SC-401 試験問題を無料オンラインアクセス

HOTSPOT
You have a Microsoft 365 E5 subscription that contains two Microsoft 365 groups named Group1 and Group2. Both groups use the following resources:
# A group mailbox
# Microsoft Teams channel messages
# A Microsoft SharePoint Online teams site
You create the objects shown in the following table.

To which resources will AutoApply1 and Retention1 be applied? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解：

Explanation:

AutoApply1 is an auto-labeling policy that applies RLabel1 to Group1. Auto-labeling policies can apply retention labels across group mailboxes, SharePoint Online sites, and Teams channel messages if they are configured for group resources.
Retention1 is a retention policy applied to Group2. Retention policies for Microsoft 365 groups apply to all group resources, including group mailboxes, SharePoint Online teams sites, and Teams channel messages.
Since both AutoApply1 and Retention1 affect entire groups, they apply to all associated resources: group mailbox, SharePoint Online teams site, and Teams channel messages.

DRAG DROP
You have a Microsoft 365 E5 subscription that has data loss prevention (DLP) implemented.
You need to create a custom sensitive info type. The solution must meet the following requirements:
# Match product serial numbers that contain a 10-character alphanumeric string.
# Ensure that the abbreviation of SN appears within six characters of each product serial number.
# Exclude a test serial number of 1111111111 from a match.
Which pattern settings should you configure for each requirement? To answer, drag the appropriate settings to the correct requirements. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

正解：

Explanation:

You have a Microsoft 365 E5 subscription.
You need to ensure that encrypted email messages sent to an external recipient can be revoked or will expire within seven days.
What should you configure first?

• A.a mail flow rule
• B.a sensitivity label
• C.a Conditional Access policy
• D.a custom branding template

You have a Microsoft 365 subscription. Auditing is enabled.
A user named User1 is a member of a dynamic security group named Group1.
You discover that User1 is no longer a member of Group1.
You need to search the audit log to identify why User1 was removed from Group1.
Which two activities should you use in the search? To answer, select the appropriate activities in the answer area.
NOTE: Each correct selection is worth one point.

正解：

Explanation:

Step 1 - Scenario
A user named User1 was a member of a dynamic security group (Group1).
User1 is no longer a member of that group.
You need to determine why User1 was removed by searching the audit log.
Step 2 - How group membership changes are logged in Microsoft 365 audit logs Microsoft 365 audit logs record group membership activities in Azure AD. The most relevant activities for a user disappearing from a group are:
Removed member from group - Directly indicates that a user was removed from a group.
Updated group - Logged when group properties or membership rules (for dynamic groups) are modified. If Group1 is a dynamic group, changes to membership rules could have caused User1 to no longer qualify, and this would appear as an Updated group event.
Step 3 - Why not other options
Deleted user / Deleted group: Would mean the entire user or group object was deleted, not just removal.
Changed user password, Reset user password, Set license properties, Changed user license: These are account- related, not group membership-related.
Added member to group: The opposite action.
Step 4 - Microsoft Reference
From Microsoft documentation:
Audit logs include events such as when a member is added or removed from a group, and when group properties or membership rules are updated.
Reference: Search the audit log in the Microsoft Purview compliance portal

You are planning a data loss prevention (DLP) solution that will apply to Windows Client computers.
You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:
# If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
# All other users must be blocked from copying the file.
What should you create?

• A.one DLP policy that contains one DLP rule
• B.one DLP policy that contains two DLP rules
• C.two DLP policies that each contains one DLP rule