🔥 3-day streak
Microsoft Information Security Administrator52 / 84
Question 52 of 84
Your organization uses Purview Insider Risk Management with a 'Data leaks' policy. The security team reports that the policy is generating too many alerts about routine file activity, and they only want the policy to surface risky activity involving documents stored in a specific SharePoint site that holds intellectual property. Which configuration change should you make to focus the policy on this content while still detecting exfiltration signals?
Reviewed for accuracy · Report an issueNext question