ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-400 All Questions

View all questions & answers for the SC-400 exam
Go to Exam

Exam SC-400 topic 2 question 34 discussion

Actual exam question from Microsoft's SC-400
Question #: 34
Topic #: 2
[All SC-400 Questions]

You are configuring a data loss prevention (DLP) policy to report when credit card data is found on a Windows 10 device joined to Azure Active Directory (Azure
AD).
You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.
What should you configure in the policy rule?

  • A. the incident report
  • B. an action
  • C. user notifications
  • D. user overrides
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by liozuf at May 5, 2021, 7:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
liozuf
Highly Voted 3 years, 5 months ago
B. an action is a better answer
upvoted 33 times
...
Eltooth
Highly Voted 3 years, 5 months ago
B. An action would prevent a data copy function.
upvoted 14 times
...
dillon123456789
Most Recent 1 month ago
Selected Answer: B
on exam 2025
upvoted 1 times
...
Lukas2100
5 months, 1 week ago
Selected Answer: B
In my test Tenant (Microsoft CDX Tenant) is a pre-configured DLP Policy named "Default Policy for devices". When I edit this policy an go on to the "Advanced DLP Rules" and also edit the rule in this sector then I'm able to configure "an action" which is called "File activities for all apps" -> "Aply restrictions to specific activity" -> "Copy to Clipboard". There you can "block" this kind of action. Therefore I choose "B"
upvoted 2 times
...
mbhasker
11 months ago
D. user overrides
upvoted 1 times
...
TomasValtor
1 year ago
To configure a data loss prevention (DLP) policy to report when credit card data is found on a Windows 10 device joined to Azure Active Directory (Azure AD), and then use the information from the policy to restrict the ability to copy the sensitive data to the clipboard, you need to configure an "Action" in the policy rule.
upvoted 2 times
TomasValtor
1 year ago
The "Action" is a response that occurs when a data loss prevention (DLP) policy is triggered. In this case, when the policy rule detects credit card data on a Windows 10 device joined to Azure AD, it will trigger the "Action" you have configured. To restrict the ability to copy the sensitive data to the clipboard, you need to choose an appropriate "Action." One of the available actions is to "Block Access" to the sensitive data. You can also customize the action by choosing to "Notify User" with a custom message that explains why the access has been blocked. This will help prevent users from unknowingly violating the policy by providing them with clear information about what actions are permitted and what are not. Therefore, the correct answer is B - an Action. The incident report is used to notify the appropriate personnel when a policy rule is triggered. User notifications and user overrides are not directly related to configuring an action to restrict the ability to copy sensitive data to the clipboard.
upvoted 2 times
...
...
dmoorthy
1 year, 6 months ago
B is the right Answer.
upvoted 1 times
...
GeoffLule
1 year, 6 months ago
Scenario 3: Modify the existing policy, block the action with allow override
upvoted 1 times
...
xswe
1 year, 6 months ago
An action, test it out in purview to find this out by yourself!
upvoted 2 times
...
Katea
1 year, 7 months ago
Selected Answer: B
B. an action is a better answer
upvoted 1 times
Katea
1 year, 7 months ago
it's confusing because we can block the action by allow override : https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide
upvoted 1 times
...
...
chrissempai
2 years, 1 month ago
Selected Answer: B
The good answer is B, it's an action. If you choose D, you can only do : User overrides -Allow overrides from M365 services -Business justifications When users override an activity, you can require them to provide a business justification when overriding an activity.
upvoted 2 times
...
Lotanna_
2 years, 3 months ago
B for me
upvoted 1 times
...
wooyourdaddy
2 years, 4 months ago
Selected Answer: B
I wrote the exam today, this question was on it, I choose B, scored 890!
upvoted 3 times
...
MahmoudEldeep
2 years, 6 months ago
Selected Answer: B
Correct answer is B
upvoted 1 times
...
Solozero
2 years, 8 months ago
Selected Answer: B
B. an action
upvoted 2 times
...
Pravda
2 years, 9 months ago
On exam 1/20/2022
upvoted 1 times
...
Mdwro
2 years, 9 months ago
Selected Answer: A
I read it multiple times and have doubts. Initially thought about B. But then, questions says: "You PLAN TO USE information from the policy to restrict the ability to copy the sensitive data to the clipboard.". If we plan to use information, shouldn't it trigger an indcident report, which later we can re-use?
upvoted 6 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago