Compliance Tools in Microsoft 365

Question 1

(HIPAA) Act that imposes strict privacy regulations on protected health information.

Answer 1

Health Insurance Portability Act

Question 2

(FISMA) Act that dictates how United States federal agencies protect information.

Answer 2

Federal Information Security Modernization Act

Question 3

(GDPR) Regulation that gives rights to people to manage personal data collected by an organization.

Answer 3

General Data Protection Regulation

Question 4

(FERPA) Act that covers the use or disclosure of student education records.

Answer 4

The Family Educational Rights and Privacy Act

Question 5

(PIPEDA) Act that addresses how private sector organizations collect, use, and disclose personal information.

Answer 5

The Personal Information Protection and Electronic Documents Act

Question 6

(GLBA) Act that protects nonpublic personal information.

Answer 6

The Gramm-Leach-Bliley Act

Question 7

1. Assess
2. Protect
3. Respond

Answer 7

Three Phases of Compliance Management

Question 8

365 Feature that assists with security, privacy, and compliance and helps with understanding an organizations compliance regulations.

Answer 8

Service Trust Portal (STP)

Question 9

Dashboard of organizational data standards, regulations, and assessments.

Answer 9

Compliance Manager

Question 10

Audit reports, data protection info, and info on 365 features.

Answer 10

Trust Documents

Question 11

The name for keeping documents when you need them and getting rid of them when you don’t.

Answer 11

Data Governance

Question 12

Users don’t get default permissions to perform a privileged task.

Answer 12

Zero Standing Access

Question 13

Search tool that allows you to review and redact content.

Answer 13

eDiscovery

Question 14

Capabilities of ________________

• Ongoing Risk Assessment
• Actionable Insights
• Simplified Compliance

Answer 14

Compliance Manager (3)

Question 15

Encrypting data at rest on a physical disk.

Answer 15

BitLocker

Question 16

Encrypting data in transit at the Transportation layer on the network.

Answer 16

TLS

Question 17

Before access to tenant data is granted to a Microsoft engineer, approval is required from the tenant admin.

Answer 17

Customer Lockbox

Question 18

Oversight of access requests through logging and an approval process in Microsoft 365.

Answer 18

Privileged Access Management

Question 19

A specialized 365 workspace for compliancy, privacy, and risk management helping you assess risks, protect and govern data with sensitivity and retention labels, respond to regulatory requests, and access compliance solutions.

Answer 19

Compliance Center

Question 20

Which Azure AD service tier includes only the following:

• SSO
• MFA
• Basic Reports
• Business-to-business collaboration

Answer 20

Azure AD Free

Question 21

Which Azure AD service tier includes all free features plus the following:

• Self-service password reset
• Device write-back

Answer 21

Microsoft 365

Question 22

Which Azure AD service tier includes all 365 features plus the following:

• Conditional Access
• Microsoft Cloud App Discovery
• Advanced Reports
• Group access management
• Hybrid identities

Answer 22

Premium 1