Exam SC-400 topic 2 question 28 discussion

The computers are already onboarded, that's why sometimes can upload files and sometines cannot, the answer is C and E

E looks a certain answer, as if you go into a DLP policy and choose 'Actions', you can hover over the i for a description. It states "When this action is set to Block, other browsers (defined in the unallowed browsers list in Endpoint DLP settings) are blocked from accessing the file." This would make sense, because if you don't define the browsers you want to block, it will still let you upload files. The other answer seems like it should be A, because you only get these options if you select the "devices" location in the DLP policy. This means you'd need to onboard the device to be able to use these policy settings properly. A and E for me.

A is incorrect. If Computer 1 is not onboarded, the DLP policy does not apply. In other words, the user will not fail to upload. B is False. Auditing does not inhibit uploading. C is correct. Uploads are normally blocked, but can be uploaded if the file exists in an excluded path. D is incorrect. Auditing does not inhibit uploading. E is correct. For example, uploads from a browser are allowed, while uploads from Explorer are blocked. The point of this question is that uploads can succeed or fail depending on the user scenario.

IT WAS ON EXAM OCTOBER 18 2023

Originally thought it was A,E however after looking at it again along with the comments I’m switching to C,E. E - if you don’t have the browser configured in the global DLP settings - putting it to block state won’t prevent it. A - Does not work like I originally thought because the issue happens sporadically. If it wasn’t onboarded, there would be zero policies and nothing to enforce. C - while it seems odd because it’s file path exclusion and you’re connecting to cloud services, you can absolutely have private cloud network shares or even OneDrive type WebDAV locations

was on Exam August 9, 2023

This is a tricky one but I would exclude E since we can see in the picture that the unallowed browsers is set to "Block" so it should be configured already. The copy to clicpboard should not cover the uploading of files since you dont copy files when you upload them to a cloud solution. Unallwed apps should not be the correct solution since they are problably uploading the files to the cloud service with a browser. I would choose "device not onboarded" and "file path exclusion in endpoint DLP".

The only logical choices

"D:The Access by unallowed apps action is set to Audit only." Audit only doesn't block the upload.

AC is the correct answer. If you pay attention the unallowed browser is set to block so E is not a valid answer

The answer here is C & E.

I have AC....If you read carefully on choice E...Unallowed browser is NOT configured...as has been pointed out by bing

On exam 1/20/2022

CE for me!

C: depending if the source path is part of the exception or not, the upload is allowed or not E relates to users behavior, using different browsers with some being allowed and other blocked

https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwide "You may want to exclude certain paths from DLP monitoring, DLP alerting, and DLP policy enforcement on your devices because they are too noisy or don’t contain files you are interested in. Files in those locations will not be audited and any files that are created or modified in those locations will not be subject to DLP policy enforcement."

AE looks more valid.