This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
A security team is planning a new data loss prevention (DLP) policy to address accidental external sharing. Some team members want to immediately block sharing, while others want visibility first. What should guide the initial policy decision?
The availability of blocking actions for the selected locations.
Clarity about the specific risk scenario the policy is meant to address.
How quickly the policy can be deployed across all locations.
An organization needs a DLP policy to address a well-known compliance scenario quickly. The policy might need refinement later as workflows are better understood. How should the team start?
Create a fully custom policy to avoid rework later.
Delay policy creation until all workflows are fully documented.
Start with a template-based policy and plan to refine it if needed.
A DLP policy is triggering frequently but many alerts represent acceptable business activity. What detection adjustment is most likely to reduce noise?
Add contextual conditions such as action type or destination.
Remove content-based detection entirely.
Increase enforcement actions to discourage users.
A policy applies to all users and locations and is difficult to validate because results are noisy and inconsistent. What scoping approach would improve validation?
Apply the policy only after enforcement is enabled.
Start with a narrower scope focused on higher-risk locations or user groups.
Keep the broad scope but lower alert thresholds.
After running a DLP policy in simulation mode, results show frequent triggers during normal workflows. What is the most appropriate next step?
Enable enforcement immediately to reduce risk exposure.
Delete the policy and restart with a new design.
Adjust detection, scope, or actions based on observed behavior, then revalidate.
You must answer all questions before checking your work.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?