Valid SC-401 Dumps shared by PassLeader for Helping Passing SC-401 Exam! PassLeader now offer the newest SC-401 VCE dumps and SC-401 PDF dumps, the PassLeader SC-401 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader SC-401 dumps with VCE and PDF here: https://www.passleader.com/sc-401.html (72 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader SC-401 dumps from Cloud Storage: https://drive.google.com/drive/folders/13683SpK3sRCjLQqgxAcbbmi8fxAV-smt
NEW QUESTION 1
You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers are onboarded to Microsoft Purview. You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers. You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Adding a folder path to the file path exclusions in Microsoft 365 Endpoint DLP does not prevent Tailspin_scanner.exe from accessing protected sensitive information. Instead, it would exclude those files from DLP protection, which is not the intended outcome. To block Tailspin_scanner.exe from accessing sensitive documents while allowing it to access other files, the correct solution is to use Microsoft Purview Endpoint Data Loss Prevention (Endpoint DLP) and add Tailspin_scanner.exe to the Restricted Apps list. Endpoint DLP allows you to block specific applications from accessing sensitive files while keeping general access available. Restricted Apps List in Endpoint DLP ensures that Tailspin_scanner.exe cannot open, copy, or process protected documents, but it can still function normally for non-sensitive content.
NEW QUESTION 2
You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties. You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches a sensitive info type.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
To ensure Azure Storage Account keys are encrypted when sent via email, you need a Data Loss Prevention (DLP) policy that detects Azure Storage Account keys using a sensitive information type and automatically encrypts emails containing these keys. Mail flow rules (transport rules) can detect sensitive info, but they are limited in encryption capabilities. DLP policies provide more advanced protection and integration with Microsoft Purview for sensitive info detection.
NEW QUESTION 3
You have a Microsoft 365 subscription. You have a user named User1. Several users have full access to the mailbox of User1. Some email messages sent to User1 appear to have been read and deleted before the user viewed them. When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User1, the results are blank. You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-MailboxFolderPermission -Identity “User1” -User [email protected] – AccessRights Owner command.
Does that meet the goal?
A. Yes
B. No
Answer: B
Explanation:
The Set-MailboxFolderPermission -Identity “User1” -User [email protected] -AccessRights Owner command is incorrect. This assigns folder permissions but does not enable auditing. It does not track who accessed the mailbox or deleted emails.
NEW QUESTION 4
You have a Microsoft 365 E5 subscription. You need to create a sensitivity label named Label1. The solution must ensure that users can use Microsoft 365 Copilot to summarize files that have Label1 applied. Which permission should you select for Label1?
A. Export content (EXPORT).
B. Copy and extract content (EXTRACT).
C. Edit content (DOCEDIT).
D. View rights (VIEW).
Answer: B
Explanation:
To allow Microsoft 365 Copilot to summarize files that have Label1 applied, the label must grant permission to extract content from the document. The correct permission for this is Copy and extract content (EXTRACT). Microsoft 365 Copilot requires access to read and process content in documents to generate summaries. The EXTRACT permission allows users (and AI tools like Copilot) to copy and extract content for processing while still maintaining the protection applied by the sensitivity label.
NEW QUESTION 5
You have a Microsoft 365 E5 subscription. You need to enable support for sensitivity labels in Microsoft SharePoint Online. What should you use?
A. the Microsoft Purview portal
B. the Microsoft Entra admin center
C. the SharePoint admin center
D. the Microsoft 365 admin center
Answer: C
Explanation:
To enable support for sensitivity labels in Microsoft SharePoint Online, you must configure the setting in the SharePoint admin center. Sensitivity labels in SharePoint Online allow labeling and protection of files stored in SharePoint and OneDrive. This feature must be enabled in the SharePoint admin center –> Settings –> Information protection to allow sensitivity labels to apply encryption and protection to stored documents.
NEW QUESTION 6
You have a Microsoft SharePoint Online site named Site1 that contains a document library. The library contains more than 1,000 documents. Some of the documents are job applicant resumes. All the documents are in the English language. You plan to apply a sensitivity label automatically to any document identified as a resume. Only documents that contain work experience, education, and accomplishments must be labeled automatically. You need to identify and categorize the resumes. The solution must minimize administrative effort. What should you include in the solution?
A. a trainable classifier
B. a keyword dictionary
C. a function
D. an exact data match (EDM) classifier
Answer: A
Explanation:
Since you need to automatically apply a sensitivity label to resumes based on their content and structure (work experience, education, accomplishments), a trainable classifier is the best choice. Trainable classifiers use machine learning to identify unstructured data, such as resumes, contracts, or legal documents. Instead of relying on predefined patterns (like keywords or regular expressions), a trainable classifier learns from sample documents and can accurately identify resumes even if they are formatted differently.
NEW QUESTION 7
You are planning a data loss prevention (DLP) solution that will apply to Windows Client computers. You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:
– If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
– All other users must be blocked from copying the file.
What should you create?
A. one DLP policy that contains one DLP rule
B. one DLP policy that contains two DLP rules
C. two DLP policies that each contains one DLP rule
Answer: B
Explanation:
To meet the requirements, you need one DLP policy with two separate DLP rules to handle the different conditions:
1. First DLP Rule (For Group1 Members): If the user is a member of Group1 and attempts to copy a file with sensitive data to a USB storage device. Allow the file copy but log the event in the audit log.
2. Second DLP Rule (For All Other Users): If any user who is NOT in Group1 attempts to copy a file with sensitive data to a USB storage device. Block the file transfer.
NEW QUESTION 8
You have a Microsoft 365 subscription. You need to ensure that users can apply retention labels to individual documents in their Microsoft SharePoint libraries. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. From Microsoft Defender for Cloud Apps, create a file policy.
B. From the SharePoint admin center, modify the Site Settings.
C. From the SharePoint ad min center, modify the records management settings.
D. From the Microsoft Purview portal, publish a label.
E. From the Microsoft Purview portal, create a label.
Answer: DE
Explanation:
To allow users to apply retention labels to individual documents in Microsoft SharePoint libraries, you need to create a retention label and publish the label. In Microsoft Purview, retention labels define how long content should be retained or deleted. You must first create a label that specifies the retention rules. After creating the label, you must publish it so that it becomes available for users in SharePoint document libraries. Once published, users can manually apply the retention label to individual documents.
NEW QUESTION 9
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. You need to implement Microsoft Purview data lifecycle management. What should you create first?
A. a sensitivity label policy
B. a data loss prevention (DLP) policy
C. an auto-labeling policy
D. a retention label
Answer: D
Explanation:
To implement Microsoft Purview Data Lifecycle Management for SharePoint Online (Site1), you need to create a retention label first. Retention labels define how long content should be retained or deleted based on compliance requirements. Once a retention label is created, it can be manually or automatically applied to content in SharePoint Online, Exchange, OneDrive, and Teams. After creating a retention label, you can configure label policies to apply them to Site1 and other locations.
NEW QUESTION 10
You have a Microsoft 365 tenant. You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters. You need to implement a data loss prevention (DLP) solution that meets the following requirements:
– Email messages that contain a single customer identifier can be sent outside your company.
– Email messages that contain two or more customer identifiers must be approved by the company’s data privacy team.
Which two components should you include in the solution? (Each correct answer presents part of the solution. Choose two.)
A. a sensitivity label
B. a sensitive information type
C. a DLP policy
D. a retention label
E. a mail flow rule
Answer: BC
Explanation:
You need to define a custom sensitive information type that recognizes the unique 13-digit identifier format for customer records. Microsoft Purview DLP policies use these types to identify and protect sensitive data. A Data Loss Prevention (DLP) policy is required to enforce the rules. It will allow emails with a single identifier but trigger an approval workflow when two or more identifiers are detected.
NEW QUESTION 11
You are creating a data loss prevention (DLP) policy that will apply to all available locations except Fabric and Power BI workspaces. You configure an advanced DLP rule in the policy. Which type of condition can you use in the rule?
A. Sensitive info type.
B. Content search query.
C. Sensitive label.
D. Keywords.
Answer: A
Explanation:
When configuring an advanced DLP rule in Microsoft Purview Data Loss Prevention (DLP), you can use a Sensitive Information Type (SIT) condition to detect and classify specific types of sensitive data, such as credit card numbers, Social Security numbers, or custom sensitive data patterns. This allows you to apply protection and trigger actions based on the identified content.
NEW QUESTION 12
You have a Microsoft 365 E5 subscription that uses Microsoft Purview. You create a communication compliance policy named Policy1 and select Detect Microsoft Copilot interactions. Which two trainable classifiers will be added to Policy1 automatically? (Each correct answer presents part of the solution. Choose two.)
A. Unauthorized disclosure.
B. Prompt Shields.
C. Threat.
D. Corporate Sabotage.
E. Protected Materials.
Answer: AE
Explanation:
When you create a communication compliance policy in Microsoft Purview and select “Detect Microsoft Copilot interactions”, certain trainable classifiers are automatically added to help detect sensitive or inappropriate AI usage. The “Unauthorized disclosure” classifier helps detect cases where users might share confidential or sensitive information via Copilot interactions, preventing unintended data leaks. The “Protected Materials” classifier is used to identify sensitive or restricted content that should not be shared through Copilot, ensuring compliance with organizational policies.
NEW QUESTION 13
You have a Microsoft 365 E5 tenant. You need to add a new keyword dictionary. What should you create?
A. a trainable classifier
B. a retention policy
C. a sensitivity label
D. a sensitive info type
Answer: D
Explanation:
To add a new keyword dictionary in Microsoft Purview Data Loss Prevention (DLP), you must create a Sensitive Information Type (SIT). Sensitive Info Types (SITs) allow you to define custom detection rules, including keyword dictionaries, regular expressions, and functions for identifying sensitive content in emails, documents, and other Microsoft 365 locations. A keyword dictionary is a list of predefined words/phrases that Microsoft Purview can use to identify and classify content for DLP policies.
NEW QUESTION 14
You have a Microsoft 365 E5 subscription. You need to review a Microsoft 365 Copilot usage report. From where should you review the report?
A. Information Protection in the Microsoft Purview portal
B. the Microsoft 365 admin center
C. DSPM for Al in the Microsoft Purview portal
D. the Microsoft Defender portal
Answer: C
Explanation:
To review a Microsoft 365 Copilot usage report, you need to use Data Security Posture Management for AI (DSPM for AI) in the Microsoft Purview portal. DSPM for AI provides insights into AI-related activities, including Copilot usage, risk assessments, and data security posture related to AI interactions within Microsoft 365.
NEW QUESTION 15
You have a Microsoft 365 E5 subscription. You plan to implement Microsoft Purview insider risk management. You implement the HR data connector. You need to prepare the data that will be imported by the data connector. In which format should you prepare the data?
A. JSON
B. CSV
C. TSV
D. XML
E. PRN
Answer: B
Explanation:
When implementing Microsoft Purview Insider Risk Management and using the HR data connector, you must prepare HR data in CSV (Comma-Separated Values) format. This format is required because Microsoft Purview supports CSV files for importing user employment details, termination dates, role changes, and other HR-related attributes.
NEW QUESTION 16
You have a Microsoft 365 E5 subscription. You plan to implement insider risk management for users that manage sensitive data associated with a project. You need to create a protection policy for the users. The solution must meet the following requirements:
– Minimize the impact on users who are NOT part of the project.
– Minimize administrative effort.
What should you do first?
A. From the Microsoft Purview portal, create an insider risk management policy.
B. From the Microsoft Entra admin center, create a security group.
C. From the Microsoft Entra admin center create a User risk policy.
D. From the Microsoft Purview portal create a priority user group.
Answer: B
Explanation:
To implement insider risk management for users managing sensitive project data while minimizing the impact on other users and reducing administrative effort, you should first create a security group in Microsoft Entra ID (formerly Azure AD). Security groups allow you to scope insider risk management policies to specific users instead of applying policies to all users, which helps in minimizing unnecessary alerts and reducing administrative overhead. After creating the security group, you can assign this group to a Microsoft Purview Insider Risk Management policy, ensuring that only project-related users are affected.
NEW QUESTION 17
HotSpot
You have a new Microsoft 365 E5 tenant. You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege. What should you do first? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
To create a custom trainable classifier in Microsoft Purview (formerly Microsoft Compliance Center), you must first opt into the trainable classifier feature. Before using custom trainable classifiers, Microsoft requires manual opt-in through the Microsoft Purview compliance portal. Without this step, you cannot create a new classifier. The Compliance Administrator role has the necessary permissions to configure data classification, DLP policies, and trainable classifiers. Global Administrator has higher privileges but is not required for this task, violating the principle of least privilege. Security Administrator is focused on security-related settings but does not manage compliance features like classifiers.
NEW QUESTION 18
HotSpot
You plan to create a custom sensitive information type that will use Exact Data Match (EDM). You need to identify what to upload to Microsoft 365, and which tool to use for the upload. What should you identify? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
EDM does not store raw data; instead, it requires hashed versions of sensitive data for privacy and security. To upload the hashed data, Microsoft provides the EDM upload agent. This ensures that the data is securely processed and recognized by the EDM service in Microsoft 365.
NEW QUESTION 19
HotSpot
You have a Microsoft 365 E5 subscription that uses Microsoft Purview. You need ensure that an incident will be generated when a user visits a phishing website. What should you do? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
Box 1: Insider Risk Management policies in Microsoft Purview can be configured to detect risky behavior, such as accessing phishing websites. These policies monitor user activity, generate alerts, and help organizations investigate potential security threats.
Box 2: Microsoft Defender Browser Protection extension helps in detecting unsafe or phishing websites and integrating this detection with Insider Risk Management policies. This extension works with Microsoft Edge and Google Chrome to identify risky browsing activity and trigger alerts.
NEW QUESTION 20
Drag and Drop
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps. You plan to deploy a Defender for Cloud Apps file policy that will be triggered when the following conditions are met:
– A file is shared externally.
– A file is labeled as internal only.
Which filter should you use for each condition? (To answer, drag the appropriate filters to the correct conditions. Each filter may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
NEW QUESTION 21
Drag and Drop
You need to create a trainable classifier that can be used as a condition in an auto-apply retention label policy. Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
Answer:
Explanation:
To create a trainable classifier that can be used in an auto-apply retention label policy, you need to follow these key steps:
1. Create the trainable classifier. This is the first step where you define the classifier, specifying the types of content it should identify.
2. Test the trainable classifier. Before using the classifier in production, you need to validate its accuracy by testing it against sample documents to ensure it correctly classifies the intended data.
3. Publish the trainable classifier. Once testing is successful, you must publish the classifier so that it can be used in policies like auto-apply retention labels in Microsoft Purview.
NEW QUESTION 22
Drag and Drop
You have a Microsoft 365 subscription that contains 20 data loss prevention (DLP) policies. You need to identify the following:
– Rules that are applied without triggering a policy alert.
– The top 10 files that have matched DLP policies.
– Alerts that are miscategorized.
Which report should you use for each requirement? (To answer, drag the appropriate reports to the correct requirements. Each report may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Explanation:
– The False positive and override report helps identify rules that were applied but did not generate an actual policy alert, which means they were overridden or deemed false positives.
– The DLP policy matches report provides details on files that matched DLP policies, including the top 10 files.
– The Incident reports report helps analyze and review alerts, including those that may have been miscategorized.
NEW QUESTION 23
……
Get the newest PassLeader SC-401 VCE dumps here: https://www.passleader.com/sc-401.html (72 Q&As Dumps)
And, DOWNLOAD the newest PassLeader SC-401 PDF dumps from Cloud Storage for free: https://drive.google.com/drive/folders/13683SpK3sRCjLQqgxAcbbmi8fxAV-smt