SC-401 Exam Question 71
You have a Microsoft 365 E5 subscription.
You plan to use insider risk management to collect and investigate forensic evidence.
You need to enable forensic evidence capturing.
What should you do first?
You plan to use insider risk management to collect and investigate forensic evidence.
You need to enable forensic evidence capturing.
What should you do first?
SC-401 Exam Question 72
You have a Microsoft 365 ES subscription that uses Microsoft Teams and contains the users shown in the following table.

You have the retention policies shown in the following table.

The users perform the actions shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point


You have the retention policies shown in the following table.

The users perform the actions shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point

SC-401 Exam Question 73
You have a Microsoft 365 sensitivity label that is published to all the users in your Microsoft Entra tenant as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No NOTE: Each correct selection is worth one point.


For each of the following statements, select Yes if the statement is true. Otherwise, select No NOTE: Each correct selection is worth one point.

SC-401 Exam Question 74
You have a Microsoft 365 E5 tenant.
You need to add a new keyword dictionary.
What should you create?
You need to add a new keyword dictionary.
What should you create?
SC-401 Exam Question 75
You are configuring a data loss prevention (DLP) policy to report when credit card data is found on a Microsoft Entra joined Windows device.
You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.
What should you configure in the policy advanced DLP rule?
You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.
What should you configure in the policy advanced DLP rule?




