최신 SC-401 무료덤프 - Microsoft Administering Information Security in Microsoft 365
DRAG DROP
You have a Microsoft 365 subscription that contains 20 data loss prevention (DLP) policies.
You need to identify the following:
# Rules that are applied without triggering a policy alert
# The top 10 files that have matched DLP policies
# Alerts that are miscategorized
Which report should you use for each requirement? To answer, drag the appropriate reports to the correct requirements. Each report may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription that contains 20 data loss prevention (DLP) policies.
You need to identify the following:
# Rules that are applied without triggering a policy alert
# The top 10 files that have matched DLP policies
# Alerts that are miscategorized
Which report should you use for each requirement? To answer, drag the appropriate reports to the correct requirements. Each report may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
The False positive and override report helps identify rules that were applied but did not generate an actual policy alert, which means they were overridden or deemed false positives.
The DLP policy matches report provides details on files that matched DLP policies, including the top 10 files.
The Incident reports report helps analyze and review alerts, including those that may have been miscategorized.
HOTSPOT
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
You create the audit retention policies shown in the following table.
The users perform the following actions:
# User1 renames a Microsoft SharePoint Online site.
# User2 sends an email message.
How long will the audit log records be retained for each action? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
You create the audit retention policies shown in the following table.
The users perform the following actions:
# User1 renames a Microsoft SharePoint Online site.
# User2 sends an email message.
How long will the audit log records be retained for each action? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
The action "SiteRenamed" for SharePoint is covered under the AuditRetention4 policy, which applies to User1 and retains logs for 9 months.
The action "Send" for ExchangeItem is covered under the AuditRetention2 policy, but this policy applies only to User1. Since User2 is not covered under a specific policy, the default retention period for audit logs in Microsoft Purview is 90 days.
You have a Microsoft 365 E5 subscription.
You plan to implement Microsoft Purview insider risk management.
You implement the HR data connector.
You need to prepare the data that will be imported by the data connector.
In which format should you prepare the data?
You plan to implement Microsoft Purview insider risk management.
You implement the HR data connector.
You need to prepare the data that will be imported by the data connector.
In which format should you prepare the data?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
Which users will Microsoft Purview insider risk management flag as potential high-impact users?
Which users will Microsoft Purview insider risk management flag as potential high-impact users?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
You are creating a custom trainable classifier to Identify organizational product codes referenced in Microsoft
36S content. You identify 300 files to use as seed content When? should you store the seed content?
36S content. You identify 300 files to use as seed content When? should you store the seed content?
정답: B
You have a Microsoft 365 E5 subscription.
You need to identify documents that contain patent application numbers containing the letters PA followed by eight digits, for example, PA 12345678. The solution must minimize administrative effort.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to identify documents that contain patent application numbers containing the letters PA followed by eight digits, for example, PA 12345678. The solution must minimize administrative effort.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Box 1: Since you are looking for a specific pattern (PA followed by eight digits, e.g., PA 12345678), the best classification method is Sensitive Info Type. Sensitive Info Types allow pattern-based matching to identify structured data. Exact Data Match (EDM) is not needed because you're not comparing against a fixed dataset.
Trainable classifier is not appropriate because this is a structured pattern, not an unstructured document classification.
Box 2: Since PA 12345678 follows a structured pattern, the most effective method is Regular Expression (Regex). A Regular Expression (Regex) can be written to match "PA" followed by exactly eight digits (e.g., PA\s\d{8}). Keyword dictionary is not ideal because it works for predefined words, not number patterns.
Function is unnecessary because there is no need for checksum validation or predefined validation rules.
You implement Microsoft 36S Endpoint data loss pi event ion (Endpoint DIP).
You have computers that run Windows 11 and have Microsoft 365 Apps instated The computers are joined to a Microsoft Entra tenant.
You need to ensure that Endpoint DIP policies can protect content on the computers.
Solution: You onboard the computers to Microsoft Defender for Endpoint Does this meet the goal?
You have computers that run Windows 11 and have Microsoft 365 Apps instated The computers are joined to a Microsoft Entra tenant.
You need to ensure that Endpoint DIP policies can protect content on the computers.
Solution: You onboard the computers to Microsoft Defender for Endpoint Does this meet the goal?
정답: B
You have 4 Microsoft 565 E5 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2. You plan to configure a retention label named Labe1 and apply label1 to all the files in Site1 You need to ensure that two years after a file is created in Site1. the file moves automatically to Site2. How should you configure the Choose what happens after the retention period setting for Label1?
정답: B
You have a Microsoft 36S ES subscription.
You plan to use the Microsoft Purview portal to map human resources (HR) data for use with insider risk management policies.
You need to add a data connector to import the HR data.
What should you do first and in which format should you import the data? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to use the Microsoft Purview portal to map human resources (HR) data for use with insider risk management policies.
You need to add a data connector to import the HR data.
What should you do first and in which format should you import the data? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have a Microsoft 36S ES subscription.
You need to create the Microsoft Purview insider risk management policies shown in the following table.
Which policy template should you use for each policy? To answer, drag the appropriate policy templates to the correct polices Each template may be used once more than once or not at all. You may need to drag the split bar between panes or scroll to view..
You need to create the Microsoft Purview insider risk management policies shown in the following table.
Which policy template should you use for each policy? To answer, drag the appropriate policy templates to the correct polices Each template may be used once more than once or not at all. You may need to drag the split bar between panes or scroll to view..
정답:
Explanation:
