ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-401 All Questions

View all questions & answers for the SC-401 exam
Go to Exam

Exam SC-401 topic 2 question 6 discussion

Actual exam question from Microsoft's SC-401
Question #: 6
Topic #: 2
[All SC-401 Questions]

You are planning a data loss prevention (DLP) solution that will apply to Windows Client computers.
You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:
If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
All other users must be blocked from copying the file.
What should you create?

  • A. one DLP policy that contains one DLP rule
  • B. one DLP policy that contains two DLP rules
  • C. two DLP policies that each contains one DLP rule
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by DiegoWill at April 21, 2025, 8:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
DiegoWill
Highly Voted 3 months, 2 weeks ago
Selected Answer: C
It is not possible within the same device policy to select a group or user under the conditions of the rule, so you need 2 policies and each with a rule.
upvoted 5 times
...
454252dfr
Most Recent 4 days, 11 hours ago
Selected Answer: B
One DLP policy keeps the configuration centralized and easier to manage. Two DLP rules allow you to define different actions based on group membership: Rule 1: Applies to Group1 → Allow + Audit. Rule 2: Applies to everyone else → Block.
upvoted 1 times
...
KrisDeb
2 months, 1 week ago
Selected Answer: C
In Microsoft Purview DLP, when configuring device-based DLP policies (specifically for Windows endpoint DLP), user or group targeting is done at the policy level, not at the rule level. This means: • You cannot target different user groups within a single policy rule for device control actions (like USB copy). • Therefore, to apply different behaviours based on group membership, you must create separate policies targeting each group.
upvoted 3 times
...
CuentaRM10
2 months, 1 week ago
Selected Answer: C
Since you need a rule to audit the group you will need to create one policy for this specific task and another one that excludes the group and block the rest. Answer C is correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel