You have a Microsoft 365 E3 subscription.
You plan to assess compliance with ISO/IEC 27001:2013.
From Compliance Manager, you discover that the ISO/IEC 27001:2013 regulatory template for Microsoft 365 is inactive.
What should you do?
You have a Microsoft 365 E5 subscription.
You plan to use the Microsoft Purview compliance portal to map human resources (HR) data for use with insider risk management policies.
You need to add a data connector to import the HR data.
What should you do first, and in which format should you import the data? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You are creating a retention policy named Retention1 as shown in the exhibit. (Click the Exhibit tab.)
You apply Retention1 to SharePoint sites and OneDrive accounts.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a Microsoft SharePoint Online site named Site1 that contains a document library. The library contains more than 1,000 documents. Some of the documents are job applicant resumes. All the documents are in the English language.
You plan to apply a sensitivity label automatically to any document identified as a resume. Only documents that contain work experience, education, and accomplishments must be labeled automatically.
You need to identify and categorize the resumes. The solution must minimize administrative effort.
What should you include in the solution?
Your company has a Microsoft 365 tenant that uses a domain named contoso.
The company uses Microsoft Office 365 Message Encryption (OMI ) to encrypt email sent to users in fabrikam.com.
A user named User1 erroneously sends an email to user2@fabrikam
You need to disable user2@fabrikam.com from accessing the email.
What should you do?
You have a Microsoft 365 E5 tenant that has a retention label named La bell. You need to create an auto-labeling policy that will apply La bell. To which location can Label! be applied?
While creating a retention label, you discover that the Mark items as a regulatory record option is unavailable.
You need to ensure that the option is available when you create retention labels in the Microsoft Purview compliance portal.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are configuring a data loss prevention (DLP) policy to report when credit card data is found on a Windows
10 device joined to Azure Active Directory (Azure AD).
You plan to use information from the policy to restrict the ability to copy the sensitive data to the clipboard.
What should you configure in the policy rule?
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You need to ensure that Admin3 can create holds in owing table.
To what should you add Admin3?
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online document library named Library 1.
You need to declare a collection of files that are stored in Library1 as regulatory records.
What should you use?
You have a Microsoft 365 E5 subscription that contains a user named User1 and a Microsoft SharePoint Online site named Site 1. You create the alert policy shown in the following exhibit.
To Site1, User1 uploads the files shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
How many alerts will be generated in response to the file uploads?
You have a Microsoft 365 E5 subscription.
You have a Microsoft Entra tenant named contoso.com.
Your company collaborates with a partner company that has a Microsoft Entra tenant named fabrikam.com.
You need to ensure that email sent to fabrikam.com always uses TLS and is sent only if the email server certificate of fabrikam.com is validated.
What should you do?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-AuditConfig -Workload Exchange command.
Does that meet the goal?
You have a Microsoft 365 E5 subscription.
You have the data loss prevention (DLP) rule match shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a Microsoft E5 365 tenant.
You need to ensure that you can use sensitivity labels to declare regulatory records.
Which PowerShell cmdlet should you run, and which type of policy should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
You need to implement a compliance solution that meets the following requirements:
• Captures clips of key security-related user activities, such as the exfiltration of sensitive company data.
• Integrates data loss prevention (OLP) capabilities with insider risk management.
What should you use for each requirement? To answer, select the appropriate options in the answer area
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 contains resumes saved as Microsoft Word documents. A new collection of resumes is loaded to Site1 every three months.
You plan to implement records management. The solution must meet the following requirements:
• The resumes must be retained for two years.
• The retention period must start at the end of the quarter during which the resumes were loaded.
• The resumes must have a retention label applied that identifies the documents as regulatory records.
You need to create a file plan in the CSV format that you will use to create the retention labels.
Which retention type should you specify in the file plan?
You need to ensure that documents in a Microsoft SharePoint Online site that contain a reference to Project
Alpha are retained for two years, and then deleted.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant that uses Microsoft Teams.
You create a data loss prevention (DLP) policy to prevent Microsoft Teams users from sharing sensitive information.
