Microsoft Exam SC-400 Topic 6 Question 91 Discussion

To block users from sending emails containing information subject to thePayment Card Industry Data Security Standard (PCI DSS), you can create aData Loss Prevention (DLP) policyinMicrosoft Exchange Online. Here's how:

Create a Custom DLP Policy:

Log in to theMicrosoft Exchange Online admin center.

Navigate toData loss prevention>Policy.

Create a new custom policy specifically for PCI DSS compliance.

Define Conditions:

In the policy settings, define conditions that identify sensitive data related to PCI DSS. For example:

Keywords: Include terms like ''credit card,'' ''debit card,'' or specific card number formats.

Regular Expressions (Regex): Craft expressions to match credit card patterns (e.g.,bd{4}-d{4}-d{4}-d{4}bfor Visa/Mastercard).

Sensitive Information Types: Use built-in or custom sensitive information types related to payment cards.

Choose Actions:

Specify the actions to take when sensitive data is detected in emails:

Block: Prevent the email from being sent.

Notify Sender: Inform the sender that sensitive data is not allowed via email.

Add Disclaimer/Watermark: Optionally add a disclaimer or watermark to the email.

Apply the Policy to Emails Only:

Ensure that the policy is configured to apply only toemails(not other communication channels).

Exclude internal communication if necessary.

Test and Monitor:

Enable the policy intest modeinitially to validate its effectiveness.

Monitor logs and adjust the policy as needed.