Data Loss Prevention Policies: Verifying Functionality | Exam MS-500: Microsoft 365 Security Administration

Verifying Data Loss Prevention Policies

Prev Question Next Question

Question

You are the global admin of an organization with a Microsoft 365 subscription.

You have created several data loss prevention policies and would now like to verify that they are working as intended.

Where should you look?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: B

In Security & Compliance Center and Reports, you will find several Dashboards that show DLP data related to your policies.

These Dashboards are:

Role group name eDiscovery Manager Description Edit Perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. Assigned roles Export RMS Decrypt Custodian Communication Review Preview Compliance Search Case Management Hold
DLP policy matches Use data loss prevention (DLP) policies to help identity and protect your organizations sensitive information, For example you can set up policies to ‘help make sure information in email and docs isn't shared with the wrong people. +}Greate schedule Explore: Request report FE View details table Fitters Show data for All polices V. Break down by Services V Total © Exchange © SharePoint © OneDrive or Business BA) esse ay 30,2018 “Tota 318 200 © Exchange: 0 2 SharePoint 96 1 OneDrive for Business: 222, oO O- O-

Option A is incorrect.

You can view the policies you have created in Data loss prevention - Policies.

But you cannot verify how they are working.

Option C is incorrect.

Microsoft Information Governance capabilities can be used to govern your data for compliance or regulatory requirements.

Option D is incorrect.

You can configure alerts for DLP when an action is taken on a sensitive item.

It will not display how the policy is functioning.

Reference:

To know more about DLP Reports, please refer to the link below:

As the global admin of an organization with a Microsoft 365 subscription, if you have created several data loss prevention (DLP) policies and would like to verify that they are working as intended, you should look for the DLP policy results and alerts in the Microsoft 365 Compliance Center.

Option A: In Microsoft 365 Compliance Center - Data loss prevention, view Policies This option is the closest to the correct answer. However, viewing the DLP policies will only show you the settings and rules that you have configured. It will not give you any information on whether the policies are actually working as intended.

Option B: In Security & Compliance Center, view Reports This option is not the best answer to the question. The reports in the Security & Compliance Center provide information on various aspects of your organization's security and compliance posture. However, it does not provide any specific information on the status of your DLP policies.

Option C: In Microsoft 365 Compliance Center, view Information Governance This option is not relevant to the question. Information Governance is a separate area within the Microsoft 365 Compliance Center that focuses on managing data retention policies and data lifecycle management.

Option D: In Microsoft 365 Compliance Center - Data loss prevention, view Alerts This is the correct answer to the question. Viewing the alerts in the Microsoft 365 Compliance Center - Data loss prevention will show you any incidents that have been detected by your DLP policies. You can use this information to verify that the policies are working as intended and to fine-tune them if necessary.

In summary, to verify that your DLP policies are working as intended, you should look for alerts in the Microsoft 365 Compliance Center - Data loss prevention.

Prev Question Next Question