- A
A sensitivity label configured for auto-labeling.
The label must exist and be enabled for auto-labeling.
- B
A DLP policy for the same sensitive info type.
Why wrong: DLP policies are not required for auto-labeling.
- C
A sensitive info type or trainable classifier.
The policy uses these to detect content.
- D
An auto-labeling policy that specifies the label and locations.
The policy defines where and how to apply.
- E
An information barrier policy.
Why wrong: Information barriers are not required.
Quick Answer
The answer is a sensitivity label configured for auto-labeling, an auto-labeling policy that specifies the label and locations, and a sensitive info type or trainable classifier to trigger labeling. These three components work together because the label must first be created and set to auto-labeling, then the policy defines where and when to apply it, and finally the classifier detects the specific content—such as credit card numbers or custom patterns—to automatically assign the label. On the MS-102 exam, this question tests your understanding that auto-labeling is distinct from manual or default labeling, and a common trap is confusing DLP policies or information barriers as required components when they are not. Remember the mnemonic LPC: Label, Policy, Classifier—if any of these three is missing, auto-labeling cannot function.
MS-102 Manage compliance by using Microsoft Purview Practice Question
This MS-102 practice question tests your understanding of manage compliance by using microsoft purview. This is a configuration task: choose the command set that satisfies every stated requirement. Small differences — like 'secret' vs 'password' or 'transport input ssh' vs 'all' — change whether the answer is correct. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
Which THREE components are required to implement auto-labeling for sensitivity labels in Microsoft 365?
Answer choices
Why each option matters
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
A sensitivity label configured for auto-labeling.
Auto-labeling requires a sensitivity label configured for auto-labeling, a policy that specifies the label and locations, and a sensitive info type or trainable classifier to trigger labeling. Option A is correct because the label must be created first. Option C is correct because the auto-labeling policy defines when and where to apply. Option E is correct because the policy uses sensitive info types or trainable classifiers to detect content. Option B is wrong because DLP policies are separate. Option D is wrong because information barriers are not required.
Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
- ✓
A sensitivity label configured for auto-labeling.
Why this is correct
The label must exist and be enabled for auto-labeling.
Related concept
Read the scenario before looking for a memorised answer.
- ✗
A DLP policy for the same sensitive info type.
Why it's wrong here
DLP policies are not required for auto-labeling.
- ✓
A sensitive info type or trainable classifier.
Why this is correct
The policy uses these to detect content.
Related concept
Read the scenario before looking for a memorised answer.
- ✓
An auto-labeling policy that specifies the label and locations.
Why this is correct
The policy defines where and how to apply.
Related concept
Read the scenario before looking for a memorised answer.
- ✗
An information barrier policy.
Why it's wrong here
Information barriers are not required.
Common exam traps
Common exam trap: answer the scenario, not the keyword
Many certification questions include familiar terms but test a specific constraint. Read the exact wording before choosing an answer that is generally true but wrong for this case.
Detailed technical explanation
How to think about this question
This question should be treated as a scenario, not a definition check. Identify the problem, the constraint and the best action. Then compare each option against those facts.
KKey Concepts to Remember
- Read the scenario before looking for a memorised answer.
- Find the constraint that changes the correct option.
- Eliminate answers that are true in general but not in this case.
- Use explanations to understand the rule behind the answer.
TExam Day Tips
- Underline the problem statement mentally.
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Real-world example
How this comes up in practice
A cloud solutions architect for a retail company is evaluating services for a new workload. The correct answer here reflects best practice for the specific scenario described — not a general cloud recommendation. Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option. Cloud exam questions reward reading the constraint carefully: the same technology can be right or wrong depending on the use case.
What to study next
Got this wrong? Here's your next step.
Identify which MS-102 exam domain this question belongs to, then review the specific concept being tested. Practise related questions in that domain and focus on understanding why each wrong answer is tempting — not just why the correct answer is right.
- →
Manage compliance by using Microsoft Purview — study guide chapter
Learn the concepts, then practise the questions
- →
Manage compliance by using Microsoft Purview practice questions
Targeted practice on this topic area only
- →
All MS-102 questions
975 questions across all exam domains
- →
Microsoft 365 Administrator MS-102 study guide
Full concept coverage aligned to exam objectives
- →
MS-102 practice test guide
How to use practice tests most effectively before exam day
Related practice questions
Related MS-102 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
Deploy and manage a Microsoft 365 tenant practice questions
Practise MS-102 questions linked to Deploy and manage a Microsoft 365 tenant.
