Exam SC-100 All QuestionsBrowse all questions from this exam
Go to Exam
Question 30

HOTSPOT

-

You have a Microsoft 365 E5 subscription that uses Microsoft Purview, SharePoint Online, and OneDrive for Business.

You need to recommend a ransomware protection solution that meets the following requirements:

• Mitigates attacks that make copies of files, encrypt the copies, and then delete the original files

• Mitigates attacks that encrypt files in place

• Minimizes administrative effort

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

    Correct Answer:

Discussion
jasscomp

Recycle Bin and Versioning after reading : https://learn.microsoft.com/en-us/microsoft-365/solutions/ransomware-protection-microsoft-365?view=o365-worldwide#deleting-files-or-email

SFAY

As per MS article titled: Deploy ransomware protection for your Microsoft 365 tenant Deleting files or email ----------------------------------- Files in SharePoint and OneDrive for Business are protected by: > Versioning: Microsoft 365 retains a minimum of 500 versions of a file by default and can be configured to retain more. To minimize the burden on your security and helpdesk staff, train your users on how to restore previous versions of files. > Recycle bin: If the ransomware creates a new encrypted copy of the file and deletes the old file, customers have 93 days to restore it from the recycle bin. After 93 days, there is a 14-day window where Microsoft can still recover the data. Encrypting files in place -------------------------------------- As previously described, files in SharePoint and OneDrive for Business are protected from malicious encryption with: > Versioning > Recycle bin > Preservation Hold library Source: https://learn.microsoft.com/en-us/microsoft-365/solutions/ransomware-protection-microsoft-365?view=o365-worldwide#encrypting-files-in-place

sbnpj

correct answers are Recycle Bin and Versioning https://learn.microsoft.com/en-us/microsoft-365/solutions/ransomware-protection-microsoft-365?view=o365-worldwide#deleting-files-or-email

ServerBrain

No. what do you do with an encrypted file that is in the Recycle bin???

LJWBA

It's the original file that would be deleted, so the file in the recycle bin wouldn't be encrypted. I agree with sbnpj

Mendel

The Recycle Bin is a useful feature for recovering deleted files, but it's not specifically designed to mitigate ransomware attacks. Ransomware often involves encrypting files and deleting the original copies, which can bypass the Recycle Bin since it typically deals with files that are intentionally deleted by users.

smanzana

1-Recycle Bin 2-Versioning

Mendel

Answer is correct: Data loss prevention: This helps prevent unauthorized access to sensitive data and can be configured to detect and prevent ransomware attacks by monitoring and controlling the movement of files. Versioning: SharePoint Online and OneDrive for Business support versioning, which allows you to store, track, and restore previous versions of files. This can help mitigate ransomware attacks that involve encrypting files by providing the ability to revert to unaffected versions.

DavidSapery

Answers are Recycle Bin and Versioning. https://learn.microsoft.com/en-us/compliance/assurance/assurance-malware-and-ransomware-protection

sbnpj

Correct Answers are Recycle Bin and DLP https://learn.microsoft.com/en-us/microsoft-365/solutions/ransomware-protection-microsoft-365?view=o365-worldwide#deleting-files-or-email

orrery

Answer: To mitigate attacks where a copy of a file is created, encrypted, and then the original file is deleted, use “version control.” To mitigate attacks where a file is encrypted on the spot, use “Data Loss Prevention (DLP) policies.” Reason: Version control is effective against attacks where a copy is encrypted and deleted because it saves previous versions of files, allowing recovery even if the original file is deleted. Data Loss Prevention (DLP) policies are effective against attacks where a file is encrypted on the spot because they prevent unauthorized access and sharing of sensitive information. Why other answers are different: The Recycle Bin temporarily stores deleted files but cannot restore encrypted copies. Version control saves previous versions of files but is not a direct defense against on-the-spot encryption attacks.

damasie

The answer is correct for me. Recycle bin or Versioning do not prevent to make copies of the files. Therefore: - Data loss prevention - Versioning

JAGUDERO

Copilot Response To recommend a ransomware protection solution that meets the specified requirements, you should include the following: Versioning: This feature in SharePoint Online and OneDrive for Business keeps a history of changes made to files. It can help mitigate attacks that make copies of files, encrypt the copies, and then delete the original files by allowing you to restore previous versions of the files. Versioning: Similarly, for attacks that encrypt files in place, versioning allows you to revert to an unencrypted state of the file, effectively mitigating the attack. These features are part of Microsoft 365 E5’s capabilities and can significantly reduce the risk of ransomware damage with minimal administrative effort, as they are built into the service and do not require extensive setup or maintenance. Remember to configure versioning settings according to your organization’s needs to ensure optimal protection.

cris_exam

ah... tricky question this one. If it would have NOT mentioned Purview, I would have gone without hesitation to Recycle Bin and Versioning... buuut, since we see it mentioned, Purview with its DLP capabilities, offering a way to configure a policy against copying files outside the org, I tend to go with DLP and Versioning, still not 100% convinced. You never know what they were thinking when they wrote this question....

Victory007

Answer Wrong. 1. Versioning - Versioning allows developers (who use it) to keep tracks of the files. This can help you recover your data if it is encrypted or deleted by an attack. 2. DLP Policies: DLP policies help prevent the unauthorized sharing, transfer, or use of sensitive data. They can help you monitor and protect your data across on-premises systems, cloud-based locations, and endpoint devices.