SC-400試験無料問題集「Microsoft Information Protection Administrator 認定」
A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.
From the Cloud App Security portal, you discover the alert shown in the exhibit.
You restore the file from quarantine.
You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.
What should you do?
From the Cloud App Security portal, you discover the alert shown in the exhibit.
You restore the file from quarantine.
You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.
What should you do?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have a Microsoft 365 E5 tenant.
You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.
What should you do first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.
What should you do first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.
You have a custom employee information form named Template l.docx.
You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template!.docx.
What should you use to create Sensitive1. and in which DIP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.
You have a custom employee information form named Template l.docx.
You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template!.docx.
What should you use to create Sensitive1. and in which DIP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.
正解:
Explanation:
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
On January 1, you create the sensitivity label shown in the following table.
On January 2, you publish Label1 to User1.
On January 3, User1 creates a Microsoft Word document named Doc1 and applies Label1 to the document.
On January 4, User2 edits Doc1.
On January 15, you increase the content expiry period for Label1 to 28 days.
When will access to Doc1 expire for User2?
On January 1, you create the sensitivity label shown in the following table.
On January 2, you publish Label1 to User1.
On January 3, User1 creates a Microsoft Word document named Doc1 and applies Label1 to the document.
On January 4, User2 edits Doc1.
On January 15, you increase the content expiry period for Label1 to 28 days.
When will access to Doc1 expire for User2?
正解:B
解答を投票する
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.
Solution: You create a retention policy.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You need to identify resumes that are stored in the subscription by using a built-in trainable classifier.
Solution: You create a retention policy.
Does this meet the goal?
正解:A
解答を投票する
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
正解:
See the solution below in Explanation.
* Create a Custom Content Type:
* Go to your SharePoint Online site.
* Click on Settings (gear icon) and select Site settings.
* Under Web Designer Galleries, choose Site content types.
* Create a new content type (e.g., "Product1 Classification") based on the Document parent content type.
* Add a custom column (e.g., "Classification") to this content type.
* Apply the Content Type to Document Libraries:
* Navigate to the document library where the files are stored.
* Click on Library settings.
* Under General Settings, select Advanced settings.
* Choose Yes for "Allow management of content types."
* Add your custom content type ("Product1 Classification") to the library.
* Manually Classify Files:
* Upload or edit a file in the library.
* In the file properties, select the Classification field and set it to "Product1."
* Permissions and Encryption:
* Ensure that all authenticated users have at least View permissions on the library.
* For encryption, SharePoint Online automatically encrypts files at rest using BitLocker disk-level encryption.
* Files classified as "Product1" will be encrypted and accessible only to authorized users.
* Create a Custom Content Type:
* Go to your SharePoint Online site.
* Click on Settings (gear icon) and select Site settings.
* Under Web Designer Galleries, choose Site content types.
* Create a new content type (e.g., "Product1 Classification") based on the Document parent content type.
* Add a custom column (e.g., "Classification") to this content type.
* Apply the Content Type to Document Libraries:
* Navigate to the document library where the files are stored.
* Click on Library settings.
* Under General Settings, select Advanced settings.
* Choose Yes for "Allow management of content types."
* Add your custom content type ("Product1 Classification") to the library.
* Manually Classify Files:
* Upload or edit a file in the library.
* In the file properties, select the Classification field and set it to "Product1."
* Permissions and Encryption:
* Ensure that all authenticated users have at least View permissions on the library.
* For encryption, SharePoint Online automatically encrypts files at rest using BitLocker disk-level encryption.
* Files classified as "Product1" will be encrypted and accessible only to authorized users.
Task 3
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
正解:
See the solution below in Explanation.
Explanation:
To create a label that adds a watermark of "Project Falcon" in red, size-12 font diagonally across the documents, follow these steps:
* Create a Sensitivity Label:
* Log in to the Microsoft Purview portal or the Microsoft Purview compliance portal as an admin.
* Navigate to Sensitivity labels and create a new label called "Project Falcon".
* Specify the appropriate settings for this label, including encryption, content markings, and permissions.
* Configure Content Markings (Watermark):
* When creating the label, configure the content markings section.
* Choose "Watermark" and set the text to "Project Falcon".
* Select the color as red and font size as 12.
* Set the watermark position to diagonal across the document.
* Assign the Label:
* Assign the "Project Falcon" label to the relevant documents within the Falcon project.
* Users who apply this label will automatically add the specified watermark to their documents.
