Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Microsoft SC-400

Microsoft SC-400 Exam Practice Questions (P. 3)

  • Full Access (352 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
You have a Microsoft 365 tenant that uses Microsoft Office 365 Message Encryption (OME).
You need to ensure that any emails containing attachments and sent to [email protected] are encrypted automatically by using OME.
What should you do?
  1. A
    From the Exchange admin center, create a new sharing policy.
  2. B
    From the Microsoft 365 security center, create a Safe Attachments policy.
  3. C
    From the Exchange admin center, create a mail flow rule.
  4. D
    From the Microsoft 365 compliance center, configure an auto-apply retention label policy.

Correct Answer:
C
You can create mail flow rules to help protect email messages you send and receive. You can set up rules to encrypt any outgoing email messages and remove encryption from encrypted messages coming from inside your organization or from replies to encrypted messages sent from your organization.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/define-mail-flow-rules-to-encrypt-email?view=o365-worldwide

Question #22
You plan to implement sensitivity labels for Microsoft Teams.
You need to ensure that you can view and apply sensitivity labels to new Microsoft Teams sites.
What should you do first?
  1. A
    Run the Set-SPOSite cmdlet.
  2. B
    Create a new sensitivity label scoped to Groups & sites.
  3. C
    Run the Execute-AzureAdLabelSync cmdlet.
  4. D
    Configure the EnableMIPLabels Azure Active Directory (Azure AD) setting.

Correct Answer:
B
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-worldwide

Question #23
HOTSPOT -
You have Microsoft 365 E5 tenant that has a domain name of M365x925027.onmicrosoft.com.
You have a published sensitivity label.
The Encryption settings for the sensitivity label are configured as shown in the exhibit.

For each of the following statements, select Yes if statement is true. Otherwise, select No
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:

 Box 1: Yes -
When you create a sensitivity label, you can restrict access to content that the label will be applied to. Only users within your organization can open a confidential document or email.

Box 2: No -
Assign permissions now has been selected.


Box 3: No -
Only co-author and co-owner can print.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-worldwide https://docs.microsoft.com/en-us/azure/information-protection/configure-usage-rights

Question #24
HOTSPOT -
You plan to create a custom sensitive information type that will use Exact Data Match (EDM).
You need to identify what to upload to Microsoft 365, and which tool to use for the upload.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:

 Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-custom-sensitive-information-types-with-exact-data-match-based-classification?view=o365- worldwide

Question #25
DRAG DROP -
You have a Microsoft 365 tenant that uses data loss prevention (DLP).
You have a custom employee information form named Template1.docx.
You need to create a classification rule package based on the document fingerprint of Template1.docx.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:


Correct Answer:

 Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/document-fingerprinting?view=o365-worldwide

Question #26
Your company has a Microsoft 365 tenant that uses a domain named contoso.com.
The company uses Microsoft Office 365 Message Encryption (OME) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to [email protected].
You need to prevent [email protected] from accessing the email.
What should you do?
  1. A
    Run the Get-MessageTrace cmdlet.
  2. B
    Run the Set-OMEMessageRevocation cmdlet.
  3. C
    Instruct User1 to delete the email from her Sent Items folder from Microsoft Outlook.
  4. D
    Run the New-ComplianceSearchAction cmdlet.
  5. E
    Instruct User1 to select Remove external access from Microsoft Outlook on the web.

Correct Answer:
A
chatbot-img GPT-4o - Answer
To effectively prevent an erroneous recipient from accessing an encrypted email sent via Microsoft 365, the utilization of the Set-OMEMessageRevocation cmdlet is the most direct and efficient action. This cmdlet is specifically designed to revoke previously granted access to an encrypted email, ensuring that the incorrect recipient cannot view its contents. It’s vital to have administrative rights and the appropriate permissions to execute this cmdlet, but once run, any access to the message by the specified recipient is blocked, directly addressing the situation described. Thus, if the question's goal is to genuinely prevent access, this would be the correct course of action.

Question #27
You have a Microsoft 365 tenant.
You discover that email does NOT use Microsoft Office 365 Message Encryption (OME).
You need to ensure that OME can be applied to email.
What should you do first?
  1. A
    Enable Microsoft Defender for Office 365.
  2. B
    Activate Azure Information Protection.
  3. C
    Activate Azure Rights Management (Azure RMS).
  4. D
    Create an Azure key vault.

Correct Answer:
C
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/set-up-new-message-encryption-capabilities?view=o365-worldwide

Question #28
HOTSPOT -
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:

 Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide

Question #29
HOTSPOT -
You plan to create a custom trainable classifier based on an organizational from template.
You need to identify which role-based access control (RBAC) role is required to create the trainable classifier and where to store the seed content for the trainable classifier. The solution must use the principle of least privilege.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:


Correct Answer:

 Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide#prepare-for-a-custom-trainable-classifier

Question #30
You have a Microsoft 365 tenant.
You create the following:
✑ A sensitivity label
✑ An auto-labeling policy
You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy.
What should you do first?
  1. A
    Enable insider risk management.
  2. B
    Create a trainable classifier.
  3. C
    Run the Enable-TransportRule cmdlet.
  4. D
    Run the policy in simulation mode.

Correct Answer:
D
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-worldwide

Previous Questions Next Questions

All Pages