Summary and knowledge check


Insider threats and risks from illegal, inappropriate, unauthorized, or unethical behavior and actions are a major issue for all companies and can easily go undetected until it is too late. From IP theft to data leaks to many other scenarios, protecting the data within an organization from inadvertent or malicious actions is paramount for any organization. Microsoft's insider risk management policies can help organizations minimize threats while achieving the right balance between keeping their data protected and their people productive.

Now that you have completed this module, you should be able to:

  • Explain how Microsoft Purview Insider Risk Management can help prevent, detect, and contain internal risks in an organization
  • Describe the types of built-in, pre-defined policy templates.
  • List the prerequisites that need to be met before creating insider risk policies.
  • Explain the types of actions you can take on an insider risk management case.

Check your knowledge


If you want to define past and future review periods that are triggered after policy matches based on events and activities for the insider risk management policy templates, which policy setting do you select?


Configuring a Microsoft Human Resources (HR) data connector is a dependency for which insider risk management template?


You create a new policy by stepping through the policy wizard and policy settings. Which of the following is optional when creating a new policy?


You want to search for insider risk alerts that occurred in the past 30 days and are high severity risks. The easiest way to accomplish this is to do which of the following?


Which of the case actions opens a new eDiscovery (Premium) case in your Microsoft O365 investigation?