Pass Your Microsoft SC-400 Exam Easy!

Microsoft SC-400 Microsoft Information Protection Administrator exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. Microsoft SC-400 Microsoft Information Protection Administrator exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the Microsoft SC-400 certification exam dumps & Microsoft SC-400 practice test questions in vce format.

Creating and Managing Custom Sensitive Information Types

1. Selecting a Sensitive Information Type based on an Organization's Requirements

Now, the first step in dealing with sensitive information types is to really take a look at your own organisation and consider what pieces of information that organisation deals with regarding sensitive information. Basically, what industry are you in? Are you in the medical field? Are you a military government agency? Are you just a standard business? Are you dealing with payment card services? Maybe you're dealing with ecommerce. What type of industry are you in? And then that's going to play a big role in the type of information that you need to flag as sensitive in your environment. Now don't get me wrong, every organization and every business is going to have some of the same types of sensitive information, such as PII (personally identifiable information). But if you are in the medical industry, you might be dealing with HIPAA compliance. If you're dealing with the payment card industry, you might be dealing with what's called PCI, DSS, the payment card industry, and all of that stuff. So these are things that you have to think about. You have to look at your organization and consider what your business or your organisation is dealing with. And then from there, you can pick the sensitive information types that you need to mostly focus on. Now, of course, the next step is for you to familiarise yourself with what's already available to us in our organisation with Microsoft 365. So to do that, we're going to start here on Portal Microsoft.com.We're going to click the little "show all up" symbol. We're going to come down and click on the compliance blade. Now of course you could have simplyalso just went to compliance dot Microsoft.com. So once you're in Compliance at Microsoft.com, you're going to come up here and go to Data Classification. Once you get to data classification, you will see sensitive information types. All right? So I'm going to go ahead and open that up. All right. And so this is where you're going to familiarise yourself with what's available. So you just browse around here. You'll notice that there are loads of different sensitive information types that are already available. Of course, you can create your own, but I'm not going to get into that right now. But it's kind of scrolling down from here. You'll see you've got all sorts of things under routing number." There are different sensitive info types toobased on the country where you reside. So that's something to consider as well. I reside in the United States so of course I'mgoing to probably focus a little bit heavier on that. But, if my organisation is based in Europe or something, I might want to consider sensitive information there, right? So my first recommendation to you would be to come here and just kind of scroll down and look at what's available. Okay. Of course, you've also got things like an IP address, and all of that is available to you, and this information that you can flag is sensitive. You can basically go through and create rules likein data loss prevention and all of that. And you can make it so that your organisation searches through the documents and interactions of your users and determines which pieces of sensitive information are being shared or whatever with your people.So this is kind of where this is going right now. I just want you to familiarise yourself with what sensitive information types are available and then kind of go from there. Okay, so again, I'm in the United States. These are some of the things Imight be considering bank account, US. Bank account number; driver's license; tax ID number; social security number But then, based on your organization's needs, sensitive information is where you would want to kind of put your focus. Keep in mind, though, I'm not showing it to you at this very moment. You can also create your own custom sensitive information types.

2. Creating and Managing Custom Sensitive Information Types

Now that you've considered the different sensitive information types that you would have in your organisation that you would need to focus on, the next step would be to know how to create a sensitive information type in case there isn't one that matches what you need. Okay, so I want to show you how to do that. Right now. I'm here on Portal, Microsoft.com. I'm going to click the show all lips symbol, and I'm going to go and click on Compliance. Okay, the compliance blade is going to bring me into the compliance center, and then from there I can click on this data classification blade and you'll see sensitive infotypes. So we're going to click on sensitive infotypes, and this is where we can create a new sensitive infotype. So I'm going to go ahead and click that little plus sign there, and that's going to give me the wizard that's going to help me go through the process of doing this. Now let's say I was going to make a sensitive info type that was going to try to check for credit card information. Maybe the credit card information I'm looking for involves our customer database, and sometimes our employees have to generate documents that have customer credit card information, and we want to be able to check for that information in things like spreadsheets and Word documents and emails and things like that. But there's not an exact sensitive information type that's already built that can do this. There are some that can look for credit card numbers, but maybe I want to look for credit card numbers. I also want to check for maybe a keyword like the word "customer. Alright. Because in our database, it's always going to have the word "customer" next to it. Okay, so these are the kinds of things I'm thinking about, right? If you only wanted to search for credit cards, there is a sense of information type that can do that, but not one that will search for both the keywords customer and credit card. So I want to set that up. All right, so I'm going to call this customer credit card info, and then I can give it a description, right? So check for the word "customer" as well as the card number. This is what this sensitive infotype is going to do. Okay, I'll go ahead and click Next; I now have the option to create a pattern, and there are a few different options available to me. The first option I've got is my confidence level. Now the confidence level is based on, basically, an algorithm that Microsoft uses based on how close the characters are and whether or not they're case sensitive or insensitive. And the way it works is that there are three levels here. High confidence means that the system is very tuned into the fact that this is probably a good match. That means the characters are close together; they match case-sensitively or insensitively. And from there, it's going to rank as having a high confidence level. Now the downside of high confidence is that you might have a bunch of false negatives. There are false positives. The false positives are very low. You're not going to probably see many false positives, but you could have some false negatives, which mean it doesn't find certain things you are looking for. Medium confidence is going to be in the middle range. You'll kind of be in the middle of having false positives and false negatives. And then, low confidence basically means that you're going to really cut down on the false negatives. You're going to have a lot of it'sgoing to catch probably everything, but you alsowill have a lot of false positives. All right, so these are the things you have to consider when you're looking at your confidence level. All right, I'm going to go with a high confidence level, and then we're going to look at our primary element. Okay, so primary elements can be made up of four things. First, you have a regular expression. Some people pronounce it Reg X or Reg X. You can kind of pronounce it any way you want. All right. It's a pattern-matching system. It's great for looking for numeric values, numbers, and things like that. So this is one of them that you can use. You've also got a keyword list and keyword dictionary. You'll see these two are very similar. If I click on keyword list, I can type in a keyword list if I want a series of list and group names. Whereas if I go with the dictionary, I can import. So if I have, like, a spreadsheet that already has my keywords and things in it, I can import that. In the right-hand column of the upload dictionary, there's a text file or a CSV file. All right. In my case, I'm going to go with a keyword list. But before I do, I also want to point out the function. So a function is going to perform a series of actions that have already been defined in the system; for example, it already has an action that knows how to look for the regular expression of a credit card. So we're going to use that one too. But to start with, we'll go withthe keyword list first, all right? And so in the keyword list we're going to look for, I'm just going to call this credit card information the ID. And then we'll say we'll go with credit card, "CC," "credit card," oh, credit card number. And then let's say that in our database, perhaps we have underscores like that. So those are some possibilities, and perhaps we'll also include the word "customer" in there. So here's a series of things: This is insensitive. You could also do case-sensitive writing if you wanted to. All right? So after that we click done. That is our primary element. Those are going to be some of the main things she looks for. Okay. and it's going to look at a character proximity of 300 characters. So the characters are 300 characters near each other. It's going to detect primary and supporting elements if they're 300 characters away from each other. Now, what are the supporting elements? Supporting elements are additional things that you want it to look for. And this is where I'm going to add the function. Okay, so we'll say "add a function," all right. Within 300 characters, choose the function, all right? And then from there, let's go with the word "credit." And there it is. Function, credit card So it's going to do a credit card regex check—a regular expression check, all right. We could say anywhere in the document, all right, or within 300 characters. I'm going to say anywhere in the document. We'll click "done," all right? And then from there, that is our only additional function that we've added. All right? Now within this particular supporting element, we could add additional supporting elements, and they would be within the 300 characters anywhere in the document we want. Instead of just doing it because we're only doing one function in this supporting element, we're going to select the character proximity anywhere in the document between this keyword list here, creditcard, info, and then this year. So it's going to connect those two together. It's going to be anywhere in the document. So the spreadsheet or a Word document or something like that is going to look anywhere in the document. All right. and there can be some additional checks. You could say we exclude certain values. You can say it starts with or doesn't start with certain characters, ends with or doesn't end with certain characters, excludes duplicate characters, includes or excludes prefixes and suffixes, and all that good stuff as well. So from there, we'll click to create. And we've now set up our first pattern here. If we wanted to add additional patterns to look for, we could, all right, but we're going to click next, and then we're going to say, "Okay, high confidence level, all right, so choose the recommended confidence level to show in compliance policy." So as you start making these things called compliance policies, if this is flagged, if something is flagged with this information, it's going to flag it as high, medium, or low. Of course, it kind of helps to understand appliance policies, which I'm not getting into a lot right now before we talk a lot about that. But just know that when you're using these things called compliance policies, you can have this particular match either labelled high, medium, or low. Confidence level. Okay? So I'm not going to get too deep into that right now, though. So I'm going to click next, and then at that point, I can click to create. And I've now officially createdmyself a sensitive info type.

