M365 Compliance Center

Question 1

What is Microsoft Compliance Center?

Answer 1

A central location for all your compliance tools and settings

Question 2

Who can access the Compliance Center?

Answer 2

Global Admin
Compliance Admin
Compliance Data Admin

Question 3

What is the Compliance Manager?

Answer 3

A tool to help admins manage compliance requirements

Question 4

What are the features of Compliance Manager?

Answer 4

• Pre-built assessments for common industry and regional standards
• Custom assessments
• Step-by-step guidance to help achieve compliance
• Compliance score

Question 5

What is a Compliance score?

Answer 5

A quick way to understand your compliance posture. It helps prioritise actions based on potential to reduce risk.

Question 6

How do you improve your compliance score?

Answer 6

By resolving key improvement actions. The bigger the compliance impact the higher your score gets.

Question 7

What is MIP?

Answer 7

Microsoft Information Protection (MIP) a collection of features with M365 compliance to help you discover, classify and protect sensitive information wherever it lives or travels.

Question 8

What does Know Your Data mean?

Answer 8

Understanding your data landscape and identify important data across your hybrid environment.

Question 9

What does Protect Your Data mean?

Answer 9

Applying flexible protection actions that include encryption, access restriction and visual markings.

Question 10

What does Prevent Data Loss mean?

Answer 10

Detect risky behaviour and prevent accidental oversharing of sensitive information.

Question 11

What does Govern Your Data mean?

Answer 11

Automatically retain, delete and store, data and records in a compliant manner.

Question 12

What is MIG?

Answer 12

Microsoft Information Governance (MIG) is a collection of features to govern your data for compliance or regulations.

Question 13

What is MIG for?

Answer 13

Giving organizations the capability to govern their data for compliance or regulatory requirements.

Question 14

What is MIP for?

Answer 14

Providing organizations the tools to know and protect their data, and prevent data loss.

Question 15

What is DLP?

Answer 15

Data loss prevention (DLP) is a set of tools to identify sensitive data from being shared (credit card numbers for example).

Question 16

Can you create custom sensitive information for DLP?

Answer 16

Yes.

Question 17

Where does the sensitive information DLP identify come from?

Answer 17

A range of M365 services including:

• Exchange Online
• SharePoint Online
• OneDrive for Business
• Microsoft Team (including chat & channel messages)

Question 18

How does DLP work?

Answer 18

By blocking shared sensitive content from others’ view whilst informing the sharer that their message/email/etc was blocked.

Question 19

Can DLP be contested?

Answer 19

Yes, but only by the sharer. They have to click on the ‘What can I do?’ in the blocked message and provide a justification for the contestation.

Question 20

What is retention policies?

Answer 20

A way to effectively manage information in a organization.

Question 21

Why would you use retention policies?

Answer 21

To keep data that’s needed to comply with your organization’s internal policies, industry regulations, or legal needs, and to delete data that’s considered a liability, that is no longer required to keep or has no legal or business value.

Question 22

What services does retention policies work with?

Answer 22

• SharePoint Online
• OneDrive for Business
• Microsoft Teams
• Microsoft 365 Groups

Question 23

What is RM?

Answer 23

Records management (RM) is the supervision and administration of digital or paper records, regardless of format.

Question 24

What activities RM include?

Answer 24

The creation, receipt, maintenance, use and disposal of records.

Question 25

What is the difference between Retention Policies and RM?

Answer 25

While RM leverages Rentention Policies, they perform differently.

Retention labels keep a copy of the content hidden from the user (but they can still delete/modify content from the UI), but RM blocks actions in the UI.

Question 26

Can regulatory records be removed from content?

Answer 26

No.

Question 27

What is Data Classification?

Answer 27

Is a feature in M365 that lets you monitor and configure tools for data classification.

Question 28

What are the three features you can configure in Data classification?

Answer 28

• Trainable classifiers
• Sensitive Information Types
• Exact Data Matches

Question 29

What are Trainable classifiers?

Answer 29

A tool you train to recognize various types of content.

Microsoft provides 5 pre-built classifiers out of the box, but you can make your own.

Question 30

What are Sensitive Information types?

Answer 30

Pattern-based classifiers to detect sensitive information (credit card, etc.)

Microsoft offers 200+ built in from around the world and you can also create your own.

Question 31

Where would you use Trainable Classifiers?

Answer 31

In Retention policies, Sensitivity labels and/or Communication compliance.

Question 32

Where would you use Sensitive Information Types?

Answer 32

Data Loss Prevention policies
Sensitivity labels
Retention labels
Insider risk management
Communication compliance

Question 33

What is Exact Data Match?

Answer 33

Exact Data Match (EDM)-based classification allows you to create custom sensitive information types based on exact data values rather than a pattern.

Question 34

Where would you use Exact Data Match?

Answer 34

Data Loss Policies

Question 35

What is the content explorer?

Answer 35

The content explorer is a tool that provides a snapshot of items that have a -

Sensitivity Label
Retention Label
Classified as sensitive information

It also allows you to natively view items so you can their content and why they were classified in a certain way.

Question 36

What is the activity explorer?

Answer 36

A tool that lets you monitor what’s being done with your labelled content.

Question 37

What actions can you view with the activity explorer?

Answer 37

Read
Deletion
Printed
Copied to network share/USB