[2025年12月05日] 最新のSC-400試験の的確なMicrosoft Information Protection AdministratorのPDF問題
SC-400試験問題を練習するならJPNTest顕著なMicrosoft Information Protection Administrator試験練習問題集
Microsoft SC-400 試験は、Microsoft Information Protection Administratorになりたいと考えている専門家を対象としています。この認定試験は、Microsoft Information Protectionソリューションを実装し、管理するために必要なスキルと知識を検証します。試験に合格すると、情報保護ソリューションを設計・展開し、データ損失防止ポリシーを管理し、機密ラベルを構成することができます。
Microsoft SC-400(Microsoft Information Protection Administrator)試験は、組織内で情報保護ソリューションを管理および実装する責任を持つITプロフェッショナルを対象としています。この試験は、ポリシーの作成と管理、データ損失防止(DLP)ソリューションの実装、情報保護ラベルの設定、データ分類の管理など、データのライフサイクル全体でデータを保護するソリューションを設計、実装、管理する候補者のスキルと能力を測定します。
質問 # 141
You plan to implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You need to identify which end user activities can be audited on the endpoints, and which activities can be restricted on the endpoints.
What should you identify for each activity? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide
質問 # 142
You have a Microsoft 365 tenant.
You discover that email does NOT use Microsoft Office 365 Message Encryption (OME).
You need to ensure that OME can be applied to email.
What should you do first?
- A. Activate Azure Information Protection.
- B. Create an Azure key vault.
- C. Activate Azure Rights Management (Azure RMS).
- D. Enable Microsoft Defender for Office 365.
正解:C
解説:
The only prerequisite for using the new OME capabilities is that Azure Rights Management must be activated in your organization's tenant. If it is, Microsoft 365 activates the new OME capabilities automatically and you don't need to do anything.
質問 # 143
Hotspot Question
You have the retention label policy shown in the Policy exhibit. (Click the Policy tab.)
Users apply the retention label policy to files and set the asset ID as shown in the following table.
On December 1, 2020, you create the event shown in the Event exhibit. (Click the Event tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
The file creation date can be ignored because the time is based on the event that start on 30th Sept 2020.
https://learn.microsoft.com/en-us/microsoft-365/compliance/event-driven-retention?view=o365- worldwide
質問 # 144
You have a Microsoft 365 E5 tenant that contains the policies shown in the following table.
A file named File1 has all the policies applied.
How long will File1 be retained?
- A. File1 will be deleted automatically after seven years.
- B. File1 will be retained until the file is deleted manually.
- C. File1 will be deleted automatically after 10 years.
- D. File1 will be deleted automatically after five years.
正解:C
質問 # 145
You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.
You plan to create a communication compliance policy named Policy1.
You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.
Who should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
質問 # 146
You are implementing Microsoft Office 365 Message Encryption (OME) for a Microsoft 365 tenant named contoso.com.
You need to meet the following requirements:
* All email to a domain named fabhkam.com must be encrypted automatically.
* Encrypted emails must expire seven days after they are sent-
What should you configure for each requirement? To answer, select the appropriate options NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/email-encryption?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-advanced-expiration?view=o365-worldwide
質問 # 147
You are configuring a retention label named Label1 as shown in the following exhibit.
You need to ensure that documents that have Label1 applied are deleted three years after the end of your company's fiscal year.
What should you do?
- A. Modify the Retention period setting.
- B. Set At the ends of the retention period to Trigger a disposition review.
- C. Create a new event type.
- D. Select Only delete items when they reach a certain age.
正解:C
解説:
A new event type will make sure that the retention period will use fiscal year instead of when items were created.
質問 # 148
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You create the retention label shown in the following exhibit.
Which users can perform a disposition review of content that has Retention 1 applied?
- A. Admin2 and Admin3 only
- B. Admin3 only
- C. Admin1 and Admin3 only
- D. Admin1, Admin2, and Admin3
- E. Admin2 only
- F. Admin1 and Admin2 only
正解:A
質問 # 149
You have Microsoft 365 ES subscription that has data loss prevention (DLP) implemented.
