CCNA Describe the capabilities of Microsoft compliance solutions Questions

75 of 333 questions · Page 1/5 · Describe the capabilities of Microsoft compliance solutions · Answers revealed

1
MCQmedium

Your organization uses Microsoft Purview to classify data. You need to automatically apply a 'Confidential' label to documents that contain salary information. Which type of sensitivity label configuration should you use?

A.Manual labeling
B.Auto-labeling with sensitive information types
C.Default labeling for SharePoint libraries
D.Mandatory labeling policy
AnswerB

Auto-labeling can detect salary information and apply labels automatically.

Why this answer

Option B is correct because auto-labeling rules can automatically apply labels based on sensitive information types. Option A is wrong because manual labeling requires user action. Option C is wrong because default labeling applies to new documents but not based on content.

Option D is wrong because mandatory labeling requires users to label but does not auto-apply.

2
MCQmedium

A company has been fined for failing to respond to a data subject access request (DSAR) within the required timeframe. The compliance team needs to streamline the process of identifying and exporting personal data when a DSAR is received. Which Microsoft Purview solution should they use?

A.Microsoft Purview Compliance Manager
B.Microsoft Purview Communication Compliance
C.Microsoft Purview eDiscovery (Premium)
D.Microsoft Purview Data Lifecycle Management
AnswerC

eDiscovery (Premium) is designed for legal and regulatory requests, including DSARs.

Why this answer

Microsoft Purview eDiscovery (Premium) provides advanced search, hold, and export capabilities for responding to DSARs. Data Lifecycle Management handles retention. Communication Compliance monitors communications.

Compliance Manager assesses compliance posture but does not handle DSAR workflows.

3
MCQmedium

A financial services company needs to monitor employee communications in Microsoft Teams and Exchange Online for potential policy violations, such as sharing insider trading tips. They want to automatically detect specific keywords and phrases, and then allow designated reviewers to flag and escalate the messages. Which Microsoft Purview solution should they use?

A.Microsoft Purview Communication Compliance
B.Microsoft Purview Data Lifecycle Management
C.Microsoft Purview Information Barriers
D.Microsoft Purview eDiscovery
AnswerA

Correct. Communication Compliance is designed to monitor and review communications for policy violations, such as insider trading, using customizable policies and automated detection.

Why this answer

Microsoft Purview Communication Compliance is the correct solution because it is specifically designed to detect policy violations in communications like Microsoft Teams chats and Exchange Online emails. It uses customizable policies to automatically scan for sensitive keywords and phrases (e.g., insider trading terms), and then routes flagged messages to designated reviewers for investigation, flagging, and escalation. This aligns directly with the requirement to monitor employee communications for policy violations and enable reviewer workflows.

Exam trap

The trap here is that candidates often confuse Communication Compliance with eDiscovery, assuming eDiscovery can proactively monitor and flag messages, but eDiscovery is reactive and designed for legal holds and searches, not real-time policy violation detection and review workflows.

How to eliminate wrong answers

Option B is wrong because Microsoft Purview Data Lifecycle Management focuses on retaining, deleting, and managing data based on lifecycle policies, not on monitoring communications for policy violations or keyword detection. Option C is wrong because Microsoft Purview Information Barriers are used to prevent communication and collaboration between specific groups (e.g., to avoid conflicts of interest), but they do not scan for keywords or provide a review workflow for policy violations. Option D is wrong because Microsoft Purview eDiscovery is designed for legal discovery and litigation support, allowing search and export of content, but it does not proactively monitor communications in real-time or automatically flag policy violations for review.

4
MCQmedium

A company uses Microsoft 365 and needs to identify and protect sensitive data, such as credit card numbers, stored in SharePoint Online and OneDrive for Business. They also want to prevent users from sharing this data externally. Which Microsoft Purview solution should they use?

A.Data Loss Prevention (DLP)
B.Data Lifecycle Management (DLM)
C.Information Protection (sensitivity labels)
D.Audit (Standard)
AnswerA

Correct. DLP policies can identify sensitive data such as credit card numbers and automatically block actions like sharing externally. It also provides policy tips to educate users.

Why this answer

Data Loss Prevention (DLP) in Microsoft Purview is the correct solution because it is specifically designed to identify, monitor, and automatically protect sensitive data like credit card numbers (using built-in sensitive information types such as Credit Card Number) across Microsoft 365 services, including SharePoint Online and OneDrive for Business. DLP policies can enforce rules to block or restrict external sharing of such data, directly meeting the requirement to prevent users from sharing sensitive data externally.

Exam trap

The trap here is that candidates often confuse Information Protection (sensitivity labels) with DLP, assuming labels alone can prevent external sharing, but labels require DLP policies to enforce sharing restrictions based on the label's classification.

How to eliminate wrong answers

Option B (Data Lifecycle Management) is wrong because it focuses on retaining, deleting, or archiving data based on lifecycle policies (e.g., retention tags, expiration dates), not on identifying or preventing the sharing of sensitive content. Option C (Information Protection with sensitivity labels) is wrong because while sensitivity labels can classify and protect data with encryption or visual markings, they do not natively include the ability to scan for specific data patterns like credit card numbers or enforce external sharing blocks without being combined with DLP policies. Option D (Audit Standard) is wrong because it only provides logging and visibility into user activities (e.g., who accessed or shared a file), but does not actively identify sensitive data or prevent sharing.

5
MCQmedium

Refer to the exhibit. You run the PowerShell command to search the unified audit log for file deletions. The command returns no results, but you know a file was deleted last week. What is the most likely reason?

A.The operation name 'FileDeleted' is incorrect
B.Audit logging is not enabled for the organization
C.Audit logs are only retained for 90 days
D.The StartDate and EndDate are incorrect
AnswerB

If audit logging is not enabled, no audit records are captured.

Why this answer

Option B is correct because Audit (Standard) only retains audit logs for 90 days, but the issue here is that the command uses -Operations FileDeleted, which may not be the correct operation name; however, the most likely reason is that Audit (Premium) is required for certain operations. Actually, FileDeleted is a valid operation. The correct answer is that Audit logging must be enabled.

Option A is wrong because the command is correct. Option C is wrong because 7 days is within retention. Option D is wrong because the operation name is correct.

6
MCQhard

A multinational corporation has data stored across multiple clouds (Azure, AWS) and on-premises. The data governance team needs to create a single inventory of all data assets, automatically classify sensitive data (e.g., credit card numbers) across these sources, and track how data moves and transforms (lineage). Which Microsoft Purview solution should they use?

A.Microsoft Purview Data Map
B.Microsoft Purview Compliance Manager
C.Microsoft Purview Data Lifecycle Management
D.Microsoft Purview eDiscovery
AnswerA

Data Map creates a unified inventory of data assets, enables automated classification, and tracks lineage across multi-cloud and on-premises sources.

Why this answer

Microsoft Purview Data Map is the correct solution because it provides a unified map of data assets across multi-cloud (Azure, AWS) and on-premises sources, supports automated sensitive data classification (e.g., credit card numbers via built-in classifiers), and tracks data lineage to show how data moves and transforms. This directly meets the requirements for a single inventory, classification, and lineage tracking.

Exam trap

The trap here is that candidates often confuse Microsoft Purview Data Map with Data Lifecycle Management, thinking both handle data classification, but Data Map specifically provides the unified inventory and lineage tracking across hybrid and multi-cloud environments, while Data Lifecycle Management only handles retention and deletion policies.

How to eliminate wrong answers

Option B is wrong because Microsoft Purview Compliance Manager is a risk assessment and compliance management tool that helps track regulatory compliance posture, not a solution for data inventory, classification, or lineage. Option C is wrong because Microsoft Purview Data Lifecycle Management focuses on retention policies, deletion, and data governance for lifecycle stages, not on creating a data map or tracking lineage. Option D is wrong because Microsoft Purview eDiscovery is designed for legal discovery and search of content in Microsoft 365, not for multi-cloud data inventory, classification, or lineage tracking.

7
MCQhard

A company wants to proactively detect and investigate potential insider security risks, such as a departing employee copying large amounts of data to a personal USB drive or sharing confidential files with unauthorized individuals. Which Microsoft Purview solution should they use?

A.Data Lifecycle Management
B.Insider Risk Management
C.Communication Compliance
D.eDiscovery (Standard)
AnswerB

Insider Risk Management is designed to detect, triage, and respond to potentially risky activities by users inside the organization.

Why this answer

Insider Risk Management in Microsoft Purview is specifically designed to detect, investigate, and act on risky user activities that may lead to data security incidents, such as unauthorized data exfiltration by departing employees. It uses predefined and customizable policies to correlate signals from Microsoft 365 logs (e.g., copying files to USB, sharing with external users) and applies risk-scoring to prioritize alerts. This makes it the correct solution for proactively identifying potential insider threats like bulk data copying or unauthorized file sharing.

Exam trap

The trap here is that candidates often confuse Communication Compliance (which monitors communications) with Insider Risk Management (which monitors risky user behavior and data actions), leading them to select Communication Compliance when the scenario explicitly describes data exfiltration actions rather than communication violations.

How to eliminate wrong answers

Option A (Data Lifecycle Management) is wrong because it focuses on retaining, deleting, and managing data based on compliance or business requirements, not on detecting user behavior or insider threats. Option C (Communication Compliance) is wrong because it is designed to monitor communications (emails, Teams chats) for policy violations like harassment or inappropriate sharing, but it does not detect data exfiltration actions such as copying to USB drives. Option D (eDiscovery Standard) is wrong because it is used for searching and exporting content for legal or investigative purposes after an incident has been identified, not for proactive detection of risky user behavior.

8
MCQeasy

An organization uses Microsoft Purview Communication Compliance. They need to monitor Microsoft Teams messages for potential insider trading language. What should they configure?

A.An eDiscovery case
B.A Communication Compliance policy
C.A Data Loss Prevention policy
D.A sensitivity label policy
AnswerB

Communication Compliance monitors communications for policy violations.