3. Creating Custom Sensitive Information Types with exact data match

I want to show you how we can setup a sensitive infotype that's going to let us do an exact data match on, like, a keyword. So let's say that we were trying to find the key word "budget," all right? Maybe we've had an issue with some of our budget information being leaked within a company, and we are wanting to find this keyword budget. Perhaps the people who work in Budgeting All always use a capital character when they flag the word budget in their budget documents. So the word "budget" is usually spelled with all caps. So, in this hypothetical scenario, let's say we wanted to create a sense of infotype that would look for that capital word budget, and then we could flag that information whenever it appeared, all right? So to do that, we're going to start here on portal Microsoft.com.We're going to click show. We're going to go down to the compliance plate, which is going to bring us into the compliance center. Then we're going to click on Data Classification. We're going to click sensitive infotypes and then create a sensitive infotype, all right? So from there, we'll give this a name. I'm going to call this budget keyword, all right? And then I'm going to say, "Look for the word budget in all caps, all right?" So we'll click next, and we'll create a pattern. This is going to be a high confidence level, and then we'll say we're going to do a keyword list, and we'll just say budget, all right? And we're going to go down to case-sensitive right here. So we're going to say the word "budget" now, the single word. So we'll do word matches. We could do a string match on the series of words there if we wanted to. but we're just going to search for the keyword budget. We'll click "done. All right? We don't have any other supporting elements or anything, so we're going to click to create. And just like that, we officially created our little pattern. We'll have this flag, this high confidence level, in compliance policies. We will click next, and then we'll click to create. And we've now officially created that. Again, keep in mind, I'm not getting into data loss prevention and all that stuff right now, but that's where this is all going to tie together. Sensitivity labels and data loss prevention are where we can have it actually do searches in our environment to find out if this information is being used. We can also do this with Discovery eDiscovery and all that, but I'm not getting into all that yet either. But ultimately, we've now at least defined the sensitive information type so we can start utilising it in some of our future activities.

