Topic 2: Mix Questions
You have a Microsoft 36S subscription.
In Microsoft Exchange Online, you configure the mail flow rule shown in the following
exhibit.
You have a Microsoft 365 E5 tenant.
You need to add a new keyword dictionary.
What should you create?
A. a trainable classifier
B. a retention policy
C. a sensitivity label
D. a sensitive info type
Explanation:
To add a new keyword dictionary in Microsoft Purview Data Loss Prevention (DLP), you
must create a Sensitive Information Type (SIT).
Sensitive Info Types (SITs) allow you to define custom detection rules, including keyword
dictionaries, regular expressions, and functions for identifying sensitive content in emails,
documents, and other Microsoft 365 locations. A keyword dictionary is a list of predefined
words/phrases that Microsoft Purview can use to identify and classify content for DLP
policies.
Steps to add a keyword dictionary:
1. Go to Microsoft Purview compliance portal
2. Navigate to Data classification > Sensitive info types
3. Create a new sensitive info type
4. Add a keyword dictionary
5. Save and use it in a DLP policy
You have a Microsoft 365 E5 subscription.
You plan to implement Microsoft Purview insider risk management.
You implement the HR data connector.
You need to prepare the data that will be imported by the data connector.
In which format should you prepare the data?
A. JSON
B. CSV
C. TSV
D. XML
E. PRN
Explanation:
When implementing Microsoft Purview Insider Risk Management and using the HR data
connector, you must prepare HR data in CSV (Comma-Separated Values) format. This
format is required because Microsoft Purview supports CSV files for importing user
employment details, termination dates, role changes, and other HR-related attributes.
You have a Microsoft 365 subscription.
You need to customize encrypted email for the subscription. The solution must meet the
following requirements.
Ensure that when an encrypted email is sent, the email includes the company logo.
Minimize administrative effort.
Which PowerShell cmdlet should you run?
A. Set-IRMConfiguration
B. Set-OMEConfiguration
C. Set-RMSTemplate
D. New-OMEConfiguration
Explanation:
To customize encrypted email in Microsoft 365, including adding a company logo, you need
to modify the Office Message Encryption (OME) branding settings. The Set-
OMEConfiguration PowerShell cmdlet allows you to configure branding elements such as:
Company logo
Custom text
Background color
This cmdlet is used to update existing OME branding settings, ensuring that encrypted
emails sent from your organization include the required customizations.
You have a Microsoft 365 E5 subscription that contains a trainable classifier named Trainable1. You plan to create the items shown in the following table.
A. Label2 only
B. Label1 and Label2 only
C. Label1 and Policy1 only
D. Label2, Policy1, and DLP1 only
E. Label1, Label2, Policy1, and DLP1
Explanation:
A trainable classifier in Microsoft Purview is used to automatically identify and classify
unstructured data based on content patterns. The classifier can be used in:
1. Retention Labels (Label2) Supported
Trainable classifiers can be linked to retention labels to automatically classify and apply
retention policies to documents.
2. Retention Label Policies (Policy1) Supported
Retention label policies define how and where retention labels are applied, including
automatically using trainable classifiers.
3. Data Loss Prevention (DLP) Policies (DLP1) Supported
Trainable classifiers can be used in DLP policies to detect and protect sensitive content
automatically.
You implement Microsoft 36S Endpoint data loss pi event ion (Endpoint DIP).
You have computer that run Windows 11 and have Microsoft 365 Apps instated The
computers are joined to a Microsoft Entra
tenant.
You need to ensure that endpoint DIP policies can protect content on the computers.
Solution: You deploy the Microsoft Purview Information Protection client to the computers.
Does this meet the goal?
A. Yes
B. No
You have a Microsoft 365 E5 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.
A. Device1 only
B. Device1 and Device2 only
C. Device1 and Device4 only
D. Device1, Device2, and Device4 only
E. Device1, Device2, Device3, and Device4
Explanation:
Microsoft 365 Endpoint data loss prevention (Endpoint DLP) is supported only on Windows
10 and Windows 11 devices. It does not support macOS or iOS at this time.
From the provided table:
Device1 (Windows 11) - Supported
Device2 (Windows 10) - Supported
Device3 (iOS) - Not supported
Device4 (macOS) - Not supported
Thus, only Device1 and Device2 support Endpoint DLP.
HOTSPOT
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
You create the audit retention policies shown in the following table.
You have a Microsoft 36S subscription that contains the users shown in the following table.
HOTSPOT
You have a Microsoft 365 subscription.
You plan to deploy an audit log retention policy.
You need to perform a search to validate whether the policy will be applied to the intended
entries.
Which two fields should you configure for the search? To answer, select the appropriate
fields in the answer area.
NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result,
these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers
are onboarded to Microsoft Purview.
You discover that a third-party application named Tailspin_scanner.exe accessed protected
sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the
computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without
preventing the application from accessing other documents.
Solution: From the Microsoft Defender for Cloud Apps, you mark the application as
Unsanctioned.
Does this meet the goal?
A. Yes
B. No
Explanation:
Marking Tailspin_scanner.exe as "Unsanctioned" in Microsoft Defender for Cloud Apps
only blocks its usage in cloud-based activities (such as accessing SharePoint, OneDrive, or
Exchange Online). However, it does not prevent a locally installed application on Windows
11 devices from accessing sensitive files.
To block Tailspin_scanner.exe from accessing sensitive documents while allowing it to
access other files, the correct solution is to use Microsoft Purview Endpoint Data Loss
Prevention (Endpoint DLP) and add Tailspin_scanner.exe to the Restricted Apps list.
Endpoint DLP allows you to block specific applications from accessing sensitive files while
keeping general access available. Restricted Apps List in Endpoint DLP ensures that
Tailspin_scanner.exe cannot open, copy, or process protected documents, but it can still
function normally for non-sensitive content.
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result,
these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the
user viewed them.
When you search the audit log in the Microsoft Purview portal to identify who signed in to
the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-MailboxFolderPermission -Identity "User1" -User
User1@contoso.com -AccessRights Owner command.
Does that meet the goal?
A. Yes
B. No
Explanation: The Set-MailboxFolderPermission -Identity "User1" -User User1@contoso.com - AccessRights Owner command is incorrect. This assigns folder permissions but does not enable auditing. It does not track who accessed the mailbox or deleted emails.
| Page 2 out of 11 Pages |
| Previous |