MICROSOFT EXAM AZ800 POST-
ASSESSMENT TEST PAPER 2026 QUESTIONS
WITH SOLUTIONS GRADED A+
⩥ Why might a file labeled Confidential still allow anyone to open it?
Answer: The label was configured without encryption/permissions, or
encryption is only applied in specific apps/conditions.
⩥ What do you configure for Outlook to suggest applying a sensitivity
label when an email contains a U.S. Social Security Number? Answer: A
sensitivity labeling policy with label recommendations based on
sensitive info types.
⩥ What's the difference between auto-labeling and recommended
labeling? Answer: Auto-labeling applies the label automatically;
recommended labeling prompts the user to apply it.
⩥ How can you prevent users from sharing files labeled 'Highly
Confidential' with external users in SharePoint/OneDrive? Answer:
Sensitivity label + SharePoint/OneDrive label settings (e.g., block
external sharing).
⩥ How do you make a SharePoint site inherit 'Confidential' protections
automatically? Answer: Apply a sensitivity label to the container (the
site/group/Team).
,⩥ What should you implement first to stop credit card numbers from
being sent externally via email? Answer: Data Loss Prevention (DLP)
policy for Exchange with a condition on Credit Card Number SIT.
⩥ What's a common way to improve accuracy if a DLP policy is
matching too many false positives? Answer: Adjust confidence levels,
use min count thresholds, add keyword proximity, or refine conditions.
⩥ What action allows DLP to block messages but lets users override
with business justification? Answer: Block with override (and require
justification).
⩥ Where do you centrally manage sensitivity labels, DLP, and retention
in modern M365? Answer: Microsoft Purview portal.
⩥ What do you use to apply a retention period to all emails for 7 years,
even if users delete them? Answer: A retention policy for Exchange with
retain for 7 years.
⩥ What should you use for different retention rules based on content
type? Answer: Retention labels (auto-applied or manually applied).
⩥ What does 'record' mode do when applied via retention labeling?
Answer: It makes content more resistant to deletion/editing.
,⩥ What feature requires approval before deletion after retention ends?
Answer: Disposition review.
⩥ Which Purview solution supports finding all Teams chats for a
custodian during an investigation? Answer: eDiscovery
(Standard/Premium) with Teams locations.
⩥ What's the key difference between eDiscovery Standard and
Premium? Answer: Premium adds advanced capabilities like custodian
management, review sets, analytics, and legal hold workflows.
⩥ What do you apply to preserve content for a single user under
investigation? Answer: A hold (Litigation Hold / eDiscovery hold) on
that user's mailbox.
⩥ What capability helps prove who accessed and downloaded a sensitive
file? Answer: Audit (Microsoft Purview Audit logs).
⩥ What's typically required for longer audit log retention for
compliance? Answer: Microsoft Purview Audit (Premium) / advanced
audit features.
, ⩥ What's best for alerts when a user downloads an unusually high
number of files from SharePoint? Answer: Microsoft Purview insider
risk / alerts or Defender for Cloud Apps (anomaly detection).
⩥ Which solution is designed to detect and manage potential data theft
by trusted insiders? Answer: Insider Risk Management (Microsoft
Purview).
⩥ What do you use to monitor potentially inappropriate language or
harassment in Teams messages? Answer: Communication Compliance.
⩥ What feature prevents two groups from communicating in
Teams/SharePoint during a deal? Answer: Information Barriers.
⩥ What control helps extend DLP policies to endpoints? Answer:
Endpoint DLP.
⩥ What is the purpose of sensitivity labels in Microsoft 365? Answer: To
classify and protect sensitive information.
⩥ What is the function of Data Loss Prevention (DLP) policies? Answer:
To protect sensitive data from being shared inappropriately.
ASSESSMENT TEST PAPER 2026 QUESTIONS
WITH SOLUTIONS GRADED A+
⩥ Why might a file labeled Confidential still allow anyone to open it?
Answer: The label was configured without encryption/permissions, or
encryption is only applied in specific apps/conditions.
⩥ What do you configure for Outlook to suggest applying a sensitivity
label when an email contains a U.S. Social Security Number? Answer: A
sensitivity labeling policy with label recommendations based on
sensitive info types.
⩥ What's the difference between auto-labeling and recommended
labeling? Answer: Auto-labeling applies the label automatically;
recommended labeling prompts the user to apply it.
⩥ How can you prevent users from sharing files labeled 'Highly
Confidential' with external users in SharePoint/OneDrive? Answer:
Sensitivity label + SharePoint/OneDrive label settings (e.g., block
external sharing).
⩥ How do you make a SharePoint site inherit 'Confidential' protections
automatically? Answer: Apply a sensitivity label to the container (the
site/group/Team).
,⩥ What should you implement first to stop credit card numbers from
being sent externally via email? Answer: Data Loss Prevention (DLP)
policy for Exchange with a condition on Credit Card Number SIT.
⩥ What's a common way to improve accuracy if a DLP policy is
matching too many false positives? Answer: Adjust confidence levels,
use min count thresholds, add keyword proximity, or refine conditions.
⩥ What action allows DLP to block messages but lets users override
with business justification? Answer: Block with override (and require
justification).
⩥ Where do you centrally manage sensitivity labels, DLP, and retention
in modern M365? Answer: Microsoft Purview portal.
⩥ What do you use to apply a retention period to all emails for 7 years,
even if users delete them? Answer: A retention policy for Exchange with
retain for 7 years.
⩥ What should you use for different retention rules based on content
type? Answer: Retention labels (auto-applied or manually applied).
⩥ What does 'record' mode do when applied via retention labeling?
Answer: It makes content more resistant to deletion/editing.
,⩥ What feature requires approval before deletion after retention ends?
Answer: Disposition review.
⩥ Which Purview solution supports finding all Teams chats for a
custodian during an investigation? Answer: eDiscovery
(Standard/Premium) with Teams locations.
⩥ What's the key difference between eDiscovery Standard and
Premium? Answer: Premium adds advanced capabilities like custodian
management, review sets, analytics, and legal hold workflows.
⩥ What do you apply to preserve content for a single user under
investigation? Answer: A hold (Litigation Hold / eDiscovery hold) on
that user's mailbox.
⩥ What capability helps prove who accessed and downloaded a sensitive
file? Answer: Audit (Microsoft Purview Audit logs).
⩥ What's typically required for longer audit log retention for
compliance? Answer: Microsoft Purview Audit (Premium) / advanced
audit features.
, ⩥ What's best for alerts when a user downloads an unusually high
number of files from SharePoint? Answer: Microsoft Purview insider
risk / alerts or Defender for Cloud Apps (anomaly detection).
⩥ Which solution is designed to detect and manage potential data theft
by trusted insiders? Answer: Insider Risk Management (Microsoft
Purview).
⩥ What do you use to monitor potentially inappropriate language or
harassment in Teams messages? Answer: Communication Compliance.
⩥ What feature prevents two groups from communicating in
Teams/SharePoint during a deal? Answer: Information Barriers.
⩥ What control helps extend DLP policies to endpoints? Answer:
Endpoint DLP.
⩥ What is the purpose of sensitivity labels in Microsoft 365? Answer: To
classify and protect sensitive information.
⩥ What is the function of Data Loss Prevention (DLP) policies? Answer:
To protect sensitive data from being shared inappropriately.
