Administering Information Protection and Compliance in Microsoft 365 — Question 4

You are planning a data loss prevention (DLP) solution that will apply to Windows Client computers.
You need to ensure that when users attempt to copy a file that contains sensitive information to a USB storage device, the following requirements are met:
If the users are members of a group named Group1, the users must be allowed to copy the file, and an event must be recorded in the audit log.
All other users must be blocked from copying the file.
What should you create?

Answer options

• A. one DLP policy that contains one DLP rule
• B. one DLP policy that contains two DLP rules
• C. two DLP policies that each contains one DLP rule

Correct answer: C

Explanation

The correct answer is C because you need one DLP policy to allow Group1 to copy the file and log the event, and a separate DLP policy to block all other users from copying sensitive files. Option A is incorrect because a single DLP rule cannot accommodate both requirements, and option B is wrong since it does not separate the permissions for Group1 and the rest of the users.