Exam SC-100 topic 3 question 7 discussion

Better to select B - https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide like for example You can use sensitivity labels to: Provide protection settings that include encryption and content markings. For example, apply a "Confidential" label to a document or email, and that label encrypts the content and applies a "Confidential" watermark. Content markings include headers and footers as well as watermarks, and encryption can also restrict what actions authorized people can take on the content. Protect content in Office apps across different platforms and devices. Supported by Word, Excel, PowerPoint, and Outlook on the Office desktop apps and Office on the web. Supported on Windows, macOS, iOS, and Android. Protect content in third-party apps and services by using Microsoft Defender for Cloud Apps. With Defender for Cloud Apps, you can detect, classify, label, and protect content in third-party apps and services, such as SalesForce, Box, or DropBox, even if the third-party app or service does not read or support sensitivity labels.

B is part of Microsoft Information Protection to add Visual markings e.g. watermark for sensitive information.

It's B and not A. "When a document is labeled by Defender for Cloud Apps, visual markings, such as headers, footers, or watermarks, are not applied". https://learn.microsoft.com/en-us/defender-cloud-apps/use-case-information-protection#validate-your-policy

To add a watermark to email attachments containing sensitive data in your Microsoft 365 E5 subscription, I recommend using Microsoft Information Protection. This solution allows you to apply watermarks to files and emails, ensuring that sensitive content is clearly marked and protected. By configuring content marking options, you can add watermarks, headers, or footers to attachments, helping meet compliance requirements and enhance security

Azure Purview is now Microsoft Purview, and sensitivity labels are part of Microsoft Purview, and there are no "Microsoft Information Protection" it call "Microsoft Purview Information Protection"

Definitely B - I accidentally enabled this for the entire organisation :-P

Answer B, in exam Nov 23

To add a watermark to email attachments that contain sensitive data in a Microsoft 365 E5 subscription, you should recommend B. Microsoft Information Protection. Microsoft Information Protection (MIP) is a comprehensive solution that allows you to classify, label, and protect sensitive information in emails and documents. It includes the ability to apply watermarks to documents and emails based on sensitivity labels. By configuring sensitivity labels and associated policies, you can automatically add watermarks to email attachments containing sensitive data, helping to protect the information and ensure it is appropriately labeled.

A: https://learn.microsoft.com/en-us/defender-cloud-apps/tutorial-dlp Define which information is sensitive: Before looking for sensitive information in your files, you first need to define what counts as sensitive for your organization. As part of our data classification service, we offer over 100 out-of-the-box sensitive information types, or you can create your own to suit to your company policy. Defender for Cloud Apps is natively integrated with Microsoft Purview Information Protection and the same sensitive types and labels are available throughout both services. So when you want to define sensitive information, head over to the Microsoft Purview Information Protection portal to create them, and once defined they'll be available in Defender for Cloud Apps. You can also use advanced classifications types such as fingerprint or Exact Data Match (EDM).

Microsoft Defender for Cloud Apps, insider risk management, and Azure Purview, are not specifically designed to add watermarks to email attachments.

Well, now it's called Microsoft Purview Information Protection- and there is no Azure Purview.

B is the answer. https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide Sensitivity labels from Microsoft Purview Information Protection let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered. You can use sensitivity labels to: - Provide protection settings that include encryption and content markings. For example, apply a "Confidential" label to a document or email, and that label encrypts the content and applies a "Confidential" watermark. Content markings include headers and footers as well as watermarks, and encryption can also restrict what actions authorized people can take on the content.

I would chose AIP always for watermarks

I would select D: https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide Anyone knows a reason why it's not D: Azure Purview? Purview You can use sensitivity labels to: Provide protection settings that include encryption and content markings. For example, apply a "Confidential" label to a document or email, and that label encrypts the content and applies a "Confidential" watermark. Content markings include headers and footers as well as watermarks, and encryption can also restrict what actions authorized people can take on the content.

B is correct

B is the right choice. A is more for thirdparty App information you have 365 E5 so using 365 Email not of any 3rd Party. Information Protection will help you here to apply the water mark based on the classification of Labels, (Ex:Internal/confidential/Public)

Information protection