M365 Compliance Center Flashcards

1
Q

What is Microsoft Compliance Center?

A

A central location for all your compliance tools and settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who can access the Compliance Center?

A

Global Admin
Compliance Admin
Compliance Data Admin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the Compliance Manager?

A

A tool to help admins manage compliance requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the features of Compliance Manager?

A
  • Pre-built assessments for common industry and regional standards
  • Custom assessments
  • Step-by-step guidance to help achieve compliance
  • Compliance score
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Compliance score?

A

A quick way to understand your compliance posture. It helps prioritise actions based on potential to reduce risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you improve your compliance score?

A

By resolving key improvement actions. The bigger the compliance impact the higher your score gets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is MIP?

A

Microsoft Information Protection (MIP) a collection of features with M365 compliance to help you discover, classify and protect sensitive information wherever it lives or travels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does Know Your Data mean?

A

Understanding your data landscape and identify important data across your hybrid environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does Protect Your Data mean?

A

Applying flexible protection actions that include encryption, access restriction and visual markings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does Prevent Data Loss mean?

A

Detect risky behaviour and prevent accidental oversharing of sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does Govern Your Data mean?

A

Automatically retain, delete and store, data and records in a compliant manner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is MIG?

A

Microsoft Information Governance (MIG) is a collection of features to govern your data for compliance or regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is MIG for?

A

Giving organizations the capability to govern their data for compliance or regulatory requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is MIP for?

A

Providing organizations the tools to know and protect their data, and prevent data loss.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is DLP?

A

Data loss prevention (DLP) is a set of tools to identify sensitive data from being shared (credit card numbers for example).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Can you create custom sensitive information for DLP?

A

Yes.

17
Q

Where does the sensitive information DLP identify come from?

A

A range of M365 services including:

  • Exchange Online
  • SharePoint Online
  • OneDrive for Business
  • Microsoft Team (including chat & channel messages)
18
Q

How does DLP work?

A

By blocking shared sensitive content from others’ view whilst informing the sharer that their message/email/etc was blocked.

19
Q

Can DLP be contested?

A

Yes, but only by the sharer. They have to click on the ‘What can I do?’ in the blocked message and provide a justification for the contestation.

20
Q

What is retention policies?

A

A way to effectively manage information in a organization.

21
Q

Why would you use retention policies?

A

To keep data that’s needed to comply with your organization’s internal policies, industry regulations, or legal needs, and to delete data that’s considered a liability, that is no longer required to keep or has no legal or business value.

22
Q

What services does retention policies work with?

A
  • SharePoint Online
  • OneDrive for Business
  • Microsoft Teams
  • Microsoft 365 Groups
23
Q

What is RM?

A

Records management (RM) is the supervision and administration of digital or paper records, regardless of format.

24
Q

What activities RM include?

A

The creation, receipt, maintenance, use and disposal of records.

25
Q

What is the difference between Retention Policies and RM?

A

While RM leverages Rentention Policies, they perform differently.

Retention labels keep a copy of the content hidden from the user (but they can still delete/modify content from the UI), but RM blocks actions in the UI.

26
Q

Can regulatory records be removed from content?

A

No.

27
Q

What is Data Classification?

A

Is a feature in M365 that lets you monitor and configure tools for data classification.

28
Q

What are the three features you can configure in Data classification?

A
  • Trainable classifiers
  • Sensitive Information Types
  • Exact Data Matches
29
Q

What are Trainable classifiers?

A

A tool you train to recognize various types of content.

Microsoft provides 5 pre-built classifiers out of the box, but you can make your own.

30
Q

What are Sensitive Information types?

A

Pattern-based classifiers to detect sensitive information (credit card, etc.)

Microsoft offers 200+ built in from around the world and you can also create your own.

31
Q

Where would you use Trainable Classifiers?

A

In Retention policies, Sensitivity labels and/or Communication compliance.

32
Q

Where would you use Sensitive Information Types?

A
Data Loss Prevention policies
Sensitivity labels
Retention labels
Insider risk management
Communication compliance
33
Q

What is Exact Data Match?

A

Exact Data Match (EDM)-based classification allows you to create custom sensitive information types based on exact data values rather than a pattern.

34
Q

Where would you use Exact Data Match?

A

Data Loss Policies

35
Q

What is the content explorer?

A

The content explorer is a tool that provides a snapshot of items that have a -

Sensitivity Label
Retention Label
Classified as sensitive information

It also allows you to natively view items so you can their content and why they were classified in a certain way.

36
Q

What is the activity explorer?

A

A tool that lets you monitor what’s being done with your labelled content.

37
Q

What actions can you view with the activity explorer?

A

Read
Deletion
Printed
Copied to network share/USB