최신 SC-400 무료덤프 - Microsoft Information Protection Administrator
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
You need to onboard the devices to Microsoft Purview. The solution must ensure that you can apply Endpoint data loss prevention (Endpoint DLP) policies to the devices. What can you use to onboard each device? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to onboard the devices to Microsoft Purview. The solution must ensure that you can apply Endpoint data loss prevention (Endpoint DLP) policies to the devices. What can you use to onboard each device? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
You have a Microsoft 365 E5 subscription that contains multiple data loss prevention (DLP) policies.
You need to identify which DLP rules include conditions that can trigger the DLP policies.
Which report should you use from the Microsoft Purview compliance portal?
You need to identify which DLP rules include conditions that can trigger the DLP policies.
Which report should you use from the Microsoft Purview compliance portal?
정답: A
Task 3
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
정답:
See the solution below in Explanation.
Explanation:
To create a label that adds a watermark of "Project Falcon" in red, size-12 font diagonally across the documents, follow these steps:
* Create a Sensitivity Label:
* Log in to the Microsoft Purview portal or the Microsoft Purview compliance portal as an admin.
* Navigate to Sensitivity labels and create a new label called "Project Falcon".
* Specify the appropriate settings for this label, including encryption, content markings, and permissions.
* Configure Content Markings (Watermark):
* When creating the label, configure the content markings section.
* Choose "Watermark" and set the text to "Project Falcon".
* Select the color as red and font size as 12.
* Set the watermark position to diagonal across the document.
* Assign the Label:
* Assign the "Project Falcon" label to the relevant documents within the Falcon project.
* Users who apply this label will automatically add the specified watermark to their documents.
Explanation:
To create a label that adds a watermark of "Project Falcon" in red, size-12 font diagonally across the documents, follow these steps:
* Create a Sensitivity Label:
* Log in to the Microsoft Purview portal or the Microsoft Purview compliance portal as an admin.
* Navigate to Sensitivity labels and create a new label called "Project Falcon".
* Specify the appropriate settings for this label, including encryption, content markings, and permissions.
* Configure Content Markings (Watermark):
* When creating the label, configure the content markings section.
* Choose "Watermark" and set the text to "Project Falcon".
* Select the color as red and font size as 12.
* Set the watermark position to diagonal across the document.
* Assign the Label:
* Assign the "Project Falcon" label to the relevant documents within the Falcon project.
* Users who apply this label will automatically add the specified watermark to their documents.
Your company has a Microsoft 365 tenant that uses a domain named contoso.
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable [email protected] from accessing the email.
What should you do?
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable [email protected] from accessing the email.
What should you do?
정답: C
You have a Microsoft 365 E5 subscription that uses Privacy Risk Management in Microsoft Priva.
You need to review the personal data type instances that were detected in the subscription.
What should you use in the Microsoft Purview compliance portal?
You need to review the personal data type instances that were detected in the subscription.
What should you use in the Microsoft Purview compliance portal?
정답: A
You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.
What should you recommend?
What should you recommend?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
정답:
See the solution below in Explanation.
* Create a Custom Content Type:
* Go to your SharePoint Online site.
* Click on Settings (gear icon) and select Site settings.
* Under Web Designer Galleries, choose Site content types.
* Create a new content type (e.g., "Product1 Classification") based on the Document parent content type.
* Add a custom column (e.g., "Classification") to this content type.
* Apply the Content Type to Document Libraries:
* Navigate to the document library where the files are stored.
* Click on Library settings.
* Under General Settings, select Advanced settings.
* Choose Yes for "Allow management of content types."
* Add your custom content type ("Product1 Classification") to the library.
* Manually Classify Files:
* Upload or edit a file in the library.
* In the file properties, select the Classification field and set it to "Product1."
* Permissions and Encryption:
* Ensure that all authenticated users have at least View permissions on the library.
* For encryption, SharePoint Online automatically encrypts files at rest using BitLocker disk-level encryption.
* Files classified as "Product1" will be encrypted and accessible only to authorized users.
* Create a Custom Content Type:
* Go to your SharePoint Online site.
* Click on Settings (gear icon) and select Site settings.
* Under Web Designer Galleries, choose Site content types.
* Create a new content type (e.g., "Product1 Classification") based on the Document parent content type.
* Add a custom column (e.g., "Classification") to this content type.
* Apply the Content Type to Document Libraries:
* Navigate to the document library where the files are stored.
* Click on Library settings.
* Under General Settings, select Advanced settings.
* Choose Yes for "Allow management of content types."
* Add your custom content type ("Product1 Classification") to the library.
* Manually Classify Files:
* Upload or edit a file in the library.
* In the file properties, select the Classification field and set it to "Product1."
* Permissions and Encryption:
* Ensure that all authenticated users have at least View permissions on the library.
* For encryption, SharePoint Online automatically encrypts files at rest using BitLocker disk-level encryption.
* Files classified as "Product1" will be encrypted and accessible only to authorized users.
You create a data loss prevention (DLP) policy that meets the following requirements:
* Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat
* Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel Which location should you select for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
* Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat
* Prevents guest users from accessing a sensitive document stored in a Microsoft Teams channel Which location should you select for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoftteams/sharepoint-onedrive-interact
A compliance administrator recently created several data loss prevention (DLP) policies.
After the policies are created, you receive a higher than expected volume of DLP alerts.
