You need to notify the manager of the human resources department when a user in the department shares a file or folder from the department's Microsoft SharePoint site.
What should you do?
A.
From the SharePoint admin center, modify the sharing settings.
B.
From the SharePoint site, create an alert.
C.
From the Microsoft Purview compliance portal, create a data loss prevention (DLP) policy.
D.
From the Microsoft 365 Defender portal, create an alert policy.
D. From the Microsoft 365 Defender portal, create an alert policy.
An alert policy can be used to send notifications when certain events occur, such as when a file or folder is shared from a SharePoint site.
Correct: With an alert policy in the Microsoft 365 Defender portal, we can:
Define specific actions (e.g., sharing files or folders).
Specify the users or groups (e.g., HR department).
Notify designated recipients (e.g., the HR manager).
DLP Policies: These can be configured to monitor actions within a specific SharePoint site, such as the HR SharePoint site and notify specific individuals, such as the HR manager, when a sharing event occurs that matches the policy criteria.
Defender Alert Policies: Notifications are typically sent to security teams or administrators and focus on system-wide or security-related incidents such as phishing, malware, and suspicious activities and are sent to security teams or administrators
User (member or guest) shared a file, folder, or site in SharePoint or OneDrive for Business with a user in your organization's directory. The value in the Detailcolumn for this activity identifies the name of the user the resource was shared with and whether this user is a member or a guest. This activity is often accompanied by a second event that describes how the user was granted access to the resource; for example, adding the user to a group that has access to the resource.
I go to D.
Yes, you can also do it with DLP and there would be one or two arguments in favor of it:
Do I want to block access: DLP
If I want an alert and notification: DLP, Alert Policy
If I only want a notification, but no alert: DLP
Con DLP: I have to define 2 conditions (internal and external sharing)
Blocking access and only notifications (without alert) are not listed as a requirement and DLP would be "more difficult" to configure.
Therefore I go for Alert Policy.
https://learn.microsoft.com/en-us/purview/alert-policies?view=o365-worldwide - "You can use alert policies and the alert dashboard in the Microsoft Purview compliance portal or the Microsoft 365 Defender portal to create alert policies and then view the alerts generated when users perform activities that match the conditions of an alert policy" Because C is saying to create a DLP policy (not alert) The answer would be D.
The answer is C: DLP is used to notify users and auditors about data sharing intentionally or unintentionally, This portion is associated with protecting data and DLP is used for this objective.
This section is not available anymore. Please use the main Exam Page.MS-102 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Hard1k
Highly Voted 1 year, 7 months agoBigO76
3 months, 4 weeks agoRobo1985
Most Recent 1 month agofabiomartinsnet
1 month agoFrank9020
5 months, 1 week agoTomtom11
7 months, 4 weeks agoTomtom11
1 year, 1 month agonils241
1 year, 3 months agoitguys
1 year, 4 months ago60ed5c2
1 year, 5 months agosergioandreslq
1 year, 5 months agojt2214
1 year, 6 months agoPaul_white
1 year, 6 months agoPaul_white
1 year, 6 months agoGreatone1
1 year, 6 months agoDiligentSam
1 year, 6 months ago