Free Access Microsoft.SC-401.v2026-03-16.q215 Practice Test (Page 37)

Question 176

SIMULATION
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and select the username below.
To enter your password, place your cursor in the Enter password box and select the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: XXXXXXXXX
If the Microsoft Edge browser or Microsoft 365 portal does not load successfully, select the Microsoft Edge browser icon from the task bar, type the URL "https://admin.microsoft.com", and press Enter.
The following information is for technical support purposes only:
Lab Instance: XXXXXXXXX
Task 5
You need to simulate applying the Confidential - Finance label to all the content in the Exchange emails, the SharePoint sites, and the OneDrive accounts that contain the Credit Card Number sensitive info type.

Correct Answer:

Simulation mode is supported for auto-labeling policies and woven into the workflow. You can't automatically label documents and emails until your policy has run at least one simulation.
Workflow for an auto-labeling policy:
1. Create and configure an auto-labeling policy.
2. Run the policy in simulation mode, which can take 12 hours to complete. The completed simulation triggers an email notification that's sent to the user configured to receive activity alerts.
3. Review the results, and if necessary, refine your policy.
4. Repeat step 3 as needed.
5. Deploy in production.
--
Creating an auto-labeling policy
Step 1: Sign in to the Microsoft Purview portal > Solutions > Information Protection > Policies > Auto-labeling policies.
Step 2: Select + Create auto-labeling policy. This starts the New policy configuration:

Step 3: For the Choose a label to auto-apply page: Select + Choose a label, select a label from the Choose a sensitivity label pane, and then select Next.
Step 4: For the page Choose info you want this label applied to: Select one of the templates, such as Financial or Privacy [Select Confidential - Finance label]. You can refine your search by using the search or dropdown box for countries or regions. Or, select Custom policy if the templates don't meet your requirements. Select Next.
Step 5: For the page Name your auto-labeling policy: Provide a unique name, and optionally a description to help identify the automatically applied label, locations, and conditions that identify the content to label.
Step 6: For the page Assign admin units: [Keep default]
If you don't want to restrict the policy by using administrative units, or your organization hasn't configured administrative units, keep the default of Full directory.
Step 7: For the page Choose locations where you want to apply the label: Select and specify locations for Exchange, SharePoint, and OneDrive.

Step 8: For the Set up common or advanced rules page: Keep the default of Common rules to define rules that identify content to label across all your selected locations. If you need different rules per location, including some rules that are only available for Exchange, or SharePoint sites and OneDrive accounts, select Advanced rules. Then select Next. [select Advanced rules. Then select Next]
8a. To select a sensitive information type or trainable classifier as a condition, under Content contains, select Add, and then choose Sensitive info types or Trainable classifiers.
8b. Select the the Credit Card Number sensitive info type.
Step 9: Depending on your previous choices, you'll now have an opportunity to create new rules by using conditions and exceptions. [Skip] Step 10: If your policy includes the Exchange location: Specify optional configurations [Skip] Step 11: For the Decide if you want to test out the policy now or later page: Select Run policy in simulation mode if you're ready to run the auto-labeling policy now, in simulation mode.

Step 12: For the Summary page: Review the configuration of your auto-labeling policy and make any changes that needed, and complete the configuration.
Reference:
https://learn.microsoft.com/en-us/purview/apply-sensitivity-label-automatically

Question 177

You need to meet the technical requirements for the Site1 documents.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation:
A screenshot of a questionnaire AI-generated content may be incorrect.

The goal is to automatically label documents in Site1 that contain credit card numbers. To achieve this, we need a sensitivity label with an auto-labeling policy based on a sensitive info type that detects credit card numbers.
Step 1: Create a Sensitive Info Type
# A sensitive info type is needed to detect credit card numbers in documents.
# Microsoft Purview includes built-in sensitive info types for credit card numbers, but we can also create a custom one if necessary.
Step 2: Create a Sensitivity Label
# A sensitivity label is required to classify and protect documents containing sensitive information.
# This label can apply encryption, watermarking, or access controls to credit card data.
Step 3: Create an Auto-Labeling Policy
# An auto-labeling policy ensures that the sensitivity label is applied automatically when credit card numbers are detected in Site1.
# This policy is configured to scan files and automatically apply the correct sensitivity label.
Topic 1, Contoso, Ltd Case Study 1
Instructions
This is a case study. Case studies are not timed separately from other exam sections. You can use as much exam time as you would like to complete each case study. However, there might be additional case studies or other exam sections. Manage your time to ensure that you can complete all the exam sections in the time provided. Pay attention to the Exam Progress at the top of the screen so you have sufficient time to complete any exam sections that follow this case study.
To answer the case study questions, you will need to reference information that is provided in the case. Case studies and associated questions might contain exhibits or other resources that provide more information about the scenario described in the case. Information provided in an individual question does not apply to the other questions in the case study.
A Review Screen will appear at the end of this case study. From the Review Screen, you can review and change your answers before you move to the next exam section. After you leave this case study, you will NOT be able to return to it.
To start the case study
To display the first question in this case study, select the "Next" button. To the left of the question, a menu provides links to information such as business requirements, the existing environment, and problem statements. Please read through all this information before answering any questions. When you are ready to answer a question, select the "Question" button to return to the question.
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, Boston, and Johannesburg.
Existing Environment
Microsoft 365 Environment
Contoso has a Microsoft 365 E5 tenant. The tenant contains the administrative user accounts shown in the following table.

Users store data in the following locations:
# SharePoint sites
# OneDrive accounts
# Exchange email
# Exchange public folders
# Teams chats
# Teams channel messages
When users in the research department create documents, they must add a 10-digit project code to each document. Project codes that start with the digits 999 are confidential.
SharePoint Online Environment
Contoso has four Microsoft SharePoint Online sites named Site1, Site2, Site3, and Site4.
Site2 contains the files shown in the following table.

Two users named User1 and User2 are assigned roles for Site2 as shown in the following table.

Site3 stores documents related to the company's projects. The documents are organized in a folder hierarchy based on the project.
Site4 has the following two retention policies applied:
# Name: Site4RetentionPolicy1
# Locations to apply the policy: Site4
# Delete items older than: 2 years
# Delete content based on: When items were created
# Name: Site4RetentionPolicy2
# Locations to apply the policy: Site4
# Retain items for a specific period: 4 years
# Start the retention period based on: When items were created
# At the end of the retention period: Do nothing
Problem Statements
Management at Contoso is concerned about data leaks. On several occasions, confidential research department documents were leaked.
Requirements
Planned Changes
Contoso plans to create the following data loss prevention (DLP) policy:
# Name: DLPpolicy1
# Locations to apply the policy: Site2
# Conditions:
# Content contains any of these sensitive info types: SWIFT Code
# Instance count: 2 to any
# Actions: Restrict access to the content
Technical Requirements
Contoso must meet the following technical requirements:
# All administrative users must be able to review DLP reports.
# Whenever possible, the principle of least privilege must be used.
# For all users, all Microsoft 365 data must be retained for at least one year.
# Confidential documents must be detected and protected by using Microsoft 365.
# Site1 documents that include credit card numbers must be labeled automatically.
# All administrative users must be able to create Microsoft 365 sensitivity labels.
# After a project is complete, the documents in Site3 that relate to the project must be retained for 10 years.

Question 178

You have a Microsoft 365 subscription. You create a retention policy and apply the policy to Exchange Online mailboxes.
You need to ensure that the retention policy tags can be assigned to mailbox items as soon as possible.
What should you do?

A.From Exchange Online PowerShell. run Start-ManagedFolderAssistant.

B.From the Microsoft Purview portal, create a label policy.

C.From the Microsoft Purview portal, create a data loss prevention (DLP) policy.

D.From Exchange Online PowerShell, run start -RetentionAutoTagLearning.

Question 179

You have a Microsoft 365 E5 subscription.
You plan to use Microsoft Purview insider risk management.
You need to create an insider risk management policy that will detect data theft from Microsoft SharePoint Online by users that submitted their resignation or are near their employment termination date.
What should you do first?

A.Configure a HR data connector.

B.Configure Office indicators.

C.Configure a Physical badging connector.

D.Onboard devices to Microsoft Defender for Endpoint.

Question 180

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminAuditLogCmdlets
*Mailbox* command.
Does that meet the goal?

A.Yes

B.No

Question 176

Question 177

Question 178

Question 179

Question 180

Download PDF File