Microsoft SC-400認証された練習解答、必ずあなたを試験合格させる![2022]
有効な合格方法Microsoft Certified: Information Protection Administrator AssociateのSC-400試験問題集
Microsoft SC-400 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
| トピック 9 |
|
質問 24
You are reviewing policies for the SharePoint Online environment.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
A screenshot of a computer Description automatically generated with low confidence
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
質問 25
You have a Microsoft 365 tenant that uses a domain named canstoso.com.
A user named User1 leaves your company. The mailbox of User1 is placed on Litigation Hold, and then the account of User1 is deleted from Azure Active Directory (Azure AD).
You need to copy the content of the User1 mailbox to a folder in the existing mailbox of another user named User2.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 26
You have a Microsoft 365 E5 tenant and the Windows 10 devices shown in the following table.
To which devices can you apply Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings?
- A. Device1 and Device3 only
- B. Device1 only
- C. Device1, Device3, and Device4 only
- D. Device1 and Device2 only
- E. Device1, Device2, Device3, and Device4
正解: D
解説:
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
質問 27
You plan to import a file plan to the Microsoft 365 compliance center.
Which object type can you create by importing a records management file plan?
- A. retention labels
- B. retention label policies
- C. sensitive info types
- D. sensitivity labels
正解: A
解説:
Explanation
File plan in Records management allows you to bulk-create retention labels by importing the relevant information from a spreadsheet.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/file-plan-manager?view=o365-worldwide
質問 28
You need to meet the retention requirement for the users' Microsoft 365 data.
What is the minimum number of retention policies that you should use?
- A. 0
- B. 1
- C. 2
- D. 3
- E. 4
正解: D
解説:
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
質問 29
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
- A. the policy. remove all the actions in DLP rule 1, and select Yes, turn it on right away.
- B. Edit the policy, and then select I'd like to test it out first.
- C. Edit the policy, remove all the actions in DIP rule 1, and select I'd like to test it out first
- D. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
正解: A
質問 30
You plan to create a custom sensitive information type that will use Exact Data Match (EDM).
You need to identify what to upload to Microsoft 365, and which tool to use for the upload.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 31
You have a Microsoft 365 E5 tenant.
You create sensitivity labels as shown in the Sensitivity Labels exhibit.
The Confidential/External sensitivity label is configured to encrypt files and emails when applied to content.
The sensitivity labels are published as shown in the Published exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
質問 32
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.) NOTE: Each correct selection is worth one point.
- A. Schedule EdmUploadAgent.exe to hash and upload a data file that contains employee information.
- B. Create a sensitive info type rule package that contains the EDM classification.
- C. Create a sensitive info type rule package that contains regular expressions.
- D. Define the sensitive information database schema in the CSV format.
- E. Define the sensitive information database schema in the XML format.
正解: A,B,E
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-custom-sensitive-information-types-withexact-data-match-based-classification?view=o365-worldwide
Topic 1, Fabrikam,
Cloud Environment
Fabrikam has a Microsoft 365 tenant that contains the following resources:
* An Azure Active Directory (Azure AD) tenant that syncs to an on-premises Active Directory domain named corp.fabrikam.com
* Microsoft Cloud App Security connectors configured for all supported cloud applications used by the company Some users have company Dropbox accounts.
Compliance Configuration
Fabrikam has the following in the Microsoft 365 compliance center:
* A data loss prevention (DLP) policy is configured. The policy displays a tooltip to users. Users can provide a business justification to override a DLP policy violation.
* The Azure information Protection unified labeling scanner is installed and configured.
* A sensitivity label named Fabrikam Confidential is configured.
An existing third-party records management system is managed by the compliance department.
Human Resources (HR) Management System
The HR department has an Azure SQL. database that contains employee information. Each employee has a unique 12-character alphanumeric ID. The database contains confidential employed attributes including payroll information, date of birth, and personal contact details.
On-premises Environment
You have an on premises file server that runs Windows Server 2019 and stores Microsoft Office documents in a shared folder named Data.
All end-user computers are joined to the corp.fabrinkam.com domain and run a third-party antimalware application.
Sales Contracts
Users in the sales department receive draft sales contracts from customers by email. The sales contracts are written by the customers and are not in a standard format.
Employment Applications
Employment applications and resumes are received by HR department managers and stored in either mailboxes, Microsoft SharePoint Online sites, OneDrive for Business folders, or Microsoft Segment Teams channels.
The employment application form is downloaded from SharePoint Online and a serial number is assigned to each application.
the resumes are written by the applications and in any format.
HR Requirements
You need to create a DLP policy that will notify the HR department of a DLP policy violation if a document that contains confidential employee attributes is shared externally. The DLP policy must use an Exact Data Match (EDM) classification derived from a CSV export of the HR department database.
The HR department identifies the following requirements for handling employment applications:
* Resumes must be identified automatically based on similarities to other resumes received in the past
* Employment applications and resumes must be deleted automatically two years after the applications are received.
* Documents and emails that contain an application serial number must be identified automatically and marked as an employment application.
Sales Requirements
A sensitivity label named Sales Contract must be applied automatically to all draft and finalized sales contracts.
Compliance Requirements
Fabrikam identifies the following compliance requirements:
* All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.
* Users in the compliance department must view the justification provided when a user receives a tooltip notification for a DLP violation.
* If a document that has the Fabrikam Confidential sensitivity label applied is uploaded to Dropbox. the file must be deleted automatically. - The Fabrikam Confidential sensitivity label must be applied to existing Microsoft Word documents in the Data shared folder that have a document footer containing the following string: Company use only.
* Users must be able to manually select that email messages are sent encrypted. The encryption will use Office 365 Message Encryption (OME) v2. Any email containing an attachment that has the Fabrikam Confidential sensitivity label applied must be encrypted automatically by using OME.
* Existing policies configured in the third-party records management system must be replaced by using Records management in the Microsoft 365 compliance center. The compliance department plans to export the existing policies, and then produce a CSV file that contains matching labels and policies that are compatible with records management in Microsoft 365. The CSV file must be used to configure records management in Microsoft 365.
Executive Requirements
You must be able to restore all email received by Fabrikam executives for up to three years after an email is received, even if the email was deleted permanently.
質問 33
You have a Microsoft SharePoint Online site that contains the following files.
Users are assigned roles for the site as shown in the following table.
Which files can User1 and User2 view? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://social.technet.microsoft.com/wiki/contents/articles/36527.implement-data-loss-prevention-dlp-in-sharepoint-online.aspx Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
質問 34
Your company has a Microsoft 365 tenant that uses a domain named contoso.
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable [email protected] from accessing the email.
What should you do?
- A. instruct User1 to select Remove external access from Microsoft Outlook on the web.
- B. Run the Get-MessageTrace Cmdlet.
- C. Run the New-ComplianceSearchAction cmdlet.
- D. Run the Set-OMEMessageRevocation Cmdlet.
- E. Instruct User1 to delete the email from her Sent Items folder from Microsoft Outlook.
正解: B
質問 35
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide
質問 36
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 37
You have the retention label policy shown in the Policy exhibit. (Click the Policy tab.)
Users apply the retention label policy to files and set the asset ID as shown in the following table.
On December 1. 2020. you create the event shown in the Event exhibit. (Click the Event tab.):
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 38
You have a Microsoft OneDrive for Business folder that contains the files shown in the following table.
In Microsoft Cloud App Security, you create a file policy to automatically apply a classification.
What is the effect of applying the policy?
- A. The policy will apply to all the files. The policy will classify only 100 files daily.
- B. The policy will apply to only the .docx and .txt files. The policy will classify the files immediately.
- C. The policy will apply to only the .docx and .txt files. The policy will classify the files within 24 hours.
- D. The policy will apply to only the .docx files. The policy will classify only 100 files daily.
正解: D
解説:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/azip-integration
質問 39
You have Microsoft 365 E5 tenant that has a domain name of M365x925027.onmicrosoft.com.
You have a published sensitivity label.
The Encryption settings for the sensitivity label are configured as shown in the exhibit.
For each of the following statements, select Yes if statement is true. Otherwise, select No NOTE: Each correct selection is worth one point.
正解:
解説:
Graphical user interface, text, application, email Description automatically generated
Box 1: Yes
When you create a sensitivity label, you can restrict access to content that the label will be applied to. Only users within your organization can open a confidential document or email.
Box 2: No
Assign permissions now has been selected.
Graphical user interface, text, application, email Description automatically generated
Box 3: No
Only co-author and co-owner can print.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-worldwide
https://docs.microsoft.com/en-us/azure/information-protection/configure-usage-rights
質問 40
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
- A. Admin1 only
- B. Admin1, Admin2, and Admin3 only
- C. Admin1, Admin2, Admin4, and Admin5 only
- D. Admin1 and Admin4 only
- E. Admin1 and Admin5 only
正解: D
解説:
Compliance Data Administrator, Compliance Administrator, and Security Administrator already have the required permissions to create the labels.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-sensitivity-labels?view=o365- worldwide#permissions-required-to-create-and-manage-sensitivity-labels
質問 41
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Build-in DLP inspection method and send alerts to Microsoft Power Automate.
Does this meet the goal?
- A. No
- B. Yes
正解: A
解説:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/dcs-inspection
https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies
質問 42
At the end of a project you upload project documents to a Microsoft SharePoint Online library that contains many fifes. Files that have the following naming format must be labeled as Project I
* aei_AA989.docx
* bd_WSOgadocx
* cei_DLF112-docx
* ebc_QQ4S4.docx
* ecc_BB565.docx
You plan to create an auto-apply retention label policy.
What should you use to identify the files, and which regular expression should you use? To answer, select the appropriate options in the answer area.
正解:
解説:
質問 43
You have a Microsoft SharePoint Online site named Site1 and a sensitivity label named Sensitivity1. Sensitivity1 adds a watermark and a header to content.
You create a policy to automatically apply Sensitivity1 to emails in Microsoft Exchange Online and Site1.
How will Sensitivity1 mark matching emails and Site1 documents? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide
質問 44
You have a Microsoft 365 subscription that uses Microsoft Exchange Online.
You need to receive an alert if a user emails sensitive documents to specific external domains.
What should you create?
- A. a data loss prevention (DLP) alert filter
- B. a data loss prevention (DLP) policy that uses the Privacy category
- C. a Microsoft Cloud App Security activity policy
- D. a Microsoft Cloud App Security file policy
正解: B
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-policy-reference?view=o365-worldwide
質問 45
You create a data loss prevention (DLP) policy. The Advanced DLP rules page is shown in the Rules exhibit.
The Review your settings page is shown in the review exhibit.
You need to review the potential impact of enabling the policy without applying the actions.
What should you do?
- A. Edit the policy, and then select I'd like to test it out first.
- B. Edit the policy, remove the Restrict access to the content and Send incident report to Administrator actions, and then select Yes, turn it on right away.
- C. Edit the policy, remove all the actions in DLP rule 1, and select Yes, turn it on right away.
- D. Edit the policy, remove all the actions in DLP rule 1, and select I'd like to test it out first.
正解: A
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-dlp-policy-from-a-template?view=o365-worldwide
質問 46
......
Microsoft SC-400事前試験練習テストはGoShiken:https://www.goshiken.com/Microsoft/SC-400-mondaishu.html
SC-400練習テスト問題、解答、解釈:https://drive.google.com/open?id=13QAlDmlx8GPNVrpZJ5Rp8_GcazVUjcvj