Blocking Connectors

Correct Answers: B and.

E.

As A Solution Architect, you need to know which connectors you can block using DLP.

Data Loss Prevention (DLP) policy prevents unintentional exposure of the organization's data.

You can create a Data Loss Prevention policy in the Power Platform admin center.

By default, all connectors are in the Non-Business/Default group.

You can move them into other groups depending on an organization's needs.

You can block almost all the connectors except Microsoft Enterprise Plan standard connectors and Core Power Platform connectors.

The list of Microsoft Enterprise Plan standard connectors includes around 20 connectors, like SharePoint, Microsoft Teams, Microsoft 365 Outlook, OneDrive for Business, Power Bi, etc.

And the list of the Core Power Platform connectors includes Approvals, Notifications, Dataverse, Dataverse (current environment), and Power Apps Notifications.

All these connectors are required for the Power Platform operations.

When you create a DLP policy and on the Assign connectors screen (Number 1) select the connectors, you need to pay attention to the Blockable column (Number 2) that provides information about the possibility of connection blocking.

Power Platform defines two scope levels for DLP policy application: a tenant and environment.

Important to remember that the environment-level DLP policy cannot overwrite the tenant DLP policy.

Options B and E are correct because you can block Salesforce and OneDrive connectors.

All other options are incorrect because you cannot block these connections.

For more information about DLP policy, please visit the below URLs:

As a Power Platform solution architect, you may need to design and implement Data Loss Prevention (DLP) policies to protect sensitive data and prevent its unauthorized access or sharing. DLP policies help ensure compliance with regulatory requirements and safeguard against potential data breaches.

To block specific connectors using DLP policies, you can configure the policies to trigger when certain criteria are met, such as when a user attempts to share or access data through a specific connector. The following connectors can be blocked by DLP policies:

A. SharePoint - SharePoint is a collaboration and document management platform used to store and share files, lists, and other data. By blocking SharePoint through DLP policies, you can prevent users from sharing sensitive data through SharePoint sites and libraries.

B. Salesforce - Salesforce is a cloud-based customer relationship management (CRM) platform used to manage sales, marketing, and customer service. By blocking Salesforce through DLP policies, you can prevent users from sharing sensitive data with third-party applications integrated with Salesforce or with external users.

C. Dataverse - Dataverse is a low-code data platform used to build custom business applications and store data. By blocking Dataverse through DLP policies, you can prevent users from sharing sensitive data stored in Dataverse tables and entities.

D. Microsoft 365 Outlook - Microsoft 365 Outlook is an email and calendar application used to manage communications and schedule meetings. By blocking Outlook through DLP policies, you can prevent users from sharing sensitive data through email messages, attachments, and calendar invites.

E. OneDrive - OneDrive is a cloud-based file storage and sharing service. By blocking OneDrive through DLP policies, you can prevent users from uploading, sharing, or accessing sensitive data stored in OneDrive folders.

F. Approvals - Approvals is a connector used to automate approval workflows for business processes. By blocking Approvals through DLP policies, you can prevent users from sharing sensitive data through approval requests or responses.

In summary, as a Power Platform solution architect, you can block specific connectors using DLP policies, such as SharePoint, Salesforce, Dataverse, Microsoft 365 Outlook, OneDrive, and Approvals, to protect sensitive data and prevent its unauthorized access or sharing.