ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-900 All Questions

View all questions & answers for the MS-900 exam
Go to Exam

Exam MS-900 topic 1 question 224 discussion

Actual exam question from Microsoft's MS-900
Question #: 224
Topic #: 1
[All MS-900 Questions]

You deploy Enterprise Mobility + Security E5 and assign Microsoft 365 licenses to all employees.
Employees must not be able to share documents or forward emails that contain sensitive information outside the company.
You need to enforce the file sharing restrictions.
What should you do?

  • A. Use Microsoft Azure Information Protection to define a label. Associate the label with an Azure Rights Management template that prevents the sharing of files or emails that are marked with the label.
  • B. Create a Microsoft SharePoint Online content type named Sensitivity. Apply the content type to other content types in Microsoft 365. Create a Microsoft Azure Rights Management template that prevents the sharing of any content where the Sensitivity column value is set to Sensitive.
  • C. Use Microsoft Azure Information Rights Protection to define a label. Associate the label with an Active Directory Rights Management template that prevents the sharing of files or emails that are marked with the label.
  • D. Create a label named Sensitive. Apply a Data Layer Protection policy that notifies users when their document contains personally identifiable information (PII).
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by joca at Jan. 24, 2020, 5:12 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
lijk_manson
Highly Voted 4 years, 11 months ago
A is correct: https://docs.microsoft.com/en-us/azure/information-protection/what-is-azure-rms
upvoted 30 times
...
MD22
Most Recent 1 year, 11 months ago
Selected Answer: A
A should be correct
upvoted 1 times
...
AndrewsF
2 years, 2 months ago
I think the D is only for privacity and the question asks for sensitive information, not restrict to privacity. Answer correct is A
upvoted 1 times
...
BTL_Happy
2 years, 3 months ago
Should be A as question didn’t indicate PII related information
upvoted 1 times
...
idioteque
2 years, 6 months ago
Selected Answer: D
It's D. You will have to apply sensitivity and DLP (Data Loss Prevention) that prevents users to share the files outside of the company. The only problem is why on this answer's DLP stands for Data Layer Protection instead of Data Loss Prevention? :P
upvoted 2 times
Joseph07009
2 years, 1 month ago
The fact they said Data Layer Protection instead of Data Loss Prevention might be a clue not a bug. Data Layer protection is not relevant to the question.
upvoted 2 times
...
wando5000
2 years, 4 months ago
Answer is A. You only need to read the first five words as its the only answer that mentions the 'Information Protection' service Microsoft Azure Information Protection (AIP) helps organizations discover, classify, label, and protect sensitive documents and emails. Admins can define rules and conditions to apply labels automatically, users can apply labels manually, or a combination of the two can be used—where users are given recommendations on applying labels. Users also benefit by having the ability to manually apply sensitivity labels to their content or by having their content automatically classified.
upvoted 3 times
...
NoursBear
10 months, 1 week ago
yeah i wondered what that was all about
upvoted 1 times
...
...
Mikehjf
2 years, 7 months ago
Copy and past the question to Google. Every site gives "A" as the answer> I am going with A
upvoted 2 times
...
Ashwin28
2 years, 8 months ago
Selected Answer: A
i go with A
upvoted 2 times
...
Ste_W
2 years, 10 months ago
question is about sensitive information not privacy. Therefore answer is A
upvoted 2 times
...
Ulus
2 years, 12 months ago
Check the difference between A and C; ''Azure Information Rights Protection'' versus ''Azure Information Rights management''...I guess the first term is not used in this context, thus cannot be correct. Be aware of the Ms Lexicon is the message...
upvoted 1 times
...
vladosikpapirosik
3 years, 6 months ago
C is correct
upvoted 1 times
...
syu31svc
3 years, 7 months ago
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protection: "When a document or email is protected by a Rights Management service, it is encrypted at rest and in transit. It can then be decrypted only by authorized users. This encryption stays with the document or email, even if it is renamed. In addition, you can configure usage rights and restrictions, such as the following examples: Only users within your organization can open the company-confidential document or email." A for answer
upvoted 4 times
stuempi
3 years, 4 months ago
would also go with A.
upvoted 1 times
...
...
msmn
3 years, 8 months ago
this one is A : https://vceguide.com/what-should-you-do-6965/
upvoted 1 times
...
amanda179
3 years, 9 months ago
In the QA they say you must ENFORCE the file sharing restrictions. ENFORCE is the key. if you go to : https://docs.microsoft.com/en-us/microsoft-365/solutions/information-protection-deploy-protect-information?view=o365-worldwide you see that, DLP allows you to: Identify and monitor risky sharing activities. Educate users with in-context guidance to make the right decisions. ENFORCE data use policies upon content without inhibiting productivity. Integrate with classification and labeling to detect and protect data when it is shared.
upvoted 2 times
...
Gerardo1971
3 years, 9 months ago
Correct D
upvoted 1 times
...
Sanna92
3 years, 9 months ago
Correct answer is D - see the provided link TMW gave, there you will find data los prevention enforces this which also says in the question. But I agree very tricky question. For data privacy, you manually apply a sensitivity label with encryption and other rules to email or content containing sensitive personal information.
upvoted 1 times
...
TMW
3 years, 10 months ago
this one is tricky, see the Data loss prevention section of the following link: https://docs.microsoft.com/en-us/microsoft-365/solutions/information-protection-deploy-protect-information?view=o365-worldwide I think the ans is D
upvoted 1 times
...
solaaaaa
4 years, 2 months ago
no D is the right answer
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel