SC-401 Practice Questions
Administering Information Security in Microsoft 365
Last Update 3 days ago
Total Questions : 223
Dive into our fully updated and stable SC-401 practice test platform, featuring all the latest Microsoft Certified: Information Security Administrator Associate exam questions added this week. Our preparation tool is more than just a Microsoft study aid; it's a strategic advantage.
Our free Microsoft Certified: Information Security Administrator Associate practice questions crafted to reflect the domains and difficulty of the actual exam. The detailed rationales explain the 'why' behind each answer, reinforcing key concepts about SC-401. Use this test to pinpoint which areas you need to focus your study on.
You have a Microsoft 365 E5 subscription that contains the sensitive information types (SITs) shown in the following table.

You plan to create the policies shown in the following table and assign them to a Microsoft SharePoint Online site.

Which policies can use SIT1. and which policies can use SIT2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 sensitivity label that is published to all the users in your Microsoft Entra tenant as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No
NOTE: Each correct selection is worth one point.

You are implementing Microsoft Purview Advanced Message Encryption for a Microsoft 365 tenant named contoso.com You need to meet the following requirements:
• All email to a domain named (abrikam.com must be encrypted automatically.
• Encrypted emails must expire seven days after they are sent
What should you configure for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription that contains a sensitivity label named Contoso Confidential.
You publish Contoso Confidential to all users.
Contoso Confidential is configured as shown in the Configuration exhibit. (Click the Configuration tab.)

The Access control settings of Contoso Confidential are configured as shown in the Access control exhibit. (Click the Access control tab.)


For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 £5 subscription that contains the groups shown in the following table.

The subscription contains the users shown in the following table.

You create the mail flow rules shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You have a data loss prevention (DIP) policy that has the advanced DIP rules shown in the following table.

You need to identity which rules will apply when content matches multiple advanced DIP rules.
Which rules should you identify? To answer, select the appropriate options in the answer area.

You have a Microsoft 365 E5 subscription that contains 500 Windows devices.
You plan to deploy Microsoft Purview Data Security Posture Management for AI (DSPM for AI).
You need to ensure that you can monitor user activities on third-party generative AI websites.
Which two prerequisites should you complete for DSPM for AI? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You recently discovered that the developers at your company emailed Azure Storage Account keys in plain text to third parties
You need to ensure that when Azure Storage Account keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has Exchange email, SharePoint sites, OneDrive accounts, and Teams chat and channel messages selected.
Does this meet the goal?
You have a Microsoft 365 subscription.
Users have devices that run Windows 11.
You plan to create a Microsoft Purview insider risk management policy that will detect when a user performs the following actions:
● Deletes files that contain a sensitive information type (SIT) from their device
● Copies files that contain a SIT to a USB drive
● Prints files that contain a SIT
You need to prepare the environment to support the policy.
What should you do?









