ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-400 All Questions

View all questions & answers for the SC-400 exam
Go to Exam

Exam SC-400 topic 2 question 24 discussion

Actual exam question from Microsoft's SC-400
Question #: 24
Topic #: 2
[All SC-400 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add the application to the unallowed apps list.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by PrettyFlyWifi at Feb. 8, 2022, 11:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PrettyFlyWifi
Highly Voted 3 years, 2 months ago
Correct, Unallowed apps, see ... https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide#unallowed-apps
upvoted 5 times
...
trut_hz
Most Recent 3 months ago
Selected Answer: B
Are you sure "You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents." without preventing the app from accessing other docs. It still needs to work and function. Making unallowed will stop it completely, am I the only one that sees that?
upvoted 1 times
trut_hz
3 months ago
Never mind apparently unallowed doesn't make the app stop completely, only limits the ability to interact with sensitive documents.
upvoted 1 times
...
...
Domza
1 year, 2 months ago
Selected Answer: A
Looks good~
upvoted 1 times
...
xswe
2 years ago
Unallowed apps are now called Restrictied apps under Endpoint DLP, if you add the app here you will able to control the level of access for the app.
upvoted 3 times
...
NinjaSchoolProfessor
2 years, 4 months ago
Correct when referencing the legacy documentation as the GUI has changed. Reference the following: Within Purview to block an unwanted app, Select DLP >> [Endpoint DLP settings] >> [Restricted apps and app groups] >> [Restricted apps] >> [Restricted app groups] OR [Add or edit restricted apps]. Yyou can also add apps in the [Unallowed Bluetooth apps] section. - https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-configure-endpoint-settings?view=o365-worldwide // To block this from within MDCA – If you’re using MDE, once you mark an app as unsanctioned, it's automatically blocked. - https://learn.microsoft.com/en-us/defender-cloud-apps/governance-discovery#blocking-apps-with-built-in-streams
upvoted 2 times
...
LamNV
2 years, 9 months ago
Correct answer A
upvoted 1 times
...
wooyourdaddy
2 years, 10 months ago
Selected Answer: A
I wrote the exam today, this question was on it, I choose A, scored 890!
upvoted 2 times
jakke91
4 months, 4 weeks ago
go away!
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago