You need to meet the technical requirements for the creation of the sensitivity labels. To which user or users must you grant the Sensitivity label administrator role?
Since administrative users must be able to create sensitivity labels we need to grant Global reader and Security Operator with role Sensitivity label administrator role. Both Compliance data administrator, compliance administrator and security administrator can already create sensitivity labels
Interesting enough, none of the answers are good.
The correct answer would be Admin1, Admin4 and Admin5 as only the Compliance Administrator, Compliance Data Administrator and Global Administrator role have the necessary rights to manage and create Labels in the Compliance Center.
Simply search for the right "microsoft.office365.complianceManager/allEntities/allTasks" within the following right section: https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
Closest answer would be Admin1 and Admin4, thus D.
Looks correct. Both Global Reader and Security Operator do NOT have the sensitivity label admin role, (check the roles in protection.office.com) and the requirement is to grant all admins the rights to create sensitivity labels. So Admin 1 and Admin 4 need to be granted the sensitivity label admin role.
Permissions required to create and manage sensitivity labels
Members of your compliance team who will create sensitivity labels need permissions to the Microsoft 365 compliance center.
By default, global administrators for your tenant have access to this admin center and can give compliance officers and other people access, without giving them all of the permissions of a tenant admin. For this delegated limited admin access, add users to the Compliance Data Administrator, Compliance Administrator, or Security Administrator role group.
Alternatively to using the default roles, you can create a new role group and add either Sensitivity Label Administrator or Organization Configuration roles to this group. For a read-only role, use Sensitivity Label Reader.
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-sensitivity-labels?view=o365-worldwide
You sure? Per the link provided in the answer:
By default, global administrators for your tenant have access to this admin center and can give compliance officers and other people access, without giving them all of the permissions of a tenant admin. For this delegated limited admin access, add users to the Compliance Data Administrator, Compliance Administrator, or Security Administrator role group.
Yes, they do have it. Complaince Administrator and Compliance Data Administrador can create Sensitivity Labels, thus they don't need to any other permissions assigned
This section is not available anymore. Please use the main Exam Page.SC-400 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
HDEIWDEOW
1 year, 2 months agoGesbie
1 year, 2 months agoxswe
1 year, 7 months agoJCkD4Ni3L
1 year, 10 months agomcas
2 years agoJCkD4Ni3L
1 year, 10 months agomcas
1 year, 9 months agowooyourdaddy
2 years, 4 months agomcas
2 years agoTzu_Hsien
9 months, 2 weeks agoPrettyFlyWifi
2 years, 8 months agoMSROCKS
2 years, 9 months agoPravda
2 years, 9 months agoxofowi5140
3 years, 3 months agopheb
3 years, 2 months agojcgonzalez1978
3 years, 2 months agoExamReviewerIZ
3 years agoshanti0091
3 years, 3 months ago