SC-400試験無料問題集「Microsoft Information Protection Administrator 認定」
You need to ensure that documents in a Microsoft SharePoint Online site that contain a reference to Project Alpha are retained for two years, and then deleted.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct selection is worth one point.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct selection is worth one point.
正解:B,D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide
SIMULATION
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
* The users must be able to apply a classification of Product1 to the files.
* Any authenticated user must be able to open files classified as Product1.
* files classified as Product1 must be encrypted.
正解:
See the solution below in Explanation
Explanation:
Create a Custom Content Type:
Go to your SharePoint Online site.
Click on Settings (gear icon) and select Site settings.
Under Web Designer Galleries, choose Site content types.
Create a new content type (e.g., "Product1 Classification") based on the Document parent content type.
Add a custom column (e.g., "Classification") to this content type.
Apply the Content Type to Document Libraries:
Navigate to the document library where the files are stored.
Click on Library settings.
Under General Settings, select Advanced settings.
Choose Yes for "Allow management of content types."
Add your custom content type ("Product1 Classification") to the library.
Manually Classify Files:
Upload or edit a file in the library.
In the file properties, select the Classification field and set it to "Product1." Permissions and Encryption:
Ensure that all authenticated users have at least View permissions on the library.
For encryption, SharePoint Online automatically encrypts files at rest using BitLocker disk-level encryption.
Files classified as "Product1" will be encrypted and accessible only to authorized users.
Explanation:
Create a Custom Content Type:
Go to your SharePoint Online site.
Click on Settings (gear icon) and select Site settings.
Under Web Designer Galleries, choose Site content types.
Create a new content type (e.g., "Product1 Classification") based on the Document parent content type.
Add a custom column (e.g., "Classification") to this content type.
Apply the Content Type to Document Libraries:
Navigate to the document library where the files are stored.
Click on Library settings.
Under General Settings, select Advanced settings.
Choose Yes for "Allow management of content types."
Add your custom content type ("Product1 Classification") to the library.
Manually Classify Files:
Upload or edit a file in the library.
In the file properties, select the Classification field and set it to "Product1." Permissions and Encryption:
Ensure that all authenticated users have at least View permissions on the library.
For encryption, SharePoint Online automatically encrypts files at rest using BitLocker disk-level encryption.
Files classified as "Product1" will be encrypted and accessible only to authorized users.
You create a retention policy as shown in the following exhibit.
A user named User1 deletes a file named File1.docx from a Microsoft SharePoint Online site named Site1.
A user named User2 deletes an email and empties the Deleted Items folder in Microsoft Outlook.
Where is the content retained one year after deletion? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A user named User1 deletes a file named File1.docx from a Microsoft SharePoint Online site named Site1.
A user named User2 deletes an email and empties the Deleted Items folder in Microsoft Outlook.
Where is the content retained one year after deletion? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
You have a Microsoft 365 subscription.
You create a retention label named Label! as shown in the following exhibit.
You publish Label1 to SharePoint sites.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You create a retention label named Label! as shown in the following exhibit.
You publish Label1 to SharePoint sites.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1 and a user named User1. The tenant has auditing enabled You need to ensure that User! can perform disposition reviews. The solution must use the principle of the least privilege What should you do?
正解:A
解答を投票する
Your company has a Microsoft 365 tenant that uses a domain named contoso.
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable [email protected] from accessing the email.
What should you do?
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable [email protected] from accessing the email.
What should you do?
正解:A
解答を投票する
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
YOU run the Set-Mailbox -Identity "User1" -AuditEnabled $true command.
Does that meet the goal?
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
YOU run the Set-Mailbox -Identity "User1" -AuditEnabled $true command.
Does that meet the goal?
正解:B
解答を投票する
A compliance administrator recently created several data loss prevention (DLP) policies.
After the policies are created, you receive a higher than expected volume of DLP alerts.
You need to identify which rules are generating the alerts.
Which DLP report should you use?
After the policies are created, you receive a higher than expected volume of DLP alerts.
You need to identify which rules are generating the alerts.
Which DLP report should you use?
正解:C
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
SIMULATION
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
正解:
See the solution below in Explanation
Explanation:
To block users from sending emails containing information subject to the Payment Card Industry Data Security Standard (PCI DSS), you can create a Data Loss Prevention (DLP) policy in Microsoft Exchange Online. Here's how:
Create a Custom DLP Policy:
Log in to the Microsoft Exchange Online admin center.
Navigate to Data loss prevention > Policy.
Create a new custom policy specifically for PCI DSS compliance.
Define Conditions:
In the policy settings, define conditions that identify sensitive data related to PCI DSS. For example:
Keywords: Include terms like "credit card," "debit card," or specific card number formats.
Regular Expressions (Regex): Craft expressions to match credit card patterns (e.g., \b\d{4}-\d{4}-\d{4}-\d{4}\b for Visa/Mastercard).
Sensitive Information Types: Use built-in or custom sensitive information types related to payment cards.
Choose Actions:
Specify the actions to take when sensitive data is detected in emails:
Block: Prevent the email from being sent.
Notify Sender: Inform the sender that sensitive data is not allowed via email.
Add Disclaimer/Watermark: Optionally add a disclaimer or watermark to the email.
Apply the Policy to Emails Only:
Ensure that the policy is configured to apply only to emails (not other communication channels).
Exclude internal communication if necessary.
Test and Monitor:
Enable the policy in test mode initially to validate its effectiveness.
Monitor logs and adjust the policy as needed.
Explanation:
To block users from sending emails containing information subject to the Payment Card Industry Data Security Standard (PCI DSS), you can create a Data Loss Prevention (DLP) policy in Microsoft Exchange Online. Here's how:
Create a Custom DLP Policy:
Log in to the Microsoft Exchange Online admin center.
Navigate to Data loss prevention > Policy.
Create a new custom policy specifically for PCI DSS compliance.
Define Conditions:
In the policy settings, define conditions that identify sensitive data related to PCI DSS. For example:
Keywords: Include terms like "credit card," "debit card," or specific card number formats.
Regular Expressions (Regex): Craft expressions to match credit card patterns (e.g., \b\d{4}-\d{4}-\d{4}-\d{4}\b for Visa/Mastercard).
Sensitive Information Types: Use built-in or custom sensitive information types related to payment cards.
Choose Actions:
Specify the actions to take when sensitive data is detected in emails:
Block: Prevent the email from being sent.
Notify Sender: Inform the sender that sensitive data is not allowed via email.
Add Disclaimer/Watermark: Optionally add a disclaimer or watermark to the email.
Apply the Policy to Emails Only:
Ensure that the policy is configured to apply only to emails (not other communication channels).
Exclude internal communication if necessary.
Test and Monitor:
Enable the policy in test mode initially to validate its effectiveness.
Monitor logs and adjust the policy as needed.
You have a Microsoft 365 E5 tenant that uses a domain named contoso.com.
A user named User1 sends link-based, branded emails that are encrypted by using Microsoft Office 365 Advanced Message Encryption to the recipients shown in the following table.
For which recipients can User1 revoke the emails?
A user named User1 sends link-based, branded emails that are encrypted by using Microsoft Office 365 Advanced Message Encryption to the recipients shown in the following table.
For which recipients can User1 revoke the emails?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have a Microsoft 365 subscription that contains a sensitivity label named Contoso Confidential.
You publish Contoso Confidential to all users.
Contoso Confidential is configured as shown in the Configuration exhibit. (Click the Configuration tab.)
The Encryption settings of Contoso Confidential are configured as shown in the Encryption exhibit. (Click the Encryption tab.)
For each of the following statements, select Yes if the statement is true Otherwise, select No NOTE: Each correct selection is worth one point
You publish Contoso Confidential to all users.
Contoso Confidential is configured as shown in the Configuration exhibit. (Click the Configuration tab.)
The Encryption settings of Contoso Confidential are configured as shown in the Encryption exhibit. (Click the Encryption tab.)
For each of the following statements, select Yes if the statement is true Otherwise, select No NOTE: Each correct selection is worth one point
正解:
You have a Microsoft 365 E5 subscription that contains four Microsoft SharePoint Online sites named Site1, Site2, Site3, and Site4.
You have the retention policies shown in the following table.
You have the documents shown in the following table.
User1 moves Doc3 to Site4.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have the retention policies shown in the following table.
You have the documents shown in the following table.
User1 moves Doc3 to Site4.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