You need to identify which rules are generating the alerts.
Which DLP report should you use?
After the policies are created, you receive a higher than expected volume of DLP alerts.
You need to identify which rules are generating the alerts.
Which DLP report should you use?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
The subscription contains the communication compliance policy shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point
The subscription contains the communication compliance policy shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point
정답:
Explanation:
You have a Microsoft 365 E5 subscription that contains two users named Admin1 and User1, a Microsoft SharePoint Online site named Site1, and a retention label named Retention1.
The role assignments for Site1 are shown in the following table.
Site1 includes a file named File1. Rentention1 has the following settings:
* Retain items for a specific period: Retention period: 7 years
* During the retention period: Mark items as a record
* At the end of the retention period: Delete items automatically
Rentention1 is published to Site1. User1 applies Retention1 to File1. For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The role assignments for Site1 are shown in the following table.
Site1 includes a file named File1. Rentention1 has the following settings:
* Retain items for a specific period: Retention period: 7 years
* During the retention period: Mark items as a record
* At the end of the retention period: Delete items automatically
Rentention1 is published to Site1. User1 applies Retention1 to File1. For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have a Microsoft 365 E5 tenant that has data loss prevention (DLP) policies. You need to create a report that includes the following:
* Documents that have a matched DLP policy.
* Documents that have had a sensitivity label changed.
* Documents that have had a sensitivity label removed.
What should you use?
* Documents that have a matched DLP policy.
* Documents that have had a sensitivity label changed.
* Documents that have had a sensitivity label removed.
What should you use?
정답: C
You have a Microsoft 365 tenant that uses 100 data loss prevention (DLP) policies.
A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations.
You need to recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy.
Which report should you recommend?
A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations.
You need to recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy.
Which report should you recommend?
정답: B
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You need to ensure that you receive an alert when a user uploads a document to a third-party cloud storage service.
What should you use?
You need to ensure that you receive an alert when a user uploads a document to a third-party cloud storage service.
What should you use?
정답: C
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
정답:
See the solution below in Explanation.
Explanation:
To block users from sending emails containing information subject to the Payment Card Industry Data Security Standard (PCI DSS), you can create a Data Loss Prevention (DLP) policy in Microsoft Exchange Online. Here's how:
* Create a Custom DLP Policy:
* Log in to the Microsoft Exchange Online admin center.
* Navigate to Data loss prevention > Policy.
* Create a new custom policy specifically for PCI DSS compliance.
* Define Conditions:
* In the policy settings, define conditions that identify sensitive data related to PCI DSS. For example:
* Keywords: Include terms like "credit card," "debit card," or specific card number formats.
* Regular Expressions (Regex): Craft expressions to match credit card patterns (e.g., \b\d{4}-\d{4}-\d{4}-\d{4}\b for Visa/Mastercard).
* Sensitive Information Types: Use built-in or custom sensitive information types related to payment cards.
* Choose Actions:
* Specify the actions to take when sensitive data is detected in emails:
* Block: Prevent the email from being sent.
* Notify Sender: Inform the sender that sensitive data is not allowed via email.
* Add Disclaimer/Watermark: Optionally add a disclaimer or watermark to the email.
* Apply the Policy to Emails Only:
* Ensure that the policy is configured to apply only to emails (not other communication channels).
* Exclude internal communication if necessary.
* Test and Monitor:
* Enable the policy in test mode initially to validate its effectiveness.
* Monitor logs and adjust the policy as needed.
Explanation:
To block users from sending emails containing information subject to the Payment Card Industry Data Security Standard (PCI DSS), you can create a Data Loss Prevention (DLP) policy in Microsoft Exchange Online. Here's how:
* Create a Custom DLP Policy:
* Log in to the Microsoft Exchange Online admin center.
* Navigate to Data loss prevention > Policy.
* Create a new custom policy specifically for PCI DSS compliance.
* Define Conditions:
* In the policy settings, define conditions that identify sensitive data related to PCI DSS. For example:
* Keywords: Include terms like "credit card," "debit card," or specific card number formats.
* Regular Expressions (Regex): Craft expressions to match credit card patterns (e.g., \b\d{4}-\d{4}-\d{4}-\d{4}\b for Visa/Mastercard).
* Sensitive Information Types: Use built-in or custom sensitive information types related to payment cards.
* Choose Actions:
* Specify the actions to take when sensitive data is detected in emails:
* Block: Prevent the email from being sent.
* Notify Sender: Inform the sender that sensitive data is not allowed via email.
* Add Disclaimer/Watermark: Optionally add a disclaimer or watermark to the email.
* Apply the Policy to Emails Only:
* Ensure that the policy is configured to apply only to emails (not other communication channels).
* Exclude internal communication if necessary.
* Test and Monitor:
* Enable the policy in test mode initially to validate its effectiveness.
* Monitor logs and adjust the policy as needed.
While creating a retention label, you discover that the following options are missing:
* Mark items as a record
* Mark items as a regulatory record
You need to ensure that the options are available when you create retention labels in the Microsoft 365 compliance center.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
* Mark items as a record
* Mark items as a regulatory record
You need to ensure that the options are available when you create retention labels in the Microsoft 365 compliance center.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/declare-records?view=o365-worldwide
https://docs.microsoft.com/en-us/powershell/exchange/connect-to-scc-powershell?view=exchange-ps