Exam SC-200 topic 1 question 3 discussion

Azure API is the correct answer. The question is asking what you need. It is not asking you how to do it. You must use Azure AIP as a tool for DLP. And then Regex is a way to build your pattern in case there is not any built-in sensitive pattern type that supports your case (account number with 32 char). So bonus the regex ^[a-zA-Z0-9]{32}$

You would use both C and D, so as with many MS exam questions, toss a coin, pick your answer and hope for the best.

This is the correct answer The question is asking what you need. It is not asking you how to do it.

C is the correct option

Answer is C

D. RegEx pattern matching To detect sensitive documents in SharePoint Online, you can use a RegEx (regular expression) pattern matching rule in the data loss prevention (DLP) policy. A RegEx pattern is a sequence of characters that defines a search pattern, which can be used to match specific sequences of characters in the documents. In this scenario, you can use a RegEx pattern to match the customer account numbers, which consist of 32 alphanumeric characters. By using a RegEx pattern, you can accurately identify the sensitive documents that contain the customer account numbers and take appropriate action, such as blocking access to the documents or sending notifications to the appropriate users. Once you have defined the RegEx pattern, you can create a DLP policy in Microsoft Defender for Office 365 that uses the pattern to detect sensitive documents. The DLP policy can then be configured to take appropriate action, such as blocking access to the sensitive documents or sending notifications to the appropriate users.

You can use a regex in Microsoft Purview Data Loss Prevention (DLP) to define patterns that help you identify and classify sensitive data, or to help detect patterns in content. https://learn.microsoft.com/en-us/purview/dlp-policy-learn-about-regex-use

D should be the correct answer as DLP policies in SharePoint and OneDrive for work or school web clients support various conditions and actions. You can define sensitive information types (SITs) or use regular expressions (RegEx) to match content and enforce protection.

D is correct; AIP provides a label function but cannot be used for DLP policy conditions;,DLP policies can be regular expressions https://learn.microsoft.com/ja-jp/purview/dlp-policy-learn-about-regex-use

I agree D is the correct answer

I agree D

I tried to apply the different solution, but only D seems to be correct, below the steps I followed in my environment: Open the Microsoft Pureview portal: 1) Create a new classifier: - Data Classification -> Classifiers -> Sensitive Info Type -> Create a new classifier with the regex (32 alphanumeric characters) https://learn.microsoft.com/en-us/purview/create-a-custom-sensitive-information-type?view=o365-worldwide 2) Create the DLP rule (using the previously created classifier) - Data Loss Prevention -> Policies -> Create a policy and using the previously created classifier. AIP uses labels, and I couldn't find the option to create them with Regex, moreover this functionality should be part of another plan

Regex since questions asks what you use to detect the sensitive documents. So you would use RegEx pattern matching to detect the sensitive documents and the DLP policy to protect them.

Regular expressions (RegEx) are a powerful tool for pattern matching in text. They can be used to identify specific patterns of characters, such as 32 alphanumeric characters. This makes them ideal for detecting customer account numbers in documents.

https://learn.microsoft.com/en-us/purview/dlp-policy-learn-about-regex-use

Regex is the correct answer because, in the question, you need to create a DLP. and only regex can identify/detect which documents has hit

Option C