MS-500 無料問題集「Microsoft 365 Security Administration」
You have an Azure Acme Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.
You discover several security alerts are visible from the Microsoft Defender for Identity portal.
You need to identify which users m contoso.com can dose the security Alerts. Which users should you identify?
You discover several security alerts are visible from the Microsoft Defender for Identity portal.
You need to identify which users m contoso.com can dose the security Alerts. Which users should you identify?
正解:C
解答を投票する
Refer to exhibit.
Microsoft Defender for Endpoint contains the incidents shown in the following table.
For each of the following statements, select yes if the statement is true. Otherwise. select No.
Microsoft Defender for Endpoint contains the incidents shown in the following table.
For each of the following statements, select yes if the statement is true. Otherwise. select No.
正解:
Explanation
Graphical user interface, application Description automatically generated
Your company has a Microsoft 365 subscription that contains the users shown in the following table.
The company implements Windows Defender Advanced Threat Protection (Windows Defender ATP).
Windows Defender ATP includes the roles shown in the following table:
Windows Defender ATP contains the machine groups shown in the following table:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The company implements Windows Defender Advanced Threat Protection (Windows Defender ATP).
Windows Defender ATP includes the roles shown in the following table:
Windows Defender ATP contains the machine groups shown in the following table:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
You have a Microsoft 365 subscription that includes a user named User1.
You have a conditional access policy that applies to Microsoft Exchange Online. The conditional access policy is configured to use Conditional Access App Control.
You need to create a Microsoft Cloud App Security policy that blocks User1 from printing from Exchange Online.
Which type of Cloud App Security policy should you create?
You have a conditional access policy that applies to Microsoft Exchange Online. The conditional access policy is configured to use Conditional Access App Control.
You need to create a Microsoft Cloud App Security policy that blocks User1 from printing from Exchange Online.
Which type of Cloud App Security policy should you create?
正解:C
解答を投票する
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that a user named Allan Deyoung uses multi-factor authentication (MFA) for all authentication requests.
To complete this task, sign in to the Microsoft 365 admin center.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that a user named Allan Deyoung uses multi-factor authentication (MFA) for all authentication requests.
To complete this task, sign in to the Microsoft 365 admin center.
正解:
See explanation below.
Explanation
1. Open the Admin Center and go to Users > Active Users
2. Open Multi-factor authentication
Don't select any user yet, just open the Multi-factor authentication screen. You will find the button in the toolbar.
3. Open the Service settingsBefore we start enabling MFA for the users, we first go through the service settings. The button to the settings screen doesn't stand out, but it's just below the title
4. Setup MFA Office 365
A few settings are important here:
Make sure you check the App password. Otherwise, users can't authenticate in some applications (like the default mail app in Android).
Also, take a look at the remember function. By default, it is set to 14 days.
5. Enable MFA for Office 365 users
After you have set the settings to your liking click on save and then on users (just below the title Multi-factor authentication).
You see the list of your users again. Here you can select single or multiple users to enable MFA.
At the moment you enable Office 365 MFA for a user it can get the setup screen as soon as the users browse to one of the Office 365 products.
Reference:
https://lazyadmin.nl/office-365/how-to-setup-mfa-in-office-365/
Explanation
1. Open the Admin Center and go to Users > Active Users
2. Open Multi-factor authentication
Don't select any user yet, just open the Multi-factor authentication screen. You will find the button in the toolbar.
3. Open the Service settingsBefore we start enabling MFA for the users, we first go through the service settings. The button to the settings screen doesn't stand out, but it's just below the title
4. Setup MFA Office 365
A few settings are important here:
Make sure you check the App password. Otherwise, users can't authenticate in some applications (like the default mail app in Android).
Also, take a look at the remember function. By default, it is set to 14 days.
5. Enable MFA for Office 365 users
After you have set the settings to your liking click on save and then on users (just below the title Multi-factor authentication).
You see the list of your users again. Here you can select single or multiple users to enable MFA.
At the moment you enable Office 365 MFA for a user it can get the setup screen as soon as the users browse to one of the Office 365 products.
Reference:
https://lazyadmin.nl/office-365/how-to-setup-mfa-in-office-365/
You have a Microsoft 365 E5 subscription that contains a user named User1 and the groups shown in the following table.
You have the Compliance Manager improvement action shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
You have the Compliance Manager improvement action shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
正解:
Explanation
Your network contains an on-premises Active Directory domain and a Microsoft 365 subscription.
You plan to deploy a hybrid Azure Active Directory (Azure AD) tenant that has Azure AD Identity Protection risk policies enabled.
You need to configure Azure AD Connect to support the planned deployment.
Which Azure AD Connect authentication method should you select?
You plan to deploy a hybrid Azure Active Directory (Azure AD) tenant that has Azure AD Identity Protection risk policies enabled.
You need to configure Azure AD Connect to support the planned deployment.
Which Azure AD Connect authentication method should you select?
正解:C
解答を投票する
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that each user can join up to five devices to Azure Active Directory (Azure AD).
To complete this task, sign in to the Microsoft Office 365 admin center.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that each user can join up to five devices to Azure Active Directory (Azure AD).
To complete this task, sign in to the Microsoft Office 365 admin center.
正解:
See explanation below.
After signing into the Microsoft 365 admin center, click Admin centers > Azure Active Directory > Devices.
Navigate to Device Settings.
Set the Users may join devices to Azure AD setting to All.
Set the Additional local administrators on Azure AD joined devices setting to None.
Set the Users may register their devices with Azure AD setting to All.
Leave the Require Multi-Factor Auth to join devices setting on it default setting.
Set the Maximum number of devices setting to 5.
Set the Users may sync settings and app data across devices setting to All.
Click the Save button at the top left of the screen.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal
https://docs.microsoft.com/en-us/microsoft-365/compliance/use-your-free-azure-ad-subscription-in-office-365?v
After signing into the Microsoft 365 admin center, click Admin centers > Azure Active Directory > Devices.
Navigate to Device Settings.
Set the Users may join devices to Azure AD setting to All.
Set the Additional local administrators on Azure AD joined devices setting to None.
Set the Users may register their devices with Azure AD setting to All.
Leave the Require Multi-Factor Auth to join devices setting on it default setting.
Set the Maximum number of devices setting to 5.
Set the Users may sync settings and app data across devices setting to All.
Click the Save button at the top left of the screen.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal
https://docs.microsoft.com/en-us/microsoft-365/compliance/use-your-free-azure-ad-subscription-in-office-365?v
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that [email protected] receives an alert when a user establishes a sync relationship to a document library from a computer that is a member of an Active Directory (AD) domain.
To complete this task, sign in to the Microsoft Office 365 admin center.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11032396
You need to ensure that [email protected] receives an alert when a user establishes a sync relationship to a document library from a computer that is a member of an Active Directory (AD) domain.
To complete this task, sign in to the Microsoft Office 365 admin center.
正解:
See explanation below.
Explanation
1. Navigate to Manage Alerts in the Security & Compliance Center.
2. On the Activity alerts page, click + New.
The flyout page to create an activity alert is displayed.
3. Complete the following fields to create an activity alert:
a. Name - Type a name for the alert. Alert names must be unique within your organization.
b. Description (Optional) - Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins.
c. Alert type - Make sure the Custom option is selected.
d. Send this alert when - Click Send this alert when and then configure these two fields:
Activities - Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that's displayed when you search the Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For a description of these activities, see the "Audited activities" section in Search the audit log. When a user performs any of the activities that you've added to the alert, an email notification is sent.
Users - Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert.
e. Send this alert to - Click Send this alert, and then click in the Recipients box and type a name to add a user's who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.
4. Click Save to create the alert.
The new alert is displayed in the list on the Activity alerts page.
The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide
Explanation
1. Navigate to Manage Alerts in the Security & Compliance Center.
2. On the Activity alerts page, click + New.
The flyout page to create an activity alert is displayed.
3. Complete the following fields to create an activity alert:
a. Name - Type a name for the alert. Alert names must be unique within your organization.
b. Description (Optional) - Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins.
c. Alert type - Make sure the Custom option is selected.
d. Send this alert when - Click Send this alert when and then configure these two fields:
Activities - Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that's displayed when you search the Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For a description of these activities, see the "Audited activities" section in Search the audit log. When a user performs any of the activities that you've added to the alert, an email notification is sent.
Users - Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert.
e. Send this alert to - Click Send this alert, and then click in the Recipients box and type a name to add a user's who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.
4. Click Save to create the alert.
The new alert is displayed in the list on the Activity alerts page.
The status of the alert is set to On. Note that the recipients who will receive an email notification when an alert is sent are also listed.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide
You have a Microsoft 365 E5 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
Azure AD Identity Protection alerts for contoso.com are configured as shown in the following exhibit.
A user named User1 is configured to receive alerts from Azure AD Identity Protection.
You create users in contoso.com as shown in the following table.
The users perform the sign-ins shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Azure AD Identity Protection alerts for contoso.com are configured as shown in the following exhibit.
A user named User1 is configured to receive alerts from Azure AD Identity Protection.
You create users in contoso.com as shown in the following table.
The users perform the sign-ins shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Box 1: No
User1 will receive the two alerts classified as medium or higher.
Sign-ins from infected device is classified as low. This risk detection identifies IP addresses, not user devices.
If several devices are behind a single IP address, and only some are controlled by a bot network, sign-ins from other devices my trigger this event unnecessarily, which is why this risk detection is classified as Low.
Box 2: No
User2 will receive the two alerts classified as medium or higher.
Email alerts are sent to all global admins, security admins and security readers Sign-ins from infected device is classified as low. This risk detection identifies IP addresses, not user devices.
If several devices are behind a single IP address, and only some are controlled by a bot network, sign-ins from other devices my trigger this event unnecessarily, which is why this risk detection is classified as Low.
Box 3: No
User3 will not receive alters.
Email alerts are sent to all global admins, security admins and security readers.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-r
You have a Microsoft 365 E5 subscription that contains two users named Adminl and User1. a Microsoft SharePoint Online site named Site1, and a retention label named Retention1. The role assignments for Site1 are shown in the following table.
Site1 includes a file named File1.
Rentention1 has the following settings:
* Retain items for a specific period: Retention period: 7 years
* During the retention period: Mark Items as a record
* At the end of the retention period: Delete items automatically
Rententon1 is published to Site1.
User1 applies Retention1 to File1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Site1 includes a file named File1.
Rentention1 has the following settings:
* Retain items for a specific period: Retention period: 7 years
* During the retention period: Mark Items as a record
* At the end of the retention period: Delete items automatically
Rententon1 is published to Site1.
User1 applies Retention1 to File1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
You have a Microsoft 365 E5 subscription that contains 1,000 Windows 10 devices. The devices are onboarded to Microsoft Defender for Endpoint.
You need to view a consolidated list of the common vulnerabilities and exposures (CVE) that affect the devices. The solution must minimize administrative effort.
Which Threat & Vulnerability Management page should you use?
You need to view a consolidated list of the common vulnerabilities and exposures (CVE) that affect the devices. The solution must minimize administrative effort.
Which Threat & Vulnerability Management page should you use?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your company plans to merge with another company.
A user named Debra Berger is an executive at your company.
You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.
To complete this task, sign in to the Microsoft 365 portal.
A user named Debra Berger is an executive at your company.
You need to provide Debra Berger with all the email content of a user named Alex Wilber that contains the word merger.
To complete this task, sign in to the Microsoft 365 portal.
正解:
See explanation below.
Explanation
You need to run a content search then export the results of the search.
Go to the Microsoft 365 Compliance admin center.
Navigate to Content Search under the Solutions section in the left navigation pane.
Click on + New Search to create a new search.
In the Keywords box, type in 'merger'.
In the Locations section, select Specific locations then click the Modify link.
Click on the Choose users, groups or teams link.
Type Alex Wilber in the search field the select his account from the search results.
Click the Choose button to add the user then click Done.
Click Save to close the locations pane.
Click Save & run to run the search.
The next step is to export the results. Select the search then under Export results to a computer, click Start export.
On the Export the search results page, under Output options, select All items.
Under Export Exchange content as, select One PST file for each mailbox.
Click on Start export. When the export has finished, there will be an option to download the exported PST file.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/content-search?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/export-search-results?view=o365-worldwide
Explanation
You need to run a content search then export the results of the search.
Go to the Microsoft 365 Compliance admin center.
Navigate to Content Search under the Solutions section in the left navigation pane.
Click on + New Search to create a new search.
In the Keywords box, type in 'merger'.
In the Locations section, select Specific locations then click the Modify link.
Click on the Choose users, groups or teams link.
Type Alex Wilber in the search field the select his account from the search results.
Click the Choose button to add the user then click Done.
Click Save to close the locations pane.
Click Save & run to run the search.
The next step is to export the results. Select the search then under Export results to a computer, click Start export.
On the Export the search results page, under Output options, select All items.
Under Export Exchange content as, select One PST file for each mailbox.
Click on Start export. When the export has finished, there will be an option to download the exported PST file.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/content-search?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/export-search-results?view=o365-worldwide
You have a Microsoft 365 subscription that has Enable Security defaults set to No in Azure Active Directory (Azure AD).
You have a custom compliance manager template named Regulation1.
You have the assessments shown in the following table.
Assessment1 has the improvement actions shown in the following table.
Assessment2 has the improvement actions shown in the following table.
You perform the following actions:
For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.
Enable multi-factor authentication (MFA) for all users.
Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a custom compliance manager template named Regulation1.
You have the assessments shown in the following table.
Assessment1 has the improvement actions shown in the following table.
Assessment2 has the improvement actions shown in the following table.
You perform the following actions:
For Assessment2, change the Test status of Establish a threat intelligence program to Implemented.
Enable multi-factor authentication (MFA) for all users.
Configure a privileged access policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-setup?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-improvement-actions?view=o3