You need to identify which locations must be selected to meet the following requirements:
Documents that contain sensitive information must not be shared inappropriately in Microsoft Teams.
If a user attempts to share sensitive information during a Microsoft Teams chat session, the message must be deleted immediately.
Which three locations should you select? To answer, select the appropriate locations in the answer area. (Choose three.)
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
You ate creating a retention label named Retention1. You configure the following stages and reviewers for Retention1:
• Stage name: Stage1
o Reviewers for this stage: Group4
• Stage name: Stage2
o Reviewers for this stage: User1
Which resources can you add as additional Stage! and Stage2 reviewers? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription that contains two groups named Group1 and Group2.
You have the compliance assessments shown in the following table.
You have the improvement actions shown in the following table.
You perform the following actions:
• Create and publish a retention label.
• Implement security awareness training for all users.
• For Action4, change Implementation status to Implemented
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You plan to implement a sensitive information type based on a trainable classifier. The sensitive information type will identify employment contracts.
You need to copy the required files to Microsoft SharePoint Online folders to train the classifier.
What should you use to seed content and test the classifier? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and a sensitivity label named Label1.
The external sharing settings for Site1 are configured as shown in the Site1 exhibit. (Click the Site1 tab.)
The external sharing settings for Label! are configured as shown in the Label1 exhibit. (Click the Label1 tab.)
Label1 is applied to Site1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 tenant that contains the objects shown in the following table.
You need to restore a Microsoft Word document that was deleted from the Sales channel by User 1.
From where can the document be restored, and how long will the document be retained? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Task 10
You plan to create a data loss prevention (DLP) policy that will apply to content containing the following keywords:
• Tailspin
• litware
• Falcon
You need to create a keyword list that can be used in the DLP policy. You do NOT need to create the DLP policy at this time.
Task 9
You are investigating a data breach.
You need to retain all Microsoft Exchange items in the mailbox of Alex Wilber that contain the word Falcon and were created in the year 2021.
Task 6
You plan to implement Endpoint data loss prevention (Endpoint DLP) policies for computers that run Windows.
Users have an application named App1 that stores data locally in a folder named C:\app1\data.
You need to prevent the folder from being monitored by Endpoint DLP.
Task 1
You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:
• The users must be able to apply a classification of Product1 to the files.
• Any authenticated user must be able to open files classified as Product1.
• files classified as Product1 must be encrypted.
Task 8
You need to retain Microsoft SharePoint files that contain the word Falcon for two years from the date they were created, and then delete them.
Task 7
You need to create a retention policy that meets the following requirements:
• Applies to Microsoft Teams chat and Teams channel messages of users that have a department attribute of Sales.
• Retains item for five years from the date they are created, and then deletes them.
Task 4
You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.
Task 2
You discover that all users can apply the Confidential - Finance label.
You need to ensure that the Confidential - Finance label is available only to the members of the Finance Team group.
Task 5
You need to ensure that a group named U.S. Sales can store files containing information subject to General Data Protection Regulation (GDPR) in their OneDrive accounts. All other current GDPR restrictions must remain in effect.
Task 3
You plan to automatically apply a watermark to the document1 of a project named Falcon.
You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth is worth one point.
You need to meet the technical requirements for the confidential documents.
What should you created first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are evaluating the technical requirements for the DLP reports.
Which user can currently view the DLP reports?
You need to meet the technical requirements for the Site3 documents.
What should you create?
You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you grant the Sensitivity label administrator role?
You need to meet the technical requirements for the creation of the sensitivity labels. Which administrative users are currently missing the Sensitivity label administrator role?
How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are reviewing policies for the SharePoint Online environment.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You need to meet the technical requirements for the Site1 documents.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip
justifications.
What should you recommend?
You need to recommend a solution that meets the sales requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.
Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)
NOTE: Each correct selection is worth one point.
You need to implement a solution to encrypt email. The solution must meet the compliance requirements.
What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend a solution that meets the compliance requirements for Dropbox.
What should you recommend?
