Examice

Exam MS-102 All QuestionsBrowse all questions from this exam

Question 209

You have a Microsoft 365 E5 subscription.

From the Microsoft Purview compliance portal, you create a new data loss prevention (DLP) policy named DLP1 that protects financial data from being shared by using Microsoft Teams messages. You apply DLP1 to the users in the finance department.

An incident is raised when a finance department user named User1 shares financial data in a Teams channel that includes external members.

When User1 uses Teams to send the same message in a 1:1 chat or a private channel, the message is blocked as expected.

You need to ensure that User1 is prevented from sharing financial data in Teams channels that include external members.

What should you do?

Edit the settings of the team that contains the channel.

Edit the Locations settings of DLP1.

Modify the licenses assigned to User1.

Edit the policy rules of DLP1.

Correct Answer: B

To ensure User1 is prevented from sharing financial data in Teams channels that include external members, you should edit the Locations settings of DLP1. By adjusting the location settings, you can specify that the DLP policy should also cover Teams channels, in addition to 1:1 chats and private channels, ensuring comprehensive coverage across all messaging platforms where data might be shared. This would address the issue of the current policy not blocking messages in Teams channels that include external members.

Discussion

ChapoOption: D

Answer is D. DLP is already blocking Teams internally. To block external sharing you use the DLP rules.

GeorgeMar

DLP policy customize access and override settings allows to Block only people outside your org

AlfaExamProOption: B

because DLP rules talk about DLP treshold, action etc DLP location more specific to set up DLP scope/location

VaeroxOption: D

https://learn.microsoft.com/en-us/purview/dlp-microsoft-teams#recommended-dlp-policy-structure Everyone, please take a look at this URL. It's a condition inside a DLP rule, so the answer has to be D.

aleksdjOption: D

It is D 100%! When you edit the policy through the Wizard, you will see that you can select the location for this policy, here you can choose to select all users or specific users, whatever option you choose it is only valid from internal to internal users, this option doesn`t affect the sharing from internal to external. Therefore you must click on "Next" and create a new "Advanced DLP Policy" rule where you can make a new condition : Content is shared from M365 > with people outside my organization.

timkuo1009Option: B

B is correct. Edit DLP policy->location and select sharepoint sites. Files that you upload to a channel are stored in your team's SharePoint folder. These files are available in the Files tab at the top of each channel. https://support.microsoft.com/en-us/office/file-storage-in-microsoft-teams-df5cc0a5-d1bb-414c-8870-46c6eb76686a

jt2214Option: D

I agree with Chapo - D

60ed5c2Option: D

But when I look at location in my tenant you can't differentiate between teams channels and chats - it is either on or off. So if it is working for chats - it would be working for channels if the location was set. It appears that editing the policy rules you can add an additional policy to apply if shared externally. I think D is correct.

Tomtom11Option: B

The Rule option is the answer. As you edit the rule by creating a condition option https://learn.microsoft.com/en-ie/purview/dlp-policy-design#complex-rule-design

cpaljchc4Option: B

“We need to block all sharing of SharePoint and OneDrive items to all external recipients...” - Administrative scope: Full directory - Where to monitor: SharePoint sites, OneDrive accounts - Conditions for a match: First Condition > Shared outside my org - Action: Restrict access or encrypt the content in Microsoft 365 locations > Block users from receiving email or accessing shared SharePoint, OneDrive > Block only people outside your organization. Think B is more direct to the question. Ref:https://learn.microsoft.com/en-us/purview/dlp-create-deploy-policy

GLLOption: B

Edit the Locations settings of DLP1

Murad01Option: D

I agree with answer: D

TonyManeroOption: B

I think must modify the Location because: "To scope a DLP Teams policy to all chat types, either scope your policy to All locations.." reference: https://learn.microsoft.com/en-us/purview/dlp-microsoft-teams?tabs=purview#scope-of-dlp-protection

TonyManeroOption: B

I think location is the is the most appropriate: https://learn.microsoft.com/en-ie/purview/dlp-policy-reference#locations

CraiggOption: B

Hi, I would have to go for B as it states that one to one chats are already block. One to one chats use one drive, teams chats do not. So we know the policy is correctly configured by you need to add the Teams chat location.

SesbriOption: B

For me it must be B. Here is my explanation: 1. Definition of locations in DLP: https://learn.microsoft.com/en-us/purview/dlp-create-deploy-policy#policy-scope - We se that locations are more like a cluster for which defines the platform 2. Definition of DLP rules: https://learn.microsoft.com/en-us/purview/dlp-create-deploy-policy#policy-scope - DLP rules consolidate the details of a rule. In this case the conditions are relevant. Here we can modify the actions to match the input from the question.