You plan to export DLP activity by using Activity explorer.
The exported file needs to display the sensitive info type detected for each DLP match.
What should you do in Activity explorer before the data, and in which file exported? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
質問 # 150
You have a Microsoft 365 E5 tenant that contains a user named User1.
You need to identify the type and number of holds placed on the mailbox of User1.
What should you do first?
- A. From Exchange Online PowerShell, run the Get-HoldCompliancePolicycmdlet.
- B. From the Microsoft 365 compliance center, run a content search.
- C. From the Microsoft 365 compliance center, create an eDiscovery case.
- D. From Exchange Online PowerShell, run the Get-Mailboxcmdlet.
正解:D
解説:
Get-Mailbox cmdlet can be used to find out retention policies for a specific mailbox and also find out holds placed in the mailbox.
https://docs.microsoft.com/en-us/microsoft-365/compliance/identify-a-hold-on-an-exchange- online-mailbox?view=o365-worldwide
質問 # 151
You have a Microsoft 365 E5 subscription.
You are implementing insider risk management
You need to create an insider risk management notice template and format the message body of the notice template.
How should you configure the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
質問 # 152
You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.
You plan to create a communication compliance policy named Policy1.
You need to identify whose communications can be monitored by Policy1, and who can be assigned the Reviewer role for Policy1.
Who should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
質問 # 153
You create a sensitivity label as shown in the Sensitivity Label exhibit.
You create an auto-labeling policy as shown in the Auto Labeling Policy exhibit.
A user sends the following email:
From: [email protected]
To: [email protected]
Subject: Address List
Message Body:
Here are the lists that you requested.
Attachments:
<<File1.docx>>
<<File2.xml>>
Both attachments contain lists of IP addresses.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Text Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-wo
質問 # 154
You have a Microsoft 365 subscription.
You create a new trainable classifier.
You need to train the classifier.
Which source can you use to train the classifier?
- A. a Microsoft SharePoint Online site
- B. an NFS file share
- C. an Azure Files share
- D. an on-premises Microsoft SharePoint Server site
正解:A
解説:
https://learn.microsoft.com/en-us/purview/classifier-get-started-with#how-to-create-a-trainable- classifier
質問 # 155
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 10 and have Microsoft 365 Apps installed. The computers are joined to Azure Active Directory (Azure AD).
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You deploy the Endpoint DLP configuration package to the computers.
Does this meet the goal?
- A. No
- B. Yes
正解:B
解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365- worldwide
Topic 2, Fabrikam,
Cloud Environment
Fabrikam has a Microsoft 365 tenant that contains the following resources:
* An Azure Active Directory (Azure AD) tenant that syncs to an on-premises Active Directory domain named corp.fabrikam.com
* Microsoft Cloud App Security connectors configured for all supported cloud applications used by the company Some users have company Dropbox accounts.
Compliance Configuration
Fabrikam has the following in the Microsoft 365 compliance center:
* A data loss prevention (DLP) policy is configured. The policy displays a tooltip to users. Users can provide a business justification to override a DLP policy violation.
* The Azure information Protection unified labeling scanner is installed and configured.
* A sensitivity label named Fabrikam Confidential is configured.
An existing third-party records management system is managed by the compliance department.
Human Resources (HR) Management System
The HR department has an Azure SQL. database that contains employee information. Each employee has a unique 12-character alphanumeric ID. The database contains confidential employed attributes including payroll information, date of birth, and personal contact details.
On-premises Environment
You have an on premises file server that runs Windows Server 2019 and stores Microsoft Office documents in a shared folder named Data.
All end-user computers are joined to the corp.fabrinkam.com domain and run a third-party antimalware application.
Sales Contracts
Users in the sales department receive draft sales contracts from customers by email. The sales contracts are written by the customers and are not in a standard format.
Employment Applications
Employment applications and resumes are received by HR department managers and stored in either mailboxes, Microsoft SharePoint Online sites, OneDrive for Business folders, or Microsoft Teams channels.
The employment application form is downloaded from SharePoint Online and a serial number is assigned to each application.
the resumes are written by the applications and in any format.
HR Requirements
You need to create a DLP policy that will notify the HR department of a DLP policy violation if a document that contains confidential employee attributes is shared externally. The DLP policy must use an Exact Data Match (EDM) classification derived from a CSV export of the HR department database.
The HR department identifies the following requirements for handling employment applications:
* Resumes must be identified automatically based on similarities to other resumes received in the past
* Employment applications and resumes must be deleted automatically two years after the applications are received.
* Documents and emails that contain an application serial number must be identified automatically and marked as an employment application.
Sales Requirements
A sensitivity label named Sales Contract must be applied automatically to all draft and finalized sales contracts.
Compliance Requirements
Fabrikam identifies the following compliance requirements:
* All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.
* Users in the compliance department must view the justification provided when a user receives a tooltip notification for a DLP violation.
* If a document that has the Fabrikam Confidential sensitivity label applied is uploaded to Dropbox. the file must be deleted automatically. - The Fabrikam Confidential sensitivity label must be applied to existing Microsoft Word documents in the Data shared folder that have a document footer containing the following string: Company use only.
* Users must be able to manually select that email messages are sent encrypted. The encryption will use Office 365 Message Encryption (OME) v2. Any email containing an attachment that has the Fabrikam Confidential sensitivity label applied must be encrypted automatically by using OME.
* Existing policies configured in the third-party records management system must be replaced by using Records management in the Microsoft 365 compliance center. The compliance department plans to export the existing policies, and then produce a CSV file that contains matching labels and policies that are compatible with records management in Microsoft 365. The CSV file must be used to configure records management in Microsoft 365.
Executive Requirements
You must be able to restore all email received by Fabrikam executives for up to three years after an email is received, even if the email was deleted permanently.
質問 # 156
You create a retention label policy named Contoso_policy that contains the following labels.
10 years then delete
5 years then delete
Do not retain
Contoso_Policy is applied to content In Microsoft Sharepoint Online sites.
After a couple of days, yon discover the following messages on the Properties page of the label policy.
* Statue Off (Error)
* It's taking longer than expected to deploy the policy
You need to reinitiate the policy.
How should you complete the command? To answer, select the appropriate options in the; answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/set-retentioncompliancepolicy?view=exchange-ps
質問 # 157
SIMULATION
Task 6
You plan to implement Endpoint data loss prevention (Endpoint DLP) policies for computers that run Windows.
Users have an application named App1 that stores data locally in a folder named C:\app1\data.
You need to prevent the folder from being monitored by Endpoint DLP.
正解:
解説:
See the solution below in Explanation
Explanation:
To prevent the folder C:\app1\data from being monitored by Endpoint Data Loss Prevention (DLP), follow these steps:
Configure File Path Exclusions:
Open the Microsoft Purview compliance portal.
Navigate to Data loss prevention > Overview > Data loss prevention settings > Endpoint settings.
Look for the File path exclusions section.
Add an exclusion for the path C:\app1\data.
Files within this folder will not be audited or subject to DLP policy enforcement12.
Remember to validate this configuration and ensure that the folder is excluded from DLP monitoring
質問 # 158
You have a Microsoft 365 E5 tenant.
You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.
What should you do first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 # 159
......
Microsoft SC-400認定試験は、40〜60の複数選択の質問で構成されており、150分間タイミングを合わせています。この試験では、Azure Information Protection、Microsoft Cloud App Security、Compliance ManagerなどのMicrosoft Information Protection Technologiesを使用して、データ保護ソリューションを管理および実装する候補者の能力を測定します。この試験は、データ保護ソリューションの実装と管理、セキュリティとコンプライアンスポリシーの構成、コンプライアンスに関する監視と報告に関する候補者の知識をテストするように設計されています。
試験問題と解答はSC-400学習ガイド問題解答:https://www.jpntest.com/shiken/SC-400-mondaishu
練習用SC-400にはJPNTest顕著な問題集はあなたをMicrosoft Information Protection Administrator試験合格させます合格させる:https://drive.google.com/open?id=1rQZs7yXjx9G2hCOKyMAppmmU0RmiSONq