Which two actions should you perform?

You are the Office 365 administrator for your company.

The company has established the following new requirements:

Members of the legal team must be able to conduct eDiscovery searches.

Employees must be notified when they send email messages that contain confidential information.

You need to configure the environment.

Which two actions should you perform? Each correct answer presents part of the solution.
A . Configure journaling to a Microsoft Exchange Online mailbox for all mailboxes.
B . Add the members of the legal team to the Discovery Management role group.
C . Create a Data Loss Prevention policy.
D . Place all executive mailboxes on In-Place Hold for 365 days and use In-Place eDiscovery for mailbox searches.
E . Enable Microsoft Exchange Online Archiving for the executive mailboxes.
F . Place all executive mailboxes on Retention Hold.

View Answer

Answer: B,C

Explanation:

To enable members of the legal team to conduct eDiscovery searches, we need to add them to the Discovery Management role group.

Members of the Discovery Management role group can access sensitive message content. Specifically, these members can use In-Place eDiscovery to search all mailboxes in your Exchange organization, preview messages (and other mailbox items), copy them to a Discovery mailbox and export the copied messages to a .pst file. In most organizations, this permission is granted to legal, compliance, or Human Resources personnel.

To ensure that employees are notified when they send email messages that contain confidential information, we need to configure a Data Loss Prevention (DLP) policy.

A Data Loss Prevention (DLP) policy is a set of conditions that define what is regarded as sensitive or confidential information. This new DLP feature performs deep content analysis through keyword matches, dictionary matches, regular expression evaluation, and other content examination to detect content that violates organizational DLP policies.

In addition to the customizable DLP policies themselves, you can also inform email senders that they may be about to violate one of your policies―even before they send an offending message. You can accomplish this by configuring PolicyTips. Policy Tips are similar to MailTips, and can be configured to present a brief note in the Microsoft Outlook 2013 client that provides information about possible policy violations to a person creating a message.

References:

https://technet.microsoft.com/en-us/library/jj200692(v=exchg.150).aspx

http://blogs.msdn.com/b/microsoft_press/archive/2013/04/29/from-the-mvps-data-loss-prevention-with-office-365-and-exchange-online.aspx