You have a Microsoft 365 subscription.
You have an Azure AD tenant that contains the users shown in the following table.
You configure Tenant properties as shown in the following exhibit.
Which users will be contacted by Microsoft if the tenant experiences a data breach?
In the event of a data breach, Microsoft contacts the Global Privacy Contact if one has been designated. If no Global Privacy Contact is listed, Microsoft contacts the Global Administrators. In this scenario, the Global Privacy Contact field is empty. Therefore, the Global Administrator, User2, will be contacted by Microsoft in the event of a data breach.
"Global privacy contact: Type the email address for the person to contact for inquiries about personal data privacy. This person is also who Microsoft contacts if there's a data breach related to Azure Active Directory services. If there's no person listed here, Microsoft contacts your Global Administrators. " Source: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/properties-area
But user1 is listed if you look in to the graph and user 1 is a security administrator. If nothing is listed, then GA will receive a mail.. so the correct answer is only User1
User 1 Only is the only correct answer
Please moderator remove my previous messages, it is wrong! Correct answer is User 2 only :)
Correct answer is D, see explanation below: User1 is Security Administrator and Technical Contact hence he will receive a notification for being Technical Contact. User2 is Global Administrator so he will received a notification as well. User3 is Service Support Administrator so he won’t received a notification. Reference: https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-azure-dynamics#customer-notification If warranted, one or more of the following roles may be notified via email of a security or privacy incident in conjunction with, or in lieu of, a service health notification: Azure Subscription Administrators or Owners Azure Active Directory Global Tenant Administrators Azure Active Directory Tenant Technical Contacts
Good point. Except for the Security Administrator. I don't agree, because the definition of the technical contact is this: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/properties-area This is something different than the Security Administrator. The technical contact is not in the answer. Therefore I choose answer B.
The question says "will be", but your explanation says "may be". Since there is no global privacy contact, Global Admins "will be" notified. The Technical Contact, may be contacted if warranted. 3. Add your privacy info for your users: Technical contact. Type the email address for the person to contact for technical support within your organization. Global privacy contact. Type the email address for the person to contact for inquiries about personal data privacy. This person is also who Microsoft contacts if there's a data breach related to Microsoft Entra services. If there's no person listed here, Microsoft contacts your Global Administrators.
User2 only. There isn't a privacy contact listed, so MS will contact the GA.
Was in Exam 27-6-24
Microsoft 365 is committed to notifying customers within 72 hours of breach declaration. The customer's tenant administrator will be notified. Tenant admin will be the GA not security admin.
"Global privacy contact" is user that is contacted in a data breach. As we can see, it is empty, therefore the Global Admin is notified. So B
B is correct
Option E.
I will go for B
https://learn.microsoft.com/en-us/entra/fundamentals/properties-area
The correct answer is "User 2 only", since the technical contact is for technical support and the privacy contact is in case of a data breach related to Microsoft Entra services. So they will contact the global administrators, User 2 https://learn.microsoft.com/en-us/entra/fundamentals/properties-area#:~:text=Esta%20persona%20tambi%C3%A9n,con%20Microsoft%20365
Utilisateurs 1 et 2 uniquement vu que l'énoncé de la question demande quels sont les utilisateurs et non pas quel utilisateurs. Donc il est question du pluriel
https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-office365
Correction, actually, B. there is no "Privacy contact". https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-office365 "Providing customers with an ability to specify a dedicated privacy contact who will be notified in the event of a breach. Customers can specify this contact using the Privacy reader role settings for Message Center." "As noted previously, Microsoft 365 is committed to notifying customers within 72 hours of breach declaration. The customer's tenant administrator will be notified. Additionally, Microsoft 365 recommends that customers designate one or more individuals as Message Center Privacy readers, which can be done in the Microsoft 365 admin center. In the event of personal data breach, resources assigned the Message Center Privacy reader role will be able to access the Message center to see relevant privacy notifications and, depending on their Message center preferences, may receive a related email."
Reference: https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-azure-dynamics#customer-notification This States "If warranted, one or more of the following roles may be notified via email of a security or privacy incident in conjunction with, or in lieu of, a service health notification" The key words are MAY BE. The question states WILL BE so in the absence of the privacy contact the GA will be notified.
I believe B: https://learn.microsoft.com/en-us/entra/fundamentals/properties-area Technical contact. Type the email address for the person to contact for technical support within your organization. --> has nothing to do with the data breach Global privacy contact. Type the email address for the person to contact for inquiries about personal data privacy. This person is also who Microsoft contacts if there's a data breach related to Microsoft Entra services. If there's no person listed here, Microsoft contacts your Global Administrators. For Microsoft 365 related privacy incident notifications, see Microsoft 365 Message center FAQs
In Microsoft 365, the Global Administrator is the default contact for security and privacy-related matters, including data breaches. If your tenant doesn't have a designated Global Privacy Contact, Microsoft will contact the Global Administrator in the event of a data breach.
D option is right answer as Global Administrator and Technical contact will be notified