Enable Helpdesk to Export Results in Microsoft 365 Compliance Center | Answer

How to Enable Helpdesk to Export Results in Microsoft 365 Compliance Center | Guide

Prev Question Next Question

Question

You are a global admin in a company with a Microsoft 365 subscription.

In Microsoft 365 Compliance Center you have created a new Content Search, and you want your helpdesk to be able to export the result.

How should you enable them to do this? You must use the principle of least privilege.

Answers

A. In Security & Compliance Center, add the users to the eDiscovery Manager role

B. In Office 365 admin center, add the users to the Helpdesk Administrator role

C. In Security & Compliance Center, add the users to the eDiscovery Administrator role

D. In Security & Compliance Center, add the users to the Compliance Administrator role.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: A

The least privileged role with permission to export content search results are the eDiscovery Manager role.

Role group name

eDiscovery Manager

Description Edit

Perform searches and place holds on mailboxes, SharePoint
Online sites, and OneDrive for Business locations.

Assigned roles

Export

RMS Decrypt
Custodian
Communication
Review

Preview
Compliance Search
Case Management

Hold

The following table lists the eDiscovery-related RBAC roles in the Microsoft 365 compliance center, ant

groups that each role is assigned to by default.

Role eDiscovery Manager & Organization Reviewer
Administrator Management

Case y v v

Management

‘Communication v

‘Compliance y v v

Search

Custodian v

Export v

Hold y v v

Option B is incorrect.

This role will not permit you to export content search results.

Option C is incorrect.

This role will allow you to export content search results, but it is not the least privileged alternative.

Option D is incorrect.

This role will not permit you to export content search results.

To know more about content search permissions, please refer to the link below:

To enable your helpdesk team to export the results of a content search in Microsoft 365 Compliance Center, you should use the principle of least privilege, which means granting them only the necessary permissions to perform the specific task without exposing your organization to any additional risks.

Among the provided answer options, the most appropriate one is option A - In Security & Compliance Center, add the users to the eDiscovery Manager role.

Here is the detailed explanation of why this option is the correct one:

eDiscovery Manager role: The eDiscovery Manager role allows users to perform eDiscovery searches, create and manage cases, and export the search results. This role is the most appropriate for your helpdesk team since they need to export the result of a content search.
Least Privilege: The eDiscovery Manager role provides just enough permission for the helpdesk team to export the search result without granting them unnecessary permissions.

Now let's briefly explain why the other options are incorrect:

B. Helpdesk Administrator role: The Helpdesk Administrator role grants broad permissions to manage different aspects of Microsoft 365, including user management, billing, and support. This role is too permissive for the helpdesk team since it exposes the organization to unnecessary risks.

C. eDiscovery Administrator role: The eDiscovery Administrator role is a high-level role that provides extensive permissions to manage eDiscovery cases, searches, and other related tasks. This role is also too permissive for the helpdesk team and may expose the organization to unnecessary risks.

D. Compliance Administrator role: The Compliance Administrator role provides broad permissions to manage compliance-related tasks, including data loss prevention (DLP) policies, retention policies, and eDiscovery cases. This role is too permissive for the helpdesk team since it exposes the organization to unnecessary risks.

Prev Question Next Question