4. Understanding Document Fingerprinting

What is document fingerprinting? Well, this is a data loss prevention feature that utilises sensitive information types to allow us to create rules for data loss prevention policies. Without lost prevention policies, this system will be able to analyse certain aspects of our environment, look for sensitive information, and notify us of any sensitive information that is being used. And we can also have rules that can prevent things from happening. A document fingerprint is going to be created by creating what's known as a patent template. This is going to be a document that is going to be sort of a template for the documents that you want the fingerprint to be looking for in the future. So, with data loss prevention policies, we can have it watch for things like government forms, HIPAA compliance forms, employee information sheets, and even custom information sheets that we can create. So the idea here is that you've got an existing document that's very similar to what these documents are going to look like in the future when users are using these documents to fill out pieces of information. So for example, if you did have, say, a government form that's got to be filled out, you've got a template of that form that's maybe not filled out yet, and you're going to have this document fingerprint created from that template. And then, in the future, when this template gets filled out by a user, the data loss prevention policies can watch for it. Okay, so this is the idea, and it's going to work with basically anything that's going to be text that it can analyze. All right, so here's another kind of visual for you on how document fingerprinting works. If you look there, you'll see in number one that you've got a template with what is called a patent template that you would create. It's got information on it, as you can see, like the patent title and inventor description, and from there you're going to create a document fingerprint, and it's going to basically use hashing, a form of hashing algorithm, to analyse the patent text, the inventor text, and the description text, and it's going to build this fingerprint from that. So any document that matches all of that—the text size and look of that text—will be recognised by this hash algorithm on future documents. Okay, the supported file types for this are going to be able to analyse Office 2007 files. The Docm docx does not support D Oct, but it does support Office 2003 and lower files. It can look at HTML files, XML raw text files, and Doc PowerPoint Adobe PDF files. So as you can see, there's a huge assortment of file types that you've got, pretty much any of which are supported by mail flow rules in Microsoft Exchange. But let me warn you, there are some pretty big limitations with this thing. It's really not where it needs to be quite yet. During the creation of this video, there were definitely some limitations to be concerned about. Number one, it does not detect sensitive information in certain cases. It's not going to look in password-protected files. So things that are encrypted are not going to be able to analyse those.It's not going to look at files that contain only images. It's not going to be able to analyse those. There's got to be text involved. Okay? So it's got to have text, and it's got to have text from the original form. So if the text is up in the font size and type and all that on the form template, it's no longer going to be able to look at that. The other thing is that it's limited to ten megabytes, so the file size is ten megabytes. And then, here at the bottom, these are some of the things that are most concerning to me, at least. First off, currently it's only supported by Exchange Online. So this is only going to be a detection method for files that are moving through Exchange Online. It's not going to be supported by anything except Exchange. So that's kind of the big "gotcha moment," I think, for a lot of people. And that's the reason this isn't really being used fully yet. Now keep in mind that this could change in the future, and I'll be updating this video if that's the case. Okay, the other got you on this is that there's nographical way really to do this is done by PowerShell only. So there are some PowerShell commands that can be used. if you just do a quick search. You can pull up document fingerprinting for Microsoft 365, and you'll see that there's a series of PowerShell commands that can be utilised for the creation of this. This has the potential to be a big thing. It's not a very big thing now. I've not seen a whole lot of companies implement it yet, but it has the potential to be a pretty cool feature once it can expand beyond Exchange Online. But again, as right now, it's only for Exchange Online, and it has quite a few limitations involved there.

5. Creating a Keyword Dictionary

Now I want to show you real quick how youcan create a sensitive infotype based on a keyword. So as you can see here, I've just opened up Microsoft Excel, and I've just created a few keyword lists here. So you can imagine if you had, say, a daily database, you could export that database into a spreadsheet, a CSV file, or whatever. And then from there, you could create a keyword using the Security Compliance Center in Microsoft 365. Now right here, you'll notice I've just got a simple list. You could then just go and save it as a file, and you could save the keyword list to a CSV file. All right. Another option is just to use a standard text file. But again, if you were pulling this from a database or something, it's probably going to be better served being a CSV file. So now that I've got that, I'm going to jump over to portal.microsoft.com, and I'm going to click Show All told, I'm going to go to the Compliance Center. So I'm just going to click on the compliance button that's going to bring me into Compliance Microsoft.com.I'm then going to go and click on Data Classification, and I'm going to go to sensitive information types. All right. And then we are now ready to create a new sensitive infotype. So we're going to go ahead and click to create that, and then it's going to load up the little wizard, and then we'll just give it a name. It's going to call it a keyword demo. All right, just for lack of a better name. And we're going to click "next," and we're ready to create the pattern. So we're going to click to create. Alright. And we're going to go add a primary element. We're going to go with a keyword dictionary, and this time we're going to say upload from a CSV file. So I just loaded in that spreadsheet, CSV spreadsheet. You can see that it put all that in there for me. I could edit that if I wanted to. Granted, this is just a small example; you could have a list of thousands of lines here if you wanted to, but in my case, I just have a few. All right, we've got to give the keyword dictionary a list. We're just going to call it Keyword Demoas, the name of this keyword dictionary. We're going to click Done, and at that point it's going to base the pattern on what it's found. And I'm not going to do any of these additional elements this time. I'm going to click to create. We're going to click Next, high confidence level next, and create. And just like that, it's very easy to create a dictionary from a keyword dictionary using a sensitive info type. Keep in mind, you could also use PowerShell to do this as well. You could also use a DLP keyword dictionary command to generate this if you wanted to write a script or something similar to possibly automate some of this. Yeah.

Go to testing centre with ease on our mind when you use Microsoft SC-400 vce exam dumps, practice test questions and answers. Microsoft SC-400 Microsoft Information Protection Administrator certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using Microsoft SC-400 exam dumps & practice test questions and answers vce from ExamCollection.