Question 15 of 130 from exam MS-500: Microsoft 365 Security Administration

Question 15 of 130 from exam MS-500: Microsoft 365 Security Administration

Prev Question Next Question

Question

You have a configured a data loss prevention (DLP) with the following settings:

New DLP policy Start with a template or create a custom policy Choose an industry regulation to see the DLP policy templates you can use to protect that info or create a custom policy start from scratch. If you need to protect labeled content. you'll be able to choose labels later. ‘Show options for |All countries or regions Choose the information to protect Learn more about DLP policy templates s Name your policy 42 results Choose locations Financial UX. Privacy and Electronic USS. Patriot Act eB Communications Regulations Description Policy settings & Medical and heatth Helps detect the presence of information commonly ie Personal ioenerable subject to USS. Patriot Act, including information like Information (Pil) Data credit card numbers or tax identification numbers Review your settings Bs Fey U.K. Personal Information Online Code of Practice (PIOCP) 2 Custom Credit Card Number US. Bank Account Number US. Individual Taxpayer Identification Number (ITIN) U.S. Patriot Act U.S. Social Security Number (SSN) Protects this information:
New DLP policy Choose the information to protect Name your policy @ choose locations Policy settings Review your settings Choose locations Status Location Include Exchange email (Cup) & SharePoint sites (Cu) GB OneDrive accounts (Cup) wi Teams chat and channel messages Exclude
Customize the type of content you want to protect Select ‘Find content that contains’ if you want to quickly set up a policy that protects only sensitive info or labeled content. Use advanced settings for more options, such as protecting content in email messages sent to specific domains, attachments with specific file extensions, and more. Choose the information to protect © Find content that contains: © Credit Card Number USS. Bank Account Number USS. Individual Taxpayer Identification Number (ITIN) USS. Social Security Number (SSN) Name your policy Choose locations Edit @ Policy settings EZ Detect when this content is shared: with people outside my organization |v Review your settings © Use advanced settings ©
New DLP policy What do you want to do if we detect sensitive info? Welll automatically create detailed activity reports so you can review the content that matches this policy. What else do you want to do? Choose the information to protect . - . Notify users when content matches the policy settings N ‘Show policy tips to users and send them an email notification. lame your poli eA als) Tips appear to users in their apps (Outlook, OneDrive, SharePoint, and Teams) and help them learn how to use sensitive info responsibly. You can use the default tip or customize it to your liking. Choose locations Detect when a specific amount of sensitive info is being shared at one time ©@ Policy settings Detect when content that's being shared contains: Atleast [; | | instances of the same sensitive info type. ee Your Sea Send incident reports in email By default, you and your global admin will automatically receive the email. Restrict access or encrypt the content @ Block people from sharing and restrict access to shared content © Encrypt email messages (applies only to content in Exchange)
New DLP policy . . . Customize access and override permissions By default, users are blocked from sending email and Teams chats and channel messages that contain the type of content you're protecting. But you can choose who has access to shared SharePoint and OneDrive files. You can also decide if you want to let people override the policy's @ choose the information to protect restictions. @ Name your poticy Block these people from accessing SharePoint, OneDrive, and Teams content O Everyone @ ® choose tocations @ ony people outside your organization ©) Let people who see the tip override the policy @ o Review your settings C Require a business justification to override C1 Override the rule automatically if they report it as a false positive settings

After implementing the policy, your users are reporting that they can still send credit card number information out of the organization by mail.

What must you change to ensure that the policy works as intended (stop information within the U.S.

Patriot Act from being shared outside of the organization)?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: B

In this policy all locations are disabled: Exchange email, SharePoint sites, OneDrive Accounts, Teams chat and channel messages.

You must enable the location of the service you want to impact:

Exchange emai & SharePoint sites, G® OneDrive accounts we Teams chat and channel messages Include All Choose distribution groups All Choose sites All Choose accounts All Choose accounts None Exclude distribution groups None Exclude sites None Exclude accounts None Exclude accounts

Since the answer is given in the documentation, the other options are incorrect.

Reference:

To know more about implementing DLP policies, please refer to the link below:

Prev Question Next Question