Microsoft compliance solutions

Question 1

What are the three types of controls used in Microsoft Purview Compliance Manager?

Answer 1

Microsoft managed controls
Shared controls
customer managed controls

Question 2

What does the compliance score in Compliance Manager measure?

Answer 2

an organization’s progress toward implementing controls

Question 3

What is an assessment in Compliance Manager?

Answer 3

a grouping of controls from a specific regulation, standard or policy

Question 4

Microsoft Service Trust Portal

Answer 4

official source for information on how Microsoft manages privacy, compliance, and security for its cloud services. It provides detailed documentation, whitepapers, certifications and risk assessments

Question 5

Microsoft 365 Compliance Center

Answer 5

this is primarily for managing compliance within your organization using Microsoft 365 tools

Compliance Manager is deprecated

Question 6

Content Explorer

Answer 6

shows a current snapshot of items that are either classified as a sensitive information type or have a sensitive label, or a retention label.

Question 7

In order to view a snapshot of your organization’s scanned classified documents in SharePoint and OneDrive you need to be assigned which two role groups?

Answer 7

Content Explorer List Viewer (can only view the item and its location, not the contents)

Content Explorer Content Viewer (can view the sensitive information in plaintext)

You need both!

Question 8

Microsoft Purview Compliance Portal

Answer 8

Easy access to the data and tools you need to manage your organization’s compliance needs

Question 9

Compliance Manager

Answer 9

simplifies compliance and reduce risk by providing the following:
-prebuilt assessments based on common standards
-workflow capabilities to complete risk assessments
-step by step improvement actions
-compliance score, which shows the overal compliance posture

Compliance Manager is the first menu item in the Microsoft Purview compliance portal!

Question 10

Microsoft Purview Audit (Standard)

Answer 10

Helps organizations respond effectively to security events, forensic investigations, internal investigation and compliance obligations

Standard
-log and search for audited activities
-enabled by default
-thousands of searchable audit events
90-day default retention period
-access by GUI, cmdlet, and API

Question 11

Microsoft Purview Audit (Premium)

Answer 11

Helps organizations respond effectively to security events, forensic investigations, internal investigations and compliance obligations

Premium
-can be used to investigate possible security or compliance breaches and identify their scope based on records
-Builds on Standard with 1 year retention
-customized retention period
-customized retention policies
-intelligent insights
-higher bandwidth access to API

Question 12

Microsoft Purview eDiscovery

Answer 12

The process of identifying and delivering electronic information that can be used as evidence in legal cases.

There is
Content Search
eDiscovery (Standard)
eDiscovery (Premium)

Question 13

The cord eDiscovery workflow is…

Answer 13

1) Creating eDiscovery holds (to preserve content relevant to a case so nobody can delete them) HOLDS!
2) Search for content (related to an investigation) SEARCHES!
3) Export and download search results (so that people outside the investigation team can review) EXPORTS!

Question 14

What is the workflow for Advanced eDiscovery?

Answer 14

1) Add custodians to a case
2) Search custodial sources for relevant data
3) Add data to a review set
4) Review and analyze data
5) Export and download the case data

Question 15

eDiscovery Manager role group

Answer 15

Members of this role group can create and manage eDiscovery cases. They can also add and remove members, place an eDiscovery hold on users, create and edit searches, and export content from an eDiscovery case

Question 16

eDiscovery Content Search

Answer 16

Used to search documents

Search for Content
Keyword queries and search conditions
Export search results
role-based permissions

Used to quickly find email in Exchance mailboxes, documents in SharePoint, OneDrive locations and messages in Teams

Question 17

Microsoft Purview eDiscovery (Standard)

Answer 17

Allows you to create cases and assign managers, not auditing

Search and export
Case management
legal hold

Question 18

eDiscovery (Premium)

Answer 18

all the things Standard does but allows you to assign custodians

allows you to collect and copy data into review sets, where you can filter, search and tag content so you can identify and focus on content that is most relevant

custodian management
legal hold notifications
advanced indexing
review set filtering
tagging
analytics
predictive coding models

