ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-400 All Questions

View all questions & answers for the SC-400 exam
Go to Exam

Exam SC-400 topic 2 question 12 discussion

Actual exam question from Microsoft's SC-400
Question #: 12
Topic #: 2
[All SC-400 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has only the Exchange email location selected.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Eltooth at July 20, 2021, 4:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jideakin
1 week ago
Selected Answer: A
Because Exchange is the only location selected, DLP policy will be sufficient for this.
upvoted 1 times
...
emartiy
1 year ago
Selected Answer: B
The solution presented in the question is not sufficient to meet the stated goal of ensuring that Azure Storage keys are encrypted when emailed. The solution involves creating a data loss prevention (DLP) policy that has only the Exchange email location selected. This would mean that the DLP policy only applies to emails sent from Exchange, but it does not ensure that the content of the email, including Azure Storage keys, is encrypted. To ensure that Azure Storage keys are encrypted when emailed, a more comprehensive solution is required. One possible solution would be to configure Azure Information Protection (AIP) to automatically classify and protect sensitive data, including Azure Storage keys.
upvoted 4 times
...
bgurny
1 year, 6 months ago
Selected Answer: A
https://learn.microsoft.com/en-us/purview/ome-faq?view=o365-worldwide#can-i-automatically-encrypt-messages-by-setting-up-policies-in-data-loss-prevention--dlp--through-the-microsoft-purview-compliance-portal-
upvoted 2 times
Emmuyah
7 months, 2 weeks ago
Yes! You can set up mail flow rules in Exchange Online or by using DLP in the Microsoft Purview compliance portal.
upvoted 2 times
...
...
dmoorthy
1 year, 10 months ago
Answer is A- Yes.
upvoted 3 times
...
xswe
1 year, 11 months ago
Correct! With this solution you will be able to create a rule just like you can do in Exchange admin center
upvoted 1 times
...
formazionehs
2 years ago
Selected Answer: A
Since Exchange is the only location selected, it is possible to meet the goal with a DLP policy.
upvoted 3 times
kingAzure
1 year, 3 months ago
I thought there could only be one "yes" on these series of questions?
upvoted 1 times
Ruslan23
11 months ago
"Some question sets might have more than one correct solution"
upvoted 1 times
...
...
...
biff791
2 years, 1 month ago
Selected Answer: A
works if only exchange location is selected
upvoted 2 times
...
Harry008
2 years, 4 months ago
Can I automatically encrypt messages by setting up policies in Data Loss Prevention (DLP) through the Microsoft Purview compliance portal? Yes! You can set up mail flow rules in Exchange Online or by using DLP in the Microsoft Purview compliance portal. Answer is A(Yes)
upvoted 3 times
...
BTL_Happy
2 years, 4 months ago
A should be the answer, only on exchange location is selected.
upvoted 1 times
...
kiketxu
2 years, 4 months ago
If the question asks for meeting the goal, I see there is something missing. It is OK if you select only Exchange location. It will allow to encrypt messages mathing conditions, but what matches??? ...to match Azure-Storage keys, you need to create regex to add in rule as sensitivity info. that is why I would opt to NO. The answer isnt' complete.
upvoted 1 times
fimbulvetrk
2 years, 3 months ago
you may have a sensitive info type based in a keyword list which may have contain all the storage keys
upvoted 1 times
...
Reinto
2 years, 1 month ago
You can create a custom DLP policy that matches a pattern in a document (or subject or body). So, I guess we agree that the answer is complete: A
upvoted 1 times
Reinto
2 years, 1 month ago
Never mind: Document does not equal attachment and this rule option is not relevant, I suspect.
upvoted 1 times
...
...
...
chrissempai
2 years, 6 months ago
Selected Answer: A
The answer is A you have only exchange selected
upvoted 1 times
...
Lion007
2 years, 7 months ago
Selected Answer: B
Given answer is Correct (B). In DLP Policy, if you try to apply the message encryption, you will get this error: ("Validation failed: Conditions/exceptions/actions on existing rules cannot apply on new locations. Please remove the unsupported conditions/exceptions/actions ' Encrypt email messages (applies only to content in Exchange)' on those rules and add the new locations."). So not to "all locations". But I tested it and it worked like a charm when selecting only "Exchange email" is the ONLY location.
upvoted 2 times
Lion007
2 years, 7 months ago
So I'd go for A in real life, but hey this exam is in love with "mail flow rules"... so I'd stick with B for the exam.
upvoted 1 times
...
cwilson91
2 years, 6 months ago
This question IS asking when you select the Exchange email location only.. not All Locations (thats topic 4 question 11).. so answer should be A, Yes.
upvoted 4 times
...
...
UWSFish
3 years, 1 month ago
Just set it up in DLP in my tenant. 100% yes
upvoted 4 times
PrettyFlyWifi
3 years ago
Did the same, also tested in tenant and DLP also is a valid solution. So BOTH mail flow rule AND DLP policy can be used to meet this. Answer is YES.
upvoted 2 times
...
...
Pravda
3 years, 1 month ago
On exam 1/20/2022
upvoted 1 times
...
RAMmulator
3 years, 2 months ago
Selected Answer: A
See: https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-faq?view=o365-worldwide#can-i-automatically-encrypt-messages-by-setting-up-policies-in-data-loss-prevention--dlp--through-the-microsoft-365-compliance-center-
upvoted 1 times
...
CalST
3 years, 2 months ago
DLP restricts the sending of the email as well as encrypting. The question just says the message must be encrypted (not blocked) so Mail Flow Rule
upvoted 2 times
Holii
2 years, 10 months ago
DLP Policy provides an "Encrypt email messages (applies only to content in Exchange)" [not blocked]
upvoted 1 times
...
ServerBrain
1 year, 5 months ago
if you say so. but Mail Flow Rule is more specific
upvoted 1 times
...
...
digitallycan
3 years, 4 months ago
You can set up mail flow rules in Exchange Online or by using DLP in the MS365 Compliance Center to automatically encrypt messages. https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-faq?view=o365-worldwide#can-i-automatically-encrypt-messages-by-setting-up-policies-in-data-loss-prevention--dlp--through-the-microsoft-365-compliance-center-
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago