Microsoft Updated SC-401 Exam Questions and Answers by yousif

To extend DLP to Teams, you must enable Teams chat and channel messages as a location in the DLP policy. SharePoint and OneDrive protect stored content, but chat sessions require the Teams-specific location.

The scenario is about retaining audit logs for User1 for 10 years in Microsoft 365. Admin1 is responsible for managing audit retention policies, but the requirement specifically applies to User1’s audit logs.

Key points:

Microsoft 365 E5 includes Audit (Premium) by default. This provides access to advanced auditing features and retention up to 1 year.

To retain audit logs for longer than 1 year (such as 10 years), Microsoft requires the 10-year Audit Log Retention Add-on license.

This license must be assigned to the user whose activities need to be retained (User1), not the administrator (Admin1).

Admin1 only needs permissions to configure and manage retention policies, but the actual long-term retention is tied to the licensed users’ activity.

Why other options are incorrect:

A. Assign a Microsoft Purview Audit (Premium) add-on license to User1: Not needed because E5 already includes Audit (Premium).

B. Assign a 10-year audit log retention add-on license to Admin1: Incorrect because Admin1 is not the user whose logs must be retained; the license applies to the user being audited, not the admin.

D. Assign a Microsoft Purview Audit (Premium) add-on license to Admin1: Again, unnecessary because E5 already includes Audit (Premium), and Admin1’s license does not affect User1’s log retention.

EDM does not store raw data; instead, it requires hashed versions of sensitive data for privacy and security. To upload the hashed data, Microsoft provides the EDM upload agent. This ensures that the data is securely processed and recognized by the EDM service in Microsoft 365.