Exam SC-400 topic 6 question 22 discussion

I am going with A. Need to reduce the impact on users and reduce administrative effort. You need to make the group first, before you make the policy and then assign the group to the policy.

Tested in lab. Answer appears to be B While creating the Insider Risk Policy you can select 'Users', 'Groups' or 'Adaptive Scopes'

I think it is A the question ask: what you do first. answer B create the policy and at the end is what you will do, to reach your goal answer C: priority user group are made to limit who can see their action, answer D: it is a type of policy, you don't know which one you have to do, it is not important

I think it is C. "For example, you need to protect against data leaks for a highly confidential project where users have access to sensitive information. You choose to create the Confidential Project Users priority user group for users in your organization that work on this project." From: https://learn.microsoft.com/en-us/purview/insider-risk-management-settings-priority-user-groups I think you would want to make the priority user group before the policy. Please correct me if this thinking is incorrect.

Create an Insider Risk Management Policy: Go to the Microsoft Purview compliance portal. Use the Insider risk management solution to create a new policy. Configure the policy to focus on the specific users associated with the project. Define risk indicators and customize thresholds for alerts based on your organization’s needs1. This approach allows you to tailor the policy to the project without affecting users who are not part of it. B

B is the correct answer.

There's a whole menu hidden behind the gear icon in IRM menu.