3 stores documents related to the company's projects. The documents are organized In a folder hierarchy based on the project.



Slte4 has the following two retention policies applied:

• Name: SitetKetentionPolicy1

• Locations to apply the policy: Site4

• Delete items older than:2 years

• Delete content based on: When items were created

• Name: Site4RetentionPolicy2

• Locations to apply the policy. Sile4

• Retain items for a specific period: 4 years

• Start the retention period based on: When items were created

• At the end of the retention period: Do nothing



Problem Statements

Management at Contoso is concerned about data leaks. On several occasions, confidential research departments were leaked.



Planned Changes

Contoso plans to create the following data loss prevention (DLP) policy:

• Name: DLPpolicy1

• Locations to apply the policy; Site2

• Conditions:

• Content contains any of these sensitive info types: SWIF F Code

• Instance count: 2 to any

• Actions: Restrict access to the content



Technical Requirements

Contoso must meet the following technical requirements:

• All administrative users must be able to review DLP reports.

• Whenever possible, the principle of least privilege must be used.

• For all users, all Microsoft 365 data must be retained for at least one year.

• Confidential documents must be detected and protected by using Microsoft 365.

• Site1 documents that include credit card numbers must be labeled automatically.

• All administrative users must be able to create Microsoft 365 sensitivity labels.

• After a project is complete, the documents in Site3 that relate to the project must be retained for 10 years



You need to meet the technical requirements for the Site3 documents.

What should you create?

9. You have a Microsoft 365 E5 tenant that contains the policies shown in the following table.





A file named File1 has all the policies applied.

How long will File1 be retained?

10. HOTSPOT

You need to implement an information compliance policy to meet the following requirements:

Documents that contain passport numbers from the United States, Germany, Australia, and Japan must be identified automatically.

When a user attempts to send an email or an attachment that contains a passport number, the user must receive a tooltip in Microsoft Outlook.

Users must be blocked from using Microsoft SharePoint Online or OneDrive for Business to share a document that contains a passport number.

What is the minimum number of sensitivity labels and auto-labeling policies you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

11. HOTSPOT

Your network contains an on-premises Active Directory domain named contoso.com.

The domain contains the groups shown in the following table.





The domain is synced to an Azure AD tenant that contains the groups shown in the following table.





You create a sensitivity label named Label1.

You need to publish Label1.

To which groups can you publish Label1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

12. Your company has a Microsoft 365 tenant that uses a domain named contoso.com.

You are implementing data loss prevention (DLP).

The company's default browser is Microsoft Edge.

During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint.com. Users are blocked from uploading the confidential files to the site from Microsoft Edge.

You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services.

Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)

NOTE: Each correct selection is worth one point.

13. You have a Microsoft 365 E5 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2.

You plan to configure a retention label named Label1 and apply Label1 to all the files in Site1.

You need to ensure that two years after a file is created in Site1, the file moves automatically to Site2.

How should you configure the Choose what happens after the retention period setting for Label1?

14. You have a Microsoft 365 E5 subscription.

You are implementing insider risk management.

You need to maximize the amount of historical data that is collected when an event is triggered.

What is the maximum number of days that historical data can be collected?

15. HOTSPOT

You need to recommend an information governance solution that meets the HR requirements for handling employment applications and resumes.

What is the minimum number of information governance solution components that you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

16. You have a Microsoft 365 tenant that uses the following sensitivity labels:

* Confidential

* Internal

* External

The labels are published by using a label policy named Policy1.

Users report that Microsoft Office for the wen apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.

You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.

Solution: You modify the scope of the Confidential label.

Does this meet the goal?

17. HOTSPOT

You have a Microsoft 365 ES subscription.

You plan to create a custom trainable classifier by uploading 1,000 machine-generated files as seed content.

The files have sequential names and are uploaded in one-minute intervals as shown in the following table.





Which files were processed first and last when you created the custom trainable classifier? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

18. You plan to import a file plan to the Microsoft 365 compliance center.

Which object type can you create by importing a records management file plan?

19. You have a Microsoft 365 E5 subscription.

Users access their mailbox by using the following apps:

• Outlook Win32

• Outlook on the web

• Outlook for iOS and Android

You create a data loss prevention (DLP) policy named DLP1 that has the following settings:

• Location: Exchange email

• Status: On

• User notifications: On

• Notify users in Office 365 service with a policy tip: Enabled

Which apps display a policy tip when content is matched by using DLP1?

20. You have a Microsoft 365 tenant.

All Microsoft OneDrive for Business content is retained roe five years.

A user named User1 left your company a year ago, after which the account of User 1 was deleted from Azure Active Directory (Azure AD)

You need to recover an important file that was stored in the OneDrive of User1.

What should you use?

21. HOTSPOT

You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.





You plan to create a communication compliance policy named Policy1.

You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.

Who should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

22. HOTSPOT

You have a Microsoft 365 E5 tenant.

Data loss prevention (DLP) policies are applied to Exchange email, SharePoint sites, and OneDrive accounts locations.

You need to use PowerShell to retrieve a summary of the DLP rule matches from the last seven days.

Which PowerShell module and cmdlet should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

23. You need to protect documents that contain credit card numbers from being opened by users outside your company. The solution must ensure that users at your company can open the documents.

What should you use?

24. You need to provide a user with the ability to view data loss prevention (DLP) alerts in the Microsoft 365 compliance center. The solution must use the principle of least privilege.

Which role should you assign to the use?

25. You receive an email that contains a list of words that will be used few a sensitive information type.

You need to create a file that can be used as the source of a keyword dictionary.

In which format should you save the list?

26. You are implementing a data classification solution.

The research department at your company requires that documents containing programming code be labeled as Confidential. The department provides samples of the code from its document library. The solution must minimize administrative effort.

What should you do?

27. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth is worth one point.

28. HOTSPOT

You have a Microsoft 365 subscription that contains a Microsoft SharePoint site named Site1.

For Site1, users are assigned the roles shown in the following table.





You publish retention labels to Site1 as shown in the following table.





You publish retention labels to Site1 as shown in the following table.

You have the files shown in the following table.





For each of the following statement, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

29. You have a Microsoft 365 subscription that uses Microsoft Exchange Online.

You need to receive an alert if a user emails sensitive documents to specific external domains.

What should you create?

30. HOTSPOT

You have a Microsoft 365 E5 subscription that contains the administrators shown in the following table.





On August 1, 2023, you apply the communication compliance policies shown in the following table.





For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

31. You have a Microsoft 365 E5 subscription that uses Privacy Risk Management in Microsoft Priva.

You need to review the personal data type instances that were detected in the subscription.

What should you use in the Microsoft Purview compliance portal?

32. You have a Microsoft 365 subscription.

You have a team named Team! in Microsoft Teams.

You plan to place all the content in Team1 on hold.

You need to identify which mailbox and which Microsoft SharePoint site collection are associated to Team1.

Which cmdlet should you use?

33. HOTSPOT

You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.

You create the audit retention policies shown in the following table.





The users perform the following actions:

• User1 renames a Microsoft SharePoint Online site.

• User2 sends an email message.

How long will the audit log records be retained for each action? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

34. You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.

What should you configure in the Microsoft Purview compliance portal?

35. HOTSPOT

You are implementing Microsoft Office 365 Message Encryption (OME) for a Microsoft 365 tenant named contoso.com.

You need to meet the following requirements:

• All email to a domain named fabhkam.com must be encrypted automatically.

• Encrypted emails must expire seven days after they are sent-

What should you configure for each requirement? To answer, select the appropriate options NOTE: Each correct selection is worth one point.

36. HOTSPOT

You have a Microsoft 365 tenant named contoso.com that contains two users named User1 and User2. The tenant uses Microsoft Office 365 Message Encryption (OME).

User1 plans to send emails that contain attachments as shown in the following table.





User2 plans to send emails that contain attachments as shown in the following table.





For which emails will the attachments be protected? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

37. You have a sensitive information type based on a trainable classifier.

You are unsatisfied with the result of the result of trainable classifier.

You need to retrain the classifier.

What should you use in the Microsoft 365 compliance center?

38. You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 contains a file named File1.

You have a retention policy named Retention! that has the following settings:

• Retain items for a specific period

o Retention period: 5 years

o At the end of the retention period: Delete items automatically Retention1 is applied to Site.

You need to ensure that File1 is deleted automatically after seven years. The solution must NOT affect the retention of other files on Site1.

What should you do first?

39. Your company has a Microsoft 365 tenant that uses a domain named contoso.

The company uses Microsoft Office 365 Message Encryption (OMI) to encrypt email sent to users in fabrikam.com.

A user named User1 erroneously sends an email to user2@fabrikam

You need to disable [email protected] from accessing the email.

What should you do?

40. You have a Microsoft 365 E5 subscription that contains a data loss prevention (DLP) policy named DLP1.

DLP1 contains the DLP rules shown in the table.





You need to ensure that when a document matches all the rules, users will see Tip 2.

What should you change?

41. You have a Microsoft 365 E5 subscription.

You create a role group named Rote1.

You need to add a role to Role1 that will enable group members to view the metadata of records that were tagged for deletion automatically at the end of the records' retention period. The solution must use the principle of least privilege.

Which role should you add?

42. You have a Microsoft 365 E3 subscription.

You plan to audit all Microsoft Exchange Online user and admin activities.

You need to ensure that all the Exchange audit log records are retained for one year.

What should you do?

43. HOTSPOT

You have a Microsoft 365 tenant that uses a domain named canstoso.com.

A user named User1 leaves your company. The mailbox of User1 is placed on Litigation Hold, and then the account of User1 is deleted from Azure Active Directory (Azure AD).

You need to copy the content of the User1 mailbox to a folder in the existing mailbox of another user named User2.

How should you complete the PowerShell command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

44. You have a Microsoft 365 E5 tenant that uses a domain named contoso.com.

A user named User1 sends link-based, branded emails that are encrypted by using Microsoft Office 365 Advanced Message Encryption to the recipients shown in the following table.





For which recipients can User1 revoke the emails?

45. You have a Microsoft SharePoint Online site that contains employee contracts in a document library named Contracts.

The contracts must be treated as records in accordance with your company's records management policy.

You need to implement a solution to automatically mark all the contracts as records when they are uploaded to Contracts.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. (Choose two.)

46. HOTSPOT

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.





The subscription contains the communication compliance policy shown in the following exhibit.





Users send the email messages shown in the following table.





For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point

47. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Built-in DLP inspection method and send alerts as email.

Does this meet the goal?

48. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Data Classification service inspection method and send alerts as email.

Does this meet the goal?

49. You need to meet the retention requirement for the users' Microsoft 365 data.

What is the minimum number of retention policies that you should use?

50. You have a Microsoft 365 subscription.

You create and run a content search from the Microsoft Purview compliance portal.

You need to download the results of the content search.

What should you obtain first?

51. 1. Topic 1, Fabrikam, Case Study



Overview

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each there may be additional case studies and sections on this exam. You must manage you’re your time to ensure that you are able to complete all included on this exam in the time provided.



To answer the questions included in a case study, you will need In reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described In the case study. Each question is independent of the other questions in this case study.



At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.



To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab. note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.



Cloud Environment

Fabrikam has a Microsoft 365 tenant that contains the following resources:

• An Azure Active Directory (Azure AD) tenant that syncs to an on-premises Active Directory domain named corp.fabrikam.com

• Microsoft Cloud App Security connectors configured for all supported cloud applications used by the company

Some users have company Dropbox accounts.



Compliance Configuration

Fabrikam has the following in the Microsoft 365 compliance center:

* A data loss prevention (DLP) policy is configured. The policy displays a tooltip to users. Users can provide a business justification to override a DLP policy violation.

* The Azure information Protection unified labeling scanner is installed and configured. * A sensitivity label named Fabrikam Confidential is configured.

An existing third-party records management system is managed by the compliance department.



Human Resources (HR) Management System

The HR department has an Azure SQL. database that contains employee information.

Each employee has a unique 12-character alphanumeric ID. The database contains confidential employed attributes including payroll information, date of birth, and personal contact details.



On-premises Environment

You have an on premises file server that runs Windows Server 2019 and stores Microsoft Office documents in a shared folder named Data.

All end-user computers are joined to the corp.fabrinkam.com domain and run a third-party antimalware application.



Sales Contracts

Users in the sales department receive draft sales contracts from customers by email. The sales contracts are written by the customers and are not in a standard format.



Employment Applications

Employment applications and resumes are received by HR department managers and stored in either mailboxes, Microsoft SharePoint Online sites, OneDrive for Business folders, or Microsoft Teams channels.

The employment application form is downloaded from SharePoint Online and a serial number is assigned to each application. the resumes are written by the applications and in any format.



HR Requirements

You need to create a DLP policy that will notify the HR department of a DLP policy violation if a document that contains confidential employee attributes is shared externally. The DLP policy must use an Exact Data Match (EDM) classification derived from a CSV export of the HR department database.



The HR department identifies the following requirements for handling employment applications:

* Resumes must be identified automatically based on similarities to other resumes received in the past

* Employment applications and resumes must be deleted automatically two years after the applications are received.

* Documents and emails that contain an application serial number must be identified automatically and marked as an employment application.



Sales Requirements

A sensitivity label named Sales Contract must be applied automatically to all draft and finalized sales contracts.



Compliance Requirements

Fabrikam identifies the following compliance requirements:

• All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.

• Users in the compliance department must view the justification provided when a user receives a tooltip notification for a DLP violation.

• If a document that has the Fabrikam Confidential sensitivity label applied is uploaded to Dropbox. the file must be deleted automatically. - The Fabrikam Confidential sensitivity label must be applied to existing Microsoft Word documents in the Data shared folder that have a document footer containing the following string: Company use only.

• Users must be able to manually select that email messages are sent encrypted. The encryption will use Office 365 Message Encryption (OME) v2. Any email containing an attachment that has the Fabrikam Confidential sensitivity label applied must be encrypted automatically by using OME.

• Existing policies configured in the third-party records management system must be replaced by using Records management in the Microsoft 365 compliance center. The compliance department plans to export the existing policies, and then produce a CSV file that contains matching labels and policies that are compatible with records management in Microsoft 365. The CSV file must be used to configure records management in Microsoft 365.



Executive Requirements

You must be able to restore all email received by Fabrikam executives for up to three years after an email is received, even if the email was deleted permanently.



HOTSPOT

You need to implement a solution to encrypt email. The solution must meet the compliance requirements.

What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

52. DRAG DROP

You need to create a trainable classifier that can be used as a condition in an auto-apply retention label policy.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

53. You have a Microsoft 365 tenant.

You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters.

You need to implement a data loss prevention (DLP) solution that meets the following requirements:

• Email messages that contain a single customer identifier can be sent outside your company,

• Email messages that contain two or more customer identifiers must be approved by the company s data privacy team.

Which two components should you include in the solution? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.

54. DRAG DROP

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

55. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring a file policy in Microsoft Cloud App Security.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Build-in DLP inspection method and send alerts to Microsoft Power Automate.

Does this meet the goal?

56. You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.

You need to implement Microsoft Purview data lifecycle management.

What should you create first?

57. You have a Microsoft 365 tenant that uses trainable classifiers.

You are creating a custom trainable classifier.

You collect 300 sample file types from various geographical locations to use as seed content. Some of the file samples are encrypted.

You organize the files into categories as shown in the following table.





Which file categories can be used as seed content?

58. DRAG DROP

You have a Microsoft 365 tenant.

A new regulatory requirement states that all documents containing a patent ID be labeled, retained for 10 years, and then deleted. The policy used to apply the retention settings must never be disabled or deleted by anyone.

You need to implement the regulatory requirement.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Choose three.)

59. You have a Microsoft 365 tenant.

You create the following:

✑ A sensitivity label

✑ An auto-labeling policy

You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy.

What should you do first?

60. HOTSPOT

You create a data loss prevention (DLP) policy that meets the following requirements:

Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel

Which location should you select for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

61. You have a Microsoft 365 E5 subscription.

You plan to use insider risk management to collect and investigate forensic evidence.

