SIMULATION
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and select the username below.
To enter your password, place your cursor in the Enter password box and select the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: XXXXXXXXX
If the Microsoft Edge browser or Microsoft 365 portal does not load successfully, select the Microsoft Edge browser icon from the task bar, type the URL "https://admin.microsoft.com", and press Enter.
The following information is for technical support purposes only:
Lab Instance: XXXXXXXXX
Task 7
You need to publish the Product Retired retention label only to Exchange mailboxes and SharePoint classic and communication sites.
Publish the label with a static policy
Step 1: In the Microsoft Purview portal, go to Data lifecycle management > Policies > Label policies.
Step 2: Click Publish labels and then Choose labels to publish to select the Product Retired label.
Step 3: In the Policy scope section, choose Static and click Next.
Step 4: In the Choose where to publish labels screen, select Let me choose specific locations.
Step 5: For Exchange:
Select Exchange mailboxes. You can choose to apply it to All Exchange mailboxes or select specific ones from the list.
Step 6: For SharePoint:
Select SharePoint sites. You'll need to manually add the specific site collection addresses for both your classic and communication sites. A checkmark will appear next to the sites you add, and you can search for them in the next screen.
Step 7: Click Next, provide a name and description for the policy, and click Submit to create the policy.
Reference:
https://learn.microsoft.com/en-us/purview/create-apply-retention-labels
You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain United States passport numbers.
Users report that they cannot upload documents to a travel management website because of the policy.
You need to ensure that the users can upload the documents to the travel management website.
The solution must prevent the protected content from being uploaded to other locations.
Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
You need to deploy a Microsoft Purview insider risk management solution that will generate an alert when users share sensitive information on Site1 with external recipients.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct answer is worth one point.
You have a Microsoft 365 E5 subscription. The subscription contains a user named User1 and the sensitivity labels shown in the following table.

You publish the labels to User1.
The subscription contains the files shown in the following table.

Which files can Microsoft 365 Copilot summarize for User1?
You need to be alerted when users share sensitive documents from Microsoft OneDrive to any users outside your company.
What should you do?
You are creating a DLP policy named Policy1 that will be applied to the locations as shown in the following exhibit.

Policy1 contains an advanced data loss prevention (DLP) rule named Rule1.
Which two conditions can you use in Rule1? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.
You need to deploy a Microsoft Purview insider risk management solution that will generate an alert when users share sensitive information on Site1 with external recipients.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct answer is worth one point.
Hotspot Question
You have a Microsoft 365 ES subscription that uses Microsoft Exchange Online and Teams.
You need to ensure that when a user sends a message containing a cloud attachment, a retention label is applied to the cloud attachment by using an auto-labeling policy.
How should you configure the retention label to start the retention period, and to which locations should you apply the auto-labeling policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.


Explanation:
Box 1: Labeled
Automatically apply a retention label to retain or delete content
Auto-apply labels to cloud attachments
You might need to use this option if you're required to capture and retain all copies of files in your tenant that are sent over communications by users, or files that are referenced in Copilot for Microsoft 365. You use this option in conjunction with retention policies for the communication services themselves; Exchange, Teams, Viva Engage, and Copilot for Microsoft 365.
Important
When you select a label to use for auto-applying retention labels for cloud attachments, ensure that the label retention setting Start the retention period based on is When items were labeled.
Box 2: Microsoft 365 Group mailboxes & sites only
When you select a label to use for auto-applying retention labels for cloud attachments, make sure the label retention setting Start the retention period based on is When items were labeled.
When you configure the locations for this option, you can select:
* SharePoint classic and communication sites for shared files stored in SharePoint communication sites, team sites that aren't connected by Microsoft 365 groups, and classic sites.
*-> Microsoft 365 Groups for shared files that are stored in team sites connected by Microsoft 365 groups.
* OneDrive accounts for shared files stored in users' OneDrive.
Reference:
https://learn.microsoft.com/en-us/purview/apply-retention-labels-automatically
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the data loss prevention (DLP) policies shown in the following table.

The DLP rules are configured as shown in the following table.

All the policies are assigned to Site1.
You need to ensure that if a user uploads a document to Site1 that matches all the rules, the user will be shown the Tip 2 policy tip.
What should you do?
Hotspot Question
You have a data loss prevention (DLP) policy that has the advanced DLP rules shown in the following table.

You need to identify which rules will apply when content matches multiple advanced DLP rules.
Which rules should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.


Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies
Hotspot Question
You have a Microsoft 365 subscription that uses Microsoft Purview.
You need to investigate the following events:
- Events that occurred two months ago
- Events in which users accessed encrypted email by using a one-time
passcode (OTP)
Which Microsoft Purview solution should you use, and which type of record should you query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.


Explanation:
To investigate events where external users accessed encrypted email using a one-time passcode (OTP), you must use the following configuration in your query:
Microsoft Purview Feature: Audit (Standard) or Audit (Premium) (using the Audit log search tool) Record Type: OMEPortal Box 1: Audit The Audit search feature in the Microsoft Purview compliance portal tracks all user and administrator activities across Microsoft 365 services. Since the default retention period for Microsoft Purview Audit (Standard) is 180 days, it fully supports investigating events that occurred two months ago.
Box 2: OMEPortal
When a recipient signs into the Office 365 Message Encryption portal via a one-time passcode (OTP), the event is recorded under a specific schema.The required record type filter for the query is OMEPortal.This records operations such as external user authentication methods, message views, and attachment downloads.
Reference:
https://learn.microsoft.com/en-us/purview/audit-log-activities
https://learn.microsoft.com/en-us/office/office-365-management-api/omeportal
SIMULATION
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and select the username below.
To enter your password, place your cursor in the Enter password box and select the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: XXXXXXXXX
If the Microsoft Edge browser or Microsoft 365 portal does not load successfully, select the Microsoft Edge browser icon from the task bar, type the URL "https://admin microsoft.com", and press Enter.
The following information is for technical support purposes only:
Lab Instance: XXXXXXXX.
Task 3
You plan to automatically apply a watermark to the documents of a project named Falcon.
You need to create a label that will add a watermark of "Project Falcon" in red, size-12 font diagonally across the documents.
Step 1: From the Microsoft Purview compliance portal, select Solutions > Information protection > Labels Step 2: On the Labels page, select + Create a label to start the new sensitivity label configuration:

Step 3: On the Define the scope for this label page, the options selected determine the label's scope for the settings that you can configure and where they'll be visible when they're published.
In our case select: Items, Files, and select Word documents.

Note: If Items is selected, you can configure settings that apply to apps that support sensitivity labels, such as Office Word and Outlook. Optionally, you can extend these labels to include meetings from Teams and Outlook, and to protecting Teams meetings themselves by enforcing settings for Teams meetings and related chat.
Step 4: Follow the configuration prompts for the label settings. Use the help in the UI for individual settings.
Step 5: In the UI add a watermark of "Project Falcon" in red, size-12 font diagonally across the document.
Note: What sensitivity labels can do
After a sensitivity label is applied to an email, meeting invite, or document, any configured protection settings for that label are enforced on the content. You can configure a sensitivity label to:
* Mark the content when you use Office apps, by adding watermarks, headers, or footers to email, meeting invites, or documents that have the label applied. Watermarks can be applied to documents but not email or meeting invites. Example header and watermark:

Step 6: Finish the Wizard
Reference:
https://learn.microsoft.com/en-us/purview/create-sensitivity-labels
https://answers.microsoft.com/en-us/msteams/forum/all/how-to-automatically-apply-sensitivity-labels-to/2482d1b2-1fe6-4a80-af4a-2b93b9c670de
Your company has Microsoft 369 E5 subscription and plans to use Microsoft Purview Advanced Message Encryption.
Each product group at your company must show a distinct product logo in encrypted emails instead of the standard Microsoft 365 logo.
What should you do to create the branding templates?