Manage compliance by using Microsoft Purview
Drill 18 practice questions focused entirely on Manage compliance by using Microsoft Purview for the Microsoft MS-102 exam. Tap an answer for instant feedback and a full explanation — no sign-up, always free.
Your organization has deployed sensitivity labels across Microsoft 365. The compliance officer asks you to produce a point-in-time inventory of every SharePoint document and Exchange email that currently carries the 'Highly Confidential' sensitivity label, including the ability to open and view the actual items to verify their contents. Which Microsoft Purview tool should you use?
Your organization uses a proprietary employee-ID format consisting of the letters 'EMP' followed by exactly six digits (for example, EMP482915). You need to create a custom sensitive information type (SIT) in Microsoft Purview that detects this pattern with high accuracy and minimizes false positives when the ID appears near the keyword 'employee'. Which configuration should you use for the primary element and supporting evidence?
Your organization has a Microsoft Purview DLP policy applied to Exchange Online that detects emails containing credit card numbers. The compliance team reports being overwhelmed by individual alerts, as some users repeatedly trigger the rule dozens of times per day. They want a single alert to fire only after a user matches the rule more than 10 times within a 24-hour window, rather than one alert per match. Where in the DLP rule configuration should you make this change?
Your organization has deployed Microsoft 365 Copilot. The compliance team is concerned that Copilot may surface highly sensitive documents in its responses to users who should not access them. Documents already carry the 'Highly Confidential' sensitivity label. You must configure Purview DLP so that content labeled 'Highly Confidential' is excluded from being processed and summarized by Microsoft 365 Copilot, while still allowing normal file access. What should you do?
Contoso's compliance team created an Endpoint DLP policy that blocks copying files containing credit card numbers to USB removable storage. Before enforcing the block, security leadership wants to understand how often this activity currently occurs across onboarded Windows devices, without disrupting any user's work. Which configuration should you apply to the policy?
Contoso's compliance team must prevent users from emailing messages containing credit card numbers to recipients outside the organization. Internal email between employees that contains credit card numbers must still be allowed. When an external send is attempted, the sender should see a policy tip and the message must be blocked, but the sender needs the ability to override the block with a business justification for legitimate cases. Which DLP policy configuration meets all requirements?
Contoso wants to prevent users from emailing documents that contain credit card numbers to external recipients. However, the finance team occasionally has a legitimate business need to send such information. The compliance officer requires that finance users be able to proceed only when they provide a written business justification, and every override must be logged for later review. Which DLP rule action configuration meets these requirements?
Contoso stores documents containing customer credit card numbers in SharePoint Online and OneDrive. The compliance team reports that some of these files have been shared with external guests via anonymous sharing links. You must create a single Microsoft Purview DLP policy that automatically blocks external users from accessing files that contain credit card data, while still allowing internal employees to open and edit those files. What should you configure in the DLP policy?
Contoso wants to prevent users from sharing messages containing U.S. Social Security numbers in Microsoft Teams chats and channels. When a user attempts to send such a message, it must be blocked immediately and the sender shown a policy tip explaining why. You are creating a Purview DLP policy. Which location must you enable in the policy for this requirement to be enforced?
Your organization has deployed Endpoint DLP to onboarded Windows 10 devices. A DLP policy blocks copying files that contain credit card numbers to USB removable storage. Users report that files are sometimes copied to USB drives before the policy classifies them, because classification occurs after the file has already left the device. You need to ensure that files are evaluated and blocked at the moment of the egress activity, even for content that has not yet been classified. What should you configure?
Your organization must keep contract documents in SharePoint Online for exactly seven years. After that period, a member of the legal team must manually review each document and confirm whether it can be permanently deleted before any deletion occurs. Documents that should not yet be deleted must be extendable. Which retention label configuration meets these requirements?
Contoso has a retention policy applied to all SharePoint sites that retains content for 5 years, then deletes it. The compliance team also publishes a retention label that retains matching contracts for 10 years, then deletes them, and configures it to auto-apply to any document containing specific contract keywords. A contract document stored in SharePoint matches both. How long will the contract be retained before deletion?
Contoso's legal team requires that a retention policy applied to the Finance SharePoint sites cannot be disabled, deleted, or made less restrictive by any administrator—including Global Administrators—for the duration of a regulatory investigation. You have already created a retention policy that retains content for 7 years. What must you do to meet this requirement?
Contoso applies two retention policies to the same Exchange Online mailbox. Policy A retains items for 5 years and then deletes them. Policy B retains items for 7 years and then deletes them. A user attempts to permanently delete an email that is 6 years old. What happens to the email?
Contoso must retain all Exchange Online mailbox content for members of the Executives department for 7 years, and the department is defined by the Department attribute in Entra ID. Membership of the Executives group changes frequently as people are promoted or leave. The compliance team wants the retention to automatically apply to current members without manually editing the policy each time membership changes. What should the administrator configure?
Contoso has configured three auto-labeling sensitivity labels published to all users. A document contains content that matches the conditions of both the 'Confidential' label (priority 2) and the 'Highly Confidential' label (priority 3) in the label list. No label has yet been applied manually. When the auto-labeling policies evaluate the document, which sensitivity label will be automatically applied?
Contoso applies a sensitivity label named 'Confidential' that enforces encryption to all internal documents. Users report that when two people open the same labeled Word document stored in SharePoint Online, they can no longer edit it simultaneously, and AutoSave is disabled. You must restore real-time co-authoring for these encrypted, labeled files with the least administrative effort. What should you do?
Contoso wants a custom sensitive information type (SIT) to detect internal project code names in documents. There are currently about 40 code names, but the security team expects the list to grow to over 100,000 terms as more projects launch. Some code names are common English words, so exact-match detection with low false positives is critical. Which detection element should you configure in the custom SIT to meet both the current and future scale requirements?
More MS-102 practice
Keep going with the other Microsoft 365 Administrator domains, or take a full timed mock exam.
← Back to MS-102 overview