Free SC-900 Exam Braindumps (page: 8)

Page 7 of 56

DRAG DROP (Drag and Drop is not supported)
You are evaluating the compliance score in Microsoft Purview Compliance Manager.
Match the compliance score action subcategories to the appropriate actions.

To answer, drag the appropriate action subcategory from the column on the left to its action on the right. Each action subcategory may be used once, more than once, or not at all.

NOTE: Each correct match is worth one point.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Preventative
Preventative actions address specific risks. For example, protecting information at rest using encryption is a preventative action against attacks and breaches. Separation of duties is a preventative action to manage conflict of interest and guard against fraud.

Box 2: Detective
Detective actions actively monitor systems to identify irregular conditions or behaviors that represent risk, or that can be used to detect intrusions or breaches. Examples include system access auditing and privileged administrative actions. Regulatory compliance audits are a type of detective action used to find process issues.

Box 3: Corrective
Corrective actions try to keep the adverse effects of a security incident to a minimum, take corrective action to reduce the immediate effect, and reverse the damage if possible. Privacy incident response is a corrective action to limit damage and restore systems to an operational state after a breach.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-score-calculation



HOTSPOT (Drag and Drop is not supported)
Select the answer that correctly completes the sentence.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Sign in to Compliance Manager
Go to the Microsoft Purview compliance portal and sign in with your Microsoft 365 global administrator account.
Select Compliance Manager on the left navigation pane. You'll arrive at your Compliance Manager dashboard.

The direct link to access Compliance Manager is https://compliance.microsoft.com/compliancemanager

Note: Microsoft 365 compliance is now called Microsoft Purview and the solutions within the compliance area have been rebranded.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-setup



HOTSPOT (Drag and Drop is not supported)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Yes
Microsoft Secure Score has updated improvement actions to support security defaults in Azure Active Directory, which make it easier to help protect your organization with pre-configured security settings for common attacks.

If you turn on security defaults, you'll be awarded full points for the following improvement actions:

Ensure all users can complete multi-factor authentication for secure access (9 points)
Require MFA for administrative roles (10 points)
Enable policy to block legacy authentication (7 points)

Box 2: Yes
Each improvement action is worth 10 points or less, and most are scored in a binary fashion. If you implement the improvement action, like create a new policy or turn on a specific setting, you get 100% of the points. For other improvement actions, points are given as a percentage of the total configuration.

Note: Following the Secure Score recommendations can protect your organization from threats. From a centralized dashboard in the Microsoft 365 Defender portal, organizations can monitor and work on the security of their Microsoft 365 identities, apps, and devices.

Box 3: Yes
Microsoft Secure Score is a measurement of an organization's security posture, with a higher number indicating more improvement actions taken.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender/microsoft-secure-score



Which compliance feature should you use to identify documents that are employee resumes?

  1. pre-trained classifiers
  2. Activity explorer
  3. eDiscovery
  4. Content explorer

Answer(s): A

Explanation:

Microsoft Information Protection - Trainable Classifiers
Leverage user-friendly, pre-trained or trainable Machine Learning classifiers to identify various types of content in your organization.

Microsoft provides a list of classifiers which are pre-trained (based on sample documents like Legal, Finance, Manufacturing, Supply Chain etc.) and use Machine Learning to identify the classification of the documents in user-configured target locations.

Incorrect:
Not B: How is activity explorer helpful to a compliance administrator?
Activity explorer provides a historical view of activities on your labeled content. The activity information is collected from the Microsoft 365 unified audit logs, transformed, and made available in the Activity explorer UI.

Creating a custom trainable classifier first involves giving it samples that are human picked and positively match the category.

Not C: Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases.

Not D: Content explorer shows a current snapshot of the items that have a sensitivity label, a retention label or have been classified as a sensitive information type in your organization.


Reference:

https://www.infotechtion.com/post/microsoft-trainable-classifiers






Post your Comments and Discuss Microsoft SC-900 exam with other Community members:

SC-900 Discussions & Posts