Implement and manage Microsoft Entra identity and access practice questions
Practise MS-102 questions linked to Implement and manage Microsoft Entra identity and access.
Manage security and threats by using Microsoft Defender XDR practice questions
Practise MS-102 questions linked to Manage security and threats by using Microsoft Defender XDR.
Manage compliance by using Microsoft Purview practice questions
Practise MS-102 questions linked to Manage compliance by using Microsoft Purview.
Manage users, groups, licensing, and support practice questions
Practise MS-102 questions linked to Manage users, groups, licensing, and support.
Implement and manage identity and access in Microsoft Entra ID practice questions
Practise MS-102 questions linked to Implement and manage identity and access in Microsoft Entra ID.
MS-102 fundamentals practice questions
Practise MS-102 questions linked to MS-102 fundamentals.
MS-102 scenario practice questions
Practise MS-102 questions linked to MS-102 scenario.
MS-102 troubleshooting practice questions
Practise MS-102 questions linked to MS-102 troubleshooting.
Practice this exam
Start a free MS-102 practice session
Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.
FAQ
Questions learners often ask
What does this MS-102 question test?
Manage compliance by using Microsoft Purview — This question tests Manage compliance by using Microsoft Purview — Read the scenario before looking for a memorised answer..
What is the correct answer to this question?
The correct answer is: A sensitivity label configured for auto-labeling. — Auto-labeling requires a sensitivity label configured for auto-labeling, a policy that specifies the label and locations, and a sensitive info type or trainable classifier to trigger labeling. Option A is correct because the label must be created first. Option C is correct because the auto-labeling policy defines when and where to apply. Option E is correct because the policy uses sensitive info types or trainable classifiers to detect content. Option B is wrong because DLP policies are separate. Option D is wrong because information barriers are not required.
What should I do if I get this MS-102 question wrong?
Identify which MS-102 exam domain this question belongs to, then review the specific concept being tested. Practise related questions in that domain and focus on understanding why each wrong answer is tempting — not just why the correct answer is right.
What is the key concept behind this question?
Read the scenario before looking for a memorised answer.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Same concept, more angles
7 more ways this is tested on MS-102
These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.
Variation 1. Refer to the exhibit. You are configuring auto-labeling for sensitivity labels. The JSON snippet is part of the policy configuration. When a document containing a credit card number is detected, what will happen?
easy- ✓ A.The document will be automatically encrypted.
- B.The document will be retained for a default period.
- C.The document will be marked as a record.
- D.The document will be blocked from sharing.
Why A: The rule specifies an action to encrypt when a credit card number is detected. Option B is correct because the action is 'encrypt'. Option A is wrong because the action includes encrypt. Option C is wrong because no retention action is specified. Option D is wrong because it does not block sharing.
Variation 2. Refer to the exhibit. You are configuring an auto-labeling policy in Microsoft Purview. The policy is set to apply the 'Confidential' label to documents that contain a specific sensitive info type. However, when a document is auto-labeled, users report that the footer and header are not applied. The label 'Confidential' itself does not have marking configurations. What is the most likely reason?
hard- A.The label is not published to users.
- B.The Microsoft 365 Apps client is not configured to apply markings.
- ✓ C.The marking defaults are defined in the policy but the label does not have markings configured.
- D.The policy settings override the label settings, causing markings to be ignored.
Why C: Option A is correct because the MarkingDefaults in the policy settings apply to all labels if the label itself does not have markings. However, the exhibit shows MarkingDefaults are defined, but they are part of the policy settings, not the label. The auto-labeling policy applies the label, but the markings are not applied because the label does not have them. Option B is wrong because the marking defaults are for the policy, but they might not be applied during auto-labeling. Option C is wrong because client settings are not relevant for auto-labeling. Option D is wrong because the label is published.
Variation 3. Refer to the exhibit. You are reviewing a Microsoft Purview auto-labeling policy configuration. The SensitivityTypes GUID corresponds to a sensitive info type that detects credit card numbers. The LabelId is for a 'Confidential' label. Users report that documents containing credit card numbers are not being automatically labeled. What is the most likely reason?
hard- A.The 'Confidential' label is not published to users.
- B.The sensitive info type GUID is incorrect.
- C.Users do not have the appropriate license for auto-labeling.
- ✓ D.The auto-labeling policy is not scoped to the correct locations (e.g., SharePoint, Exchange).
Why D: Option D is correct because the exhibit shows the condition is set to 'AllUsers', which means all users are targeted, but the label assignment method is 'Automatic' with a condition. However, the policy might not have been configured to apply to locations like SharePoint or Exchange. Option A is wrong because the sensitive info type is correct. Option B is wrong because automatic labeling does not require a user license for the label. Option C is wrong because the label is published if it's in the policy.
Variation 4. A Microsoft Purview auto-labeling policy for sensitivity labels is matching too many SharePoint documents after simulation. Which two changes would most directly reduce false positives before enabling automatic labeling? (Choose two.)
hard- ✓ A.Increase the confidence level or instance-count requirement for the sensitive information type
- ✓ B.Add supporting keyword or contextual conditions to the auto-labeling rule
- C.Turn on automatic labeling immediately and wait for users to report problems
- D.Replace the sensitivity label with a retention label
Why A: Increasing the confidence level or instance-count requirement for the sensitive information type (SIT) directly reduces false positives by raising the threshold for what qualifies as a match. A higher confidence level means the classification engine requires stronger evidence (e.g., more keywords or a closer proximity to a pattern), while a higher instance count requires the sensitive data to appear multiple times in the document. Both adjustments make the auto-labeling rule more selective, ensuring only documents with a high likelihood of containing the specified sensitive content are labeled.
Variation 5. Your organization has a Microsoft Purview auto-labeling policy that applies a 'Highly Confidential' label to emails containing 'Social Security Number'. The policy is configured to label emails when they are sent. However, some emails are still being sent without the label. What should you verify first?
medium- A.That the auto-labeling policy is enabled.
- ✓ B.That the auto-labeling policy is configured to apply the label at the time of sending.
- C.That the 'Social Security Number' sensitive info type is correctly defined.
- D.That the auto-labeling policy has the highest priority.
Why B: Option C is correct because auto-labeling for emails occurs at send time; if the policy is not set to apply at send, it won't label. Option A is wrong because the policy is enabled. Option B is wrong because the SSN type is likely correct. Option D is wrong because priority affects which policy wins, but if the policy is not set to apply at send, it won't label regardless.
Variation 6. A compliance officer needs to automatically classify documents in SharePoint Online that contain credit card numbers. The classification should apply a label that restricts access and adds a header. Which two Microsoft Purview features must be configured? (Choose two.)
medium- ✓ A.Sensitivity labels
- B.Retention labels
- C.Data Loss Prevention (DLP) policies
- ✓ D.Auto-labeling policies
Why A: Sensitivity labels are correct because they are the Microsoft Purview feature that applies classification markings (such as headers and footers) and encryption or access restrictions to documents. For this scenario, a sensitivity label must be configured to enforce the required header and access restrictions on content containing credit card numbers.
Variation 7. Your organization needs to automatically detect and classify documents containing passport numbers in SharePoint Online. Which Microsoft Purview feature should you use?
easy- A.eDiscovery (Premium).
- ✓ B.Auto-labeling with sensitivity labels.
- C.Data Lifecycle Management (DLM) policy.
- D.Data Loss Prevention (DLP) policy.
Why B: Auto-labeling in Microsoft Purview can automatically apply sensitivity labels to documents that contain sensitive information types like passport numbers. Option B is incorrect because DLP policies detect and protect but don't classify. Option C is incorrect because Data Lifecycle Management is for retention. Option D is incorrect because eDiscovery is for search and export.
Keep practising
More MS-102 practice questions
- A company has a hybrid identity with password hash synchronization. They want to ensure that any user whose account is d…
- A company is deploying Microsoft 365 and wants to ensure that users in the finance department have access to only the ap…
- An administrator wants to add a custom domain 'fabrikam.com' to a new Microsoft 365 tenant. What is the first step the a…
- A company wants to implement just-in-time (JIT) privileged access for the Global Administrator role in Microsoft Entra I…
- A company recently added the custom domain 'contoso.com' to their Microsoft 365 tenant. Users report that they cannot re…
- A company uses Azure AD Connect with password hash synchronization. They want to enable Azure AD Seamless Single Sign-On…
Last reviewed: Jun 21, 2026
This MS-102 practice question is part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the MS-102 exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.