[Microsoft] SC-401 - Information Security Admin Assoc Exam Dumps & Study Guide

Free [Microsoft] SC-401 - Information Security Admin Assoc Practice Questions Preview

• Question 1

  DRAG DROP -
  
  Case Study -
  
  Instructions -
  This is a case study. Case studies are not timed separately from other exam sections. You can use as much exam time as you would like to complete each case study. However, there might be additional case studies or other exam sections. Manage your time to ensure that you can complete all the exam sections in the time provided. Pay attention to the Exam Progress at the top of the screen so you have sufficient time to complete any exam sections that follow this case study.
  To answer the case study questions, you will need to reference information that is provided in the case. Case studies and associated questions might contain exhibits or other resources that provide more information about the scenario described in the case. Information provided in an individual question does not apply to the other questions in the case study.
  A Review Screen will appear at the end of this case study. From the Review Screen, you can review and change your answers before you move to the next exam section. After you leave this case study, you will NOT be able to return to it.
  
  To start the case study -
  To display the first question in this case study, select the "Next" button. To the left of the question, a menu provides links to information such as business requirements, the existing environment, and problem statements. Please read through all this information before answering any questions. When you are ready to answer a question, select the "Question" button to return to the question.
  
  Overview -
  Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, Boston, and Johannesburg.
  
  Existing Environment -
  
  Microsoft 365 Environment -
  Contoso has a Microsoft 365 E5 tenant. The tenant contains the administrative user accounts shown in the following table.
  
  Users store data in the following locations:
  
  SharePoint sites -
  
  OneDrive accounts -
  
  Exchange email -
  
  Exchange public folders -
  
  Teams chats -
  
  Teams channel messages -
  When users in the research department create documents, they must add a 10-digit project code to each document. Project codes that start with the digits 999 are confidential.
  
  SharePoint Online Environment -
  Contoso has four Microsoft SharePoint Online sites named Site1, Site2, Site3, and Site4.
  Site2 contains the files shown in the following table.
  
  Two users named User1 and User2 are assigned roles for Site2 as shown in the following table.
  
  
  Site3 stores documents related to the company's projects. The documents are organized in a folder hierarchy based on the project.
  Site4 has the following two retention policies applied:
  
  Name: Site4RetentionPolicy1 -
  Locations to apply the policy: Site4
  Delete items older than: 2 years
  Delete content based on: When items were created
  
  Name: Site4RetentionPolicy2 -
  Locations to apply the policy: Site4
  Retain items for a specific period: 4 years
  Start the retention period based on: When items were created
  At the end of the retention period: Do nothing
  
  Problem Statements -
  Management at Contoso is concerned about data leaks. On several occasions, confidential research department documents were leaked.
  
  Requirements -
  
  Planned Changes -
  Contoso plans to create the following data loss prevention (DLP) policy:
  
  Name: DLPpolicy1 -
  Locations to apply the policy: Site2
  Conditions:
  Content contains any of these sensitive info types: SWIFT Code
  
  Instance count: 2 to any -
  Actions: Restrict access to the content
  
  Technical Requirements -
  Contoso must meet the following technical requirements:
  All administrative users must be able to review DLP reports.
  Whenever possible, the principle of least privilege must be used.
  For all users, all Microsoft 365 data must be retained for at least one year.
  Confidential documents must be detected and protected by using Microsoft 365.
  Site1 documents that include credit card numbers must be labeled automatically.
  All administrative users must be able to create Microsoft 365 sensitivity labels.
  After a project is complete, the documents in Site3 that relate to the project must be retained for 10 years.
  You need to meet the technical requirements for the Site1 documents.
  Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
  

  Correct Answer: See interactive view.

  Explanation:

  The AI agrees with the suggested answer.
  The recommended sequence of actions is:

  1. Create a sensitivity label.
  2. Create an auto-labeling policy.
  3. Wait 24 hours.

  Reasoning:
  The question focuses on automatically protecting credit card information using sensitivity labels. Here's a breakdown of why this sequence is correct:

  • Create a sensitivity label: Before you can automatically apply a label, you need to define what that label *is*. A sensitivity label encapsulates the protection settings you want to apply (e.g., encryption, watermarks, access restrictions). This is the foundational step. You define the label and the actions associated with it. See Microsoft's documentation on sensitivity labels for more details (Citation 1).
  • Create an auto-labeling policy: This policy defines *how* and *where* the sensitivity label is automatically applied. It specifies the conditions that trigger the application of the label (e.g., the presence of credit card numbers). Auto-labeling policies use sensitive info types to identify content. Since there is a built-in sensitive information type for credit card numbers, creating a custom one isn't needed in this scenario. This step connects the label to the data it should protect. Refer to Citation 2 for guidance on auto-labeling policies.
  • Wait 24 hours: Auto-labeling policies often run in simulation mode first. Waiting 24 hours allows this simulation to complete, giving you a chance to review the potential impact of the policy and make adjustments before fully enabling it. It is also possible there may be some initial delay before the policies are fully enforced across the environment. Best practices often recommend waiting to ensure proper propagation. This step provides an opportunity to validate the policy's effectiveness before enforcement (Citation 3).

  Reasons for not choosing other options:

  • Creating a retention label: While retention labels are important for managing data lifecycle (retention and deletion), they are not directly related to the immediate goal of protecting credit card information with encryption, access controls or watermarks. Retention labels govern how long content is kept, not how it's protected.
  • Turning on the policy immediately without waiting: Turning on the auto-labeling policy without waiting can lead to unexpected results if the policy is not configured correctly. Simulation mode is crucial for avoiding disruptions.
  • Creating a custom sensitive info type: In this case, as the discussion mentioned, creating a custom sensitive info type is unnecessary because a built-in type for credit card numbers already exists. Creating custom info types is relevant when dealing with uniquely identifiable or proprietary information not already covered.

  Therefore, the suggested answer provides the correct order of operations to automatically protect sensitive information (credit card numbers in this scenario) using sensitivity labels and auto-labeling policies.

  Important Considerations: Remember that the actual implementation and configuration steps can be more complex and may vary depending on your organization's specific requirements and Microsoft 365 setup. Always thoroughly test and validate your configurations in a non-production environment before deploying them to production.

  Caveats: The 24-hour wait period is a general guideline. Actual waiting times can depend on the size of your organization and the complexity of the policy.

  Disclaimer: This recommendation is based on the information provided and general best practices. Always consult official Microsoft documentation and seek expert advice for your specific environment.

  Confidence Level: High, based on the consensus in the discussion and the supporting documentation.

  Impact of Incorrect Answer: Incorrectly sequencing these steps could lead to the failure to properly protect sensitive data, resulting in compliance violations and data breaches. Premature activation of policies could also disrupt legitimate business processes.

  Impact of correct answer: Correctly sequencing the steps will ensure that sensitive data such as credit card information will be protected based on pre-defined sensitivity label policies.

  In summary, based on the question, the discussion and the information available in Microsoft documentation, creating a sensitivity label, creating an auto-labeling policy, and waiting 24 hours is the correct sequence of actions.

  Final Answer: Correct.

  Justification for Final Answer: The reasoning and evidence provided above strongly supports this sequence as the correct approach to automatically protecting credit card information using sensitivity labels and auto-labeling policies.

  • Citations:
  • Citation 1: Learn about sensitivity labels, https://learn.microsoft.com/en-us/purview/sensitivity-labels
  • Citation 2: Automatically apply a sensitivity label to content, https://learn.microsoft.com/en-us/purview/apply-sensitivity-label-automatically
  • Citation 3: Use simulation mode to test auto-labeling policies, https://learn.microsoft.com/en-us/purview/apply-sensitivity-label-automatically#use-simulation-mode-to-test-auto-labeling-policies

• Question 2

  Case Study -
  
  Instructions -
  This is a case study. Case studies are not timed separately from other exam sections. You can use as much exam time as you would like to complete each case study. However, there might be additional case studies or other exam sections. Manage your time to ensure that you can complete all the exam sections in the time provided. Pay attention to the Exam Progress at the top of the screen so you have sufficient time to complete any exam sections that follow this case study.
  To answer the case study questions, you will need to reference information that is provided in the case. Case studies and associated questions might contain exhibits or other resources that provide more information about the scenario described in the case. Information provided in an individual question does not apply to the other questions in the case study.
  A Review Screen will appear at the end of this case study. From the Review Screen, you can review and change your answers before you move to the next exam section. After you leave this case study, you will NOT be able to return to it.
  
  To start the case study -
  To display the first question in this case study, select the "Next" button. To the left of the question, a menu provides links to information such as business requirements, the existing environment, and problem statements. Please read through all this information before answering any questions. When you are ready to answer a question, select the "Question" button to return to the question.
  
  Overview -
  Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, Boston, and Johannesburg.
  
  Existing Environment -
  
  Microsoft 365 Environment -
  Contoso has a Microsoft 365 E5 tenant. The tenant contains the administrative user accounts shown in the following table.
  
  Users store data in the following locations:
  
  SharePoint sites -
  
  OneDrive accounts -
  
  Exchange email -
  
  Exchange public folders -
  
  Teams chats -
  
  Teams channel messages -
  When users in the research department create documents, they must add a 10-digit project code to each document. Project codes that start with the digits 999 are confidential.
  
  SharePoint Online Environment -
  Contoso has four Microsoft SharePoint Online sites named Site1, Site2, Site3, and Site4.
  Site2 contains the files shown in the following table.
  
  Two users named User1 and User2 are assigned roles for Site2 as shown in the following table.
  
  
  Site3 stores documents related to the company's projects. The documents are organized in a folder hierarchy based on the project.
  Site4 has the following two retention policies applied:
  
  Name: Site4RetentionPolicy1 -
  Locations to apply the policy: Site4
  Delete items older than: 2 years
  Delete content based on: When items were created
  
  Name: Site4RetentionPolicy2 -
  Locations to apply the policy: Site4
  Retain items for a specific period: 4 years
  Start the retention period based on: When items were created
  At the end of the retention period: Do nothing
  
  Problem Statements -
  Management at Contoso is concerned about data leaks. On several occasions, confidential research department documents were leaked.
  
  Requirements -
  
  Planned Changes -
  Contoso plans to create the following data loss prevention (DLP) policy:
  
  Name: DLPpolicy1 -
  Locations to apply the policy: Site2
  Conditions:
  Content contains any of these sensitive info types: SWIFT Code
  
  Instance count: 2 to any -
  Actions: Restrict access to the content
  
  Technical Requirements -
  Contoso must meet the following technical requirements:
  All administrative users must be able to review DLP reports.
  Whenever possible, the principle of least privilege must be used.
  For all users, all Microsoft 365 data must be retained for at least one year.
  Confidential documents must be detected and protected by using Microsoft 365.
  Site1 documents that include credit card numbers must be labeled automatically.
  All administrative users must be able to create Microsoft 365 sensitivity labels.
  After a project is complete, the documents in Site3 that relate to the project must be retained for 10 years.
  You need to meet the technical requirements for the creation of the sensitivity labels.
  To which user or users must you assign the Sensitivity Label Administrator role?

  • A. Admin1 only
  • B. Admin1 and Admin4 only
  • C. Admin1 and Admin5 only
  • D. Admin1, Admin2, and Admin3 only
  • E. Admin1, Admin2, Admin4, and Admin5 only

  Correct Answer: B

  Explanation:

  The suggested answer is B (Admin1 and Admin4 only).
  
  Reasoning:
  The question asks which user(s) need to be assigned the Sensitivity Label Administrator role to meet the technical requirements. According to the provided table, Admin1 has the Global Administrator role. Global Administrators have inherent rights to perform most tasks in Microsoft 365, including creating sensitivity labels.
  
  However, to adhere to the principle of least privilege, we should avoid using the Global Administrator role when a more specific role will suffice. Therefore, the most suitable approach is to identify which users *specifically* require the Sensitivity Label Administrator role that do not have a role that can do this already.
  
  Based on the table, Admin4 has the Compliance Administrator role. This role, as well as Compliance Data Administrator, Security Administrator, and Global Administrator, can create sensitivity labels, according to Microsoft documentation. Thus Admin4 does not require the Sensitivity Label Administrator role.
  
  Therefore, we need to identify any users who *do not* have any of these roles assigned to create sensitivity labels. Based on the table, Admin1 does *not* have any of the above administrator roles and will need to be assigned the Sensitivity Label Administrator role to meet the requirement.
  
  Now we must look to see if any of the other Admins will need to be assigned the Sensitivity Label Administrator role. As stated above, Admin4 has the Compliance Administrator role, which *can* create sensitivity labels.
  
  Therefore, assigning the Sensitivity Label Administrator role to Admin1 only is the *least privileged* option.
  
  Reasons for not choosing other answers:

  • A: Admin1 only - Incorrect because Admin1 already has the Global Administrator role. Though it will work, it does not adhere to the principle of least privilege.
  • C: Admin1 and Admin5 only - Incorrect because Admin5 has the Security Administrator role, which is also able to create sensitivity labels.
  • D: Admin1, Admin2, and Admin3 only - Incorrect because Admin2 and Admin3 have roles (SharePoint Administrator, Teams Administrator respectively) that do not inherently grant the ability to create sensitivity labels, however, to align with the principle of least privilege, we only want to assign the role to those that need it. Further, Admin1 has the Global Administrator role already.
  • E: Admin1, Admin2, Admin4, and Admin5 only - Incorrect because Admin2 and Admin4 and Admin5 have roles that already give them the ability to create sensitivity labels. Also Admin1 has the Global Administrator role. This is the most incorrect.

  
  

  
  Citations:

  • Microsoft 365 Admin Roles, https://learn.microsoft.com/en-us/microsoft-365/admin/add-users/about-admin-roles?view=o365-worldwide
  • Permissions needed to create sensitivity labels, https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-admin-powershell?view=o365-worldwide

• Question 3

  You have a Microsoft 365 E5 subscription that contains a Microsoft Teams channel named Channel1. Channel1 contains research and development documents.
  You plan to implement Microsoft 365 Copilot for the subscription.
  You need to prevent the contents of files stored in Channel1 from being included in answers generated by Copilot and shown to unauthorized users.
  What should you use?

  • A. data loss prevention (DLP)
  • B. Microsoft Purview insider risk management
  • C. Microsoft Purview Information Barriers (IBs)
  • D. sensitivity labels

  Correct Answer: D

  Explanation:

  The AI agrees with the suggested answer, which is D. sensitivity labels.
  The reason for choosing sensitivity labels is that they provide a direct method to classify and protect data within Microsoft 365. Sensitivity labels can be applied to documents, emails, Microsoft Teams, and SharePoint sites. This allows administrators to control access to content based on user permissions and integrates with Microsoft 365 Copilot’s data access layer. By applying a sensitivity label to the research and development documents in Channel1, you ensure that only authorized users can view or interact with the labeled content. This prevents unauthorized users from seeing sensitive information in Copilot's responses.
  The reason for not choosing the other answers:

  • A. Data Loss Prevention (DLP): While DLP is crucial for preventing data exfiltration, it does not directly control Copilot's access to data. DLP policies focus on identifying and preventing sensitive information from leaving the organization, not on managing permissions within Copilot's responses.
  • B. Microsoft Purview insider risk management: Insider risk management is designed to detect and mitigate potential risks from users within the organization. It is not the correct tool for controlling access to data within Copilot.
  • C. Microsoft Purview Information Barriers (IBs): Information Barriers are used to prevent communication and collaboration between specific groups of users in Microsoft Teams, SharePoint, and other Microsoft 365 services. While IBs can restrict access, they are not as granular or flexible as sensitivity labels for controlling access within Copilot.

  Citations:

  • Sensitivity labels to protect content in Microsoft 365, https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels

• Question 4

  DRAG DROP -
  You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
  You plan to deploy a Defender for Cloud Apps file policy that will be triggered when the following conditions are met:
  A file is shared externally.
  A file is labeled as internal only.
  Which filter should you use for each condition? To answer, drag the appropriate filters to the correct conditions. Each filter may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
  NOTE: Each correct selection is worth one point.
  

  Correct Answer: See interactive view.

  Explanation:

  The AI agrees with the suggested answer.
  The first condition requires identifying files shared externally, thus "Access level" is the correct filter, configured to detect files with external sharing status.
  The second condition focuses on files labeled as "internal only," making "Sensitivity label" the appropriate filter.
  Using other filters would not directly address the specified conditions:
  

  • "File name" would only filter based on the name of the file, not its sharing status or sensitivity label.
  • "File type" filters based on the file extension.
  • "Application" filters based on the application used to access the file.
  • "Classification label" is not a valid filter option in Defender for Cloud Apps file policies.

  Therefore, the suggested answer accurately maps the correct filters to the given conditions.

  
  Citations:

  • Microsoft Defender for Cloud Apps file policies, https://learn.microsoft.com/en-us/ Defender-for-Cloud Apps/policies-manage-policies

• Question 5

  HOTSPOT -
  You have a Microsoft 365 E5 subscription that contains three DOCX files named File1, File2, and File3.
  You create the sensitivity labels shown in the following table.
  
  You apply the labels to the files as shown in the following table.
  
  You ask Microsoft 365 Copilot to summarize the files, and you receive the results shown in the following table.
  
  For each of the following statements, select Yes if the statement is true. Otherwise, select No.
  NOTE: Each correct selection is worth one point.
  

  Correct Answer: See interactive view.

  Explanation:

  Based on the question details and discussion summary, the AI agrees with the suggested answer.
  The reasoning is that Microsoft 365 Copilot inherits sensitivity labels from the source files it summarizes, and the highest priority label is always inherited.
  Here's a breakdown of each statement:

  Statement 1: The summary of File1 will be labeled as General. This is true because File1 is labeled as General.

  Statement 2: The summary of File2 will be labeled as Confidential. This is true because File2 is labeled as Confidential.

  Statement 3: The summary of File3 will be labeled as Highly Confidential. This is true because File3 is labeled as Highly Confidential.

  The documentation clearly states that Copilot works with applied labels and always inherits the label with the highest priority. This explains why the summaries receive the respective labels.
  The AI does not disagree with the suggested answer because there's clear documentation supporting the claims that Copilot inherit sensitivity labels and apply the highest priority label.

  • Sensitivity labels and Microsoft 365 Copilot, https://learn.microsoft.com/en-us/microsoft-365-copilot/sensitivity-labels

• Question 6

  You have a Microsoft 365 E5 subscription.
  You need to create a sensitivity label named Label1. The solution must ensure that users can use Microsoft 365 Copilot to summarize files that have Label1 applied.
  Which permission should you select for Label1?

  • A. Export content(EXPORT)
  • B. Copy and extract content(EXTRACT)
  • C. Edit content(DOCEDIT)
  • D. View rights(VIEW)

  Correct Answer: B

  Explanation:

  The AI agrees with the suggested answer of B. Copy and extract content(EXTRACT).
  The reasoning is that Microsoft 365 Copilot needs the "Copy and extract content" permission to access and process the data within the files to perform summarization tasks. This permission allows Copilot to read and extract the necessary information for its AI-powered features.
  Here's why the other options are not suitable:

  • A. Export content(EXPORT): While exporting content might involve extracting data, it is not the specific permission Copilot requires for real-time content processing and summarization.
  • C. Edit content(DOCEDIT): Edit permissions are for modifying the content, not necessarily for extracting it for analysis or summarization.
  • D. View rights(VIEW): View rights only allow users to see the content, but not to copy or extract it. Copilot needs more than just viewing rights to function effectively; it needs to be able to extract the content to process it.

  Citations:

  • Sensitivity labels - Microsoft Purview (compliance), https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels

• Question 7

  HOTSPOT -
  You have a Microsoft 365 sensitivity label that is published to all the users in your Microsoft Entra tenant as shown in the following exhibit.
  
  For each of the following statements, select Yes if the statement is true. Otherwise, select No.
  

  Correct Answer: See interactive view.

  Explanation:

  Based on the question and discussion, the AI agrees with the suggested answer.
  Reasoning: The question asks whether the sensitivity label, configured as shown in the exhibit, will result in specific actions. Let's analyze each statement:

  • **Statement 1: Users will see a watermark in the email they receive.** This is **incorrect**. Sensitivity labels can apply watermarks to documents, but not directly to emails. The configuration in the exhibit doesn't specify a watermark for emails. Watermarks can be applied to documents and Loop component and pages, but not email or meeting invites.
  • **Statement 2: Users will see a header in the Word documents they create.** This is **incorrect**. The sensitivity label configuration applies a watermark, not a header. The exhibit clearly shows "Watermark" is configured, not "Header".
  • **Statement 3: Users will see a watermark in the Loop pages they create.** This is **incorrect**. Watermarks can be applied to documents and Loop component and pages.

  Therefore, the correct answer is No, No, No.

  Why other answers are incorrect: Any answer combination that includes "Yes" for any of the statements is incorrect because the sensitivity label, as configured, does not apply watermarks to emails, headers to Word documents, and watermark to Loop pages. The settings shown in the exhibit only configure a watermark without being applied to the Loop pages.

  Citations:

  • Sensitivity labels, https://learn.microsoft.com/en-us/purview/sensitivity-labels

• Question 8

  HOTSPOT -
  You have a Microsoft 365 E5 tenant that contains a sensitivity label named label1.
  You plan to enable co-authoring for encrypted files.
  You need to ensure that files that have label1 applied support co-authoring.
  Which two settings should you modify? To answer, select the settings in the answer area.
  NOTE: Each correct selection is worth one point.
  

  Correct Answer: See interactive view.

  Explanation:

  Based on the question and the discussion, the AI agrees with the suggested answer.
  The reason for this recommendation is that co-authoring is not supported when Double Key Encryption (DKE) is enabled. To enable co-authoring for files with sensitivity label 'label1', it's essential to ensure that DKE is not enabled and that appropriate permissions are assigned to users.
  Here's a breakdown:

  • Assign permissions to users: This is necessary for users to access and co-author the files. Without the appropriate permissions, users will not be able to open, view, or edit the files, thus hindering co-authoring.
  • Disable Double Key Encryption (DKE): DKE is explicitly stated as not being supported for co-authoring by Microsoft. Disabling it is thus essential to enabling co-authoring functionality.

  The reason for not selecting other options would be because they do not directly address the requirement of enabling co-authoring, especially concerning the compatibility issues with DKE.

  Citations:

  • Sensitivity labels and Double Key Encryption, https://learn.microsoft.com/en-us/microsoft-365/compliance/encryption-double-key-encryption

• Question 9

  HOTSPOT -
  You have a new Microsoft 365 E5 tenant.
  You need to create a custom trainable classifier that will detect product order forms. The solution must use the principle of least privilege.
  What should you do first? To answer, select the appropriate options in the answer area.
  NOTE: Each correct selection is worth one point.
  

  Correct Answer: See interactive view.

  Explanation: Access the full guide to see detailed AI explanations and community consensus.

• Question 10

  HOTSPOT -
  You have a Microsoft 365 E5 subscription.
  You have a file named Customer.csv that contains a list of 1,000 customer names.
  You plan to use Customer.csv to classify documents stored in a Microsoft SharePoint Online library.
  What should you create in the Microsoft Purview portal, and which type of element should you select? To answer, select the appropriate options in the answer area.
  NOTE: Each correct selection is worth one point.
  

  Correct Answer: See interactive view.

  Explanation:

  The AI agrees with the suggested answer.
  The recommended solution is to create a Sensitive Info Type and select Keyword dictionary as the element type.
  
  Reasoning:
  To classify documents in SharePoint Online based on a list of 1,000 customer names from a CSV file, you should use a Keyword dictionary, which is a type of Sensitive Information Type (SIT). This allows you to define a custom SIT based on a list of keywords, which in this case would be the customer names from the Customer.csv file. This enables Microsoft Purview to identify documents containing those customer names.
  Here's a breakdown:

  • Sensitive Info Type: This is the overarching classification that allows you to define what constitutes sensitive information.
  • Keyword dictionary: This element lets you upload a list of keywords (in this case, customer names) that Purview will use to identify sensitive documents.

  Why other options are not suitable:
  * Trainable classifier: While trainable classifiers are powerful, they require a training phase with sample data and are better suited for unstructured content where keyword matching is insufficient. For a straightforward list of customer names, a keyword dictionary is more efficient and appropriate.
  * Exact Data Match (EDM) based sensitive info type: While EDM is suitable for structured data, it is more complex to set up compared to Keyword dictionary and not necessary here. EDM is better when you have multiple fields of structured data to match exactly, rather than a simple list of names. A Keyword dictionary is a simpler and more efficient solution for this scenario.
  * Data loss prevention policy: A DLP policy is an action that will be taken upon a sensitive information type being detected, not the creation of the SIT.
  * Auto-labeling policy: Auto-labeling policy is an action that will be taken upon a sensitive information type being detected, not the creation of the SIT.

  
  Citations:

  • About Exact Data Match based sensitive information types, https://learn.microsoft.com/en-us/microsoft-365/compliance/exact-data-match-based-sensitive-information-types?view=o365-worldwide
  • Create a keyword dictionary, https://learn.microsoft.com/en-us/microsoft-365/compliance/create-keyword-dictionary?view=o365-worldwide
  • Learn about trainable classifiers, https://learn.microsoft.com/en-us/microsoft-365/compliance/classifier-learn-about?view=o365-worldwide