Summer Certification Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Free Practice Questions for the Microsoft Certified: Information Security Administrator Associate SC-401 Exam (2026 Updated)

At Marks4sure, we are dedicated to providing IT professionals with the most accurate and reliable preparation materials for the Microsoft SC-401 exam. To support your certification journey, we have made a selection of our premium 2026 Microsoft Certified: Information Security Administrator Associate practice questions and answers available completely free. You can take this practice test as many times as you need. Every question includes a detailed, expertly verified explanation to ensure you fully grasp the core security concepts before test day.

Questions 4

Nate: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique

solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might

not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the

review screen.

You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).

You have computers that run Windows 11 and have Microsoft 365 Apps installed. The computers are joined to a Microsoft Entra tenant.

You need to ensure that Endpoint DLP policies can protect content on the computers.

Solution: You onboard the computers to Microsoft Defender for Endpoint.

Does this meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 5

You are creating a DLP policy named Policy1 that will be applied to the locations as shown in the following exhibit.

SC-401 Question 5

Policy1 contains an advanced data loss prevention (DLP) rule named Rule1.

Which two conditions can you use in Rule1? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Document property is

B.

Attachment ' s file extension is

C.

Document size equals or is greater than

D.

Content is shared from Microsoft 365

E.

Content contains

Buy Now
Questions 6

You have a Microsoft 365 E5 tenant.

You create a data loss prevention (DLP) policy.

You need to ensure that the policy protects documents in Microsoft Teams chat sessions.

Which location should you enable in the policy?

Options:

A.

SharePoint sites

B.

Exchange email

C.

Teams chat and channel messages

D.

OneDrive accounts

Buy Now
Questions 7

HOTSPOT

You have a Microsoft 365 E5 subscription that contains the device configurations shown in the following table.

SC-401 Question 7

Each configuration uses either Google Chrome or Firefox as a default browser.

You need to implement Microsoft Purview and deploy the Microsoft Purview browser extension to the configurations.

To which configuration can each extension be deployed? To answer, select the appropriate options in the answer area.

NOTE : Each correct selection is worth one point.

SC-401 Question 7

Options:

Buy Now
Questions 8

You have a Microsoft SharePoint Online site named Site1 that contains the files shown in the following table.

SC-401 Question 8

You have a data loss prevention (DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.

SC-401 Question 8

You apply DLP1 to Site1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 Question 8

Options:

Buy Now
Questions 9

HOTSPOT

How many files in Site2 can User1 and User2 access after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 9

Options:

Buy Now
Questions 10

HOTSPOT

You need to meet the technical requirements for the confidential documents.

What should you create first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 10

Options:

Buy Now
Questions 11

You have a Microsoft 365 subscription. You create a retention policy and apply the policy to Exchange Online mailboxes.

You need to ensure that the retention policy tags can be assigned to mailbox items as soon as possible.

What should you do?

Options:

A.

From Exchange Online PowerShell. run Start-ManagedFolderAssistant.

B.

From the Microsoft Purview portal, create a data loss prevention (DLP) policy.

C.

From the Microsoft Purview portal, create a label policy.

D.

From Exchange Online PowerShell, run start -RetentionAutoTagLearning.

Buy Now
Questions 12

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

SC-401 Question 12

Options:

Buy Now
Questions 13

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the users shown in the following table.

SC-401 Question 13

You have a data loss prevention (DLP) policy named DLP1 as shown in the following exhibit.

SC-401 Question 13

You apply DLP1 to Site1.

User1 uploads a file named File1 to Site1. File1 does NOT match any of the DLP1 rules. User2 updates File1 to contain data that matches the DLP1 rules.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 Question 13

Options:

Buy Now
Questions 14

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers are onboarded to Microsoft Purview.

You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.

You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.

Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.

Does this meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 15

You have a Microsoft 365 E5 subscription that uses Microsoft Purview.

You need to deploy a compliance solution that will detect the accidental oversharing of information outside of an organization.

The solution must minimize administrative effort.

What should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 15

Options:

Buy Now
Questions 16

You need to meet the retention requirement for the users ' Microsoft 365 data.

What is the minimum number of retention policies required to achieve the goal?

Options:

A.

1

B.

2

C.

3

D.

4

E.

6

Buy Now
Questions 17

You have a Microsoft 365 E5 subscription that uses Microsoft Purview Audit (Premium) with the 10-Year Audit Log Retention add-on license.

The subscription contains the audit retention policies shown in the following table.

SC-401 Question 17

From the SharePoint Online admin center, User1 performs the actions shown in the following table.

SC-401 Question 17

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE; Each correct selection is worth one point.

SC-401 Question 17

Options:

Buy Now
Questions 18

HOTSPOT

You are reviewing policies for the SharePoint Online environment.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 Question 18

Options:

Buy Now
Questions 19

You have a Microsoft 365 E5 subscription.

You create a sensitivity label named Label1 and publish Label1 to all users and groups.

You have the following files in a SharePoint site:

• File1.doc

• File2.docx

• File3.xlsx

• File4.txt

You need to identify which files can have Label1 applied.

Which files should you identify?

Options:

A.

File2.docx only

B.

File2.docx and File3.xlsx only

C.

File1.doc File2-docx, and File3.xlsx only

D.

File1.doc File2-docx, File3.xlsx, and File4.txt

Buy Now
Questions 20

You have a Microsoft SharePoint Online site named Site! that contains the files shown in the following table.

