Correct- B-
In addition, using Endpoint data loss prevention (DLP), **Activity explorer** gathers **DLP policy matches** events from Exchange, SharePoint, OneDrive, Teams Chat and Channel, on-premises SharePoint folders and libraries, on-premises file shares, and devices running Windows 10, Windows 11, and any of the three most recent major macOS versions.
Ref: https://learn.microsoft.com/en-us/purview/data-classification-activity-explorer
Fouces to words between ( ** ** )
To review DLP policy matches for the tenant, you should use the Content Explorer (Option A). The Content Explorer in the Microsoft 365 compliance center allows you to view and manage sensitive information that matches your Data Loss Prevention (DLP) policies. It provides insights into where sensitive information resides in your organization and helps you manage risks associated with this data. Please note that appropriate permissions are required to access the Content Explorer.
- Copilot -
Copilot shows you a link of a Microsoft doc, if you search in the page Content Explorer no results are found but Activity Explorer is mentioned, so don't trust Copilot for this question.
The Activity explorer provides a historical view of activities on your labeled content, collected from the Microsoft 365 unified audit logs. It’s used to monitor what’s being done with your labeled content, such as when a label is applied, changed, or removed.
On the other hand, the Content explorer gives you visibility into what content has been discovered and labeled, and where that content is located. It specifically allows you to see the actual content of scanned files that match your DLP policies.
This is why Content explorer is the appropriate tool for reviewing DLP policy matches, as it directly shows the content that triggered the DLP policy. Activity explorer is more about the actions taken on the content, rather than the content itself.
https://microsoft.github.io/ComplianceCxE/playbooks/teamsdlp/#introduction
https://learn.microsoft.com/en-us/training/modules/manage-data-loss-prevention-polices/4-use-data-loss-prevention-reports
The Activity explorer tab on the DLP page has multiple filters you can use to view DLP events. Use this tool to "review activity" related to content that contains sensitive info or has labels applied, such as what labels were changed, files were modified, and matched a rule.
In addition, using Endpoint data loss prevention (DLP), Activity explorer gathers DLP policy matches events from Exchange, SharePoint, OneDrive, Teams Chat and Channel, on-premises SharePoint folders and libraries, on-premises file shares, and devices running Windows 10, Windows 11, and any of the three most recent major macOS versions.
https://learn.microsoft.com/en-us/purview/data-classification-activity-explorer
I think it is (A)content explorer which can Investigating incidents related to data loss, security, or compliance.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.SC-400 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TC1Labs
6 months, 4 weeks agoSDiwan
1 year, 1 month agoemartiy
1 year, 2 months agoRuslan23
1 year, 2 months agoRuslan23
1 year, 1 month agoEhernandez
1 year agoRuslan23
1 year agoKodoi
1 year, 2 months agoTzu_Hsien
1 year, 2 months ago