Summer Special Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: spcl70

Practice Free SC-401 Administering Information Security in Microsoft 365 Exam Questions Answers With Explanation

We at Crack4sure are committed to giving students who are preparing for the Microsoft SC-401 Exam the most current and reliable questions . To help people study, we've made some of our Administering Information Security in Microsoft 365 exam materials available for free to everyone. You can take the Free SC-401 Practice Test as many times as you want. The answers to the practice questions are given, and each answer is explained.

Question # 6

You create a sensitivity label as shown in the Sensitivity Label exhibit. (Click the Sensitivity Label tab.)

SC-401 question answer

You create an auto-labeling policy as shown in the Auto Labeling Policy exhibit. (Click the Auto Labeling Policy tab.)

SC-401 question answer

A user sends the following email:

SC-401 question answer

Both attachments contain lists of IP addresses.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 7

You implement Microsoft 365 Endpoint data loss prevention (Endpoint DIP).

You have computers that run Windows 11 and have Microsoft 365 Apps instated. The computers are joined to a Microsoft Entra tenant

You need to ensure that Endpoint DIP policies can protect content on the computers.

Solution: You deploy the Endpoint DLP configuration package to the computers.

Does this meet the goal?

A.

Yes

B.

No

Question # 8

You are configuring a data loss prevention (DLP) policy to report when credit card data is found on a Microsoft Entra joined Windows device.

You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.

What should you configure in the policy advanced DLP rule?

A.

an action

B.

the incident report

C.

user notifications

D.

user overrides

Question # 9

HOTSPOT

How many files in Site2 can User1 and User2 access after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 10

You have a Microsoft 365 subscription. You create a retention policy and apply the policy to Exchange Online mailboxes.

You need to ensure that the retention policy tags can be assigned to mailbox items as soon as possible.

What should you do?

A.

From Exchange Online PowerShell. run Start-ManagedFolderAssistant.

B.

From the Microsoft Purview portal, create a data loss prevention (DLP) policy.

C.

From the Microsoft Purview portal, create a label policy.

D.

From Exchange Online PowerShell, run start -RetentionAutoTagLearning.

Question # 11

You have a Microsoft 365 E5 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.

SC-401 question answer

You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).

Which devices support Endpoint DLP?

A.

Device1 only

B.

Device1 and Device2 only

C.

Device1 and Device4 only

D.

Device1, Device2, and Device4 only

E.

Device1, Device2, Device3, and Device4

Question # 12

You have a Microsoft 365 E5 subscription that uses Microsoft Exchange Online and Teams.

You need to ensure that when a user sends a message containing a cloud attachment, a retention label is applied to the cloud attachment by using an auto-labeling policy.

How should you configure the retention labe1 to start the retention period, and to which locations should you apply the auto-labeling policy? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 13

You have a Microsoft 365 ES subscription.

A security manager receives an email message every time a data loss prevention (DIP) policy match occurs. You need to limit alert notifications to actionable DLP events. What should you do?

A.

From the Microsoft Defender portal, apply a filter to the alerts.

B.

From the Microsoft Purview portal, modify the Policy Tips settings of a DLP policy.

C.

From the Microsoft Purview portal, modify the matched activities threshold of an alert policy.

D.

From the Microsoft Purview portal, modify the User overrides settings of a DLP policy.

Question # 14

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the users shown in the following table.

SC-401 question answer

You have a data loss prevention (DLP) policy named DLP1 as shown in the following exhibit.

SC-401 question answer

You apply DLP1 to Site1.

User1 uploads a file named File1 to Site1. File1 does NOT match any of the DLP1 rules. User2 updates File1 to contain data that matches the DLP1 rules.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 15

You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.

SC-401 question answer

You have a custom employee information form named Template1 .docx.

You plan to create a sensitive info type named Sensitive! that will use the document fingerprint from Template1.docx.

What should you use to create Sensitive1, and in which DLP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 16

You have a Microsoft 365 E5 subscription that contains a retention policy named RP1 as shown in the following table.

SC-401 question answer

You place a preservation lock on RP1.

You need to modify RP1.

Which two modifications can you perform? Each correct answer presents part of the solution.

NOTE : Each correct selection is worth one point.

A.

Add locations to the policy.

B.

Delete the policy.

C.

Remove locations from the policy.

D.

Decrease the retention period of the policy.

E.

Disable the policy.

F.

Increase the retention period of the policy.

Question # 17

You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit. (Click the Rules tab.)

SC-401 question answer

The Review your settings page is shown in the Review exhibit. (Click the Review tab.)

SC-401 question answer

You need to review the potential impact of enabling the policy without applying the actions. What should you do?

A.

Edit the policy, remove all the actions in DLP rule 1, and select I ' d like to test it out first

B.

Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away

C.

Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away

D.

Edit the policy, and then select I ' d like to test it out first

Question # 18

You have a Microsoft 365 £5 subscription.

You need to prevent the sharing of sensitive information in Microsoft Teams.

Which entities can you protect by applying a data loss prevention (DLP) policy to each resource? To answer, drag the appropriate activities to the correct entity. Each activity may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE; Each correct selection is worth one point.

SC-401 question answer

Question # 19

You have a Microsoft SharePoint Online site named Site! that contains the files shown in the following table.

SC-401 question answer

You have a data loss prevention (DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.

SC-401 question answer

You apply DLP1 toSite1.

Which policy tips will appear for File2?

A.

Tip1 only

B.

Tip2 only

C.

Tip3 only

D.

Tip1 and Tip2 only

Question # 20

You have a Microsoft 365 E5 subscription that uses retention label policies.

You need to identify all the changes made to retention labels during the last 30 days.

What should you use in the Microsoft Purview portal?

A.

Reports

B.

Activity explorer

C.

User data search

D.

Content search

Question # 21

You have a Microsoft 365 subscription that uses Microsoft Purview.

You need to investigate the following events:

• Events that occurred two months ago

• Events in which users accessed encrypted email by using a one-time passcode (OTP)

Which Microsoft Purview solution should you use, and which type of record should you query? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 22

You are planning a data loss prevention (DLP) solution that will apply to Windows Client computers.

You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:

? If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.

? All other users must be blocked from copying the file.

What should you create?

A.

one DLP policy that contains one DLP rule

B.

one DLP policy that contains two DLP rules

C.

two DLP policies that each contains one DLP rule

Question # 23

HOTSPOT

You need to meet the technical requirements for the confidential documents.

What should you create first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 24

You create a retention label policy named Contoso_Policy that contains the following labels:

• 10 years then delete

• 5 years then delete

• Do not retain

Contoso.Policy is applied to content in Microsoft SharePoint Online sites.

After a couple of days, you discover the following messages on the Properties page of the label policy:

• Status: Off (Error)

• It ' s taking longer than expected to deploy the policy

You need to reinitiate the policy.

How should you complete the command? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 25

You have a Microsoft 365 tenant

You need to create a new sensitive into type for items that contain the following:

• An employee ID number that consists of the hire date of the employee followed by a three digit number

• The words " Employee " , " ID " , or " Identification " within 300 characters of the employee ID number

What should you use for the primary and secondary elements? To answer, select the appropriate options m the answer area

NOTE: Each correct selection is worth one point

SC-401 question answer

Question # 26

You need to test Microsoft Purview Advanced Message Encryption capabilities for your company. The test must verify the following information:

• The acquired default template names

• The encryption and decryption verification status

Which PowerShell cmdlet should you run?

A.

Test-OAuthConnectivity

B.

Test-ClientAccessRule

C.

Test-IRMConfiguration

D.

Test-Mailflow

Question # 27

You have a Microsoft S65 E5 subscription that contains two users named User! and Admin1 Admin1 manages audit retention policies for the subscription.

You need to ensure that the audit logs of User1 will be retained for 10 years.

What should you do first?

A.

Assign a Microsoft Purview Audit (Premium) add on license to User1.

B.

Assign a 10 year audit log retention add-on license to Admin1.

C.

Assign a 10-year audit log retention add-on license to User1.

D.

Assign a Microsoft Purview Audit (Premium) add-on license to Admin1.

Question # 28

You have a Microsoft 365 subscription.

You create a retention label named Label1 as shown in the following exhibit.

SC-401 question answer

You publish Label! to SharePoint sites.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 29

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers are onboarded to Microsoft Purview.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft Defender for Cloud Apps, you mark the application as Unsanctioned.

Does this meet the goal?

A.

Yes

B.

No

Question # 30

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you assign the Sensitivity Label Administrator role?

A.

Admin1 only

B.

Admin1 and Admin4 only

C.

Admin1 and Admin5 only

D.

Admin1, Admin2, and Admin3 only

E.

Admin1, Admin2, Admin4, and Admin5 only

Question # 31

HOTSPOT

You are reviewing policies for the SharePoint Online environment.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 question answer

Question # 32

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

SC-401 question answer

Question # 33

You need to meet the retention requirement for the users ' Microsoft 365 data.

What is the minimum number of retention policies required to achieve the goal?

A.

1

B.

2

C.

3

D.

4

E.

6

SC-401 PDF

$42

$139.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

SC-401 PDF + Testing Engine

$57

$189.99

3 Months Free Update

  • Exam Name: Administering Information Security in Microsoft 365
  • Last Update: Jul 10, 2026
  • Questions and Answers: 223
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

SC-401 Engine

$48

$159.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included