MS-203 - Microsoft 365 Messaging Data Loss Prevention Policies Questions and Answers

Question 1

An organization needs to prevent employees from emailing documents containing credit card numbers to external recipients.
However, the policy must allow for legitimate business cases where a user can send the information after providing a reason.
Which combination of actions should an administrator configure in the Data Loss Prevention (DLP) policy rule?

Accepted Answer

Set the action to 'Restrict access' to block external users, and enable 'User overrides' with a business justification.

Answer

Set the action to 'Restrict access' and enable 'User notifications'.

Answer

Set the action to 'Audit only' and configure an 'Incident report'.

Answer

Set an 'Exception' for the finance department and set the action to 'Encrypt the message content'.

Question 2

What is the primary function of a "Policy Tip" within a Microsoft 365 Data Loss Prevention (DLP) policy for Exchange Online?

Accepted Answer

To display a real-time notification to the sender in their Outlook client, warning them of a potential policy violation.

Answer

To automatically encrypt the email message before it is sent.

Answer

To send a detailed incident report to the compliance administrator.

Answer

To quarantine the message for review before delivery is attempted.

Question 3

An administrator is creating a new Data Loss Prevention (DLP) policy to identify and protect Australian financial data, including bank account and tax file numbers. Which of the following components should the administrator use to define the specific patterns for this type of data?

Accepted Answer

Sensitive Information Types (SITs)

Answer

A transport rule

Answer

A retention label

Answer

A communication compliance policy

Question 4

A financial services company has a strict DLP policy that blocks any email containing a high volume of customer financial records from being sent externally. A user in the wealth management group needs to send an encrypted report to a pre-approved external auditor. How can an administrator modify the DLP policy to allow this specific scenario without weakening the overall policy?

Accepted Answer

Add an exception to the rule that allows the email if the message is encrypted.

Answer

Add the auditor's domain to the organization's safe sender list.

Answer

Disable the DLP rule temporarily whenever the user needs to send the report.

Answer

Create a new, less restrictive DLP policy specifically for the wealth management group.

Question 5

An administrator is creating a unified Data Loss Prevention (DLP) policy. They need to ensure the policy applies to emails, files stored in personal cloud storage, and collaborative team chats. Which of the following locations must be selected in the policy scope?

Accepted Answer

Exchange Online, OneDrive for Business accounts, and Microsoft Teams chat and channel messages

Answer

Exchange Online, on-premises file shares, and Skype for Business

Answer

Exchange Online, Microsoft Entra ID, and Microsoft Teams

Answer

SharePoint sites, Azure File Storage, and Exchange Online

Question 6

A messaging administrator wants to be automatically notified via email and receive a comprehensive summary whenever a user triggers a high-severity DLP rule by attempting to send a large number of Social Security Numbers. Which feature should be configured within the DLP policy rule to achieve this?

Accepted Answer

A mail flow rule with a 'Generate incident report' action

Answer

Policy Tips

Answer

User overrides

Answer

Incident reports