01. You need to be alerted when users share sensitive documents from Microsoft One Drive to any users outside your company. What should you do?
a) From the Exchange admin center, create a data loss prevention (DLP) policy.
b) From the Cloud App Security portal, create a file policy.
c) From the Microsoft 365 compliance center, create an insider risk policy.
d) From the Azure portal, create an Azure Active Directory (Azure AD) Identity Protection policy.
02. You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain United States passport numbers. Users report that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
a) Unallowed browsers
b) File path exclusions
c) Unallowed apps
d) Service domains
03. A compliance administrator recently created several data loss prevention (DLP) policies. After the policies are created, you receive a higher than expected volume of DLP alerts.
You need to identify which rules are generating the alerts. Which DLP report should you use?
a) Third-party DLP policy matches
b) DLP policy matches
c) DLP incidents
d) False positive and override
04. You have a Microsoft 365 tenant. You create the following:
- A sensitivity label
- An auto-labeling policy
You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy. What should you do first?
a) Enable insider risk management.
b) Create a trainable classifier.
c) Run the policy in simulation mode.
d) Run the Enable-TransportRule cmdlet.
05. You are creating a custom trainable classifier to identify organizational product codes referenced in Microsoft 365 content. You identify 300 files to use as seed content.
Where should you store the seed content?
a) a Microsoft SharePoint Online folder
b) a Microsoft OneDrive for Business folder
c) an Azure file share
d) Microsoft Exchange Online shared mailbox
06. Each product group at your company must show a distinct product logo in encrypted emails instead of the standard Microsoft Office 365 logo.
What should you do to create the branding templates?
a) Create a Transport rule.
b) Create an RMS template.
c) Run the Set-IRMConfiguration cmdlet.
d) Run the New-OMEConfiguration cmdlet.
07. Your company has a Microsoft 365 tenant that uses a domain named contoso.com. You are implementing data loss prevention (DLP). The company’s default browser is Microsoft Edge.
During a recent audit, you discover that some users use Firefox and Google Chrome browsers to upload files labeled as Confidential to a third-party Microsoft SharePoint Online site that has a URL of https://m365x076709.sharepoint.com.
Users are blocked from uploading the confidential files to the site from Microsoft Edge. You need to ensure that the users cannot upload files labeled as Confidential from Firefox and Google Chrome to any cloud services.
Which two actions should you perform?
Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
a) From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add m365x076709.sharepoint.com as a blocked service domain.
b) Create a DLP policy that applies to the Devices location.
c) From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, add Firefox and Google Chrome to the unallowed browsers list.
d) From the Microsoft 365 compliance center, onboard the devices.
e) From the Microsoft 365 Endpoint data loss prevention (Endpoint) DLP settings, add contoso.com as an allowed service domain.
08. Reference Scenario: click here
You are evaluating the technical requirements for the DLP reports. Which user can currently view the DLP reports?
09. Your company has a Microsoft 365 tenant. The company performs annual employee assessments. The assessment results are recorded in a document named AssessmentTemplate.docx that is created by using a Microsoft Word template. Copies of the employee assessments are sent to employees and their managers.
The assessment copies are stored in mailboxes, Microsoft SharePoint Online sites, and OneDrive for Business folders. A copy of each assessment is also stored in a SharePoint Online folder named Assessments.
You need to create a data loss prevention (DLP) policy that prevents the employee assessments from being emailed to external users. You will use a document fingerprint to identify the assessment documents. The solution must minimize effort.
What should you include in the solution?
a) Create a fingerprint of AssessmentTemplate.docx.
b) Create a sensitive info type that uses Exact Data Match (EDM).
c) Import 100 sample documents from the Assessments folder to a seed folder.
d) Create a fingerprint of 100 sample documents in the Assessments folder.
10. You create a custom sensitive info type that uses Exact Data Match (EDM). You plan to periodically update and upload the data used for EDM.
What is the maximum frequency with which the data can be uploaded?
a) twice per week
b) twice per day
c) once every six hours
d) once every 48 hours
e) twice per hour