Explanation:
To create a label that adds a watermark of "Project Falcon" in red, size-12 font diagonally across the documents, follow these steps:
* Create a Sensitivity Label:
* Log in to the Microsoft Purview portal or the Microsoft Purview compliance portal as an admin.
* Navigate to Sensitivity labels and create a new label called "Project Falcon".
* Specify the appropriate settings for this label, including encryption, content markings, and permissions.
* Configure Content Markings (Watermark):
* When creating the label, configure the content markings section.
* Choose "Watermark" and set the text to "Project Falcon".
* Select the color as red and font size as 12.
* Set the watermark position to diagonal across the document.
* Assign the Label:
* Assign the "Project Falcon" label to the relevant documents within the Falcon project.
* Users who apply this label will automatically add the specified watermark to their documents.
You have a Microsoft 365 subscription that uses an Azure AD tenant named contoso.com.
OneDrive stores files that are shared with external users. The files are configured as shown in the following table.
You create a data loss prevention (DLP) policy that applies to the content stored in OneDrive accounts. The policy contains the following three rules:
Rule1:
* Conditions: Label1. Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 0
Rule2:
* Conditions: Label! or Label2
* Actions: Restrict access to the content
* Priority: 1
Rule3:
* Conditions: Label2. Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
OneDrive stores files that are shared with external users. The files are configured as shown in the following table.
You create a data loss prevention (DLP) policy that applies to the content stored in OneDrive accounts. The policy contains the following three rules:
Rule1:
* Conditions: Label1. Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 0
Rule2:
* Conditions: Label! or Label2
* Actions: Restrict access to the content
* Priority: 1
Rule3:
* Conditions: Label2. Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
Site1 contains resumes saved as Microsoft Word documents. A new collection of resumes is loaded to Site1 every three months.
You plan to implement records management. The solution must meet the following requirements:
* The resumes must be retained for two years.
* The retention period must start at the end of the quarter during which the resumes were loaded.
* The resumes must have a retention label applied that identifies the documents as regulatory records.
You need to create a file plan in the CSV format that you will use to create the retention labels.
Which retention type should you specify in the file plan?
Site1 contains resumes saved as Microsoft Word documents. A new collection of resumes is loaded to Site1 every three months.
You plan to implement records management. The solution must meet the following requirements:
* The resumes must be retained for two years.
* The retention period must start at the end of the quarter during which the resumes were loaded.
* The resumes must have a retention label applied that identifies the documents as regulatory records.
You need to create a file plan in the CSV format that you will use to create the retention labels.
Which retention type should you specify in the file plan?
正解:A
解答を投票する
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
You need to implement insider risk management. The solution must meet the following requirements:
* Ensure that User1 can create insider risk management policies.
* Ensure that User2 can use content captured by using insider risk management policies.
* Follow the principle of least privilege.
To which role group should you add each user? To answer, drag the appropriate role groups to the correct users. Each role group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You need to implement insider risk management. The solution must meet the following requirements:
* Ensure that User1 can create insider risk management policies.
* Ensure that User2 can use content captured by using insider risk management policies.
* Follow the principle of least privilege.
To which role group should you add each user? To answer, drag the appropriate role groups to the correct users. Each role group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth is worth one point.
NOTE: Each correct selection is worth is worth one point.
正解:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
You have a Microsoft 365 tenant that uses data loss prevention (DLP).
You have a custom employee information form named Template 1.docx.
You need to create a classification rule package based on the document fingerprint of Templatel.docx.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You have a custom employee information form named Template 1.docx.
You need to create a classification rule package based on the document fingerprint of Templatel.docx.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.
You plan to create a communication compliance policy named Policy1.
You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.
Who should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to create a communication compliance policy named Policy1.
You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.
Who should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have a Microsoft 365 tenant.
You have a Microsoft SharePoint Online site that contains employment contracts in a folder named EmploymentContracts. All the files in EmploymentContracts are marked as records.
You need to recommend a process to ensure that when a record is updated, the previous version of the record is kept as a version of the updated record.
What should you recommend?
You have a Microsoft SharePoint Online site that contains employment contracts in a folder named EmploymentContracts. All the files in EmploymentContracts are marked as records.
You need to recommend a process to ensure that when a record is updated, the previous version of the record is kept as a version of the updated record.
What should you recommend?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Cloud App Security portal, you create an app discovery policy.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Cloud App Security portal, you create an app discovery policy.
Does this meet the goal?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)