Why this answer

Option D is correct because Communication Compliance policies can monitor Teams messages for specific conditions like keywords. Option A is wrong because DLP is for data loss prevention. Option B is wrong because eDiscovery is for search.

Option C is wrong because sensitivity labels are for classification.

9
Multi-Selecteasy

Which TWO of the following are Microsoft Purview solutions that help protect sensitive data?

Select 2 answers
A.Communication Compliance
B.eDiscovery
C.Data Loss Prevention (DLP)
D.Sensitivity labels
E.Insider Risk Management
AnswersC, D

DLP prevents unauthorized sharing of sensitive data.

Why this answer

Sensitivity labels and Data Loss Prevention (DLP) are both Purview solutions that protect sensitive data. Insider Risk Management detects risks but does not directly protect data. Communication Compliance monitors communications. eDiscovery is for discovery.

So correct: A and B.

10
MCQhard

A law firm uses Microsoft 365. They must retain all client communication records for 10 years due to regulatory requirements. After 10 years, the records must be permanently deleted. Additionally, they need to ensure that users cannot permanently delete these records before the retention period ends. Which Microsoft Purview solution should they configure?

A.Microsoft Purview Data Lifecycle Management
B.Microsoft Purview Records Management
C.Microsoft Purview eDiscovery
D.Microsoft Purview Audit
AnswerB

Correct. Records Management allows you to declare items as records, which locks them against deletion and editing, and then apply retention and disposition settings.

Why this answer

Microsoft Purview Records Management is the correct solution because it allows the law firm to apply retention labels that mark content as a regulatory record, which prevents users from permanently deleting the records before the retention period ends. It also supports disposition review and permanent deletion after the specified 10-year retention period, meeting both the retention and deletion requirements.

Exam trap

The trap here is that candidates often confuse Data Lifecycle Management (which handles general retention and deletion) with Records Management (which adds the critical 'regulatory record' lock to prevent user deletion), so they incorrectly choose Option A.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Data Lifecycle Management focuses on managing the lifecycle of data (e.g., automatically deleting or archiving content based on retention policies) but does not provide the ability to lock records as regulatory records to prevent user deletion; it lacks the 'records declaration' capability. Option C is wrong because Microsoft Purview eDiscovery is designed for searching, holding, and exporting content for legal or investigative purposes, not for enforcing retention or deletion schedules. Option D is wrong because Microsoft Purview Audit provides logging and monitoring of user activities (e.g., who deleted a record) but does not prevent deletion or enforce retention periods.

11
MCQmedium

An organization wants to automatically retain emails for 7 years and then delete them. They also need to place a legal hold on specific users' mailboxes to preserve all emails during litigation. Which combination of Microsoft Purview features should they use?

A.Retention labels and eDiscovery
B.Retention policies and Litigation Hold
C.Data Lifecycle Management and Audit
D.Records Management and Data Loss Prevention
AnswerB

Retention policies can automatically retain and delete content across mailboxes, while Litigation Hold preserves all content in a user's mailbox for legal purposes.

Why this answer

For automatic retention and deletion, Retention policies in Microsoft Purview are ideal as they apply to entire mailboxes. To preserve emails for litigation, Litigation Hold can be enabled on specific user mailboxes, ensuring that no emails are deleted or altered. The combination of these two features meets both requirements.

12
MCQeasy

Your organization uses Microsoft Purview Communication Compliance to detect potential policy violations in Microsoft Teams chats. Which action can the policy automatically take when a violation is detected?

A.Revoke the user's access to Microsoft Teams
B.Block the user from sending messages
C.Notify the user and their manager via email
D.Automatically delete the violating message
AnswerC

Communication Compliance can automatically send notifications as a remediation action.

Why this answer

Communication Compliance policies can automatically take actions like sending a notification to the user or escalating to a manager. Option A is correct. Revoking access or blocking the user is not automatic; a DLP or conditional access policy would be needed.

Deleting the message is not an automatic action in Communication Compliance.

13
MCQhard

Your organization uses Microsoft Purview to manage data classification. You need to ensure that a specific Azure Blob Storage account is automatically classified for sensitivity labels. Which step is required?

A.Register the storage account in Microsoft Purview Data Map and configure scanning
B.Create a sensitivity label and publish it to all users
C.Apply a DLP policy to the storage account
D.Enable Microsoft Purview Information Protection for Azure
AnswerA

The Data Map scans and classifies data in Azure sources.

Why this answer

Microsoft Purview Data Map scans Azure Blob Storage and can auto-classify files based on built-in or custom classifiers. Option B is wrong because DLP policies do not classify storage accounts directly. Option C is wrong because sensitivity labels are not auto-applied to storage without the scanner.

Option D is wrong because Information Protection is for files in Office 365, not Azure storage.

14
MCQmedium

Your organization uses Microsoft Purview Data Lifecycle Management to retain data for regulatory compliance. You need to ensure that all documents in a SharePoint site are retained for 7 years after they are last modified. What should you create?

A.An auto-labeling policy
B.A data loss prevention policy
C.An adaptive scope based on last modified date
D.A static scope for the SharePoint site
AnswerC

Adaptive scopes can dynamically include content based on properties like last modified date.

Why this answer

Option B is correct because adaptive scopes allow dynamic targeting based on metadata. Option A is wrong because static scopes target specific sites. Option C is wrong because auto-labeling policies apply labels automatically.

Option D is wrong because DLP policies protect data.

15
MCQhard

Refer to the exhibit. A Microsoft Purview Data Loss Prevention (DLP) policy is configured. What does this policy do?

A.It generates an alert if more than 10 emails with the Confidential label are sent to an external recipient.
B.It blocks all emails sent to external recipients with the Confidential label.
C.It prevents internal users from sending Confidential emails to each other.
D.It automatically applies the Confidential label to emails sent to external recipients.
AnswerA

The alert threshold is set to volume of 10.

Why this answer

Option B is correct because the policy alerts when more than 10 emails with the 'Confidential' label are sent to an external recipient. Option A is wrong because it blocks only after 10 emails. Option C is wrong because it monitors external recipients, not internal.

Option D is wrong because it does not involve SharePoint.

16
MCQmedium

Refer to the exhibit. You are reviewing the results of a Microsoft Purview eDiscovery search. Which statement is correct about the search results?

A.The search returned results from both Exchange Online and SharePoint Online
B.The search only returned results from Exchange Online
C.The document is an email message
D.The email has an attachment
AnswerA

The results include an email from Exchange and a document from SharePoint.

Why this answer

The search results contain both an email and a document, as seen from the sources. Option A is wrong because the document is from SharePoint, not a file server. Option C is wrong because the email does not have an attachment.

Option D is wrong because the document is a PowerPoint file, not an email.

17
MCQmedium

An organization uses Microsoft 365. They need to prevent users from sharing credit card numbers in emails and Microsoft Teams messages. When a user attempts to share such sensitive information externally, the message should be blocked and the user should receive a policy tip notification. Which Microsoft Purview solution should they configure?

A.Data Lifecycle Management
B.Data Loss Prevention (DLP)
C.Insider Risk Management
D.Information Protection
AnswerB

DLP policies are designed to detect and prevent accidental sharing of sensitive information, with the ability to block and notify users.

Why this answer

Data Loss Prevention (DLP) is the correct solution because it is specifically designed to detect and protect sensitive information, such as credit card numbers, through deep content analysis using built-in sensitive information types. DLP policies can be configured to block the sharing of this data in emails and Microsoft Teams messages and to display a policy tip notification to the user, enforcing compliance in real time.

Exam trap

The trap here is that candidates often confuse Information Protection (sensitivity labels) with DLP, not realizing that DLP is the solution for actively blocking and notifying on sensitive data in transit, while Information Protection is for classification and persistent protection of data at rest.

How to eliminate wrong answers

Option A is wrong because Data Lifecycle Management focuses on retaining, deleting, and managing the lifecycle of data based on policies, not on preventing the sharing of sensitive information in transit. Option C is wrong because Insider Risk Management is designed to detect, investigate, and act on risky user activities (e.g., data theft or policy violations) based on behavioral analytics, not to block specific content like credit card numbers in messages. Option D is wrong because Information Protection (e.g., sensitivity labels and encryption) is used to classify and protect data at rest and in use, but it does not natively block sharing of specific sensitive data types in emails or Teams messages with policy tips; that is a DLP function.

18
MCQeasy

A small consulting company, Northwind Traders, uses Microsoft 365 Business Premium and wants to implement basic compliance solutions. They have 50 users and need to: (1) prevent employees from sharing customer credit card information via email; (2) retain all deleted emails for 1 year; (3) allow users to classify documents as 'Confidential' manually; (4) generate reports on policy violations. The company has limited IT staff and wants a quick, out-of-the-box solution. What should they configure?

A.Use Microsoft Intune to set data loss prevention policies and configure document classification.
B.Use Microsoft Purview to create a DLP policy for credit card info, a retention policy for deleted emails, and publish a sensitivity label for 'Confidential'.
C.Use Microsoft 365 Defender to block sharing of credit card data and configure email retention.
D.Use Microsoft Entra ID to create conditional access policies and enable retention.
AnswerB

Purview provides all required compliance capabilities.

Why this answer

Option D is correct because Microsoft Purview provides DLP policies, retention policies, and sensitivity labels out-of-the-box. Option A is wrong because Microsoft 365 Defender focuses on security, not compliance. Option B is wrong because Microsoft Entra ID is for identity.

Option C is wrong because Microsoft Intune is for device management.

19
MCQeasy

Your company is subject to GDPR and must be able to respond to data subject requests (DSRs) by finding all personal data of a specific user across Microsoft 365. Which Microsoft Purview solution should you use?

A.Communication Compliance
B.eDiscovery (Standard or Premium)
C.Privileged Access Management
D.Audit (Standard or Premium)
AnswerB

eDiscovery allows searches across all Microsoft 365 data for specific users.

Why this answer

Option B is correct because eDiscovery in Microsoft Purview is designed to search for content across Exchange, SharePoint, OneDrive, and Teams. Option A is wrong because Communication Compliance monitors for policy violations, not search. Option C is wrong because Audit logs track activities, not content.

Option D is wrong because Privileged Access Management protects administrative access.

20
MCQmedium

Refer to the exhibit. A legal team needs to preserve all documents in SharePoint and OneDrive for 5 years. The current policy retains for 1 year. What should the administrator do to meet the requirement?

A.Add Exchange Online to the locations.
B.Change the retention type to Delete.
C.Change the retention duration to 1825 days.
D.Change the retention action to KeepAndDelete.
AnswerC

1825 days equals 5 years, meeting the requirement.

Why this answer

Option C is correct because the policy retains for 365 days (1 year), but the requirement is 5 years. Changing the retention duration to 1825 days (5 years) meets the requirement. Option A is wrong because the policy already includes both locations.

Option B is wrong because changing to Delete would delete content. Option D is wrong because changing to KeepAndDelete would still delete after retention, but the duration is the issue.

21
MCQhard

Your organization needs to ensure that emails containing personally identifiable information (PII) like passport numbers are automatically encrypted before being sent externally. What should you configure in Microsoft Purview?

A.A retention label that encrypts the email
B.A DLP policy with the 'Encrypt' action
C.A communication compliance policy
D.An information barrier policy
AnswerB

DLP policies can automatically apply encryption to emails containing sensitive information.

Why this answer

Option B is correct because a DLP policy can automatically encrypt emails with sensitive data. Option A is wrong because retention labels manage retention. Option C is wrong because communication compliance policies monitor content.

Option D is wrong because information barriers restrict communication.

22
MCQmedium

A company has a SharePoint Online library containing legal contracts. They must satisfy a regulatory requirement that contracts cannot be modified or deleted after they are signed. Additionally, they need to retain the contracts for 10 years after the contract end date, after which they can be disposed of manually. Which Microsoft Purview solution should they implement?

A.Sensitivity labels
B.Records Management
C.Data Loss Prevention (DLP) policy
D.Data Lifecycle Management
AnswerB

Records Management allows you to mark items as records to prevent editing/deletion and assign retention labels with specific schedules and disposition actions.

Why this answer

Records Management in Microsoft Purview allows you to declare items as records, which locks them against modification or deletion (meeting the 'cannot be modified or deleted' requirement). It also supports event-based retention, enabling you to start a 10-year retention period from the contract end date and then allow manual disposal after that period expires.

Exam trap

The trap here is that candidates confuse Data Lifecycle Management (which handles retention and deletion) with Records Management (which adds immutability and legal hold capabilities), leading them to pick D when the question explicitly requires preventing modification and deletion, not just retention.

How to eliminate wrong answers

Option A is wrong because sensitivity labels classify and protect data based on sensitivity (e.g., confidentiality), but they do not prevent modification or deletion of content; they apply encryption, markings, or access controls, not immutable retention. Option C is wrong because Data Loss Prevention (DLP) policies detect and prevent accidental sharing of sensitive information via rules and actions (e.g., blocking email), but they do not enforce retention or lock items against edits/deletion. Option D is wrong because Data Lifecycle Management (now part of Microsoft Purview Data Lifecycle Management) automates retention and deletion based on policies, but it does not provide the 'locked as a record' capability that prevents modification or deletion; it can retain and delete but not make items immutable.

23
Multi-Selecthard

Which THREE capabilities are provided by Microsoft Purview Compliance Manager?

Select 3 answers
A.Pre-built compliance assessments for regulations like GDPR
B.Scoring to track compliance progress over time
C.Audit log search for user access events
D.Improvement actions to remediate compliance gaps
E.Automated data discovery across cloud sources
AnswersA, B, D

Compliance Manager includes pre-built assessments.

Why this answer

Compliance Manager provides assessments, actions, and score tracking. It does not discover data (Data Map) or log access (Audit).

24
MCQmedium

Your company is implementing records management for legal retention requirements. Documents must be locked and cannot be modified or deleted after a specific event. Which Microsoft Purview capability should you use?

A.Retention label configured as a regulatory record
B.Retention policy applied to a SharePoint site
C.Sensitivity label with encryption
D.Data Loss Prevention policy
AnswerA

Regulatory record labels lock content, preventing any changes or deletions.

Why this answer

A retention label that marks content as a regulatory record locks the content and prevents any modification or deletion. Option D is correct. A retention policy applies to containers, not individual items.

A sensitivity label does not enforce immutability. A DLP policy prevents sharing, not modification.

25
MCQhard

A healthcare organization must comply with HIPAA regulations. They store patient health information (PHI) in SharePoint Online documents. The compliance team needs to automatically detect PHI (e.g., medical record numbers) in documents, apply a sensitivity label that encrypts the document, and prevent users from removing that label. Which Microsoft Purview solution should they configure?

A.Microsoft Purview Data Lifecycle Management
B.Microsoft Purview Information Protection
C.Microsoft Purview Communication Compliance
D.Microsoft Purview Audit
AnswerB

Information Protection provides sensitivity labels that can be automatically applied based on sensitive data types (like PHI) and includes encryption and label protection settings to prevent removal.

Why this answer

Microsoft Purview Information Protection (option B) is correct because it provides the ability to automatically detect sensitive data types (such as PHI) using trainable classifiers or sensitive information types, apply a sensitivity label that enforces encryption, and configure label protection settings to prevent users from removing the label. This directly meets the HIPAA compliance requirement for automated detection, encryption, and label persistence on SharePoint Online documents.

Exam trap

The trap here is that candidates often confuse Microsoft Purview Information Protection (which handles labeling and encryption) with Microsoft Purview Data Lifecycle Management (which handles retention and deletion), because both involve document policies, but only Information Protection can detect PHI and enforce encryption labels.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Data Lifecycle Management focuses on retention and deletion policies (e.g., retaining or deleting documents after a set period), not on detecting PHI or applying encryption labels. Option C is wrong because Microsoft Purview Communication Compliance is designed to monitor and review internal and external communications (e.g., email, Teams messages) for policy violations, not to scan SharePoint documents for PHI or apply sensitivity labels. Option D is wrong because Microsoft Purview Audit provides logging and investigation of user and admin activities (e.g., who accessed a document), but it does not detect PHI or enforce encryption or label removal prevention.

26
MCQhard

A user accidentally shared a confidential document with an external vendor. You need to revoke access immediately for all copies, even if the file has been downloaded. Which Microsoft Purview feature should you use?

A.Microsoft Purview Information Protection
B.Retention policy
C.Data loss prevention (DLP) policy
D.Audit log search
AnswerA

Information Protection enables revocation of access to protected documents.

Why this answer

Option D is correct because Microsoft Purview Information Protection allows the owner to revoke access to protected documents, including downloaded copies. Option A is wrong because DLP policies detect and block sharing but cannot revoke already shared files. Option B is wrong because retention policies manage lifecycle, not revocation.

Option C is wrong because audit logs record events but do not enforce revocation.

27
Multi-Selecthard

Which TWO of the following are capabilities of Microsoft Purview Insider Risk Management? (Select TWO.)

Select 2 answers
A.Identify anomalous user activities such as mass file downloads
B.Review communications for policy violations
C.Detect data exfiltration by departing employees
D.Conduct eDiscovery searches for legal cases
E.Block sharing of sensitive data via email
AnswersA, C

Insider Risk Management uses analytics to detect anomalous activities.

Why this answer

Options A and C are correct because Insider Risk Management can detect exfiltration and anomalous activities. Option B is wrong because DLP is a separate tool. Option E is wrong because Communication Compliance handles communications.

Option D is wrong because eDiscovery handles legal discovery.

28
MCQhard

A company wants to detect potentially malicious insider activities, such as employees copying large volumes of files to external drives or sending sensitive emails to personal accounts. The security team needs to investigate these activities with visual timelines and assign cases for review. Which Microsoft Purview solution should they use?

A.Insider Risk Management
B.Communication Compliance
C.eDiscovery (Premium)
D.Data Loss Prevention
AnswerA

Correct. Insider Risk Management correlates user activities (e.g., file copying, emailing) to detect risky behavior, provides visual timelines, and supports case investigation and management.

Why this answer

Microsoft Purview Insider Risk Management is designed to help detect, investigate, and act on malicious and inadvertent insider risks. It provides risk scoring, visual timelines of user activities, and case management workflows. Communication Compliance focuses on communication surveillance for regulatory compliance, eDiscovery is for legal discovery, and DLP prevents data loss but does not provide investigative timelines.

29
MCQmedium

A company is implementing Microsoft Purview to classify sensitive data. They need to automatically detect credit card numbers in emails and apply a retention label. Which solution should they use?

A.eDiscovery
B.Data Loss Prevention (DLP) policies
C.Communication Compliance
D.Sensitivity labels
AnswerB

DLP policies can detect sensitive info types and trigger actions like applying retention labels.

Why this answer

Option B is correct because Microsoft Purview Data Loss Prevention (DLP) policies can automatically detect sensitive information like credit card numbers and apply actions such as retention labels. Option A is wrong because sensitivity labels are for classifying and protecting data, but they do not automatically detect patterns. Option C is wrong because eDiscovery is for searching content in legal investigations.

Option D is wrong because Communication Compliance is for monitoring communications for policy violations, not for automatic classification.

30
MCQmedium

A company stores financial reports in SharePoint Online that contain credit card numbers. The compliance team needs to automatically apply a sensitivity label that encrypts the documents when they detect credit card data. Which Microsoft Purview solution should they configure?

A.Information Protection
B.Data Loss Prevention
C.Data Lifecycle Management
D.Records Management
AnswerA

Sensitivity labels in Information Protection can auto-classify and encrypt documents based on sensitive content.

Why this answer

Microsoft Purview Information Protection (A) is the correct solution because it enables the creation of auto-labeling policies that can automatically apply a sensitivity label with encryption when credit card numbers are detected in SharePoint Online documents. This directly addresses the requirement to classify and protect sensitive data at rest based on content inspection.

Exam trap

The trap here is that candidates confuse the detection and blocking capabilities of Data Loss Prevention (DLP) with the automatic classification and encryption features of Information Protection, assuming DLP can also apply labels, when in fact DLP only monitors and controls data in motion or at rest without modifying the document's protection settings.

How to eliminate wrong answers

Option B (Data Loss Prevention) is wrong because DLP policies are designed to prevent accidental sharing or leakage of sensitive data by blocking or alerting on risky activities, not to automatically apply sensitivity labels with encryption to documents at rest. Option C (Data Lifecycle Management) is wrong because it focuses on retaining or deleting data based on age or compliance requirements, not on detecting and protecting specific sensitive content like credit card numbers. Option D (Records Management) is wrong because it deals with declaring documents as records for legal or regulatory retention, not with automatic classification or encryption of sensitive data.

31
MCQhard

Your organization is implementing Microsoft Purview Information Protection and needs to ensure that files shared externally cannot be forwarded or printed. Which protection mechanism should be applied?

A.Azure Information Protection with rights management
B.Microsoft Purview Data Lifecycle Management retention policy
C.Sensitivity label with user-defined permissions
D.DLP policy with block action
AnswerA

AIP with RMS can restrict actions like forward, print, and copy on protected documents.

Why this answer

Azure Information Protection (AIP) unified labeling client with rights management can restrict actions like forward and print when a sensitivity label is applied. Option B is wrong because DLP policies block sharing but do not enforce usage restrictions after sharing. Option C is wrong because cipher suites are for encryption algorithms, not granular permissions.

Option D is wrong because retention policies do not control usage rights.

32
MCQhard

A company stores sensitive financial data on on-premises Windows Server file shares. The compliance team needs to automatically discover files containing credit card numbers, classify them by applying a sensitivity label, and optionally enforce protection actions like encryption. They want this solution to run on the on-premises file servers without needing to manually scan. Which Microsoft Purview solution should the compliance team deploy?

A.Microsoft Purview Data Loss Prevention (DLP) for on-premises
B.Microsoft Purview Information Protection scanner
C.Microsoft Purview Audit
D.Microsoft Purview eDiscovery
AnswerB

Correct. The scanner discovers, classifies, and protects sensitive data on on-premises file servers by applying sensitivity labels and optionally encryption.

Why this answer

The Microsoft Purview Information Protection scanner is designed to run on on-premises Windows Server file shares to automatically discover, classify, and protect sensitive data. It uses content inspection to identify patterns like credit card numbers, applies sensitivity labels, and can enforce encryption without requiring manual scanning.

Exam trap

The trap here is confusing Data Loss Prevention (DLP) for on-premises, which monitors data in motion, with the Information Protection scanner, which handles data at rest classification and labeling.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Data Loss Prevention (DLP) for on-premises focuses on monitoring and preventing unauthorized data transfer (e.g., via email or USB), not on automatic discovery, classification, and labeling of files at rest. Option C is wrong because Microsoft Purview Audit is a logging and investigation tool for tracking user and admin activities, not for scanning or classifying file content. Option D is wrong because Microsoft Purview eDiscovery is used for legal discovery and holds, not for automated content classification or labeling.

33
MCQmedium

Your organization needs to retain all customer communications data for 7 years due to regulatory requirements. Which Microsoft Purview solution should you use?

A.Microsoft Purview Audit
B.Microsoft Purview eDiscovery
C.Microsoft Purview Data Loss Prevention
D.Microsoft Purview Data Lifecycle Management
AnswerD

Data Lifecycle Management provides retention policies and labels to retain data for a specified duration.

Why this answer

Microsoft Purview Data Lifecycle Management (formerly Records Management) enables retention policies and retention labels to retain data for a specified period. Option A is wrong because eDiscovery is for search and export, not retention. Option B is wrong because Audit is for logging activities.

Option D is wrong because Data Loss Prevention prevents data leaks, not retention.

34
MCQhard

A multinational corporation must comply with GDPR and requires that personal data of EU users be retained for a maximum of 90 days after account closure. After that, all personal data must be permanently deleted. Which combination of Microsoft Purview capabilities should be used?

A.Configure an eDiscovery case to delete content after 90 days
B.Create a retention label with a retention period of 90 days and then delete the content automatically
C.Apply a sensitivity label that expires after 90 days
D.Use a Data Loss Prevention policy to block retention after 90 days
AnswerB

Retention labels can apply retention and then trigger deletion after the specified period.

Why this answer

A retention label applied automatically can retain data for 90 days, and then a deletion action at the end of the period ensures permanent deletion. Option A is correct. DLP does not handle deletion. eDiscovery is for search, not lifecycle management.

Sensitivity labels do not enforce deletion.

35
MCQmedium

Your organization uses Microsoft Purview to manage data governance. You need to ensure that sensitive financial data containing credit card numbers is automatically detected and labeled when stored in SharePoint Online. Which compliance solution should you configure?

A.Information Protection auto-labeling
B.eDiscovery (Premium)
C.Data Lifecycle Management
D.Audit (Premium)
AnswerA

Auto-labeling policies can detect sensitive information types like credit card numbers and apply sensitivity labels automatically.

Why this answer

Option B is correct because Microsoft Purview Information Protection includes sensitive information types and auto-labeling policies that can scan and apply sensitivity labels to content in SharePoint Online. Option A is incorrect because Data Lifecycle Management focuses on retention and deletion policies. Option C is incorrect because Audit solutions track activities but do not automatically label content.

Option D is incorrect because eDiscovery is for legal holds and searches, not automatic labeling.

36
MCQmedium

Your organization uses Microsoft Purview to enforce data loss prevention (DLP) policies. You need to ensure that when a user attempts to share a document containing credit card numbers via email, the document is blocked and the user receives a policy tip. What should you configure in the DLP policy?

A.Set the action to 'Audit only'
B.Set the action to 'Block with override'
C.Set the action to 'Block'
D.Set the action to 'Notify only'
AnswerB

'Block with override' blocks the action and displays a policy tip allowing the user to override.

Why this answer

Option B is correct because 'Block with override' allows the block action with a policy tip, enabling the user to override if necessary. Option A is wrong because 'Block' only blocks without a policy tip. Option C is wrong because 'Audit only' only logs the activity.

Option D is wrong because 'Notify only' sends a notification without blocking.

37
MCQmedium

A company must retain all financial records for exactly 7 years and then automatically delete them. They need to automatically apply a retention label to any document that contains the words 'Invoice' or 'Statement'. Which Microsoft Purview solution should they use?

A.Data Lifecycle Management (retention labels with auto-apply)
B.Data Loss Prevention (DLP)
C.eDiscovery (Standard)
D.Audit
AnswerA

Retention labels with auto-apply policies can automatically label content based on keywords or sensitive info types, and enforce the specified retention and deletion settings.

Why this answer

Data Lifecycle Management (DLM) with auto-apply retention labels is the correct solution because it allows you to define a retention label that automatically applies to documents containing the keywords 'Invoice' or 'Statement' using a sensitive info type or trainable classifier. You can then configure the label to retain the data for exactly 7 years and trigger automatic deletion at the end of that period. This directly meets the requirement for both automated classification and lifecycle enforcement.

Exam trap

The trap here is that candidates confuse Data Lifecycle Management (which handles retention and deletion) with Data Loss Prevention (which handles security and access control), because both involve 'labels' and 'policies' in Microsoft Purview.

How to eliminate wrong answers

Option B is wrong because Data Loss Prevention (DLP) is designed to prevent unauthorized sharing or leakage of sensitive data through policies that block or warn users, not to manage retention or deletion schedules. Option C is wrong because eDiscovery (Standard) is used for searching and exporting content for legal or investigative purposes, not for applying retention labels or automating data lifecycle policies. Option D is wrong because Audit (Microsoft Purview Audit) provides logging and visibility into user and admin activities, but it cannot apply retention labels or enforce data retention/deletion rules.

38
MCQeasy

Your organization needs to create a policy that prevents users from sharing credit card numbers in emails. Which Microsoft Purview solution should you configure?

A.Communication Compliance
B.Retention policy
C.eDiscovery
D.Data loss prevention (DLP) policy
AnswerD

DLP policies detect and block sensitive data sharing.

Why this answer

Option A is correct because Data Loss Prevention (DLP) policies can detect and block sharing of sensitive information like credit card numbers. Option B is wrong because Retention policies manage lifecycle. Option C is wrong because eDiscovery is for search.

Option D is wrong because Communication Compliance monitors for policy violations, not specific data types.

39
MCQmedium

A company is involved in a legal case and must preserve all emails and documents sent by a specific employee (custodian) that are related to a particular matter. The legal team needs to collect this data into a tamper-proof container for review, ensuring that no original items are modified or deleted. Which Microsoft Purview solution should they use?

A.Retention labels
B.eDiscovery (Standard)
C.eDiscovery (Premium)
D.Data Lifecycle Management
AnswerC

Correct. eDiscovery (Premium) provides end-to-end data preservation, collection, and analysis for legal cases, including custodian management, holds, and secure review sets.

Why this answer

eDiscovery (Premium) is the correct solution because it provides advanced capabilities for legal investigations, including the ability to place a legal hold on specific custodians (the employee) and preserve all relevant emails and documents in a tamper-proof container. This ensures that no original items are modified or deleted during the review process, meeting the requirements of the legal case.

Exam trap

The trap here is confusing eDiscovery (Standard) with eDiscovery (Premium) because both involve searching for content, but only Premium offers custodian management and legal hold capabilities required for preserving data in a tamper-proof container for legal cases.

How to eliminate wrong answers

Option A is wrong because retention labels are used for classifying and retaining data based on organizational policies, not for legal holds or collecting data into a tamper-proof container for eDiscovery. Option B is wrong because eDiscovery (Standard) lacks the advanced features like custodian management, legal hold, and the ability to collect data into a tamper-proof container for review; it is designed for basic search and export. Option D is wrong because Data Lifecycle Management focuses on automating retention and deletion of data based on policies, not on preserving data for legal cases or providing a tamper-proof container for review.

40
MCQmedium

Refer to the exhibit. An administrator creates a DLP rule as shown. What is the expected outcome when a user tries to share a file containing a U.S. Social Security Number with an external recipient?

A.The sharing is blocked only if the user is not the file owner.
B.The sharing is allowed, but an audit event is generated.
C.The file is shared, but the user is notified and must provide justification.
D.The sharing is blocked, and the user receives a notification.
AnswerD

BlockAccess action with UserNotification true blocks and notifies.

Why this answer

Option B is correct because the action is 'BlockAccess' and user notification is enabled, so the user is notified and the action is blocked. Option A is wrong because the rule does not specify 'Override' with justification. Option C is wrong because the rule blocks access, not just logs.

Option D is wrong because the rule applies to sharing with external recipients.

41
MCQmedium

Your organization uses Microsoft Purview to label documents. Users report that some documents are automatically labeled as 'Confidential' even though the content is public. Which action should you take to resolve this issue?

A.Enable auditing to track label usage
B.Disable auto-labeling in all sensitivity label policies
C.Review and adjust the auto-labeling rules in the sensitivity label policies
D.Require users to manually apply labels
AnswerC

Adjusting the rules ensures only truly confidential content is auto-labeled.

Why this answer

Option B is correct because automatic labeling uses sensitivity label policies and auto-labeling rules to classify content. If incorrectly labeled, the auto-labeling rules or conditions should be reviewed and adjusted. Option A is wrong because disabling auto-labeling removes the feature but does not fix the rule.

Option C is wrong because manual labeling requires user action, which may not be desired. Option D is wrong because auditing shows what happened but does not change labeling behavior.

42
MCQhard

A financial services company must comply with a regulation that requires all audit-related documents to be retained for 7 years and then permanently deleted. The compliance officer wants to ensure that even if a user modifies or deletes a file, the original content is preserved for the full 7 years, and at the end of the period the files are automatically destroyed without any manual approval. The company uses Microsoft 365 and stores these documents in SharePoint Online and Microsoft Teams. Which Microsoft Purview solution should the compliance officer configure?

A.Microsoft Purview Retention Labels with a disposition review that requires manual approval at the end of the retention period
B.Microsoft Purview Retention Policy with a record label to mark items as regulatory records
C.Microsoft Purview Data Lifecycle Management using a retention policy configured to retain items for 7 years and then delete them automatically
D.Microsoft Purview eDiscovery with a hold policy to preserve the documents indefinitely
AnswerC

A retention policy can be set to retain content for a specified period and then automatically delete it, meeting both the preservation and automatic deletion requirements without manual steps.

Why this answer

Option C is correct because Microsoft Purview Data Lifecycle Management allows you to create a retention policy that retains items for a fixed period (7 years) and then automatically deletes them without any manual intervention. This meets the regulatory requirement for automatic destruction at the end of the retention period, and the policy applies to both SharePoint Online and Microsoft Teams, preserving the original content even if a user modifies or deletes the file.

Exam trap

The trap here is that candidates often confuse retention policies with record labels or eDiscovery holds, mistakenly thinking that marking items as records or placing them on hold satisfies the automatic deletion requirement, but these options either require manual approval or preserve data indefinitely, failing the 'automatically destroyed' condition.

How to eliminate wrong answers

Option A is wrong because a disposition review requires manual approval at the end of the retention period, which contradicts the requirement for automatic destruction without manual approval. Option B is wrong because a retention policy with a record label (regulatory record) preserves content indefinitely or for a set period but does not automatically delete files without manual review; regulatory records also prevent deletion but do not enforce automatic destruction. Option D is wrong because eDiscovery with a hold policy preserves documents indefinitely, which violates the 7-year retention and automatic deletion requirement.

43
Multi-Selecthard

Which THREE of the following are features of Microsoft Purview Communication Compliance? (Choose three.)

Select 3 answers
A.Detect offensive language in emails and Teams messages
B.Monitor communications to ensure compliance with financial regulations
C.Prevent data loss by blocking sensitive data
D.Use trainable classifiers to identify policy violations
E.Search for content across Exchange, SharePoint, and Teams
AnswersA, B, D

Communication Compliance includes built-in classifiers for offensive language.

Why this answer

Option A is correct because Communication Compliance can detect inappropriate language. Option B is correct because it can monitor for regulatory compliance. Option C is correct because it can analyze content with trainable classifiers.

Option D is wrong because DLP is a separate solution. Option E is wrong because eDiscovery is a separate solution.

44
MCQhard

An organization must prove to an auditor that only authorized users have accessed sensitive HR files over the past year. The compliance team needs to generate a report of all access events to these files. Which Microsoft Purview solution should be used?

A.Microsoft Purview Audit (Premium)
B.Microsoft Purview Data Lifecycle Management
C.Microsoft Purview Compliance Manager
D.Microsoft Purview Information Protection
AnswerA

Audit (Premium) logs all access events and enables searching and reporting.

Why this answer

Microsoft Purview Audit (Premium) logs and allows searching for access events. It provides reports on user activity. Information Protection labels files but does not log access.

Data Lifecycle Management handles retention. Compliance Manager assesses compliance but does not provide access logs.

45
MCQmedium

A compliance officer wants a central dashboard to assess the organization's compliance posture against regulatory standards such as GDPR and ISO 27001. They need actionable recommendations to improve their compliance score and track progress over time. Which Microsoft Purview solution should they use?

A.Microsoft Purview Information Protection
B.Microsoft Purview Data Lifecycle Management
C.Microsoft Purview Compliance Manager
D.Microsoft Purview Audit
AnswerC

Compliance Manager offers a compliance score, detailed assessments, and recommended actions to improve adherence to various regulations.

Why this answer

Microsoft Purview Compliance Manager is the correct solution because it provides a central dashboard that assesses an organization's compliance posture against regulatory standards like GDPR and ISO 27001, offers actionable recommendations to improve the compliance score, and tracks progress over time through continuous assessments and improvement actions.

Exam trap

The trap here is that candidates often confuse Compliance Manager with Information Protection or Audit, mistakenly thinking that data protection or logging alone provides compliance assessment and scoring, but only Compliance Manager offers a centralized dashboard with actionable recommendations and progress tracking against regulatory frameworks.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Information Protection focuses on classifying, labeling, and protecting sensitive data (e.g., encryption and access controls), not on assessing compliance posture against regulatory standards or providing a compliance score. Option B is wrong because Microsoft Purview Data Lifecycle Management handles data retention, deletion, and records management policies, not compliance scoring or actionable recommendations for regulatory standards. Option D is wrong because Microsoft Purview Audit provides detailed logging and investigation of user and admin activities, but it does not offer a compliance score, regulatory assessments, or improvement recommendations.

46
MCQmedium

A financial organization is required by regulation to keep all customer transaction records for 10 years. After 10 years, the records must be permanently deleted. In addition, during the retention period, records must not be modifiable or deletable by any user, including administrators. Which Microsoft Purview solution should they use to meet these requirements?

A.Retention labels (unlocked)
B.Records Management
C.Information Protection with sensitivity labels
D.Data Lifecycle Management
AnswerB

Records Management uses retention labels with a disposition review, and when a label is marked as a record, content cannot be modified or deleted. After the retention period, a disposition review can trigger permanent deletion.

Why this answer

Records Management in Microsoft Purview is designed to meet regulatory requirements by allowing organizations to declare records or regulatory records. When a record is declared, it becomes immutable—no user, including administrators, can modify or delete it during the retention period. The 10-year retention and mandatory deletion after that period are enforced through a retention label configured as a record, which locks the item and triggers permanent deletion upon expiration.

Exam trap

The trap here is that candidates often confuse Data Lifecycle Management with Records Management, not realizing that only Records Management provides the immutability lock required to prevent modification or deletion by administrators during the retention period.

How to eliminate wrong answers

Option A is wrong because unlocked retention labels do not enforce immutability; they allow users to modify or delete the labeled content, which fails the requirement that records must not be modifiable or deletable by any user. Option C is wrong because Information Protection with sensitivity labels focuses on classifying and protecting data through encryption and access controls, not on enforcing immutable retention or mandatory deletion after a fixed period. Option D is wrong because Data Lifecycle Management manages retention and deletion policies but does not provide the immutability lock required to prevent modification or deletion by administrators during the retention period.

47
Multi-Selecteasy

Which TWO Microsoft Purview solutions can be used to automatically classify sensitive data at rest?

Select 2 answers
A.Data Lifecycle Management
B.Communication Compliance
C.eDiscovery
D.Auditing
E.Information Protection
AnswersA, E

Retention labels can auto-classify data at rest.

Why this answer

Options A and B are correct. Information Protection includes auto-labeling policies that can classify data at rest. Data Lifecycle Management includes retention labels that can classify data based on conditions.

Option C is wrong because Communication Compliance monitors communications. Option D is wrong because eDiscovery is for search. Option E is wrong because Auditing tracks activities.

48
MCQmedium

A compliance officer needs to monitor internal emails for inappropriate language and potential data leaks. The officer wants to detect policy violations and allow users to report concerns. Which Microsoft Purview solution should be used?

A.Microsoft Purview Data Lifecycle Management
B.Microsoft Purview Communication Compliance
C.Microsoft Purview Audit
D.Microsoft Purview Information Protection
AnswerB

Communication Compliance monitors communications for policy violations and supports user reporting.

Why this answer

Communication Compliance in Microsoft Purview is designed to detect policy violations in communications, including emails, and provides a way for users to report concerns. Information Protection focuses on classification and protection. Data Lifecycle Management handles retention.

Audit logs record activities but do not proactively scan communications.

49
Multi-Selecteasy

Which TWO Microsoft Purview solutions can be used to manage data retention and deletion?

Select 2 answers
A.Retention policies
B.eDiscovery
C.Sensitivity labels
D.Retention labels
E.Data Loss Prevention (DLP)
AnswersA, D

Apply retention and deletion rules to content at the container level.

Why this answer

Retention policies and retention labels are used to manage data retention and deletion. Sensitivity labels classify and protect; DLP prevents data loss; eDiscovery searches content.

50
MCQhard

A financial services company is subject to regulations that require monitoring of employee communications for potential market manipulation. The compliance team needs to create policies that automatically detect messages containing phrases like 'insider info' or 'confidential trade' in Microsoft Teams chats and Exchange Online emails. Detected messages should be routed to designated reviewers for investigation, and the company wants a built-in Microsoft Purview solution to handle this process. Which Microsoft Purview solution should they use?

A.Microsoft Purview Communication Compliance
B.Microsoft Purview Insider Risk Management
C.Microsoft Purview Information Protection
D.Microsoft Purview Data Lifecycle Management
AnswerA

Communication Compliance enables organizations to detect policy violations in communications (e.g., insider trading) by scanning for specific phrases and assigning them to reviewers.

Why this answer

Microsoft Purview Communication Compliance is the correct solution because it is specifically designed to detect and investigate policy violations in organizational communications, such as Microsoft Teams chats and Exchange Online emails. It allows compliance teams to create custom policies that automatically scan for sensitive phrases like 'insider info' or 'confidential trade' and route flagged messages to designated reviewers for investigation, meeting the regulatory monitoring requirements.

Exam trap

The trap here is that candidates often confuse Insider Risk Management (which focuses on user behavior patterns) with Communication Compliance (which focuses on content scanning), leading them to select Option B when the question explicitly requires detection of specific phrases in messages.

How to eliminate wrong answers

Option B is wrong because Microsoft Purview Insider Risk Management focuses on identifying and analyzing risky user activities (e.g., data exfiltration or policy violations) based on behavioral analytics and indicators, not on scanning communications for specific phrases. Option C is wrong because Microsoft Purview Information Protection is designed to classify, label, and protect sensitive data (e.g., via encryption or access controls) but does not include automated detection of communication content for compliance policies. Option D is wrong because Microsoft Purview Data Lifecycle Management handles data retention, deletion, and archiving policies, not real-time monitoring or detection of specific phrases in communications.

51
MCQhard

You are the compliance administrator for Contoso, a multinational corporation with headquarters in the US and subsidiaries in Europe and Asia. Contoso uses Microsoft 365 E5 and Microsoft Purview. The company handles personal data subject to GDPR and CCPA. You need to design a compliance solution that meets the following requirements: - Automatically classify and protect documents containing personal data in SharePoint Online and OneDrive for Business. - Ensure that data subject requests (DSRs) for access and deletion can be fulfilled within the regulatory timeframes. - Prevent accidental sharing of sensitive data via email and Teams. - Maintain an audit trail of all activities related to personal data for at least one year. - Manage data retention to comply with local laws that require different retention periods for different types of data. Which combination of Microsoft Purview solutions should you use?

A.Sensitivity labels with auto-labeling, DLP, eDiscovery, Data Lifecycle Management, and Audit (Premium)
B.Insider Risk Management, DLP, eDiscovery, and Data Lifecycle Management
C.Data Lifecycle Management, Information Barriers, DLP, and Audit (Premium)
D.Sensitivity labels, Communication Compliance, eDiscovery, and Audit (Standard)
AnswerA

All requirements are met: auto-labeling, DLP, DSR handling, retention management, and 1-year audit.

Why this answer

Option C is correct because sensitivity labels with auto-labeling classify and protect data; DLP prevents sharing; eDiscovery and Data Lifecycle Management handle DSRs and retention; Audit (Premium) provides 1-year audit retention. Option A is wrong because Communication Compliance is for monitoring, not DSRs. Option B is wrong because Information Barriers restrict communication, not retention.

Option D is wrong because Insider Risk Management is for risk detection, not compliance lifecycle.

52
MCQeasy

A company is involved in litigation and needs to search for specific emails and documents across Exchange Online, SharePoint Online, and Teams. They also need to place a hold on relevant content to prevent deletion. Which Microsoft Purview solution should they use?

A.Records Management
B.Data Lifecycle Management
C.eDiscovery
D.Data Loss Prevention
AnswerC

Correct. eDiscovery allows legal teams to search for relevant content, place holds, and export data for litigation purposes.

Why this answer

Microsoft Purview eDiscovery (specifically eDiscovery (Premium)) is the correct solution because it is designed for legal investigations, enabling organizations to search for content across Exchange Online, SharePoint Online, and Teams, and to place holds on that content to preserve it from deletion or alteration. This directly addresses the litigation requirement for both search and hold capabilities.

Exam trap

The trap here is that candidates often confuse Data Lifecycle Management (retention) with eDiscovery holds, not realizing that retention policies are for scheduled deletion/preservation, while eDiscovery holds are for legal preservation that overrides any deletion policies and includes search capabilities.

How to eliminate wrong answers

Option A is wrong because Records Management focuses on declaring records, applying retention labels, and managing disposition reviews for regulatory compliance, not on searching or placing holds for litigation. Option B is wrong because Data Lifecycle Management (formerly known as retention policies and labels) governs how long content is kept and when it is deleted, but it does not provide the search or hold functionality needed for eDiscovery in litigation. Option D is wrong because Data Loss Prevention (DLP) is designed to prevent accidental or unauthorized sharing of sensitive data through policies and alerts, not to search for or preserve content for legal purposes.

53
MCQmedium

A company uses Microsoft 365 and wants to automatically apply a 3-year retention label to any document that contains a patent number in the format PAT-XXXXXX. The label should be applied at the time the document is created or modified. Which Microsoft Purview solution should the administrator configure?

A.Microsoft Purview Data Lifecycle Management
B.Microsoft Purview Communication Compliance
C.Microsoft Purview Data Loss Prevention (DLP)
D.Microsoft Purview Audit (Premium)
AnswerA

Data Lifecycle Management supports auto-labeling policies that can automatically apply retention labels based on sensitive info types or trainable classifiers.

Why this answer

Option A is correct because Microsoft Purview Data Lifecycle Management (formerly known as Microsoft 365 Retention) allows administrators to create auto-apply retention labels based on sensitive information types, such as a custom regex for patent numbers. When configured with a 'created or modified' condition, the label is automatically applied at the time the document is saved or edited, ensuring compliance with the 3-year retention requirement.

Exam trap

The trap here is that candidates often confuse Data Loss Prevention (DLP) with Data Lifecycle Management, assuming DLP can apply retention labels, but DLP only detects and protects data in transit or at rest without managing retention schedules.

How to eliminate wrong answers

Option B is wrong because Microsoft Purview Communication Compliance is designed to detect and remediate inappropriate communications (e.g., harassment, insider trading) in Exchange Online, Teams, and Yammer, not to apply retention labels based on document content. Option C is wrong because Microsoft Purview Data Loss Prevention (DLP) can detect sensitive data like patent numbers and trigger alerts or block actions, but it cannot automatically apply retention labels; DLP policies enforce data protection, not lifecycle management. Option D is wrong because Microsoft Purview Audit (Premium) provides detailed logging of user and admin activities for forensic investigation, but it has no capability to apply retention labels or manage data lifecycle policies.

54
Multi-Selectmedium

Which TWO Microsoft Purview solutions can help an organization detect and remediate insider risks such as data theft or unauthorized sharing?

Select 2 answers
A.eDiscovery
B.Audit
C.Insider Risk Management
D.Communication Compliance
E.Data Loss Prevention
AnswersC, D

Insider Risk Management is designed to detect, investigate, and remediate insider risks.

Why this answer

Insider Risk Management and Communication Compliance are the two Purview solutions designed to detect and remediate insider risks. Data Loss Prevention prevents sharing but does not specifically address insider risk detection. eDiscovery is for legal discovery. Audit logs track activities but do not provide remediation workflows.

So correct: A and C.

55
Drag & Dropmedium

Order the steps to deploy Microsoft Intune for mobile device management.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Intune deployment includes setup, enrollment policies, compliance policies, app assignment, and enrollment.

56
Multi-Selecteasy

Which TWO Microsoft Purview compliance solutions are used to manage data retention and deletion?

Select 2 answers
A.Data Lifecycle Management
B.Data Loss Prevention
C.Records Management
D.Communication Compliance
E.Audit
AnswersA, C

Data Lifecycle Management manages retention and deletion of content.

Why this answer

Data Lifecycle Management (A) is correct because it enables organizations to apply retention and deletion policies to content based on its age or classification, automatically managing data across SharePoint, OneDrive, Exchange, and Teams. Records Management (C) is correct because it provides a solution for declaring records, applying retention labels that lock content to prevent modification or deletion, and managing disposition reviews for permanent deletion. Both solutions are part of Microsoft Purview's information governance capabilities, specifically designed to control data retention and deletion.

Exam trap

The trap here is that candidates may confuse Data Loss Prevention (DLP) with data retention because both involve data lifecycle concepts, but DLP is solely about preventing data breaches through policy enforcement, not about scheduling retention or deletion.

57
MCQmedium

A company wants to automatically classify sensitive documents in Microsoft 365 based on credit card numbers and retain them for 7 years. Which two Microsoft Purview solutions should they use together?