Question 19

Advanced Auditing

Answer 19

Advanced Auditing helps organizations to conduct forensic compliance investigations by providing acces to these crucial events
Crucial events include when mail items were accessed, when mail items were replied to and fowarded

You wont be able to access crucial events with Core Auditing

Question 20

Microsoft Purview Data Map

Answer 20

able to capture metadata about enterprise data, to identify and classify sensitive data

Question 21

Microsoft Purview Insider Risk Management

Answer 21

a solution that helps minimize internal risks by enabling an organization to detect, investigate and act on risky and malicious activities

Question 22

Insider Risk Management Principles

Answer 22

Transparency
Configurable
Integrated
Actionable

Question 23

Microsoft Purview Communcation Compliance

Answer 23

An Insider Risk solution that helps you detect, capture, and act on inappropriate messages that can lead to potential data security or compliance incidents within your organization

Question 24

Auditing Solutions in Microsoft Purview

Answer 24

helps organizations effectively respond to security events, forensic investigations, internal investigations and compliance obligations

Audit (Standard)
Audit (Premium)

Question 25

Audit (Premium)

Answer 25

provides intelligent insights that can help organizations investigate possible breaches and determine that scope of compromise

Question 26

What is the audit log retention duration of Advanced Audit in Microsoft 365?

Answer 26

One year Advanced audit helps companies conduct forensic investigations by retaining the audit log for up to 1 year. you require an Office 365/E5 license

Question 27

In Microsoft Purview, what can you use to detect potential leaks of sensitive data and theft of intellectual property?

Answer 27

Insider Risk Management

Question 28

Insider Risk Management

Answer 28

a solution that helps minimize the risks associated with sensitive data leaks, data spillage, confidentiality violations, intellectual property theft, fraud, insider trading, and regulatory compliance violations

Question 29

What is FERPA?

Answer 29

Family Education Rights and Privacy Act Protects the privacy of student's records. It ensures that you (age 18 and older) can access your data and request updates on personal information from your educational institution.

Question 30

Customer Lockbox

Answer 30

Customer Lockbox protects sensitive data when working with Microsoft Support Engineers by enforcing a request system to view custom private information to resolve a M365 related issue. Customber Lockbox supports requests to access data for: Exchange Online SharePoint Online OneDrive for Business -You need to turn on Customer Lockbox -Support Engineer must make an email request and get approval before access -Support Engineer only has access for the minimum amount of time -An audit trail of access is maintained

Question 31

What are some of the benefits of Microsoft Compliance Manager?

Answer 31

-Provides step-by-step guidance of implementing regulatory requirements -Providing access to a variety of out-of-the-box assessments -Translating complicated regulations into a single language

Question 32

# Compliance Manager What is the difference between Technical Actions and Non-technical actions?

Answer 32

Technical Actions: you implement things by interacting with technology Non-Technical Actions: You do not interact with technology Examples of Technical Actions -Use IRM to protect documents (Azure Information Protection) -Require mobile devices to use encryption (Exchange Online Protection) -Create mail flow rules to encrypt messages (Azure Information Protection)

Question 33

What is Microsoft Priva?

Answer 33

It is a collection of tools that helps organizations manage privacy and compliance Privacy Assessments: automatically discovers, documents, and evaluates personal data use Privacy Risk Management: Identifies personal data and privacy risks, and automations risk migitation Subject Rights Requests: Manages subject rights requests in a secure, auditable, and automated way

Question 34

How is Activity Explorer helpful to a Compliance Administrator?

Answer 34

to verify if the established policies/ controls are effective

Question 35

What is a Microsoft Purview trainable classifier?

Answer 35

It is a tool you can train to recognize various types of content by giving it samples to look at. Once trained, you can use it to identify item for application of Office sensitivity labels, communication compliance policies, and retention label policies

Question 36

What are the four steps in creating a custom trainable classifier?

Answer 36

1. Add seed content (samples in a single category) 2. Create a trainable classifier 3. Test the model 4. Manual review

Question 37

Microsoft's Six Privacy Principles

Answer 37

Control Transparency Security Strong Legal Protections No content filtering Benefits to you