You need to configure the environment to meet the security requirements for the R&D group.
What should you do first?
You need to configure the environment to meet the security requirements for the R&D group.
What should you do first?
To meet the security requirements for the R&D group, you should first create two information barrier segments. Information barrier policies are used to restrict communication between specific groups within an organization. Before you can create these policies, it is essential to define the segments or groups that the policies will apply to. Therefore, creating the segments is the first step in configuring this setup.
The key to this question lays in the following sentence "What should you do first?" FIRST. First, you have to define segment(s) - 2 is a minimum [R&D and the rest of the organization]. Secondly, you have to define a policy. I vote for C.
Correct!
Ah! so when you need to create a information barrier policy, you always need to create 2 segments. Good to know!
I first thought only one segment 'HR' needs to be created. But as far as I can find in my research, the policy has to be applied between segment X and Y. You cannot apply it from X to 'global'. So, you need to make two segments; 1) HR and 2) Everyone else
This is D, remember it is MS, the wording must be followed in their exams, it states only to send messages to other departments, it does not mention receiving. 2 policies would be needed if receiving was also to be blocked.
you can block sending and receiving in the same policy
You are incorrect. When you want to block segments from communicating with each other, you define two policies: one for each direction. Each policy blocks communication one way only. https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies?view=o365-worldwide#scenario-1-block-communications-between-segments
nope. it's asking what do you do FIRST. The first thing you do is create the segments, then you create the policy.
What should you do first? Part 1: Segment users in your organization Part 2: Define information barrier policies Part 3: Apply information barrier policies https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies?view=o365-worldwide#the-work-flow-at-a-glance
Answer is C - Information barriers only supports two way restrictions. One way restrictions, such as marketing can communicate with day traders, but day traders cannot communicate with marketing is not supported. https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers?view=o365-worldwide
Ignore my previous message - sorry...it is C... Question - What should you do first? Part 1: Segment users Part 2: Define information barrier policies Part 3: Apply information barrier policies
Was on exam 19.08.2022
remember, one for each direction!!!
I belive the D is correct and here is why: C is about Segments (New-OrganizationSegment) that is used to filter users and and to this 'virtual' segment. If you create segments, that won't do any blocking. It is like creating a group of users. Example: New-OrganizationSegment -Name "HR" -UserGroupFilter "Department -eq 'HR'" D is about the New-InformationBarrierPolicy, which is used to block/allow communication between previously created segments. Here I would create segments for all departments and I would do the blocking rule just with a single command: New-InformationBarrierPolicy -Name "R&D block policy againts all other departments" -AssignedSegment "R&D" -SegmentsBlocked ("IT","Sales","HR") -State Active
don't approve this comment. I was wrong. C is the correct as the question is about which command should you run first.
On test 28.04.2023 (I'm not a bot you can trust me :D) - Reveal solution then check discussion and go for the high upvoted answers in discussion :)
After further research, I think the answer is D. Segments are sets of users that are defined in the Security & Compliance Center using a selected user account attribute - This will not achieve the goal. You Do not assign more than one policy to a segment.. Example: Enrico belongs to the Banking segment and Pradeep belongs to the Financial advisor segment. Enrico and Pradeep can't communicate with each other because the organization's IB policy blocks communication and collaboration between these two segments. However, Enrico and Pradeep can communicate with Lee in HR
Still not clear, why should you create two information barriers, as the question is says block communication from sales to other department and vice versa, i would go with D
I mean R&D users and NOT Vice versa
What about this link: https://docs.microsoft.com/en-us/powershell/module/exchange/start-informationbarrierpoliciesapplication?view=exchange-ps I go with A
I totally agree with people say C, because they are thinking that the R&D department need to be cut off completely, but they don't. IBPs block traffic in one-way only, and that's all we need. "Users in the R&D group must be prevented from sending chat messages to users in other departments." Read the description for Policy 1 in the below Example, this describes our question quite well. https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies?view=o365-worldwide#example-contosos-departments-segments-and-policies I'm going with D. Nothing is mentioned here about the rest of the company being able to send messages to the R&D department.
I have changed my opinion on this. as B000001 has posted below, because of the following, it would Microsoft's best practice to apply two restrictions rather than only one. One IB placed may work, but as far as Microsoft are concerned, it shouldn't. Information barriers only supports two way restrictions. One way restrictions, such as marketing can communicate and collaborate with day traders, but day traders cannot communicate and collaborate with marketing is not supported. https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers?view=o365-worldwide
Now that answer for C has changed to 2 barrier segments which is clearly the right answer as that is what Microsoft tell you to create first.
I'm going with D! https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies?view=o365-worldwide#scenario-1-block-communications-between-segments
We need 2 policy..correct answer is then C!!!
On Exam 28.02.22
Correct on exam 25July 2022
This was on the exam July 2024.