A.Sensitivity labels and retention policies
B.Microsoft Purview compliance portal and Microsoft 365 Defender
C.Insider risk management and communication compliance
D.Data Loss Prevention (DLP) and eDiscovery
AnswerA

Sensitivity labels classify documents containing credit card numbers, and retention policies enforce the 7-year retention.

Why this answer

Sensitivity labels classify and protect content, and retention policies ensure data is kept for the required period. Data Loss Prevention (DLP) prevents sharing but does not retain; eDiscovery is for search and export; insider risk management detects risky activities. Therefore, sensitivity labels and retention policies are the correct combination.

58
MCQmedium

An organization is subject to regulatory requirements that mandate retention of employee records for 5 years after termination. After the retention period, the records must be permanently deleted. The compliance team wants to automatically enforce this process across all Microsoft 365 locations (Exchange, SharePoint, Teams). Which Microsoft Purview solution should they configure?

A.Microsoft Purview Data Loss Prevention (DLP)
B.Microsoft Purview Data Lifecycle Management
C.Microsoft Purview Records Management
D.Microsoft Purview Communication Compliance
AnswerB

This solution automates retention and deletion policies, ensuring content is kept for required periods and then permanently removed.

Why this answer

Microsoft Purview Data Lifecycle Management (formerly Microsoft 365 Retention) is the correct solution because it allows organizations to define retention and deletion policies that apply automatically across Exchange, SharePoint, and Teams. This solution enforces the 5-year retention period after termination and then permanently deletes the records, meeting the regulatory requirement without manual intervention.

Exam trap

The trap here is that candidates often confuse Data Lifecycle Management with Records Management, but Records Management is for declaring records and managing their disposition (e.g., with a retention label), while Data Lifecycle Management provides the automated, policy-based retention and deletion across all locations without requiring manual labeling.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Data Loss Prevention (DLP) is designed to prevent unauthorized sharing or leakage of sensitive data, not to enforce retention or deletion schedules. Option C is wrong because Microsoft Purview Records Management is used for declaring records and managing their disposition, but it requires a retention label to be applied (often manually or via auto-labeling) and is not the primary tool for automated lifecycle policies across all locations; Data Lifecycle Management provides the underlying retention policy that Records Management can leverage. Option D is wrong because Microsoft Purview Communication Compliance is focused on monitoring and reviewing communications (e.g., for regulatory compliance or insider risk), not on data retention or deletion.

59
MCQmedium

A compliance officer needs to automatically detect documents containing passport numbers in SharePoint Online and apply a retention label that retains the documents for 10 years before deleting them. They also want to prevent users from permanently deleting these documents before the retention period ends. Which Microsoft Purview solution should they use to achieve this?

A.Microsoft Purview Information Protection
B.Microsoft Purview Data Lifecycle Management
C.Microsoft Purview Data Loss Prevention (DLP)
D.Microsoft Purview Audit
AnswerB

Data Lifecycle Management provides retention labels and policies that can be auto-applied based on sensitive data types, manage retention periods, and hold until disposition is approved.

Why this answer

Microsoft Purview Data Lifecycle Management (formerly Microsoft 365 Retention) is the correct solution because it enables organizations to automatically apply retention labels to sensitive content—such as documents containing passport numbers—based on sensitive information types. It also enforces a retention period (10 years) and prevents users from permanently deleting documents before that period ends, meeting both the detection and preservation requirements.

Exam trap

The trap here is that candidates often confuse Data Lifecycle Management with Data Loss Prevention, assuming DLP handles retention, when in fact DLP only prevents data exfiltration and does not manage retention periods or deletion prevention.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Information Protection focuses on classifying and protecting data through sensitivity labels and encryption, not on managing retention periods or preventing permanent deletion. Option C is wrong because Microsoft Purview Data Loss Prevention (DLP) is designed to detect and prevent unauthorized sharing or leakage of sensitive data, not to enforce retention schedules or block permanent deletion. Option D is wrong because Microsoft Purview Audit provides logging and investigation of user and admin activities, but it does not automatically detect sensitive content or apply retention policies.

60
MCQhard

Refer to the exhibit. You are analyzing a Microsoft Purview Data Lifecycle Management retention policy. What is the outcome of this policy?

A.Content from the HR department in Exchange and SharePoint is retained for 365 days and then deleted
B.Content from the HR department in Exchange and SharePoint is deleted after 90 days
C.Content from all employees in Exchange and SharePoint is retained for 365 days
D.Content from the HR department in Exchange and SharePoint is retained for 365 days
AnswerD

The policy keeps content for 365 days.

Why this answer

The policy has a retention period of 365 days with Keep action, meaning content is kept for 1 year and then no action (since no expiration action is defined). Option A is wrong because retention period is 365 days, not 90. Option B is wrong because the action is Keep, not Delete.

Option D is wrong because the query only targets HR department, not all employees.

61
MCQhard

A financial services company uses Microsoft Purview and must comply with a regulation that requires communication surveillance for market abuse. They need to capture all electronic communications (email, Teams chats) of traders and scan for specific keywords and trading patterns. Which Microsoft Purview solution is specifically designed for this?

A.Communication Compliance
B.Data Lifecycle Management
C.eDiscovery (Standard)
D.Insider Risk Management
AnswerA

Correct. Communication Compliance is designed for monitoring and reviewing electronic communications to detect risks like market abuse, regulatory violations, and inappropriate content.

Why this answer

Communication Compliance is the Microsoft Purview solution specifically designed to capture and analyze electronic communications (email, Teams chats) for regulatory compliance, such as detecting market abuse. It allows organizations to define policies that scan for specific keywords and trading patterns, automatically flagging messages that violate compliance rules. This directly addresses the requirement for communication surveillance in financial services under regulations like MiFID II or Dodd-Frank.

Exam trap

The trap here is confusing Communication Compliance with Insider Risk Management, as both deal with user behavior, but Communication Compliance is specifically for capturing and scanning communications for regulatory surveillance, while Insider Risk Management focuses on broader risk indicators like data theft or policy violations.

How to eliminate wrong answers

Option B (Data Lifecycle Management) is wrong because it focuses on retaining, deleting, or archiving data based on lifecycle policies, not on scanning communications for keywords or patterns. Option C (eDiscovery Standard) is wrong because it is designed for legal discovery and holds on content, not for proactive, real-time surveillance of communications for regulatory compliance. Option D (Insider Risk Management) is wrong because it detects risky user behavior (e.g., data exfiltration) using analytics and indicators, not specifically for capturing and scanning all trader communications for market abuse keywords and patterns.

62
MCQhard

A multinational corporation wants to detect scenarios where employees in the finance department are accessing and downloading customer credit card data from a CRM system and then emailing that data to personal accounts. The security team needs to define policies that identify this pattern of activity, analyze user behavior over time (e.g., building a user's baseline), and automatically escalate high-risk incidents for investigation. Which Microsoft Purview solution should they deploy?

A.Microsoft Purview Communication Compliance
B.Microsoft Purview Data Loss Prevention (DLP)
C.Microsoft Purview Insider Risk Management
D.Microsoft Purview eDiscovery (Premium)
AnswerC

Insider Risk Management is designed to identify and investigate malicious and inadvertent insider risks by analyzing user activities, building baselines, and detecting anomalies across multiple indicators.

Why this answer

Microsoft Purview Insider Risk Management is designed to detect risky user activities that violate organizational policies, such as accessing sensitive data and exfiltrating it via email. It uses machine learning to establish user baselines over time and automatically escalates high-risk incidents for investigation, directly matching the scenario's requirements.

Exam trap

The trap here is that candidates often confuse Data Loss Prevention (DLP) with Insider Risk Management because both deal with data protection, but DLP enforces rules on data in motion or at rest without analyzing user behavior baselines or detecting insider threat patterns over time.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Communication Compliance focuses on monitoring communications (e.g., email, Teams) for policy violations like harassment or inappropriate content, not on detecting data exfiltration patterns or building user baselines. Option B is wrong because Microsoft Purview Data Loss Prevention (DLP) prevents accidental or unauthorized sharing of sensitive data through policy enforcement (e.g., blocking emails), but it does not analyze user behavior over time or build baselines for anomaly detection. Option D is wrong because Microsoft Purview eDiscovery (Premium) is used for legal discovery and holds, searching, and exporting content for litigation or regulatory requests, not for real-time detection of risky user behavior or baseline analysis.

63
MCQmedium

Your organization uses Microsoft Purview to manage compliance. You need to create a policy that ensures data is retained for a specific period and then automatically deleted. Which solution should you use?

A.Microsoft Purview Audit
B.Microsoft Purview Compliance Manager
C.Microsoft Purview Information Protection
D.Microsoft Purview Data Lifecycle Management
AnswerD

Data Lifecycle Management manages retention and deletion.

Why this answer

Option A is correct because Data Lifecycle Management provides retention and deletion policies. Option B is wrong because Information Protection focuses on classification. Option C is wrong because Audit is for logging.

Option D is wrong because Compliance Manager is for risk assessment.

64
MCQhard

A company uses Microsoft Purview to manage data lifecycle. They configure a retention label that marks content as a regulatory record and apply it to sensitive documents. A user with edit permissions attempts to modify a document that has this label applied. What will be the outcome?

A.The user can edit the document but cannot delete it.
B.The user cannot edit or delete the document.
C.The user can edit the document if they have edit permissions, and any changes are recorded in the audit log.
D.The user can edit the document only after obtaining a legal hold.
AnswerB

Regulatory records are immutable; neither editing nor deletion is permitted, regardless of permissions.

Why this answer

When a retention label is configured as a regulatory record, it enforces the strictest retention and disposition controls. Regulatory records are immutable by design; once applied, no user—regardless of permissions—can edit or delete the content. This is because the label locks the document to prevent any modification or deletion until the retention period expires and a disposition review is completed.

Exam trap

The trap here is that candidates confuse 'regulatory record' with a standard retention label or a legal hold, assuming that edit permissions or audit logging still allow changes, when in fact regulatory records enforce complete immutability.

How to eliminate wrong answers

Option A is wrong because a regulatory record label prevents both editing and deletion, not just deletion. Option C is wrong because even with edit permissions, the label blocks all modifications; audit logging of changes is irrelevant since no changes can occur. Option D is wrong because a legal hold is a separate preservation mechanism (e.g., Litigation Hold or eDiscovery hold) and does not override the immutability of a regulatory record label; the user cannot edit the document under any circumstance while the label is active.

65
MCQeasy

A healthcare organization must comply with HIPAA regulations. They need to classify and protect medical records stored in Microsoft 365. Which Microsoft Purview solution should they use?

A.Microsoft Purview Audit
B.Microsoft Purview Priva
C.Microsoft Purview Data Lifecycle Management
D.Microsoft Purview Information Protection
AnswerD

Information Protection provides sensitivity labels and data classification.

Why this answer

Option B is correct because Microsoft Purview Information Protection includes sensitivity labels and data classification for regulatory compliance. Option A is wrong because Data Lifecycle Management focuses on retention, not classification. Option C is wrong because Audit is for logging.

Option D is wrong because Priva is for privacy management.

66
MCQmedium

A legal team is involved in a lawsuit and needs to ensure that all emails and documents related to the case are preserved in their original state, even if users edit or delete them. They also need the ability to search for these items and export them for legal review. Which Microsoft Purview solution should the compliance team configure to meet these requirements?

A.Microsoft Purview Compliance Manager
B.Microsoft Purview Data Lifecycle Management
C.Microsoft Purview eDiscovery (Standard)
D.Microsoft Purview Audit (Standard)
AnswerC

eDiscovery (Standard) is designed for legal and investigative needs. It can place holds on content to preserve it, search across Exchange, SharePoint, Teams, and other locations, and export results for review.

Why this answer

Microsoft Purview eDiscovery (Standard) is the correct solution because it provides the ability to place a legal hold on content (preserving emails and documents in their original state even if users edit or delete them), perform searches across Exchange Online, SharePoint Online, OneDrive for Business, and Teams, and export the results for legal review. This directly meets the requirements of preservation, search, and export for litigation.

Exam trap

The trap here is that candidates often confuse Data Lifecycle Management (retention/deletion) with eDiscovery (preservation/search/export), or mistakenly think Audit (Standard) can preserve and export content when it only records metadata about activities.

How to eliminate wrong answers

Option A is wrong because Microsoft Purview Compliance Manager is a risk-assessment and compliance-score tool that helps organizations track their compliance posture against regulations; it does not provide legal hold, search, or export capabilities for content. Option B is wrong because Microsoft Purview Data Lifecycle Management focuses on retention and deletion policies (e.g., automatically deleting old emails or documents) and does not include the ability to place a legal hold or perform eDiscovery searches and exports. Option D is wrong because Microsoft Purview Audit (Standard) logs user and admin activities (e.g., who accessed a file) but does not preserve content in its original state, nor does it allow searching and exporting of the actual emails and documents for legal review.

67
MCQeasy

A compliance administrator needs to generate a report showing all user activities related to accessing highly sensitive documents in SharePoint. Which Microsoft Purview solution should they use?

A.Audit (Standard or Premium)
B.eDiscovery
C.Data Loss Prevention
D.Communication Compliance
AnswerA

Audit logs record user activities like file access.

Why this answer

Option A is correct because Audit logs capture user activities such as access to files. Option B is wrong because DLP is for prevention, not reporting. Option C is wrong because eDiscovery is for content search.

Option D is wrong because Communication Compliance is for communications monitoring.

68
Multi-Selecthard

Which TWO scenarios are appropriate uses of Microsoft Purview Audit (Standard)?

Select 2 answers
A.Investigating a user who accessed a sensitive file in SharePoint.
B.Searching the audit log for admin activities in the past 60 days.
C.Generating custom reports with PowerShell for all activities.
D.Tracking when sensitivity labels are applied to documents.
E.Retaining audit logs for 2 years for compliance purposes.
AnswersA, B

Audit (Standard) logs file access events.

Why this answer

Options B and D are correct. Audit (Standard) logs user and admin activities (B) and can be searched in the Purview compliance portal (D). Option A is wrong because detailed custom reports are part of Audit (Premium).

Option C is wrong because sensitivity label events may require Audit (Premium) for full details. Option E is wrong because Audit (Standard) has a 90-day retention.

69
MCQhard

Your organization, Contoso Ltd., is a multinational company with offices in the US, EU, and Asia. You are the compliance administrator. The legal team requires that all documents containing personally identifiable information (PII) of EU citizens be retained for 10 years after the last modification. Additionally, any document classified as 'Highly Confidential' must be encrypted and have a custom header 'CONFIDENTIAL - DO NOT FORWARD' when shared externally. You also need to ensure that only users in the EU region can access documents containing EU PII. You have Microsoft Purview with the necessary licenses. You need to design a compliance solution that meets these requirements with minimal administrative overhead. What should you do?

A.Create a Data Loss Prevention (DLP) policy to block external sharing of PII; create a retention policy for 10 years on all content; use sensitivity labels for encryption
B.Create a retention label for 10-year retention based on PII content; create a sensitivity label 'Highly Confidential' with encryption and header; configure a conditional access policy in Microsoft Entra ID to restrict access to EU users for documents labeled 'Highly Confidential'
C.Use a single unified label that combines retention and sensitivity settings; then configure an auto-labeling policy to apply it; use a device compliance policy to restrict access
D.Create a retention policy for 10 years on all content; use sensitivity labels with encryption; then configure a DLP policy to add the header when shared externally
AnswerB

Retention label retains for 10 years; sensitivity label provides encryption and header; conditional access restricts by region.

Why this answer

Option A combines a retention label for 10-year retention, a sensitivity label with encryption and header, and a conditional access policy to restrict access based on region. This meets all requirements. Option B uses DLP, which does not enforce access control per region.

Option C uses a single label, but retention and sensitivity are separate; also conditional access is needed. Option D lacks encryption and header for external sharing.

70
MCQhard

Your company uses Microsoft Purview Communication Compliance to detect and remediate inappropriate messages. You need to create a policy that monitors Microsoft Teams chats for potential harassment. Which type of policy should you create?

A.Data Loss Prevention (DLP) policy
B.Information Barriers policy
C.Communication Compliance policy
D.Retention policy
AnswerC

Communication Compliance policies are designed to detect and remediate inappropriate messages in Teams, email, etc.

Why this answer

Option D is correct because Communication Compliance policies can monitor Teams chats for offensive language. Option A is wrong because Information Barriers restrict communication between groups. Option B is wrong because DLP policies protect sensitive data.

Option C is wrong because Retention policies manage data lifecycle.

71
MCQeasy

Your organization uses Microsoft Purview Data Lifecycle Management. You need to ensure that content in a SharePoint site is retained for 3 years after the last modification date. What should you create?

A.A static retention policy with a 3-year duration
B.An auto-labeling policy for sensitive data
C.A default retention label for the library
D.An adaptive retention policy based on a custom date property
AnswerD

Adaptive policies can use 'last modified' as the start of retention.

Why this answer

Option A is correct because adaptive retention policies can use a custom date property like 'last modified' to trigger retention. Option B is wrong because static policies apply to all content. Option C is wrong because default labels do not use custom dates.

Option D is wrong because auto-labeling is for classification.

72
MCQhard

You are designing a compliance solution for a global company. You need to ensure that data stored in SharePoint Online is not accessible from a specific geographic region. Which Microsoft Purview feature should you use?

A.Compliance boundaries
B.Data loss prevention policy
C.Retention policy
D.Sensitivity labels
AnswerA

Compliance boundaries restrict data access to specific geographies.

Why this answer

Option B is correct because Compliance Boundaries in Microsoft Purview allow you to define data access restrictions based on geographical boundaries. Option A is wrong because retention policies manage lifecycle, not access. Option C is wrong because sensitivity labels classify data but do not restrict access by region.

Option D is wrong because DLP policies prevent sharing, not access.

73
MCQeasy

Your organization wants to classify documents based on whether they contain confidential business information like trade secrets. You need to use a classifier that learns from example documents. What should you use?

A.Trainable classifier
B.Exact data match
C.Data loss prevention policy
D.Sensitive information type
AnswerA

Trainable classifiers learn from example documents provided by the organization.

Why this answer

Option D is correct because trainable classifiers use machine learning based on seed documents. Option A is wrong because SITs use predefined patterns. Option B is wrong because exact data match requires exact values.

Option C is wrong because DLP policies are actions, not classifiers.

74
MCQmedium

Refer to the exhibit. An administrator runs this PowerShell command. What is the purpose of this command?

A.To set a retention policy for the HR site.
B.To apply a retention label to all files in the HR site.
C.To delete all files in the HR site that were accessed in the last 90 days.
D.To retrieve audit records of file access and modifications in the HR SharePoint site from the last 90 days.
AnswerD

The command searches for specific operations (FileAccessed, FileModified) on a specific site.

Why this answer

Option B is correct because the command searches the unified audit log for file access and modification events in the HR SharePoint site from the last 90 days. Option A is wrong because it does not delete files. Option C is wrong because it does not apply labels.

Option D is wrong because it does not set retention.

75
MCQeasy

Your organization wants to audit all activities related to accessing sensitive files in Microsoft SharePoint. Which Microsoft Purview solution should you use?

A.Audit (Premium)
B.Data lifecycle management
C.Information barriers
D.Data loss prevention
AnswerA

Audit (Premium) logs all activities for security and compliance investigations.

Why this answer

Option C is correct because Audit (Premium) provides detailed logging of activities. Option A is wrong because DLP policies protect data. Option B is wrong because retention policies manage lifecycle.

Option D is wrong because information barriers restrict communication.

Page 1 of 5 · 333 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Describe the capabilities of Microsoft compliance solutions questions.