Exam SC-401 Topic 3 Question 23 Discussion

Actual exam question for Microsoft's SC-401 exam
Question #: 23
Topic #: 3
You have a Microsoft 365 subscription.
Users have devices that run Windows 11.
You plan to create a Microsoft Purview insider risk management policy that will detect when a user performs the following actions:
*Deletes files that contain a sensitive information type (SIT) from their device
*Copies files that contain a SIT to a USB drive
*Prints files that contain a SIT
You need to prepare the environment to support the policy.
What should you do?

Suggested Answer: D Vote an answer

To ensure that Microsoft Purview Insider Risk Management can detect file deletions, USB copies, and print actions on sensitive information, you must onboard the Windows 11 devices to Microsoft Purview.
Device onboarding enables endpoint activity monitoring, allowing Purview to track and log user activities such as file deletions, USB transfers, and printing of sensitive files. Once onboarded, the Insider Risk Management policy can analyze these activities and generate risk alerts when sensitive information types (SITs) are involved.

by Agatha at Jun 03, 2025, 11:04 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어