November/2021 Latest Braindump2go SC-400 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SC-400 Real Exam Questions!
QUESTION 85
You have a data loss prevention (DLP) policy that applies to the Devices location.
The policy protects documents that contain States passport numbers.
Users reports that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
A. Unallowed apps
B. File path exclusions
C. Service domains
D. Unallowed browsers
Answer: C
Explanation:
You can control whether sensitive files protected by your policies can be uploaded to specific service domains from Microsoft Edge.
If the list mode is set to Block, then user will not be able to upload sensitive items to those domains. When an upload action is blocked because an item matches a DLP policy, DLP will either generate a warning or block the upload of the sensitive item.
If the list mode is set to Allow, then users will be able to upload sensitive items only to those domains, and upload access to all other domains is not allowed.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide
QUESTION 86
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
A. Edit the policy, remove all the actions in DLP rule 1, and select I’d like to test it out first.
B. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
C. Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.
D. Edit the policy, and then select I’d like to test it out first.
Answer: D
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-dlp-policy-from-a-template?view=o365-worldwide
QUESTION 87
You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.
You need to ensure that when users attempt to copy a file that contains sensitive information to a
USB storage device, the following requirements are met:
– If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
– All other users must be blocked from copying the file.
What should you create?
A. one DLP policy that contains one DLP rule
B. two DLP policies that each contains on DLP rule
C. one DLP policy that contains two DLP rules
Answer: B
QUESTION 88
You have a data loss prevention (DLP) policy configured for endpoints as shown in the following exhibit.
From a computer named Computer1, 3 user can sometimes upload files to cloud services and sometimes cannot. Other users experience the same issue.
What are two possible causes of the issue? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. The Access by unallowed apps action is set to Audit only.
B. The computers are NOT onboarded to the Microsoft 365 compliance center.
C. The Copy to clipboard action is set to Audit only.
D. There are file path exclusions in the Microsoft 365 Endpoint data loss prevention (Endpoint DIP) settings.
E. The unallowed browsers in the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings are NOT configured.
Answer: AD
QUESTION 89
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?
A. From the Microsoft 365 compliance center, create a data loss prevention (DLP) policy.
B. From the Azure portal, create an Azure Active Directory (Azure Al)) Identity Protection policy.
C. From the Microsoft 36h compliance? center, create an insider risk policy.
D. From the Microsoft 365 compliance center, start a data investigation.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide
QUESTION 90
Your company manufactures parts that are each assigned a unique 12-character alphanumeric serial number. Emails between the company and its customers refer in the serial number.
You need to ensure that ail Microsoft Exchange Online emails containing the serial numbers are retained for five years.
Which three objects should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. a trainable classifier
B. a sensitive info type
C. a retention polity
D. a data loss prevention (DLP) policy
E. an auto-labeling policy
F. a retention label
G. a sensitivity label
Answer: BEF
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitive-information-type-learn-about?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
QUESTION 91
You receive an email that contains a list of words that will be used few a sensitive information type.
You need to create a file that can be used as the source of a keyword dictionary.
In which format should you save the list?
A. an XLSX file that contains one word in each cell of the first row
B. a ISV file that contains words separated by tabs
C. a JSON file that that an element tor each word
D. a text file that has one word on each line
Answer: A
QUESTION 92
You plan to implement sensitivity labels for Microsoft Teams.
You need to ensure that you can view and apply sensitivity labels to new Microsoft Teams sites.
What should you do first?
A. Run the Set-sposite cmdlet.
B. Configure the EnableMTPLabels Azure Active Directory (Azure AD) setting.
C. Create a new sensitivity label scoped to Groups & sites.
D. Run the Execute-AzureAdLabelSync cmdtet.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-worldwide
QUESTION 93
Your company has a Microsoft 365 tenant that uses a domain named contoso.
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam.
You need to disable [email protected] from accessing the email.
What should you do?
A. Run the New-ComplianceSearchAction cmdlet.
B. Instruct User1 to delete the email from her Sent Items folder from Microsoft Outlook.
C. Run the Get-MessageTrace Cmdlet.
D. Run the Set-OMEMessageRevocation Cmdlet.
E. instruct User1 to select Remove external access from Microsoft Outlook on the web.
Answer: C
QUESTION 94
Your company has a Microsoft 365 tenant.
The company performs annual employee assessments. The assessment results are recorded in a document named Assessment I cmplatc.docx that is created by using Microsoft Word template. Copies of the employee assessments are sent to employees and their managers.
The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.
You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users.
You will use a document fingerprint to identify the assessment documents.
What should you include in the solution?
A. Create a fingerprint of AssessmentTemplate.docx.
B. Create a sensitive info type that uses Exact Data Match (EDM).
C. Create a fingerprint of TOO sample documents in the Assessments folder.
D. Import TOO sample documents from the Assessments folder to a seed folder.
Answer: D
QUESTION 95
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant that uses the following sensitivity labels:
* Confidential
* Internal
* External
The labels are published by using a label policy named Policy1. Users report that Microsoft Office for the wen apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.
You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.
Solution: You modify the publishing settings of Policy1.
Does the meet the goal?
A. Yes
B. No
Answer: B
QUESTION 96
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant that uses the following sensitivity labels:
* Confidential
* Internal
* External
The labels are published by using a label policy named Policy1. Users report that Microsoft Office for the wen apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.
You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.
Solution: You modify the scope of the Confidential label.
Does this meet the goal?
A. Yes
B. No
Answer: B
QUESTION 97
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant that uses the following sensitivity labels:
* Confidential
* Internal
* External
The labels are published by using a label policy named Policy1. Users report that Microsoft Office for the wen apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.
You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.
Solution: You run the Execute-AzureAdLabelSync cmdlet.
Does this meet the goal?
A. Yes
B. No
Answer: A
QUESTION 98
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You onboard the computers to Microsoft Defender fur Endpoint.
Does this meet the goal?
A. Yes
B. No
Answer: A
QUESTION 99
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You enroll the computers in Microsoft intune.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
Resources From:
1.2021 Latest Braindump2go SC-400 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/sc-400.html
2.2021 Latest Braindump2go SC-400 PDF and SC-400 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1TNUsggolzUGOjp9tqvmMQRofUYZjYJ9z?usp=sharing
3.2021 Free Braindump2go SC-400 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/SC-400-PDF-Dumps(82-112).pdf
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!