ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-400 All Questions

View all questions & answers for the SC-400 exam
Go to Exam

Exam SC-400 topic 2 question 23 discussion

Actual exam question from Microsoft's SC-400
Question #: 23
Topic #: 2
[All SC-400 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by wooyourdaddy at June 17, 2022, 7:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PhyMac
6 months, 3 weeks ago
A is the correct answer for this. See below. ”You may want to exclude certain paths from DLP monitoring, DLP alerting, and DLP policy enforcement on your devices because they're too noisy or don’t contain files you're interested in. Files in those locations won't be audited and any files that are created or modified in those locations won't be subject to DLP policy enforcement. You can configure path exclusions in DLP settings.” https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-configure-endpoint-settings?view=o365-worldwide#file-path-exclusions This is how we exclude sensitive file files from DLP monitoring.
upvoted 1 times
_Nickname_
5 months, 1 week ago
Your explanation has nothing to do with the question. The correct answer is "No". This setting does not prevent the local app from accessing certain data.
upvoted 5 times
...
...
hpl1908
9 months, 1 week ago
How come this solution meets the goal: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions ? This solution meets the goal because by excluding the folder path that contains the sensitive documents, Endpoint DLP will ignore the files in that folder, and Tailspin will not be able to access them. By excluding the folder path, the sensitive documents will be protected while allowing Tailspin to access other files. This solution will block Tailspin from accessing sensitive documents on the computers without preventing the application from accessing other documents, which is the goal. It is important to note that this solution relies on the assumption that the sensitive documents are stored in a specific folder and that Tailspin has access to that folder. Additionally, it is important to test the exclusion path before applying it to the production environment and to continuously monitor the folder path to ensure that no other sensitive information is stored in it. So my conclusion is A - YES
upvoted 1 times
hpl1908
9 months, 1 week ago
From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add the application to the unallowed apps list. This solution is NO.
upvoted 2 times
hpl1908
9 months, 1 week ago
Ho moderator please remove my above comments, as I am not sure about my comments as my assumption was wrong. Your original response remains correct.
upvoted 4 times
...
...
...
NinjaSchoolProfessor
10 months, 1 week ago
Answer is No. File path exclusions for Windows = Files in these Windows device locations won't be monitored by your policies. To block this from within MDCA – If you’re using MDE, once you mark an app as unsanctioned, it's automatically blocked. Within Purview to block an unwanted app, Select DLP >> [Endpoint DLP settings] >> [Restricted apps and app groups] >> [Restricted apps] >> [Restricted app groups] OR [Add or edit restricted apps].
upvoted 2 times
...
wooyourdaddy
1 year, 4 months ago
Selected Answer: B
I wrote the exam today, this question was on it, I choose B, scored 890!
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago