Microsoft Information Protection Administrator SC-400 Exam Practice Test

A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.

From the Cloud App Security portal, you discover the alert shown in the exhibit.

You restore the file from quarantine.

You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.

What should you do?

You have a Microsoft 365 tenant that uses 100 data loss prevention (DLP) policies.

A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations.

You need to recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy.

Which report should you recommend?

You have a Microsoft 365 E3 subscription.

You plan to assess compliance with ISO/IEC 27001:2013.

From Compliance Manager, you discover that the ISO/IEC 27001:2013 regulatory template for Microsoft 365 is inactive.

What should you do?

You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.

You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:

* If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.

* All other users must be blocked from copying the file.

What should you create?

You have a Microsoft 365 tenant that has a retention label policy. You need to configure the policy to meet the following requirements:

* Prevent the disabling or deletion of the policy.

* Ensure that new labels can De added.

* Prevent the removal of labels.

What should you do?

You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

YOU run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminiAuditLogCmdlets "Mailbox* command.

Does that meet the goal?

You have a Microsoft 365 tenant that uses the following sensitivity labels:

* Confidential:

* Internal

* External

The labels are published by using a label policy named Policy1.

Users report that Microsoft Office for the web apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.

You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.

What should you do?