Microsoft Security Operations Analyst Associate SC-200 Practice Question

A file policy in Microsoft Defender for Cloud Apps can scan files stored in connected SaaS applications such as SharePoint Online and OneDrive for Business. File policies support deep content inspection, can identify files that match a sensitive information type or keyword, and can automatically apply a Microsoft Purview Information Protection sensitivity label that encrypts the file. They also allow configuring governance actions, including sending alerts. Session policies control real-time actions such as downloads or uploads but cannot apply sensitivity labels. Activity policies monitor user actions and can generate alerts but cannot label or encrypt files. Anomaly detection policies are used for behavior analytics and do not perform content inspection or apply labels. Therefore, creating a file policy is the correct solution.