[2025年04月] を試そう!リアルSC-400問題集で100%無料SC-400試験問題集
SC-400のPDF問題集試験問題 有効なSC-400問題集
Microsoft SC-400認定試験は、今日の業界で最も人気のあるIT認定試験の1つです。組織内の機密データの保護を管理および維持する責任を負うIT専門家向けに特別に設計されています。この試験は、Microsoft Information Protection Technologiesを使用してデータ保護ソリューションを実装および管理するために必要なスキルと知識に焦点を当てています。
質問 # 76
You have a Microsoft 365 subscription that contains a user named User1.
You need to assign User1 permissions to search Microsoft Office 365 audit logs.
What should you use?
- A. the Microsoft Purview compliance portal
- B. the Azure Active Directory admin center
- C. the Microsoft 365 Defender portal
- D. the Exchange admin center
正解:D
質問 # 77
You have a Microsoft 365 subscription.
You create a retention label named Label! as shown in the following exhibit.
You publish Label1 to SharePoint sites.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
質問 # 78
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
The subscription contains the information barrier segments shown in the following table.
The subscription contains the Microsoft SharePoint Online sites shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
質問 # 79
You enable archive mailboxes for all the users at your company.
The Default MRM Policy is shown in the MRM exhibit.
A Microsoft 365 retention label policy is shown in the Label Policy exhibit.
You need to identify the following:
How many years until an email is archived?
What should you modify to change the retention period for archiving?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide#the-principles-of-retention-or-what-takes-precedence
質問 # 80
In Microsoft Exchange Online, you have a retention policy named Policy1 that applies a retention tag named Tag1.
You plan to remove Tag1 from Policy1.
What will occur when you remove the tag from Policy1?
- A. The content will remain tagged, but the Managed Folder Assistant will ignore Tag1.
- B. The content will remain tagged and the Managed Folder Assistant will process Tag1.
- C. Tag1 will be removed if Policy1 applied the tag to the content.
正解:B
解説:
Explanation/Reference:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/ retention-tags-and-policies#removing-or-deleting-a-retention-tag-from-a-retention-policy
質問 # 81
You have a Microsoft 365 tenant.
A retention hold is applied to all the mailboxes in Microsoft Exchange Online.
A user named User1 leaves your company, and the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to create a new user named User2 and provide User2 with access to the mailbox of User1.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/recover-an-inactive-mailbox?view=o365-worldwide
質問 # 82
You have a Microsoft 365 tenant.
You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters.
You need to implement a data loss prevention (DLP) solution that meets the following requirements:
* Email messages that contain a single customer identifier can be sent outside your company,
* Email messages that contain two or more customer identifiers must be approved by the company s data privacy team.
Which two components should you include in the solution? Each correct answer presents part of the solution.
NOTE Each correct selection is worth one point.
- A. a sensitive information type
- B. a retention label
- C. a DLP policy
- D. a mail flow rule
- E. a sensitivity label
正解:A、D
質問 # 83
You have a Microsoft SharePoint Online site named Site1 that contains the files shown in the following table.
You have a data loss prevention (DLP) policy named DLP1 that has the advanced DIP rules shown in the following table.
You apply DLP1 to Site1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No, NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
質問 # 84
You have a Microsoft 365 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.
You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).
Which devices support Endpoint DLP?
- A. Device1 and Device2 only
- B. Device3 and Device4 only
- C. Device 1, Device2, Device3, Device4, and Device5
- D. Device5 only
- E. Device2 only
正解:A
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide
質問 # 85
You need to ensure that documents in a Microsoft SharePoint Online site that contain a reference to Project Alpha are retained for two years, and then deleted.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct selection is worth one point.
- A. a sensitive info type
- B. a retention label
- C. a publishing label policy
- D. a sensitivity label
- E. an auto-apply label policy
- F. a retention policy
正解:B、E
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-retention-labels-automatically?view=o365Worldwide
質問 # 86
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
On January 1, you create the sensitivity label shown in the following table.
On January 2, you publish Label1 to User1.
On January 3, User1 creates a Microsoft Word document named Doc1 and applies Label1 to the document.
On January 4, User2 edits Doc1.
On January 15, you increase the content expiry period for Label1 to 28 days.
When will access to Doc1 expire for User2?
- A. January 25
- B. January 23
- C. January 31
- D. January 24
正解:A
質問 # 87
You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1.
Sensitivity1 adds a watermark and a header to content.
You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.
How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
質問 # 88
You plan to create a custom trainable classifier based on an organizational form template.
You need to identity which role based access control (RBAC ) role is required to create the trainable classifier and where to classifier. The solution must use the principle of least privilege.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 # 89
You have a Microsoft SharePoint Online site named Site1 that contains the files shown in the following table.
You have a data loss prevention (DLP) policy named DLP1 that has the advanced DIP rules shown in the following table.
You apply DLP1 to Site1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No, NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
質問 # 90
You have a Microsoft 365 E5 tenant that contains a sensitivity label named label1.
You plan to enable co-authoring for encrypted files.
You need to ensure that files that have label1 applied support co-authoring.
Which two settings should you modify? To answer, select the settings in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
Co-authoring and AutoSave aren't supported and don't work for labeled and encrypted Office documents that use any of the following configurations for encryption:
* Let users assign permissions when they apply the label and the checkbox In Word, PowerPoint, and Excel, prompt users to specify permissions is selected. This configuration is sometimes referred to as
"user-defined permissions".
* User access to content expires is set to a value other than Never.
* Double Key Encryption is selected.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-coauthoring?view=o365-worldwid
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/co-authoring-files-with-sensitivity-lab
質問 # 91
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You enroll the computers in Microsoft intune.
Does this meet the goal?
- A. No
- B. Yes
正解:A
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
質問 # 92
You have a Microsoft 365 E5 tenant and the Windows 10 devices shown in the following table.
To which devices can you apply Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings?
- A. Device1 only
- B. Device1 and Device2 only
- C. Device1, Device2, Device3, and Device4
- D. Device1 and Device3 only
- E. Device1, Device3, and Device4 only
正解:B
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
質問 # 93
You have a Microsoft 365 E5 subscription.
You plan to implement insider risk management for users that manage sensitive data associated with a project.
You need to create a protection policy for the users. The solution must meet the following requirements:
* Minimize the impact on users who are NOT part of the project.
* Minimize administrative effort.
What should you do first?
- A. From the Microsoft Entra admin center, create a User risk policy.
- B. From the Microsoft Entra admin center, create a security group.
- C. From the Microsoft Purview compliance portal, create an insider risk management policy.
- D. From the Microsoft Purview compliance portal, create a priority user group.
正解:D
質問 # 94
A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.
From the Cloud App Security portal, you discover the alert shown in the exhibit.
You restore the file from quarantine.
You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.
What should you do?
- A. Update the governance action.
- B. Assign the Global reader role to the file owners.
- C. Modify the policy template.
- D. Exclude file matching by using a regular expression.
正解:A
解説:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies#create-a-new-file-policy
質問 # 95
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You need to ensure that you receive an alert when a user uploads a document to a third-party cloud storage service.
What should you use?
- A. an insider risk policy
- B. an activity policy
- C. a sensitivity label
- D. a file policy
正解:D
質問 # 96
SIMULATION
Task 5
You need to ensure that a group named U.S. Sales can store files containing information subject to General Data Protection Regulation (GDPR) in their OneDrive accounts. All other current GDPR restrictions must remain in effect.
正解:
解説:
See the solution below in Explanation
Explanation:
To allow the U.S. Sales group to store files containing information subject to the General Data Protection Regulation (GDPR) in their OneDrive accounts while keeping other GDPR restrictions intact, follow these steps:
Create a Security Group:
Log in to the Microsoft 365 admin center.
Navigate to Groups and create a new security group called "U.S. Sales".
Configure OneDrive Sharing Settings:
Go to the Settings > Org settings page.
On the Services tab, select Microsoft 365 on the web.
Choose whether to let users open files stored in third-party storage services in Microsoft 365 on the web. Ensure this setting aligns with your organization's GDPR requirements1.
Set Specific Sharing Permissions:
Set the default OneDrive share type to "Specific People" under the Sharing menu in the OneDrive admin area.
Right-click the folder in OneDrive online, click Share.
Click the more button (three dots) in the Send Link header.
Click Manage Access.
Click Grant Access, then add the "U.S. Sales" security group. This access will apply only to that group2.
By following these steps, the U.S. Sales group will be able to store GDPR-related files in their OneDrive accounts while maintaining compliance with other GDPR restrictions
質問 # 97
Task 2
You discover that all users can apply the Confidential - Finance label.
You need to ensure that the Confidential - Finance label is available only to the members of the Finance Team group.
正解:
解説:
See the solution below in Explanation.
Explanation:
To restrict the Confidential - Finance label to only the members of the Finance Team group, follow these steps:
* Create a Sensitivity Label:
* Log in to the Microsoft Purview portal or the Microsoft Purview compliance portal as an admin.
* Navigate to Sensitivity labels and create a new label called "Confidential - Finance".
* Specify the appropriate settings for this label, including encryption, content markings, and permissions1.
* Configure Encryption Settings:
* When creating the label, ensure that you configure the encryption settings.
* Choose either to assign permissions now (where you determine exactly which users get which permissions) or allow users to assign permissions when they apply the label to content2.
* Assign the Label to the Finance Team Group:
* In the Microsoft Purview portal, go to the Groups section.
* Select the Finance Team group.
* Under Settings, choose Sensitivity labels.
* Add the "Confidential - Finance" label to this group.
* Only members of the Finance Team will now have access to this label3.
* Test the Configuration:
* Verify that only members of the Finance Team can apply the "Confidential - Finance" label to documents, emails, or other content.
質問 # 98
......
究極のSC-400無料準備ガイド最新のMicrosoft練習テスト問題集:https://www.goshiken.com/Microsoft/SC-400-mondaishu.html
今すぐゲットせよ!高評価Microsoft SC-400試験問題集:https://drive.google.com/open?id=12NP62lMrZB-cbtLQtxh0YfAdPIpMzSCG