Pass the Microsoft Certified: Information Security Administrator Associate SC-401 Questions and answers with Dumpstech

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you assign the Sensitivity Label Administrator role?

HOTSPOT

You need to meet the technical requirements for the confidential documents.

What should you create first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

HOTSPOT

You are reviewing policies for the SharePoint Online environment.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that uses Microsoft Purview insider risk management and contains three users named User1, User2, and User3.

All insider risk management policies have adaptive protection enabled and the default conditions for insider risk levels configured.

The users perform the following activities, which trigger insider risk policy alerts:

User1 performs at least one data exfiltration activity that results in a high severity risk score.

User2 performs at least three risky user activities within seven days, that each results in a high severity risk score.

User3 performs at least bwo data exfiltration activities within seven days, that each results in a high severity risk score.

Which insider risk level is assigned to each user? To answer, drag the appropriate levels to the correct users. Each level may be used once, more than once, or not at all. You may need to drag the split bar between panes or seroll to view content.

NOTE: Each correct selection is worth one point.

You implement Microsoft 36S Endpoint data loss pi event ion (Endpoint DIP).

You have computers that run Windows 11 and have Microsoft 365 Apps instated The computers are joined to a Microsoft Entra tenant.

You need to ensure that Endpoint DIP policies can protect content on the computers.

Solution: You onboard the computers to Microsoft Defender for Endpoint.

Does this meet the goal?

HOTSPOT

You have a Microsoft 365 E5 subscription that uses Microsoft Purview.

You need ensure that an incident will be generated when a user visits a phishing website.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 tenant.

You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters.

You need to implement a data loss prevention (DLP) solution that meets the following requirements:

● Email messages that contain a single customer identifier can be sent outside your company.

● Email messages that contain two or more customer identifiers must be approved by the company ' s data privacy team.

Which two components should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

Solution: You run the Set-Mailbox -Identity " User1 " -AuditEnabled $true command.

Does that meet the goal?

You have a Microsoft 365 subscription.

You have a Microsoft SharePoint Online site named Site1. Site1 has a document library that contains the files shown in the following table.

From the Microsoft Purview compliance portal, for Site1 you create a content search named Search1 that has the date in the YYYY-MM-DD format as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription.

You have a user named User1 Several users have full access to the mailbox of User1.

Some email messages sent to User 1 appeal to have been read and deleted before the user viewed them

When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User l. the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

Solution: You run the Set-AuditConfig -Workload Exchange command.

Does that meet the goal?