Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsMS-900TopicsDescribe security, compliance, privacy, and trust in Microsoft 365
Free · No Signup RequiredMicrosoft · MS-900

MS-900 Describe security, compliance, privacy, and trust in Microsoft 365 Practice Questions

20+ practice questions focused on Describe security, compliance, privacy, and trust in Microsoft 365 — one of the most tested topics on the Microsoft 365 Fundamentals MS-900 exam. Each question includes a detailed explanation so you learn why the right answer is correct.

Start Describe security, compliance, privacy, and trust in Microsoft 365 Practice

Exam Domains

Describe Microsoft 365 apps and servicesDescribe Microsoft 365 pricing, licensing, and supportDescribe cloud conceptsDescribe security, compliance, privacy, and trust in Microsoft 365Describe Microsoft 365 pricing and supportAll domains →

Study Tools

Practice TestMock ExamFlashcardsAll Topics

Sample Describe security, compliance, privacy, and trust in Microsoft 365 Questions

Practice all 20+ →
1.

An organization is concerned about data leakage from sensitive emails. They want to enforce encryption on emails containing financial information automatically. Which Microsoft 365 solution should they configure?

A.Data Loss Prevention (DLP) policies
B.Microsoft Purview Message Encryption
C.Microsoft Purview Information Protection (Microsoft Purview Information Protection)
D.Exchange Online Protection (EOP)

Explanation: Microsoft Purview Message Encryption (Option B) is the correct solution because it enables organizations to send and receive encrypted email messages, and it can be configured with mail flow rules to automatically encrypt emails containing sensitive financial information. This service leverages Azure Rights Management (Azure RMS) to provide persistent protection that follows the email, ensuring only authorized recipients can decrypt and read the content.

2.

A financial services company must prevent users from accidentally sharing sensitive customer data externally. They want to block sharing of any document containing a credit card number via email or SharePoint. What combination of Microsoft 365 compliance solutions should they use?

A.Sensitivity labels and Microsoft Purview Information Protection (Microsoft Purview Information Protection)
B.Data Loss Prevention (DLP) policies
C.Microsoft Purview Compliance Manager
D.Exchange Online Protection (EOP) and Microsoft Defender for Microsoft 365

Explanation: Data Loss Prevention (DLP) policies in Microsoft Purview are specifically designed to detect and block the sharing of sensitive information, such as credit card numbers, across email (Exchange Online) and SharePoint. By scanning content for predefined sensitive info types (e.g., credit card numbers using regex patterns from the DLP engine), DLP can automatically block or warn users before external sharing occurs, meeting the company's requirement.

3.

A company needs to ensure that all email and document content is preserved for legal purposes, even if users permanently delete items. This requirement demands that content be kept indefinitely until the legal hold is released. Which Microsoft 365 feature should they enable?

A.Retention policy
B.Litigation hold
C.eDiscovery
D.Data Loss Prevention (DLP)

Explanation: Litigation hold is the correct feature because it preserves all mailbox and document content in its original state indefinitely until the hold is explicitly released. Unlike a retention policy, which can delete content after a specified period, Litigation hold ensures that even permanently deleted items are retained in the Recoverable Items folder, meeting the legal preservation requirement.

4.

A healthcare organization must protect patient health information (PHI) from being accidentally shared externally via email. They need to automatically block emails containing medical record numbers from being sent outside the organization and also encrypt any email that does contain PHI when it is allowed. Which two Microsoft Purview solutions should they combine? (Choose two.)

A.Microsoft Purview Data Loss Prevention (DLP)
B.Microsoft Purview eDiscovery
C.Microsoft Purview Message Encryption
D.Microsoft Purview Audit (Standard)

Explanation: Microsoft Purview Data Loss Prevention (DLP) is correct because it can automatically detect sensitive data, such as medical record numbers (PHI), in emails and apply policy actions like blocking external transmission. This directly addresses the requirement to prevent accidental sharing of PHI via email.

5.

A healthcare organization stores patient records in SharePoint Online. They need to ensure that the data is encrypted at rest and in transit. Which statement is true regarding Microsoft 365 encryption?

A.Microsoft provides default encryption for data at rest and in transit.
B.Customers must enable encryption at rest manually for each workload.
C.Encryption only applies to Exchange Online, not SharePoint or OneDrive.
D.Encryption is optional and can be turned off if a customer chooses.

Explanation: Microsoft 365 provides default encryption for data at rest and in transit across all workloads, including SharePoint Online, Exchange Online, and OneDrive for Business. For data at rest, Microsoft uses BitLocker Drive Encryption and service-side encryption with per-file keys, while data in transit is secured using TLS 1.2+ and IPSec. This means the healthcare organization's patient records in SharePoint Online are automatically encrypted without any manual configuration.

+15 more Describe security, compliance, privacy, and trust in Microsoft 365 questions available

Practice all Describe security, compliance, privacy, and trust in Microsoft 365 questions

How to master Describe security, compliance, privacy, and trust in Microsoft 365 for MS-900

1. Baseline your knowledge

Start with 10 questions to gauge your current understanding of Describe security, compliance, privacy, and trust in Microsoft 365. This tells you whether you need a concept refresher or just practice.

2. Review every explanation

For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.

3. Focus on exam traps

Describe security, compliance, privacy, and trust in Microsoft 365 questions on the MS-900 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.

4. Reach 80% consistently

Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.

Frequently asked questions

How many MS-900 Describe security, compliance, privacy, and trust in Microsoft 365 questions are on the real exam?

The exact number varies per candidate. Describe security, compliance, privacy, and trust in Microsoft 365 is tested as part of the Microsoft 365 Fundamentals MS-900 blueprint. Practicing with targeted Describe security, compliance, privacy, and trust in Microsoft 365 questions ensures you can handle any format or difficulty that appears.

Are these MS-900 Describe security, compliance, privacy, and trust in Microsoft 365 practice questions free?

Yes. Courseiva provides free MS-900 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.

Is Describe security, compliance, privacy, and trust in Microsoft 365 one of the harder MS-900 topics?

Difficulty is subjective, but Describe security, compliance, privacy, and trust in Microsoft 365 is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.

Ready to practice?

Launch a full Describe security, compliance, privacy, and trust in Microsoft 365 practice session with instant scoring and detailed explanations.

Start Describe security, compliance, privacy, and trust in Microsoft 365 Practice →

Topic Info

Topic

Describe security, compliance, privacy, and trust in Microsoft 365

Exam

MS-900

Questions available

20+