- (Topic 6)
Your company has a Microsoft 365 E5 tenant that contains a user named User1. You review the company’s compliance score.
You need to assign the following improvement action to User1:Enable self-service password reset.
What should you do first?

1. A. From Compliance Manager, turn off automated testing.
2. B. From the Azure Active Directory admin center, enable self-service password reset (SSPR).
3. C. From the Microsoft 365 admin center, modify the self-service password reset (SSPR) settings.
4. D. From the Azure Active Directory admin center, add User1 to the Compliance administrator role.

Correct Answer: D

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-improvement-actions?view=o365-worldwide
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You have a Microsoft Office 365 retention label named Retention1 that is published to Exchange email.
You have a Microsoft Exchange Online retention policy that is applied to all mailboxes. The retention policy contains a retention tag named Retention2.
Which users can assign Retention1 and Retention2 to their emails? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Topic 2)
Which report should the New York office auditors view?

1. A. DLP policy matches
2. B. DLP false positives and overrides
3. C. DLP incidents
4. D. Top Senders and Recipients

Correct Answer: C
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention- policies
This report also shows policy matches over time, like the policy matches report. However, the policy matches report shows matches at a rule level; for example, if an email matched three different rules, the policy matches report shows three different line items. By contrast, the incidents report shows matches at an item level; for example, if an email matched three different rules, the incidents report shows a single line item for that piece of content. Because the report counts are aggregated differently, the policy matches report is better for identifying matches with specific rules and fine tuning DLP policies. The incidents report is better for identifying specific pieces of content that are problematic for your DLP policies.

- (Topic 6)
You have a Microsoft 365 subscription that contains an Azure AD tenant named contoso.com. The tenant includes a user named User1.
You enable Azure AD Identity Protection.
You need to ensure that User1 can review the list in Azure AD Identity Protection of users flagged for risk. The solution must use the principle of least privilege.
To which role should you add User1?

1. A. Security Reader
2. B. Global Administrator
3. C. Owner
4. D. User Administrator

Correct Answer: A

DRAG DROP - (Topic 6)
DRAG DROP
You have a Microsoft 365 E5 tenant.
You need to implement compliance solutions that meet the following requirements:
• Use a file plan to manage retention labels.
• Identify, monitor, and automatically protect sensitive information.
• Capture employee communications for examination by designated reviewers.
Which solution should you use for each requirement? To answer, drag the appropriate solutions to the correct requirements. Each solution may be used once, more than once, or not at all. You may need to drag the split bat between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A