HOTSPOT
How many files in Site2 can User1 and User2 access after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 11. The computers are onboarded to Microsoft Purview.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.
Does this meet the goal?
You have Microsoft 365 E5 subscription.
You create two alert policies named Policy1 and Policy2 that will be triggered at the times shown in the following table.

How many alerts will be added to the Microsoft Purview portal?
You have a Microsoft 365 E5 subscription.
You need to ensure that users are prevented from uploading sensitive data to ChatGPT and Google Gemini. The solution must meet the following requirements:
• Prevent credit card numbers from being pasted into ChatGPT and Gemini.
• Prevent documents that contain classified data from being uploaded to ChatGPT and Gemini.
Which Microsoft Purview solution should you use for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

HOTSPOT
You have a Microsoft 365 E5 subscription that contains two Microsoft 365 groups named Group1 and Group2. Both groups use the following resources:
● A group mailbox
● Microsoft Teams channel messages
● A Microsoft SharePoint Online teams site
You create the objects shown in the following table.

To which resources will AutoApply1 and Retention1 be applied? To answer, select the appropriate options in the answer area.
NOTE : Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.
You need to identify documents that contain patent application numbers containing the letters PA followed by eight digits, for example, PA 12345678. The solution must minimize administrative effort.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to meet the technical requirements for the creation of the sensitivity labels.
To which user or users must you assign the Sensitivity Label Administrator role?
HOTSPOT
You are reviewing policies for the SharePoint Online environment.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-MailboxFolderPermission -Identity " User1 " -User User1@contoso.com -AccessRights Owner command.
Does that meet the goal?
HOTSPOT
You need to meet the technical requirements for the confidential documents.
What should you create first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to meet the retention requirement for the users ' Microsoft 365 data.
What is the minimum number of retention policies required to achieve the goal?
You have a Microsoft 565 subscription that contains 100 users and a Microsoft 365 group named Group1. All users have Windows 11 devices and use Microsoft SharePoint Online and Exchange Online. A sensitivity label named Label! is published as the default label for Group1. You add two sublabels named Sublabel1 and Sublabel2 lo Label1. You need to ensure that the settings in Sublabel 1 are applied by default to Group 1. What should you do?
You have a Microsoft 365 subscription.
You configure a Microsoft Purview insider risk management policy named Policy1.
You need to ensure that you will receive real-time recommendations on how to configure the indicator thresholds for Policy1. The solution must ensure that the recommendations are based on a user ' s activity from the past 10 days.
What should you do first?
You create a data loss prevention (DIP) policy that meets the following requirements:
• Prevents guest users from accessing a sensitive document shared during a Microsoft Teams chat
• Prevents guest users from accessing a sensitive document stored in a Microsoft Team? channel
Which location should you select for each requirement? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.

You use project codes that have a format of three alphabetical characters that represent the project type, followed by three digits, for example Abe 123.
You need to create a new sensitive info type for the project codes.
How should you configure the regular expression to detect the content? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You have computers that run Windows 11 and have Microsoft 365 Apps installed. The computers are joined to a Microsoft Entra tenant.
You need to ensure that Endpoint DLP policies can protect content on the computers.
Solution: You enroll the computers in Microsoft Intune.
Does this meet the goal?
You have a Microsoft 365 E5 tenant that has devices onboarded to Microsoft Defender for Endpoint as shown in the following table.

You plan to start using Microsoft 365 Endpoint data loss protection (Endpoint DLP).
Which devices support Endpoint DLP?
HOTSPOT
You have a Microsoft 365 E5 subscription.
You receive the data loss prevention (DLP) alert shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE : Each correct selection is worth one point.

You have a data loss prevention (DIP) policy that has the advanced DIP rules shown in the following table.

You need to identity which rules will apply when content matches multiple advanced DIP rules.
Which rules should you identify? To answer, select the appropriate options in the answer area.

You have a Microsoft 365 tenant.
You have a database that stores customer details. Each customer has a unique 13-digit identifier that consists of a fixed pattern of numbers and letters.
You need to implement a data loss prevention (DLP) solution that meets the following requirements:
● Email messages that contain a single customer identifier can be sent outside your company.
● Email messages that contain two or more customer identifiers must be approved by the company ' s data privacy team.
Which two components should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the sensitive information types (SITs) shown in the following table.

You plan to create the policies shown in the following table and assign them to a Microsoft SharePoint Online site.

Which policies can use SIT1. and which policies can use SIT2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 ES subscription.
A security manager receives an email message every time a data loss prevention (DIP) policy match occurs. You need to limit alert notifications to actionable DLP events. What should you do?
You have a Microsoft 365 E5 subscriptions.
You deploy Microsoft Purview Data Security Posture Management for Al (DSPM for Al).
You need to edit the default policies created as part of the deployment.
Which two Microsoft Purview solutions should you use? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains two users named User! and User2. The subscription has a data loss prevention (DLP) policy named Policy 1.
User2 sends an outbound message that generates a false positive for Policy1.
You need to ensure that User1 can download the message that generated the alert The solution must follow the principle of least privilege.
To which role group should you add User1?
You create a sensitivity label as shown in the Sensitivity Label exhibit. (Click the Sensitivity Label tab.)

You create an auto-labeling policy as shown in the Auto Labeling Policy exhibit. (Click the Auto Labeling Policy tab.)

A user sends the following email:

Both attachments contain lists of IP addresses.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?
You have a Microsoft 365 E5 subscription that uses Microsoft Purview.
You need to deploy a compliance solution that will detect the accidental oversharing of information outside of an organization.
The solution must minimize administrative effort.
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have Microsoft 365 E5 tenant that has a domain name of 86s40q.ofimicrosoft.com. The tenant contains the users shown in the following table.

You have a published sensitivity label.
The Access control settings for the sensitivity label are configured as shown in the exhibit (Click the Exhibit tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You have a Microsoft 365 £5 subscription that contains the groups shown in the following table.

The subscription contains the users shown in the following table.

You create the mail flow rules shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 ES subscription.
You have a Microsoft SharePoint Online document library that contains Microsoft Word and Excel documents. The documents contain the following types of information:
• Credit card numbers
• Physical addresses in the UK
• National hearth service numbers from the UK
• Sensitive projects that contain the following words: Project Tailspin. Project Contoso, and Project falcon
You have email messages m Microsoft Exchange Online that contain the following information types:
• Credit card numbers
• User sign-in credentials
• National health service numbers from the UK
You plan to use sensitive information types (SITs) for compliance policies.
What is the minimum number of SITs required to classify all the information types?
You have a Microsoft 365 E5 subscription.
You plan to implement Microsoft Purview insider risk management.
You implement the HR data connector.
You need to prepare the data that will be imported by the data connector.
In which format should you prepare the data?
You have a Microsoft 365 £5 subscription.
You have a Microsoft Purview Advanced Message Encryption branding template named 0ME1.
You need to create a Microsoft Exchange Online mail flow rule to apply OME1 to email.
How should you configure the rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains four users named User1, User2, User3, and User4 and a file named File1.docx.
To File1, you apply a sensitivity label that has the permissions shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE; Each correct selection is worth one point.

You have a Microsoft 36S ES subscription that contains a Windows 11 device named Device 1 and three users named User 1. User2. and User3.
You plan to deploy Azure Information Protection (AIP) and the Microsoft Purview Information Protection client to Device 1.
You need to ensure that the users can perform the following actions on Device1 as part of the planned deployment
• User 1 will test the functionality of the client.
• User2 will install and configure the Microsoft Rights Management connector.
• User3 will be configured as the service account for the information protection scanner.
The solution must maximize the security of the sign-in process for the users What should you do?
HOTSPOT
You have a Microsoft 365 E5 subscription that uses Microsoft Purview.
You need ensure that an incident will be generated when a user visits a phishing website.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You create a retention label that has a retention period of seven years.
You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.
What should you create?