Crucial Exams

Microsoft 365 Administrator Expert MS-102 Practice Question

Your company enforces several Microsoft Purview DLP policies for Exchange, SharePoint, OneDrive, and Endpoint DLP. The security operations team works exclusively in the Microsoft 365 Defender portal and must investigate all high-severity DLP alerts there. You need to ensure that every alert generated by the existing DLP rules appears automatically as an incident in Microsoft 365 Defender. What should you do?

  • Configure the Microsoft Sentinel connector for Microsoft Purview and build an analytics rule that ingests the ComplianceDLPEvents table.

  • Edit every DLP policy rule and enable the option to forward DLP alerts to Microsoft 365 Defender, then save the changes.

  • Open an eDiscovery (Premium) case and schedule an automated export of DLP event reports to the SOC mailbox.

  • Create a custom alert policy in the Microsoft 365 Defender portal that targets the DataLossPrevention workload.

Microsoft 365 Administrator Expert MS-102
Manage compliance by using Microsoft Purview
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot