CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-400

Free SC-400 Exam Braindumps (page: 31)

Page 30 of 76
PDF with 325 Questions

A compliance administrator recently created several data loss prevention (DLP) policies.

After the policies are created, you receive a higher than expected volume of DLP alerts.

You need to identify which rules are generating the alerts.

Which DLP report should you use?

  1. Third-party DLP policy matches
  2. DLP policy matches
  3. DLP incidents
  4. False positive and override

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide



HOTSPOT (Drag and Drop is not supported)
You have a Microsoft 365 tenant that uses data loss prevention (DLP) to protect sensitive information.

You create a new custom sensitive info type that has the matching element shown in the following exhibit.




The supporting elements are configured as shown in the following exhibit.



The confidence level and character proximity are configured as shown in the following exhibit.



For each of the following statements, select Yes if statement is true. Otherwise, select No

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Note: The regular expression has a starts with (^) and ends with ($) metacharacter and will not match any of the sentences. Without the starts with (^) metacharacter the first and second sentences would match and the supporting element (Employee ID) would be within 100 character proximity.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-custom-sensitive-information-type?view=o365-worldwide



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Cloud App Security portal, you create an app discovery policy.

Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

You can create app discovery policies to alert you when new apps are detected within your organization.
Use the unallowed apps list instead.


Reference:

https://docs.microsoft.com/en-us/cloud-app-security/cloud-discovery-policies

https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.

Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Folder path to the file path exclusions excludes certain paths and files from DLP monitoring.
Use the unallowed apps list instead.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide






Post your Comments and Discuss Microsoft SC-400 exam with other Community members: