DRAG DROP -
You are evaluating the compliance score in Compliance Manager.
Match the compliance score action subcategories to the appropriate actions.
To answer, drag the appropriate action subcategory from the column on the left to its action on the right. Each action subcategory may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.
Select and Place:
Â
Suggested Answer:
Box 1: Preventative -
Preventative actions address specific risks. For example, protecting information at rest using encryption is a preventative action against attacks and breaches.
Separation of duties is a preventative action to manage conflict of interest and guard against fraud.
Box 2: Detective -
Detective actions actively monitor systems to identify irregular conditions or behaviors that represent risk, or that can be used to detect intrusions or breaches.
Examples include system access auditing and privileged administrative actions. Regulatory compliance audits are a type of detective action used to find process issues.
Box 3: Corrective -
Corrective actions try to keep the adverse effects of a security incident to a minimum, take corrective action to reduce the immediate effect, and reverse the damage if possible. Privacy incident response is a corrective action to limit damage and restore systems to an operational state after a breach.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-score-calculation
This question is in SC-900 Microsoft Security, Compliance, and Identity Fundamentals Exam
For getting Microsoft Certified: Security, Compliance, and Identity Fundamentals Certificate
Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Microsoft.
The website does not contain actual questions and answers from Microsoft's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to Microsoft.
