Question 7 of 9

Your organization has a Microsoft 365 tenant and a database that stores client information. Each client has a unique 10-digit ID field that starts with Git- and then has the 10-digit ID.

Your manager has asked you to implement a data loss prevention (DLP) policy that meets the following security requirements:

• Emails that contain a single client ID can be sent to anyone, including those outside the company.
• Emails that contain more than 2 client IDs must not be sent until the company's compliance/security team approves them.

Which two components should you configure?

A sensitive info type is required to be created to match the 10-digit ID. Microsoft has a number of sensitive info types built-in to search for credit card numbers, social security numbers, etc. The company's custom ID field would not be covered by a built-in policy. Therefore, you would need to create a custom sensitive information type to be used by a DLP policy.

A data loss prevention (DLP) policy is then required to block the messages from leaving the company. The DLP policies tell your Microsoft 365 what to do when sensitive information types are found. In this case, you'll need a DLP policy using the custom sensitive information type that looks for multiple entries, when they are found, send the email to the group for approval.

https://www.gitbit.org/course/ms-500/learn/Preventing-accidental-and-malicious-data-loss-with-DLP-policies-IsPGsme8w

https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitive-information-type-entity-definitions?view=o365-worldwide