This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Your company is in the initial stages of planning data loss prevention (DLP) policies. You need to involve multiple departments to ensure comprehensive coverage. Which stakeholders should be included in this process?
Only the IT department, since they're responsible for implementing and maintaining the DLP policies.
Only the security team, since they're responsible for protecting sensitive data.
IT, security, compliance officers, legal teams, and business unit leaders to make sure that all types of sensitive data and business needs are covered.
Your organization is preparing to deploy a new DLP policy to protect sensitive customer data. You want to ensure the policy doesn't disrupt workflows by generating false positives. What should your first step be before fully enforcing the policy?
Run the policy in simulation mode to evaluate its effectiveness without blocking any actions.
Turn the policy on immediately to start blocking any sensitive data sharing.
Only apply the policy to a few key services and enforce it right away.
Your company is using a DLP policy created from a preconfigured template, but you notice it's generating too many false positives for internal communications. What should you do next?
Delete the policy and create a new custom policy from scratch.
Turn off the policy to prevent any further disruptions to internal workflows.
Modify the policy to exclude internal domains from being flagged for sensitive data sharing.
Your company is setting up a DLP policy with Adaptive Protection for Microsoft Teams and Exchange. Users with 'Minor Risk' levels need some oversight but shouldn't face harsh restrictions. How should you configure the policy?
Apply the same DLP rules for 'Minor Risk' users as for 'Elevated Risk' users, to be safe.
Allow sharing of sensitive data but audit all activities for 'Minor Risk' users.
Block all sensitive data sharing for 'Minor Risk' users to ensure safety.
Your organization has been using the DLP Alerts dashboard to monitor policy violations. You need more detailed insights into how data is being shared, including specific actions like copying or printing sensitive data. What tool would be more appropriate for this task?
Use Activity Explorer to track detailed user actions and review how sensitive data is being handled across the organization.
Rely only on DLP Alerts dashboard to manage all activities involving sensitive data.
Turn off DLP alerts to reduce the number of notifications and focus only on major incidents.
You must answer all questions before checking your work.
Was this page helpful?