A pharmaceutical research company, BioGen Innovations, has implemented Microsoft Purview Insider Risk Management. They are concerned about potential data theft of clinical trial results. An analyst needs to configure a policy that specifically captures screen recordings and file activity on endpoints for high-risk users *after* an alert is generated. Which setting must be enabled to achieve this?
A global logistics firm, TransGlobal Freight, is using Microsoft 365 E5 and has deployed Endpoint DLP. They created a policy to block printing of documents containing SWIFT codes. A user in the finance department reports that they are blocked from printing a critical invoice, but they are not receiving a policy tip notification to request an override. A security administrator confirms the policy is configured to allow overrides with business justification. What is the most likely cause for the missing policy tip?
An engineering firm uses a custom trainable classifier named 'Project Blueprints' to identify proprietary design documents. To improve accuracy, the administrator needs to provide feedback on items the classifier has identified. Where in the Microsoft Purview compliance portal would the administrator perform this action?
A healthcare organization, HealthMetric Solutions, needs to protect patient data used by its data science team with Microsoft Copilot. They want to prevent Copilot from accessing and processing any documents containing Electronic Health Records (EHR). Which TWO actions should be implemented to achieve this goal? (Select TWO)
True or False: When configuring a retention policy in Microsoft Purview, the principle of preservation always ensures that if a user deletes a file from a SharePoint site included in the policy, a copy is retained in the Preservation Hold Library, regardless of the policy's action.
A law firm, Juris Digital, has a retention label named 'Legal-Case-Final' configured to start a 7-year retention period based on the 'event' of a case being closed. An administrator needs to trigger the retention for all documents related to the 'Case-123' matter. What is the correct sequence of actions?
A compliance administrator at a bank is creating a custom sensitive info type to detect a 9-digit internal transaction ID format, which always starts with 'TX' followed by 7 numbers (e.g., TX1234567). They need to increase the detection confidence by requiring a supporting keyword like 'transaction' or 'payment' within 50 characters of the ID. Which component of the sensitive info type definition should be used for the keyword requirement?
A company has two DLP policies. Policy A is the most restrictive and applies to Exchange online. Policy B is less restrictive and applies to Exchange online, SharePoint online, and OneDrive accounts. A user sends an email that triggers both policies. Which policy will be enforced?
A government contractor, AeroDynamics Manufacturing, stores sensitive schematics on an on-premises file share. They need to discover and apply a 'Confidential - ITAR' sensitivity label to all existing files containing specific project codes. The solution must not require migrating the data to the cloud. Which Microsoft Purview tool should be deployed to meet this requirement?
An organization is configuring Microsoft Purview Audit (Premium). They want to retain audit logs for their executive leadership group for 10 years, while all other users' logs are retained for the default 1 year. Which feature allows for this granular retention configuration?