SC-401 Question 20

You have a data loss prevention (DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.

SC-401 Question 20

You apply DLP1 toSite1.

Which policy tips will appear for File2?

Options:

A.

Tip1 only

B.

Tip2 only

C.

Tip3 only

D.

Tip1 and Tip2 only

Buy Now
Questions 21

You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abe 123.

You need to create a new sensitive info type for the project codes.

How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 21

Options:

Buy Now
Questions 22

You have a Microsoft 36S ES subscription

You need to implement Endpoint data loss prevention (Endpoint DLP) to meet the following requirements:

• Ensure that users can upload data to only two sites named Site1 and Site2.

• Prevent users from pasting data to two search engines named Search1 and Search2.

• Minimize the number of policies and groups.

What If the minimum number of sensitive service domain groups and Endpoint DIP policies required? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-401 Question 22

Options:

Buy Now
Questions 23

You have a Microsoft 365 E5 subscription that uses Microsoft Purview.

You are creating an exact data match (EDM) classifier named EDM1.

For EDM1, you upload a schema file that contains the fields shown in the following table.

SC-401 Question 23

What is the maximum number of primary elements that EDM1 can have?

Options:

A.

1

B.

2

C.

3

D.

4

Buy Now
Questions 24

You have a Microsoft 365 E5 subscription that uses retention label policies.

You need to identify all the changes made to retention labels during the last 30 days.

What should you use in the Microsoft Purview portal?

Options:

A.

Reports

B.

Activity explorer

C.

User data search

D.

Content search

Buy Now
Questions 25

You have a Microsoft 365 subscription that has a retention label named Retention1. The subscription contains the files shown in the following table.

SC-401 Question 25

You create an auto-labeling policy named Policy1 that will automatically apply Retention1 as shown in the Auto-labeling policy

Exhibit. (Click the Auto-labeling policy tab.)

You configure Policy1 to apply Retention1 as shown in the Locations exhibit. (Click the Locations tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-401 Question 25

Options:

Buy Now
Questions 26

You have a Microsoft 365 E5 subscription.

In Microsoft Exchange Online, you have the mail flow rule shown in the following exhibit.

SC-401 Question 26

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

SC-401 Question 26

Options:

Buy Now
Questions 27

You have a Microsoft 365 E5 subscription that uses Microsoft Purview.

You are evaluating the use of custom data assessment scans to identify the potential oversharing of data in the subscription.

What is the maximum number of items the data assessments can support per location?

Options:

A.

50.000

B.

100.000

C.

200.000

D.

500.000

Buy Now
Questions 28

You have a Microsoft 36S ES subscription.

From the Microsoft Purview Data Security Posture Management for Al portal, you review the recommendations for Al data security

You plan to create a one-click policy to block elevated risk users from pasting or uploading sensitive data to Al websites

How will the policy be configured? To answer, select the appropriate options in the answer area

NOTE: Each correct selection is worth one point.

SC-401 Question 28

Options:

Buy Now
Questions 29

HOTSPOT

You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.

You create the audit retention policies shown in the following table.

SC-401 Question 29

The users perform the following actions:

● User1 renames a Microsoft SharePoint Online site.

● User2 sends an email message.

How long will the audit log records be retained for each action? To answer, select the appropriate options in the answer area.

NOTE : Each correct selection is worth one point.

SC-401 Question 29

Options:

Buy Now
Questions 30

You have a Microsoft 365 E5 subscription that contains a device named Device1.

You need to enable Endpoint data loss prevention (Endpoint DLP) for Device1.

What should you do first in the Microsoft Purview portal?

Options:

A.

Turn on device onboarding.

B.

Enable Microsoft Priva Privacy Risk Management.

C.

Create a Microsoft Purview Information Barriers (IBs) segment.

D.

Add a Microsoft Purview Information Protection scanner cluster.

E.

Onboard Device1 to Microsoft Purview.

Buy Now
Questions 31

You have 4 Microsoft 565 E5 subscription that contains two Microsoft SharePoint Online sites named Site1 and Site2. You plan to configure a retention label named Labe1 and apply label1 to all the files in Site1 You need to ensure that two years after a file is created in Site1. the file moves automatically to Site2. How should you configure the Choose what happens after the retention period setting for Label1?

Options:

A.

Deactivate retention settings

B.

Start a disposition review

C.

Change the label

D.

Run a Power Automate flow

Buy Now
Questions 32

You have a Microsoft 365 E5 tenant that contains a user named User1. User1 is assigned the Compliance Administrator role. User1 cannot view the regular expression in the IP Address sensitive info type. You need to ensure that User! can view the regular expression. What should you do?

Options:

A.

Assign Used to the Reviewer role group

B.

Create a copy of the IP Address sensitive info type and instruct User1 to edit the copy.

C.

Instruct User1 to use the Test function on the sensitive info type.

D.

Assign User1 the Global Reader role.

Buy Now
Questions 33

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you assign the Sensitivity Label Administrator role?

Options:

A.

Admin1 only

B.

Admin1 and Admin4 only

C.

Admin1 and Admin5 only

D.

Admin1, Admin2, and Admin3 only

E.

Admin1, Admin2, Admin4, and Admin5 only

Buy Now
Exam Code: SC-401
Exam Name: Administering Information Security in Microsoft 365
Last Update: Jul 3, 2026
Questions: 223

PDF + Testing Engine

$64.99   $185.69

Testing Engine

$49.99   $142.83

PDF (Q&A)

$54.99   $157.11