SC-200 Question #250: Real Exam Question with Answer & Explanation

Question

You need to configure Microsoft Defender for Cloud Apps to generate alerts and trigger remediation actions in response to external sharing of confidential files. Which two actions should you perform in the Microsoft 365 Defender portal? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Options

• AFrom Settings, select Cloud App, select Microsoft Information Protection, and then select Only
• BFrom Cloud apps, select Files, and then filter File Type to Document.
• CFrom Settings, select Cloud App, select Microsoft Information Protection, select Files, and then
• DFrom Cloud apps, select Files, and then filter App to Office 365.
• EFrom Cloud apps, select Files, and then select New policy from search.
• FFrom Settings, select Cloud App, select Microsoft Information Protection, and then select

Explanation

Two steps are required. First (F): In Settings > Cloud App > Microsoft Information Protection, enable file monitoring/scanning so that Defender for Cloud Apps can inspect file content and sensitivity labels - without this, file policies cannot evaluate content or labels. Second (E): Navigate to Cloud apps > Files and select 'New policy from search' to create a file policy that defines conditions (e.g., files shared externally with a confidential sensitivity label) and configures alerts and governance actions (e.g., remove external sharing). Choice A and C reference partial paths to the Information Protection settings. Choices B and D filter the Files view but do not create a policy. Together, F (enable scanning) and E (create the policy) form the complete solution.

No community discussion yet for this question.