Topic 1, Contoso
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and three branch offices in Seattle, Boston, and Johannesburg.
Microsoft 365 Environment
Contoso has a Microsoft 365 FS tenant I he tenant contains the administrative user accounts shown in the following table.

Users store data In the following locations:
* SharePoint sites
* OneDrive accounts
* Exchange email
* Exchange public folders
* Teams chats
* Teams channel messages
When users in the research department create documents, they must add a 10-dig>t project code to each document. Project codes that start with the digits 999 are confidential.
SharePoint Online Environment
Contoso has four Microsoft SharePoint Online sites named Site1. Site2. Site3. and Site4.
Site2 contains the files shown in the following table.

Two users named User1 and User2 are assigned roles for Site2 as shown in the following table.

Sile3 stores documents related to the company's projects. The documents are organized In a folder hierarchy based on the project.
Slte4 has the following two retention policies applied:
* Name: SitetKetentionPolicy1
* Locations to apply the policy: Site4
* Delete items older than:2 years
* Delete content based on: When items were created
* Name: Site4RetentionPolicy2
* Locations to apply the policy. Sile4
* Retain items for a specific period: 4 years
* Start the retention period based on: When items were created
* At the end of the retention period: Do nothing
Problem Statements
Management at Contoso is concerned about data leaks. On several occasions, confidential research departments were leaked.
Planned Changes
Contoso plans to create the following data loss prevention (DLP) policy:
* Name: DLPpolicy1
* Locations to apply the policy; Site2
* Conditions:
* Content contains any of these sensitive info types: SWIF F Code
* Instance count: 2 to any
* Actions: Restrict access to the content
Technical Requirements
Contoso must meet the following technical requirements:
* All administrative users must be able to review DLP reports.
* Whenever possible, the principle of least privilege must be used.
* For all users, all Microsoft 365 data must be retained for at least one year.
* Confidential documents must be detected and protected by using Microsoft 365.
* Site1 documents that include credit card numbers must be labeled automatically.
* All administrative users must be able to create Microsoft 365 sensitivity labels.
* After a project is complete, the documents in Site3 that relate to the project must be retained for 10 years

Alerts must be sent to the Microsoft Teams site of the affected department. A Microsoft Power Automate playbook should be used.
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/content-inspection-built-in
https://docs.microsoft.com/en-us/cloud-app-security/flow-integration
Topic 4, Simulations and Labs

You cannot revoke a mail that you sent to a recipient that uses a work or school account from Office 365 or Microsoft 365 or a user that uses a Microsoft account, for example, an outlook.com account.
https://docs.microsoft.com/en-us/microsoft-365/compliance/revoke-ome-encrypted- mail?view=o365-worldwide

Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/get-dlpdetectionsreport?view=exchange-ps