Crack4sure Logo
We at Crack4sure are committed to giving students who are preparing for the Microsoft SC-400 Exam the most current and reliable questions . To help people study, we've made some of our Microsoft Information Protection Administrator exam materials available for free to everyone. You can take the Free SC-400 Practice Test as many times as you want. The answers to the practice questions are given, and each answer is explained.
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
Task 3
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth is worth one point.
You need to meet the technical requirements for the Site3 documents.
What should you create?
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
You need to meet the technical requirements for the confidential documents.
What should you created first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are reviewing policies for the SharePoint Online environment.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.
How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
You need to meet the technical requirements for the creation of the sensitivity labels. Which administrative users are currently missing the Sensitivity label administrator role?
You are evaluating the technical requirements for the DLP reports.
Which user can currently view the DLP reports?
You have a Microsoft 365 E5 tenant.
You create a data loss prevention (DLP) policy.
You need to ensure that the policy protects documents in Microsoft Teams chat sessions.
Which location should you enable in the policy?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Cloud App Security portal, you create an app discovery policy.
Does this meet the goal?
You have a Microsoft 365 E5 subscription that contains multiple data loss prevention (DLP) policies.
You need to identify which DLP rules include conditions that can trigger the DLP policies.
Which report should you use from the Microsoft Purview compliance portal?
You have a Microsoft SharePoint Online site that contains the following files.
Users are assigned roles for the site as shown in the following table.
Which files can User1 and User2 view? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
You need to recommend a solution that meets the sales requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to recommend a solution that meets the compliance requirements for Dropbox.
What should you recommend?
You need to implement a solution that meets the compliance requirements for the Windows 10 computers.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each coned selection is worth one point.
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip
justifications.
What should you recommend?
You need to recommend a solution that meets the executive requirements. What should you recommend?
You need to recommend a solution that meets the compliance requirements for Dropbox.
What should you recommend?
You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder. What should you recommend?
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)
NOTE: Each correct selection is worth one point.
You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.
What should you configure in the Microsoft Purview compliance portal?
You need to implement a solution to encrypt email. The solution must meet the compliance requirements.
What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.
What should you recommend?
You need to recommend an information governance solution that meets the HR requirements for handling employment applications and resumes.
What is the minimum number of information governance solution components that you should create? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has all locations selected.
Does this meet the goal?
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?
You have Microsoft 365 E5 tenant that has a domain name of M365x925027.onmicrosoft.com.
You have a published sensitivity label.
The Encryption settings for the sensitivity label are configured as shown in the exhibit.
For each of the following statements, select Yes if statement is true. Otherwise, select No
NOTE:Each correct selection is worth one point.
You have a Microsoft 365 ES subscription.
You plan to create a custom trainable classifier by uploading 1,000 machine-generated files as seed content.
The files have sequential names and are uploaded in one-minute intervals as shown in the following table.
Which files were processed first and last when you created the custom trainable classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain States passport numbers.
Users reports that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
You have a Microsoft 365 E5 subscription that uses Microsoft Purview.
You need to deploy a compliance solution that will detect the accidental oversharing of information outside of an organization. The solution must minimize administrative effort.
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant that uses data loss prevention (DLP).
You have a custom employee information form named Template 1.docx.
You need to create a classification rule package based on the document fingerprint of Templatel.docx.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
While creating a retention label, you discover that the Mark items as a regulatory record option is unavailable.
You need to ensure that the option is available when you create retention labels in the Microsoft Purview compliance portal.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has only the Exchange email location selected.
Does this meet the goal?
You have a Microsoft 365 tenant that uses the following sensitivity labels:
* Confidential
* Internal
* External
The labels are published by using a label policy named Policy1.
Users report that Microsoft Office for the wen apps do not display the Sensitivity button. The Sensitivity button appears in Microsoft 365 Apps that are installed locally.
You need to ensure that the users can apply sensitivity labels to content when they use Office for the web apps.
Solution: You run the Execute-AzureAdLabelSync cmdlet.
Does this meet the goal?
You have a Microsoft 365 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.
You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).
Which devices support Endpoint DLP?
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
You need to onboard the devices to Microsoft Purview. The solution must ensure that you can apply Endpoint data loss prevention (Endpoint DLP) policies to the devices. What can you use to onboard each device? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant.
A retention hold is applied to all the mailboxes in Microsoft Exchange Online.
A user named User1 leaves your company, and the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to create a new user named User2 and provide User2 with access to the mailbox of User1.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
Your company has a Microsoft 365 tenant.
The company performs annual employee assessments. The assessment results are recorded in a document named Assessment I cmplatc.docx that is created by using Microsoft Word template. Copies of the employee assessments are sent to employees and their managers. The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.
You need to create a data loss prevention (DLP) policy that prevents the employee assessments frombeing emailed to external users. You will use a document fingerprint to identify the assessment documents.
What should you include in the solution?
You need to create a retention policy to delete content after seven years from the following locations:
Exchange email
SharePoint sites
OneDrive accounts
Office 365 groups
Teams channel messages
Teams chats
What is the minimum number of retention policies that you should create?
Your company has a Microsoft 365 tenant that uses a domain named contoso.
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable user2@fabrikam.com from accessing the email.
What should you do?
You have the files shown in the following table.
You configure a retention policy as shown in the exhibit.
The start of the retention period is based on when items are created. The current date is January 01, 2021.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE:Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
You need to prevent users from uploading data loss prevention (DLP)-protected documents to the following third-party websites;
• web1.contoso.com
• web2.contoso.com
The solution must minimize administrative effort.
To what should you set the Service domains setting for Endpoint DLP?
You have a Microsoft 365 tenant that has a retention label policy. You need to configure the policy tomeetthe following requirements:
• Prevent the disabling or deletion of thepolicy.
• Ensure that new labels can De added.
• Prevent the removal of labels.
Whatshould you do?
TESTED 28 Feb 2026
