ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-400 All Questions

View all questions & answers for the SC-400 exam
Go to Exam

Exam SC-400 topic 6 question 3 discussion

Actual exam question from Microsoft's SC-400
Question #: 3
Topic #: 9
[All SC-400 Questions]

You need to implement a solution that meets the compliance requirements for the Windows 10 computers.
Which two actions should you perform? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.

  • A. Deploy a Microsoft 365 Endpoint data loss prevention (Endpoint DLP) configuration package to the computers.
  • B. Configure the Microsoft Intune device enrollment settings.
  • C. Configure hybrid Azure AD join for all the computers.
  • D. Configure a compliance policy in Microsoft Intune.
  • E. Enroll the computers in Microsoft Defender for Endpoint protection.
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by MahmoudEldeep at Aug. 11, 2021, 9:04 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GY23
Highly Voted 3 years, 11 months ago
Why choose E instead of A? Why do we need to enroll the computers in Defender for Endpoint (so that they appear in Endpoint DLP dashboard automatically), where in fact we can download the package of Endpoint DLP directly and onboard it on the endpoints? E doesn't make any sense to me. By answering E, you are adding another solution (MDE) which is not even required. Answer is AC
upvoted 15 times
oberte007
3 years, 10 months ago
Answer A is also another solution. but given answser is (C and E) the simplest way because enrolling devices in defender for endpoint, you will be able to deploy centrally all DLP policies on them by group as devices enrolled in defender for endpoint can be managed from microsoft 365 compliance center where you set your DLP policies. so CE are good answers.
upvoted 2 times
BieLey
3 years, 5 months ago
But that will cause more changes, since the devices already have a third party malware solution. More administrative effort is the right answer in this question. AC
upvoted 3 times
...
...
...
Phil_79
Most Recent 5 months, 4 weeks ago
Selected Answer: AC
Hybrid Join (or cloud join) is required for DLP to correctly work... so C. Then A to apply DLP... to do a good job it would have been B (to automatically onboard entra ID (Hybrid)Joined devices to Intune, C to hybrid join the clients and finally A to deploy DLP policies... but here we need 2, so C & A for me
upvoted 1 times
...
itsadel
7 months, 3 weeks ago
Selected Answer: AE
Answer correct AE
upvoted 1 times
...
MrParfumeDeluxe
7 months, 4 weeks ago
Selected Answer: AE
A. Deploy a Microsoft 365 Endpoint DLP configuration package to the computers. E. Enroll the computers in Microsoft Defender for Endpoint protection. Not C because it’s unnecessary for Endpoint DLP and would violate the "least possible changes" requirement.
upvoted 3 times
...
EM1234_111
1 year, 1 month ago
Selected Answer: AE
It is what the test is actually testing. I think the "modern work / desktop admin" types are overthinking the "least possible changes" aspect. It is testing if you understand you need to connect with MDE (or Purview onboarding, which is not an option) and to use endpoint DLP.
upvoted 2 times
...
Amin4799
1 year, 3 months ago
Selected Answer: AC
A. Deploy a Microsoft 365 Endpoint data loss prevention (Endpoint DLP) configuration package to the computers. Endpoint DLP allows you to monitor and control data loss from organizational devices. This directly addresses the need to enforce DLP policies on these machines.
upvoted 2 times
...
Domza
1 year, 6 months ago
Selected Answer: AE
Please read before posting. Not very helpful. AE - correct once. with love~
upvoted 3 times
EM1234_111
1 year, 1 month ago
I agree with this. It is what the test is actually testing. I think the "modern work / desktop admin" types are overthinking the "least possible changes" aspect. It is testing if you understand you need to connect with MDE (or Purview onboarding, which is not an option) and to use DLP.
upvoted 1 times
...
...
Shachar_Nativ
1 year, 10 months ago
Selected Answer: AC
If I'm interpreting this correctly; A- Deploy package to endpoints (can be achieved via GPO in this case since endpoints are domain joined). C- Hybrid AD join is configured via AD Connect, which doesn't impact devices directly. Only way that has no impact on endpoints and both A and C directly correlate as C is a requirement for A to work.
upvoted 2 times
phony
1 year, 8 months ago
i think you are right because of this sentence in the testlet: -All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers.
upvoted 1 times
...
...
Davidf
2 years ago
The answer is AC - why? If you onboard the devices to Defender for Endpoint then you need to add exclusionss to DFE for the current AV, and for DFE to the current AV, hence there are additional changes required to the client devices
upvoted 1 times
...
ivzdf
2 years, 2 months ago
Device onboarding is shared across Microsoft 365 and Microsoft Defender for Endpoint (MDE). If you've already onboarded devices to MDE, they will appear in the managed devices list and no further steps are necessary to onboard those specific devices. ll devices must be one of these: Azure Active Directory (Azure AD) joined Hybrid Azure AD joined AAD registered https://learn.microsoft.com/en-us/microsoft-365/compliance/device-onboarding-overview?view=o365-worldwide#onboard-windows-10-and-windows-11-devices-into-microsoft-365-overview
upvoted 2 times
...
JCkD4Ni3L
2 years, 8 months ago
Selected Answer: CE
Here is my take on this, In order to deploy and manage endpoint DLP you require a trust type (Hybrid Azure AD joined, AADJ or AADR)(https://learn.microsoft.com/en-us/microsoft-365/compliance/device-onboarding-overview?view=o365-worldwide#prepare-your-windows-devices), since Fabrikam already syncs with AAD, the changes required to achieve Hybrid AADJ is minimal. (C) MDE is not configured by default, but in this scenario it should be done to minimize the changes required to achive the solution. Fabrikam already has MCAS deployed with all the necessary connectors to their cloud applications. One of the requirement for MCAS, Cloud Discovery, requires Defender for Endpoint (https://learn.microsoft.com/en-us/defender-cloud-apps/get-started#step-4-set-up-cloud-discovery) (E) So answers are good (CE)
upvoted 4 times
...
wooyourdaddy
3 years, 2 months ago
Selected Answer: AC
I wrote the exam today, this question was on it, I choose AC, scored 890!
upvoted 2 times
...
jkklim
3 years, 11 months ago
ANSWER IS CE. All DLP policies must be applied to computers that run Windows 10, with the least possible changes to the computers. Requirement is LEAST POSSIBLE CHANGES Enroll into MS DEFENDER FOR ENDPOINT PROTECTION IS FASTER AND EFFORTLESS COMPARE TO USING DEPLOYMENT PACKAGE WHICH IS WHY I CHOOSE - E for C - is it common sense
upvoted 2 times
ExamReviewerIZ
3 years, 9 months ago
Answer is AC. As you said "LEAST POSSIBLE CHANGES" and no "LEAST ADMINISTRATION EFFORT OR OVERHEAD". These computers already have a third party malware solution, if you add then to Microsoft Defender for Endpoint that's going to cause a lot of changes. That's not what we want.
upvoted 11 times
Senior
3 years, 6 months ago
You are totally right. The answers are A and C. The enrollment of devices into MS Defender for Endpoint is using the same steps as DLP for endpoint (https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/onboarding?view=o365-worldwide). So why would you enroll a device into MS Defender for Endpoint to achieve the enrollment of the device in Endpoint DLP???
upvoted 2 times
...
...
...
pheb
4 years ago
It states, that Azure AD Connect is set up - by default there is no Hybrid Azure AD join. So i would say, the answer is correct: Hybrid Azure AD join followed by the enrollment in Defender for Endpoint.
upvoted 3 times
...
MahmoudEldeep
4 years ago
I think correct answer is A,C
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel