Share Latest Jan-2026 SC-401Test Practice Test Questions, Exam Dumps
Positive Aspects of Valid Dumps SC-401 Exam Dumps!
Microsoft SC-401 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
NEW QUESTION # 86
You have a Microsoft 365 subscription that contains the devices shown in the following table.
From which devices can Microsoft Purview Insider Risk Management capture forensic evidence?
- A. Device1 and Device2 only
- B. Device only
- C. Device2 only
- D. Device2 and Device3 only
- E. Device1, Device2 and Device3
Answer: C
NEW QUESTION # 87
DRAG DROP
You need to create a trainable classifier that can be used as a condition in an auto-apply retention label policy.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation:
To create a trainable classifier that can be used in an auto-apply retention label policy, you need to follow these key steps:
1. Create the trainable classifier
This is the first step where you define the classifier, specifying the types of content it should identify.
2. Test the trainable classifier
Before using the classifier in production, you need to validate its accuracy by testing it against sample documents to ensure it correctly classifies the intended data.
3. Publish the trainable classifier
Once testing is successful, you must publish the classifier so that it can be used in policies like auto-apply retention labels in Microsoft Purview.
NEW QUESTION # 88
You have a Microsoft 365 E5 subscription that contains three users named U$er1, User2, and User3. The subscription contains the groups shown in the following table.
The subscription contains the devices shown in the following table.
All the devices are onboarded to Microsoft Purview.
You have the data loss prevention (DLP) policies shown in the following table.
Answer:
Explanation:
Explanation:
NEW QUESTION # 89
You have the files shown in the following table.
You configure a retention policy as shown >n the exhibit. (Click the Exhibit lab.) The start of the retention period is based on when items are created. The current date is January 01. 207S.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
Explanation:
File1
Location: SharePoint Online.
Created: Dec 28, 2015.
As of Jan 1, 2025 # File is 9+ years old.
If retention is (example: 7 years), then the retention period has expired, and the file will be deleted once the policy is turned on.
The answer: Yes
File2
Location: OneDrive.
Created: Jan 2, 2015.
As of Jan 1, 2025 # File is 10 years old.
Retention period (7 years, for example) has expired # File will be deleted once the policy is turned on.
The answer: Yes
File3
Location: Exchange Online public folder.
Created: May 1, 2010.
As of Jan 1, 2025 # File is 15 years old.
But Exchange public folders are not supported locations for Microsoft 365 retention policies.
Therefore, policy does not apply, and file will not be deleted.
NEW QUESTION # 90
You have a Microsoft 365 ES subscription that uses Microsoft Teams and contains the users shown in the following table.
You have the retention policies shown in the following table.
The users perform the actions shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point
Answer:
Explanation:
Explanation:
NEW QUESTION # 91
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you assign the Sensitivity Label Administrator role?
- A. Admin1, Admin2, and Admin3 only
- B. Admin1, Admin2, Admin4, and Admin5 only
- C. Admin1 and Admin5 only
- D. Admin1 and Admin4 only
- E. Admin1 only
Answer: A
Explanation:
To meet the requirement that all administrative users must be able to create Microsoft 365 sensitivity labels, we need to assign the Sensitivity Label Administrator role to the correct users.
Sensitivity Label Administrator Role Responsibilities
This role allows users to:
# Create and manage sensitivity labels in Microsoft Purview.
# Publish and configure auto-labeling policies.
# Modify label encryption and content marking settings.
Review of Admin Roles from the Table:
Users that must be assigned the Sensitivity Label Administrator role:
# Admin2 (Compliance Data Administrator)
# Admin3 (Compliance Administrator)
# Admin1 (Global Reader) (should be assigned this role to fulfill the requirement that all admins can create labels).
NEW QUESTION # 92
You have a Microsoft 365 tenant that is opt-in for trainable classifiers.
You need to ensure that a user named User1 can create custom trainable classifiers. The solution must use the principle of least privilege.
Which role should you assign to User1?
- A. Security Operator
- B. Global Administrator
- C. Security Administrator
- D. Compliance Administrator
Answer: D
Explanation:
To create custom trainable classifiers in Microsoft Purview, the user must have rights in the compliance portal. The Compliance Administrator role provides the necessary permissions to create and manage trainable classifiers. Security roles focus on threat management, and Global Administrator is excessive (not least privilege).
Reference: Trainable classifiers in Microsoft Purview
NEW QUESTION # 93
You have a Microsoft 365 E5 subscription that uses Microsoft Purview Audit (Premium) with the 10-Year Audit Log Retention add-on license.
The subscription contains the audit retention policies shown in the following table.
From the SharePoint Online admin center, User1 performs the actions shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE; Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 94
You have a Microsoft 365 subscription.
You configure a Microsoft Purview insider risk management policy named Policy1.
You need to ensure that you will receive real-time recommendations on how to configure the indicator thresholds for Policy1. The solution must ensure that the recommendations are based on a user's activity from the past 10 days.
What should you do first?
- A. Enable insider risk management analytics.
- B. Create an Insider Risk Indicators connector.
- C. Create a data loss prevention (DLP) policy.
- D. Configure the Insider Risk Management Data sharing settings.
Answer: A
NEW QUESTION # 95
You have a Microsoft 365 E5 subscriptions.
You deploy Microsoft Purview Data Security Posture Management for Al (DSPM for Al).
You need to edit the default policies created as part of the deployment.
Which two Microsoft Purview solutions should you use? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- A. Insider Risk Management
- B. Data Loss Prevention
- C. Compliance Manager
- D. Information Barriers
- E. Information Protection
- F. Data Lifecycle Management
- G. DSPMforAI
Answer: E,G
Explanation:
Step 1 - Understand the feature
The scenario is about Microsoft Purview Data Security Posture Management for AI (DSPM for AI), a capability in Microsoft Purview that helps:
* Discover sensitive data across AI environments (including Copilot for Microsoft 365).
* Assess data exposure risks.
* Apply policies for data classification and protection.
When you deploy DSPM for AI, Microsoft Purview automatically creates default policies to classify and protect sensitive content.
Step 2 - Which solutions are used to edit these policies?
* DSPM for AI (D) # This is the core solution where the default DSPM policies are deployed and visible. To edit or manage them, you must use the DSPM for AI blade in Microsoft Purview.
* Information Protection (B) # DSPM relies on Microsoft Information Protection (MIP), specifically sensitivity labels and sensitive information types. These labels and SITs are part of Purview Information Protection. Editing classification rules (e.g., sensitivity labels, sensitive info types, trainable classifiers) requires Information Protection.
# Reference:
* Microsoft Purview Data Security Posture Management for AI (DSPM for AI)
* Overview of sensitivity labels in Microsoft Purview Information Protection Step 3 - Why not the others?
* A. Insider Risk Management # Detects risky insider activities (data theft, sabotage). Not used to configure DSPM policies.
* C. Compliance Manager # Provides compliance score and assessments, but does not configure DSPM policies.
* E. Information Barriers # Used to restrict communication between groups of users. Not related to DSPM.
* F. Data Lifecycle Management # Manages retention and deletion of data. Not related to DSPM for AI policy editing.
* G. Data Loss Prevention (DLP) # Protects sensitive data from being shared in apps/services, but DSPM's default policies are not edited here.
NEW QUESTION # 96
You need to create a retention policy to delete content after seven years from the following locations:
* Exchange Online email
* SharePoint Online sites
* OneDrive accounts
* Microsoft 365 Groups
* Teams channel messages
* Teams chats
What is the minimum number of retention policies that you should create?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
Explanation:
for each of the following you can have a retention policy
1.EXO, SPO, ODfB, M365 groups
2.Teams channel messages, teams chat
3.Teams private channel messages
NEW QUESTION # 97
HOTSPOT
You have a Microsoft SharePoint Online site that contains the following files.
Users are assigned roles for the site as shown in the following table.
Which files can User1 and User2 open? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Let's break it down:
File1.docx # DLP action = None
No DLP restrictions, so it is fully accessible to both User1 (owner) and User2 (member).
File2.docx # DLP action = Matched by DLP
"Matched" means the DLP policy detected sensitive content but has not blocked access. Instead, it may generate an alert or policy tip.
Both User1 and User2 can still open this file.
File3.docx # DLP action = Blocked by DLP
"Blocked" means the DLP policy actively restricts access or sharing of the file.
User2 (member) cannot open this file.
However, User1 (site owner) can open it because site collection admins and owners always retain full control over content, even if a DLP rule applies.
Ref: Microsoft Purview DLP policy tips and enforcement
# DLP policies do not prevent SharePoint/OneDrive site collection admins (owners) from accessing content.
# Final Answer Table:
User1 (Site Owner): File1.docx, File2.docx, File3.docx
User2 (Site Member): File1.docx, File2.docx
NEW QUESTION # 98
You have a Microsoft 36S ES subscription that contains a Windows 11 device named Device 1 and three users named User 1. User2. and User3.
You plan to deploy Azure Information Protection (AIP) and the Microsoft Purview Information Protection client to Device 1.
You need to ensure that the users can perform the following actions on Device1 as part of the planned deployment
* User 1 will test the functionality of the client.
* User2 will install and configure the Microsoft Rights Management connector.
* User3 will be configured as the service account for the information protection scanner.
The solution must maximize the security of the sign-in process for the users What should you do?
- A. Exclude User1 and User? from multifactor authentication (Mf A}
- B. Enable User? and Usex3 for passwordless authentication.
- C. Enable User1. User I and User 3 for passkey (FIDO2) authentication
- D. Exclude User2 and User3 from multifactor authentication (MfA).
Answer: B
NEW QUESTION # 99
You have a Microsoft 36S ES subscription that contains two Windows devices named Devicel1and Device2 Device1 has the default browser set to Microsoft Edge. Devke2 has the default browser set to Google Chrome.
You need to ensure that Microsoft Purview insider risk management can collect signals when a user copies files to a USB device by using their default browser.
What should you deploy to each device? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 100
HOTSPOT
You need to meet the technical requirements for the confidential documents.
What should you create first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
To detect and protect confidential documents, we need a custom rule to identify project codes that start with
999 (since they are classified as confidential).
Box 1: A Sensitive Info Type (SIT) allows Microsoft Purview DLP policies to recognize structured data (e.g., project codes). DLP policies require a sensitive info type to detect content based on patterns, keywords, or dictionary terms. A sensitivity label alone does not define detection logic-it is used for classification and protection after content is identified.
Box 2: Since project codes follow a structured 10-digit pattern, we should use a Regular Expression (Regex) to match project codes that start with 999.
Example Regex pattern:
999\d{7}
This pattern detects a 10-digit number starting with "999".
NEW QUESTION # 101
You have a Microsoft 365 subscription.
You create and run a content search from the Microsoft Purview portal.
You need to download the results of the content search.
What should you obtain first?
- A. a password
- B. a certificate
- C. a pin
- D. an export key
Answer: D
NEW QUESTION # 102
You have a Microsoft 36S subscription that contains the users shown in the following table.
You create the data loss prevention (DLP) policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 103
You have a Microsoft 565 E5 subscription.
You plan to use Microsoft Purview insider risk management.
You need to create an insider risk management policy that will detect data theft from Microsoft SharePoint Online by users that submitted their resignation or are near their employment termination date.
What should you do first?
- A. Configure a HR data connector.
- B. Onboard devices to Microsoft Defender for Endpoint.
- C. Configure Office indicators.
- D. Configure a Physical badging connector.
Answer: A
NEW QUESTION # 104
......
Practice LATEST SC-401 Exam Updated 203 Questions: https://passguide.braindumpsit.com/SC-401-latest-dumps.html