ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-400 All Questions

View all questions & answers for the SC-400 exam
Go to Exam

Exam SC-400 topic 2 question 20 discussion

Actual exam question from Microsoft's SC-400
Question #: 20
Topic #: 2
[All SC-400 Questions]

A compliance administrator recently created several data loss prevention (DLP) policies.
After the policies are created, you receive a higher than expected volume of DLP alerts.
You need to identify which rules are generating the alerts.
Which DLP report should you use?

  • A. Third-party DLP policy matches
  • B. DLP policy matches
  • C. DLP incidents
  • D. False positive and override
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by klosedotorg83 at Oct. 9, 2021, 6:14 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
wooyourdaddy
Highly Voted 2 years, 4 months ago
Selected Answer: B
I wrote the exam today, this question was on it, I choose B, scored 890!
upvoted 6 times
...
emartiy
Most Recent 8 months, 1 week ago
Selected Answer: B
B is correct option.
upvoted 2 times
...
Domza
10 months, 1 week ago
B is correct ~ Rule matched- will stop the process - File copied to clipboard - action. Simply open detail tab/Event of impacted entries With love~
upvoted 1 times
...
xswe
1 year, 6 months ago
To be able to see what policy that have been matched and how many times you can use the DLP Policy matches
upvoted 2 times
...
BTAB
2 years, 5 months ago
"the policy matches report is better for identifying matches with specific rules and fine tuning DLP policies. The incidents report is better for identifying specific pieces of content that are problematic for your DLP policies." https://docs.microsoft.com/en-us/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide
upvoted 2 times
...
[Removed]
2 years, 8 months ago
Why is this policy matches when the incidents report shows matches at a rule level?
upvoted 1 times
[Removed]
2 years, 7 months ago
I was getting them the wrong way round: "the policy matches report shows matches at a rule level; for example, if an email matched three different rules, the policy matches report shows three different line items." https://docs.microsoft.com/en-us/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide#view-the-reports-for-data-loss-prevention
upvoted 2 times
...
...
Pravda
2 years, 9 months ago
On exam 1/20/2022
upvoted 1 times
...
Ras1364
2 years, 11 months ago
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide#dlp-alerts-dashboard
upvoted 2 times
...
klosedotorg83
3 years ago
Correct
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago