You receive an email that contains a list of words that will be used for a sensitive information type.
You need to create a file that can be used as the source of a keyword dictionary.
In which format should you save the list?

A. a JSON file that has an element for each word

B. an ACCDB database file that contains a table named Dictionary

C. an XML file that contains a keyword tag for each word

D. a CSV file that contains words separated by commas

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches the text patterns.
Does this meet the goal?

A. Yes

B. No

You have Microsoft 365 E5 subscription that uses data loss prevention (DLP) to protect sensitive information.
You have a document named Form.docx.
You plan to use PowerShell to create a document fingerprint based on Form.docx.
You need to first connect to the subscription.
Which cmdlet should you run?

A. Connect-SPOService

B. Connect-IPPSSession

C. Connect-AzureAD

D. Connect-ExchangeOnline

HOTSPOT
-
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the groups shown in the following table.
 
The domain is synced to an Azure AD tenant that contains the groups shown in the following table.
 
You create a sensitivity label named Label1.
You need to publish Label1.
To which groups can you publish Label1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 E5 subscription.
You have the data loss prevention (DLP) rule match shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains two users named Admin1 and User1, a Microsoft SharePoint Online site named Site1, and a retention label named Retention1.
The role assignments for Site1 are shown in the following table.
 
Site1 includes a file named File1.
Rentention1 has the following settings:
•	Retain items for a specific period: Retention period: 7 years
•	During the retention period: Mark items as a record
•	At the end of the retention period: Delete items automatically
Rentention1 is published to Site1.
User1 applies Retention1 to File1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 subscription that uses an Azure AD tenant named contoso.com.
OneDrive stores files that are shared with external users. The files are configured as shown in the following table.
 
You create a data loss prevention (DLP) policy that applies to the content stored in OneDrive accounts. The policy contains the following three rules:
Rule1
-
• Conditions: Label1, Detect content that's shared with people outside my organization
• Actions: Restrict access to the content for external users
• User notifications: Notify the user who last modified the content
• User overrides: On
• Priority: 0
Rule2:
• Conditions: Label1 or Label2
• Actions: Restrict access to the content
• Priority: 1
Rule3:
• Conditions: Label2, Detect content that's shared with people outside my organization
• Actions: Restrict access to the content for external users
• User notifications: Notify the user who last modified the content
• User overrides: On
• Priority: 2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You configure a mail flow rule that matches a sensitive info type.
Does this meet the goal?

A. Yes

B. No

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring a file policy in Microsoft Cloud App Security.
You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts must be sent to the Microsoft Teams site of the affected department.
Solution: You use the Built-in DLP inspection method and send alerts to Microsoft Power Automate.
Does this meet the goal?

A. Yes

B. No

You have a Microsoft 365 tenant that uses Microsoft Teams.
You need to ensure that all internal communication is stored for a minimum of seven years.
What should you create first?

A. a retention label

B. a Microsoft SharePoint Online site

C. a Microsoft Exchange Online shared mailbox

D. a retention label policy

HOTSPOT -
You enable archive mailboxes for all the users at your company.
The Default MRM Policy is shown in the MRM exhibit.
 
A Microsoft 365 retention label policy is shown in the Label Policy exhibit.
 
You need to identify the following:
✑ How many years until an email is archived?
✑ What should you modify to change the retention period for archiving?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You are reviewing policies for the SharePoint Online environment.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have Microsoft 365 E5 subscription that uses data loss prevention (DLP) to protect sensitive information.
You have a document named Form.docx.
You plan to use PowerShell to create a document fingerprint based on Form.docx.
You need to first connect to the subscription.
Which cmdlet should you run?

A. Connect-SPOService

B. Connect-IPPSSession

C. Connect-AzureAD

D. Connect-ExchangeOnline

You have a Microsoft 365 E5 tenant that contains a user named User1.
You need to identify the type and number of holds placed on the mailbox of User1.
What should you do first?

A. From the Microsoft 365 compliance center, create an eDiscovery case.

B. From Exchange Online PowerShell, run the Get-Mailbox cmdlet.

C. From the Microsoft 365 compliance center, run a content search.

D. From Exchange Online PowerShell, run the Get-HoldCompliancePolicy cmdlet.

HOTSPOT
-
You have a Microsoft 365 sensitivity label that is published to all the users in your Microsoft Entra tenant as shown in the following exhibit.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription.
You need to export the details of a retention label. The export must include the following information:
• Is record
• Is regulatory
• Disposition type
What should you do?

A. From the Microsoft Purview compliance portal, export Compliance Manager assessment actions.

B. From the Microsoft Purview compliance portal export a file plan.

C. From the Microsoft Purview compliance portal, export a disposition review.

D. From PowerShell, run the Export-ActivityExplorerData cmdlet.

E. From PowerShell, run the Get-RetentionEvent cmdlet.

You have a Microsoft 365 tenant that uses 100 data loss prevention (DLP) policies.
A Microsoft Exchange administrator frequently investigates emails that were blocked due to DLP policy violations.
You need recommend which DLP report the Exchange administrator can use to identify how many messages were blocked based on each DLP policy.
Which report should you recommend?

A. Third-party DLP policy matches

B. DLP policy matches

C. DLP incidents

D. False positive and override

HOTSPOT
-
You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure AD.
You have a custom compliance manager template named Regulation1.
You have the assessments shown in the following table.
 
Assessment1 has the improvement actions shown in the following table.
 
Assessment2 has the improvement actions shown in the following table.
 
You perform the following actions:
•	For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.
•	Enable multi-factor authentication (MFA) for all users.
•	Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise select No.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
You create an information barrier segment named Segment1.
You need to add Segment1 to Site1.
What should you do first?

A. Run the Set-SPOSite cmdlet.

B. Run the Set-SPOTenant cmdlet.

C. Create an information barrier policy.

D. Modify the permissions of Site1.

You need to automatically apply a sensitivity label to documents that contain information about your company's network including computer names, IP addresses, and configuration information.
Which two objects should you use? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.

A. an Information protection auto-labeling policy

B. a custom trainable classifier

C. a sensitive info type that uses a regular expression

D. a data loss prevention (DLP) policy

E. a sensitive info type that uses keywords

F. a sensitivity label that has auto-labeling

You need to create a retention policy to retain all the files from Microsoft Teams channel conversations and private chats.
Which two locations should you select in the retention policy? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.

A. OneDrive accounts

B. Office 365 groups

C. Team channel messages

D. SharePoint sites

E. Team chats

F. Exchange email

HOTSPOT -
You enable archive mailboxes for all the users at your company.
The Default MRM Policy is shown in the MRM exhibit.
 
A Microsoft 365 retention label policy is shown in the Label Policy exhibit.
 
You need to identify the following:
✑ How many years until an email is archived?
✑ What should you modify to change the retention period for archiving?
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT
-
You have a Microsoft 365 subscription.
You create a retention label named Label1 as shown in the following exhibit.
 
You publish Label1 to SharePoint sites.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Cloud App Security portal, you mark the application as Unsanctioned.
Does this meet the goal?

A. Yes

B. No

A user reports that she can no longer access a Microsoft Excel file named Northwind Customer Data.xlsx.
From the Cloud App Security portal, you discover the alert shown in the exhibit.
 
You restore the file from quarantine.
You need to prevent files that match the policy from being quarantined. Files that match the policy must generate an alert.
What should you do?

A. Modify the policy template.

B. Assign the Global reader role to the file owners.

C. Exclude file matching by using a regular expression.

D. Update the governance action.

You have a Microsoft 365 E5 subscription that uses Microsoft Purview. The subscription contains two groups named Group1 and Group2.
You need to implement a policy to detect messages that present a conflict of interest between the users in Group1 and the users in Group2.
What should you use in the Microsoft Purview compliance portal?

A. Insider risk management

B. Privacy risk management

C. Information barriers

D. Communication compliance

DRAG DROP -
You need to recommend a solution that meets the sales requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Choose three.)
Select and Place:
 

You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You need to ensure that you receive an alert when a user uploads a document to a third-party cloud storage service.
What should you use?

A. an insider risk policy

B. a file policy

C. a sensitivity label

D. an activity policy

DRAG DROP
-
You have a Microsoft 365 E5 subscription.
You need to configure Microsoft Priva Privacy Risk Management polices to generate alerts for the following scenarios:
• Scenario1: Personal customer data is stored in files located on publicly accessible Microsoft SharePoint Online sites
• Scenario2: Personal customer data is discussed in a Microsoft Teams chat.
• Scenario3: Personal customer data is emailed outside of an organization.
Which policy template should you use for each scenario? To answer, drag the appropriate policy templates to the correct scenarios. Each template may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 subscription that contains a Microsoft SharePoint site named Site1.
For Site1, users are assigned the roles shown in the following table.
 
You publish retention labels to Site1 as shown in the following table.
 
You have the files shown in the following table.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 subscription.
You create a new trainable classifier.
You need to train the classifier.
Which source can you use to train the classifier?

A. a Microsoft SharePoint Online site

B. an on-premises Microsoft SharePoint Server site

C. an NFS file share

D. an Azure Files share

HOTSPOT -
You have a Microsoft SharePoint Online site that contains the following files.
 
Users are assigned roles for the site as shown in the following table.
 
Which files can User1 and User2 view? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT
-
You have a Microsoft 365 E5 tenant that contains two users named User1 and User2 and a Microsoft SharePoint Online site named Site1 as shown in the following exhibit.
 
For Site1, the users are assigned the roles shown in the following table.
 
You publish a retention label named Retention1 to Site1.
To which files can the users apply Retention1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 subscription that contains two groups named Group1 and Group2.
You have the compliance assessments shown in the following table.
 
You have the improvement actions shown in the following table.
 
You perform the following actions:
•	Create and publish a retention label.
•	Implement security awareness training for all users.
•	For Action4, change Implementation status to Implemented.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You are creating a custom trainable classifier to identify organizational product codes referenced in Microsoft 365 content.
You identify 300 files to use as seed content.
Where should you store the seed content?

A. a Microsoft SharePoint Online folder

B. a Microsoft OneDrive for Business folder

C. an Azure file share

D. Microsoft Exchange Online shared mailbox

HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.
 
You have the Compliance Manager improvement action shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

You need to ensure that documents in a Microsoft SharePoint Online site that contain a reference to Project Alpha are retained for two years, and then deleted.
Which two objects should you create? Each correct answer presents part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.

A. a retention policy

B. an auto-apply label policy

C. a sensitive info type

D. a retention label

E. a sensitivity label

F. a publish labels policy

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have a user named User1. Several users have full access to the mailbox of User1.
Some email messages sent to User1 appear to have been read and deleted before the user viewed them.
When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.
You need to ensure that you can view future sign-ins to the mailbox of User1.
Solution: You run the Set-MailboxFolderPermission -Identity "User1" -User
User1@contoso.com
-AccessRights Owner command.
Does that meet the goal?

A. Yes

B. No

SIMULATION
-
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@123456789.onmicrosoft.com
Microsoft 365 Password: **********
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 12345678
-
You discover that all users can apply the Confidential - Finance label.
You need to ensure that the Confidential - Finance label is available only to the members of the Finance Team group.
To complete this task, sign in to the appropriate admin center.

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
 
You create the retention label shown in the following exhibit.
 
Which users can perform a disposition review of content that has Retention1 applied?

A. Admin2 only

B. Admin3 only

C. Admin1 and Admin2 only

D. Admin1 and Admin3 only

E. Admin2 and Admin3 only

F. Admin1, Admin2, and Admin3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10. The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers. Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Cloud App Security portal, you create an app discovery policy.
Does this meet the goal?

A. Yes

B. No

You have a Microsoft 365 tenant that uses records management.
You use a retention label to mark legal files stored in a Microsoft SharePoint Online document library as regulatory records.
What can you do to the legal files?

A. Rename the files.

B. Edit the properties of the files.

C. Change the retention label of the files.

D. Copy the content of the files.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has all locations selected.
Does this meet the goal?

A. Yes

B. No

You are planning a data loss prevention (DLP) solution that will apply to computers that run Windows 10.
You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:
✑ If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
✑ All other users must be blocked from copying the file.
What should you create?

A. two DLP policies that each contains one DLP rule

B. one DLP policy that contains one DLP rule

C. one DLP policy that contains two DLP rules

You create a retention label that has a retention period of seven years.
You need to ensure that documents containing a credit card number are retained for seven years. Other documents must not be retained.
What should you create?

A. a retention label policy of type publish

B. a retention policy that retains files automatically

C. a retention policy that deletes files automatically

D. a retention label policy of type auto-apply

HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains the data loss prevention (DLP) policies shown in the following table.
 
You have a custom employee information form named Templatel.docx.
You plan to create a sensitive info type named Sensitive1 that will use the document fingerprint from Template1.docx.
What should you use to create Sensitive1, and in which DLP policies can you use Sensitive1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT -
You plan to implement Microsoft 365 Endpoint data loss prevention (Endpoint DLP).
You need to identify which end user activities can be audited on the endpoints, and which activities can be restricted on the endpoints.
What should you identify for each activity? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.
 
You have a retention label configured as shown in the following exhibit.
 
You publish the retention label and set the scope as shown in the following exhibit.
 
You apply the label to the resources.
Which items can you delete?

A. Mail1 only

B. File1.docx and File2.xlsx only

C. Mail1 and File1.docx only

D. Mail1 and File2.xlsx only

E. Mail1, File1.docx, and File2.xlsx

You have a Microsoft 365 subscription that contains a Microsoft 365 group named Group1. Group1 contains 100 users and has dynamic user membership.
All users have Windows 10 devices and use Microsoft SharePoint Online and Exchange Online.
You create a sensitivity label named Label1 and publish Label1 as the default label for Group1.
You need to ensure that the users in Group must apply Label1 to their email and documents.
Which two actions should you perform? Each correct answer presents part of the solution
NOTE: Each correct selection is worth one point.

A. From the Microsoft Purview compliance portal, create an auto-labeling policy.

B. Install the Active Directory Rights Management Services (AD RMS) client on the Windows 10 devices,

C. From the Microsoft Purview compliance portal, modify the settings of the Label1 policy.

D. Install the Azure Information Protection unified labeling client on the Windows 10 devices.

E. From the Microsoft Entra admin center, set Membership type for Group1 to Assigned.

You have a Microsoft 365 E5 subscription that uses Microsoft Teams and contains a user named User1.
You configure Microsoft Purview Information Barriers.
You need to identify which information barrier policies apply to User1.
Which cmdlet should you use?

A. Get-OrganizationSegment

B. Get-InformationBarrierRecipientStatus

C. Get-InformationBarrierPolicy

D. Get-InformationBarrierPoliciesApplicationStatus