You need to enable forensic evidence capturing.

What should you do first?

62. You have a Microsoft 365 alert named Alert2 as shown in the following exhibit





You need to manage the status of Alert2.

To which status can you change Alert2?

63. HOTSPOT

You have a Microsoft SharePoint Online site named Site1 that contains the files shown in the following table.





You have a data loss prevention (DLP) policy named DLP1 that has the advanced DIP rules shown in the following table.





You apply DLP1 to Site1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No, NOTE: Each correct selection is worth one point.

64. You need to test Microsoft Office 365 Message Encryption (OME) capabilities for your company. The test must verify the following information:

- The acquired default template names

- The encryption and decryption verification status

Which PowerShell cmdlet should you run?

65. A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.

From the Cloud App Security portal, you discover the alert shown in the exhibit.





You restore the file from quarantine.

You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.

What should you do?

66. HOTSPOT

You have a hybrid Microsoft 365 deployment that contains the users shown in the following table.





You need to perform an eDiscovery content search.

Which user's data can be included in the content search? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

67. You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You onboard the computers to Microsoft Defender fur Endpoint.

Does this meet the goal?

68. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.

You are configuring a file policy m Microsoft Defender for Cloud Apps.

You need to configure the policy to apply to all files. Alerts must be sent to every file owner who Is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.

Solution: You use the Built-in DIP inspection method and send alerts to Microsoft Power Automate.

Does this meet the goal?

69. HOTSPOT

You have a Microsoft 365 E5 tenant that contains a sensitivity label named label1.

You plan to enable co-authoring for encrypted files.

You need to ensure that files that have label1 applied support co-authoring.

Which two settings should you modify? To answer, select the settings in the answer area. NOTE: Each correct selection is worth one point.

70. Task 5

You need to ensure that a group named U.S. Sales can store files containing information subject to General Data Protection Regulation (GDPR) in their OneDrive accounts. All other current GDPR restrictions must remain in effect.

71. A compliance administrator recently created several data loss prevention (DLP) policies.

After the policies are created, you receive a higher than expected volume of DLP alerts.

You need to identify which rules are generating the alerts.

Which DLP report should you use?

72. You need to meet the technical requirements for the creation of the sensitivity labels.

Which administrative users are currently missing the Sensitivity label administrator role?

73. You have a Microsoft 365 E5 subscription that contains a device named Device1. You need to enable Endpoint data loss prevention (Endpoint DLP) for Device1.

What should you do first in the Microsoft Purview compliance portal?

74. HOTSPOT

You use project codes that have a format of three alphabetical characters that represent the project

type, followed by three digits, for example Abc123.

You need to create a new sensitive info type for the project codes.

How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

75. HOTSPOT

You have a Microsoft E5 365 tenant.

You need to ensure that you can use sensitivity labels to declare regulatory records.

Which PowerShell cmdlet should you run, and which type of policy should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

76. Topic 3, Misc. Questions



You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain States passport numbers.

Users reports that they cannot upload documents to a travel management website because of the policy.

You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.

Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?

77. HOTSPOT

You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure AD.

You have a custom compliance manager template named Regulation1.

You have the assessments shown in the following table.





Assessment1 has the improvement actions shown in the following table.





Assessment2 has the improvement actions shown in the following table.





You perform the following actions:

• For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.

• Enable multi-factor authentication (MFA) for all users.

• Configure a privileged access policy.

For each of the following statements, select Yes if the statement is true. Otherwise select No. NOTE: Each correct selection is worth one point.

78. HOTSPOT

You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1.

Sensitivity1 adds a watermark and a header to content.

You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.

How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

79. HOTSPOT

You create a retention label policy named Contoso_policy that contains the following labels.

✑ 10 years then delete

✑ 5 years then delete

✑ Do not retain

Contoso_Policy is applied to content In Microsoft Sharepoint Online sites.

After a couple of days, yon discover the following messages on the Properties page of the label policy.

* Statue Off (Error)

* It's taking longer than expected to deploy the policy

You need to reinitiate the policy.

How should you complete the command? To answer, select the appropriate options in the; answer area. NOTE: Each correct selection is worth one point.