Exam SC-400: Microsoft Information Protection Administrator
| Exam Number: SC-400 | Length of test: 120 mins |
| Exam Name: Microsoft Information Protection Administrator | Number of questions in the actual exam: 40-60 |
| Format: PDF, VPLUS | Passing Score: 700/1000 |
|
Total Questions: 322 $30 Premium PDF file 2 months updates Last updated: November-2024 |
Total Questions: 322 FREE Premium VPLUS file Last updated: November-2024 |
Download practice test questions
| Title | Size | Hits | Download |
|---|---|---|---|
| Microsoft.SC-400.vAug-2024.by.Lion.155q | 16.84 MB | 48 | Download |
| Microsoft.SC-400.vAug-2024.by.Lion.155q | 11.19 MB | 54 | Download |
| Microsoft.SC-400.vMar-2024.by.Utany.93q | 6.19 MB | 51 | Download |
Study guide for Exam SC-400: Administering Information Protection and Compliance in Microsoft 365
Audience profile
Candidates for this exam are information protection and compliance administrators who plan and implement risk and compliance controls in the Microsoft Purview compliance portal.
The information protection and compliance administrator translates an organization’s risk and compliance requirements into technical implementation. They are responsible for implementing and managing solutions for content classification, data loss prevention (DLP), information protection, data lifecycle management, records management, privacy, risk, and compliance.
The information protection and compliance administrator works with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organization’s risk reduction and compliance goals. This role assists workload administrators, business application owners, human resources departments, and legal stakeholders to implement technology solutions that support the necessary policies and controls.
Candidates should have experience with Microsoft 365 services, including Microsoft 365 Apps, Microsoft Exchange Online, Microsoft SharePoint, Microsoft OneDrive, and Microsoft Teams. They should also be familiar with PowerShell.
Implement information protection (25–30%)
- Create and manage sensitive info types
- Create and manage trainable classifiers
- Implement and manage sensitivity labels
- Design and implement encryption for email messages
Implement DLP (15–20%)
- Create and configure DLP policies
- Implement and monitor Endpoint DLP
- Monitor and manage DLP activities
Implement data lifecycle and records management (10–15%)
- Retain and delete data by using retention labels
- Manage data retention in Microsoft 365 workloads
- Implement Microsoft Purview records management
Monitor and investigate data and activities by using Microsoft Purview (15–20%)
- Plan and manage regulatory requirements by using Microsoft Purview Compliance Manager
- Plan and manage eDiscovery and Content search
- Manage and analyze audit logs and reports in Microsoft Purview
Manage insider and privacy risk in Microsoft 365 (15–20%)
- Implement and manage Microsoft Purview Communication Compliance
- Implement and manage Microsoft Purview Insider Risk Management
- Implement and manage Microsoft Purview Information Barriers (IBs)
- Implement and manage privacy requirements by using Microsoft Priva
Some new questins:
Q
You have a Microsoft 365 E5 subscription.
You plan to implement insider risk management for users that manage sensitive data associated with a project.
You need to create a protection policy for the users. The solution must meet the following requirements:
* Minimize the impact on users who are NOT part of the project.
* Minimize administrative effort.
What should you do first?
A. From the Microsoft Entra admin center, create a security group.
B. From the Microsoft Purview compliance portal, create a priority user group.
C. From the Microsoft Entra admin center, create a User risk policy.
D. From the Microsoft Purview compliance portal, create an insider risk management policy.
Q
You plan to implement Microsoft Purview Advanced Message Encryption.
You need to ensure that encrypted email sent to external recipients expires after seven days.
What should you create first?
A. an X.509 version 3 certificate
B. a remote domain in Microsoft Exchange
C. a mail flow rule
D. a custom branding template
E. a connector in Microsoft Exchange
Q
HOTSPOT
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
You create a sensitivity label that has the following settings:
* Name: Sensitivity1
* Define the scope for this label: Items
* Choose protection settings for files and emails: Mark the content of files
o Add custom headers, footers, and watermarks to files and emails that have this label applied
You make Sensitivity1 available to User1. User1 performs the following actions:
* Creates a new email
* Adds a file named File1 .docx as an attachment to the email
* Applies Sensitivity1 to the email
* Sends the email to User2
How will the email and the attachment be marked?
Q
You have a Microsoft 365 E5 tenant that contains a user named User1. User1 is assigned the Compliance Administrator role.
User1 cannot view the regular expression in the Ip Address sensitive info type.
You need to ensure that User1 can view the regular expression.
What should you do?
A. Instruct User1 to use the Test function on the sensitive info type.
B. Create a copy of the Ip Address sensitive info type and instruct User1 to edit the copy.
C. Assign User1 the Global Reader role.
D. Assign User1 to the Reviewer role group.
Q
You have a Microsoft 365 E5 subscription.
You need to review the compliance of the subscription with the General Data Protection Regulation (GDPR) by using Compliance Manager. The solution must minimize administrative effort.
What should you create first?
A. a template
B. review assessments
C. an assessment
D. an alert policy to monitor for score changes
……….
Some new Questions:
Q
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.
Solution: You create a retention policy.
Does this meet the goal?
A. Yes
B. No
Q
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
Q
Task 2
You discover that all users can apply the Confidential – Finance label.
You need to ensure that the Confidential – Finance label is available only to the members of the Finance Team group.
A. See the solution below in Explanation
Q
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
A. See the solution below in Explanation
…….