Crucial Exams

Microsoft 365 Administrator Expert MS-102 Practice Question

You are rolling out Endpoint DLP to Windows 10/11 devices that have the MDE sensor onboarded. A new policy must block users from copying files that are labeled Highly Confidential to any removable storage except a fleet of company-issued IronKey USB drives whose vendor and product IDs are known. You configure a policy with the location Devices, add a condition for the Highly Confidential sensitivity label, and select the activity Copy to removable storage with the action Block with override. In testing, the policy also blocks copying to the IronKey drives. You must allow the IronKey drives while still blocking all other USB storage devices.

Which Endpoint DLP configuration should you modify to meet the requirement?

  • Add the IronKey hardware IDs to an exception rule that uses the File path group type.

  • Define a Cloud content inspection location for the IronKey drives and assign it to a policy exception.

  • Enable advanced classification mode and exclude the IronKey drives by adding their drive letters to the file-path exclusion list.

  • Create a device group of type USB that contains the IronKey vendor and product IDs, mark the group as Privileged, and reference it as an exception in the policy.

Microsoft 365 Administrator Expert MS-102
Manage compliance by using Microsoft Purview
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot