Microsoft 365 Admin Centers and Data Policies

Questions and Answers

What is the primary function of auditing in the Power Platform?

• To restrict user access to data based on their roles
• To capture specific activities and save them to a log file (correct)
• To create new entities and fields in the Dynamics 365 environment
• To automate data backup processes in the admin center

Which actions can be monitored through the auditing log?

• Creation of new user accounts and deletion of logs
• Modifications of security roles and changes to data sharing privileges (correct)
• All changes made to the UI and operational workflows
• User login times and password changes

How can an administrator access the auditing settings in the Power Platform?

• By using command line tools to configure the admin environment
• By expanding the Audit and logs heading on the Settings page (correct)
• By selecting the Security tab within the user accounts section
• By navigating to the user settings of individual accounts

What information is NOT typically captured in the auditing logs?

The subscription details of the environment (B)

Which step must an administrator take to view individual logs within the Power Platform?

Navigate to the System Settings page and manage logs (C)

What is the primary function of the Microsoft 365 admin center?

To create and manage user accounts and subscriptions. (B)

Which administrative tasks can be performed in the Power Platform admin center?

Creating and managing the tenant’s existing environments. (B)

Which statement about the deprecated admin centers is accurate?

Functions from deprecated centers migrate to other accessible areas gradually. (B)

What do the Analytics menu and Admin centers menu in the Power Platform admin center provide?

Real-time statistics and links to other admin centers. (D)

Which of the following admin centers appears on the All admin centers list directly?

Dynamics 365 admin center. (B)

What would be the first step if a required function is missing from a deprecated admin center?

Check the Power Platform admin center for the function. (A)

Which of the following is NOT a characteristic of the Power BI Admin portal?

It has a feature for generating client reports. (C)

Which of the following statements about the Power Platform admin center is true?

It consolidates functions from previously separate admin centers. (B)

What is the primary purpose of data loss prevention (DLP) policies in the Power Platform?

To regulate access to data sources with different sensitivity levels (B)

Which of the following correctly describes the 'Blocked' group in DLP policies?

Connectors that cannot be used in the environment at all (B)

What type of information can be found in the Audit Reports section of the Service Trust Portal (STP)?

Independent evaluations of Microsoft’s compliance with various standards (D)

What does the Compliance Manager tool primarily assess?

An organization's compliance posture against specific standards (D)

What aspect of the Service Trust Portal is restricted to registered users of Microsoft 365?

Viewing independent audit reports (C)

Which category in DLP policies is automatically assigned to newly created connectors by default?

Non-business (D)

Which of the following is NOT a category of compliance documentation found in the Service Trust Portal?

User Experience Reports (A)

When managing DLP policies, what scope options can administrators choose from?

Entire tenancy or specific environments within the tenancy (A)

What is the role of the Trust Center linked within the Service Trust Portal?

To inform users about security, privacy, compliance, and transparency (B)

What type of controls are monitored in the Compliance Manager assessments?

Security and privacy control segments (A)

Which of the following organizations does not have specific compliance resources in the Service Trust Portal?

Social media platforms (C)

What is a common risk associated with deploying Power Platform content to consumers?

Unauthorized access to sensitive data (D)

What function does the 'Documents & Resources' section of the STP serve?

Offers libraries of compliance-related documents and guides (D)

How is the Compliance Score expressed in the Compliance Manager tool?

As a numerical score based on assessments (C)

Flashcards

What is the Microsoft 365 admin center?

The primary configuration interface for Microsoft 365, enabling administrators to manage user accounts, purchase subscriptions, and access other administrative interfaces.

What is the Power Platform admin center?

A web portal that provides administrative access to Power Apps, Power Automate, Power BI, and Dynamics 365 environments, including managing environments, users, and settings.

What is the Power BI Admin Portal?

This admin center for Power BI provides tools to manage users, audit logs, and connect to other admin centers.

Where can you find the Power Platform admin center link?

The All Admin Centers page in the Microsoft 365 admin center.

What is happening to older admin centers like Power Apps and Power Automate?

Microsoft is gradually shifting functions from old admin centers like Power Apps, Power Automate, and Dynamics 365 into the Power Platform admin center.

Where can you find Power Apps and Power Automate links?

As of the second edition of this book, the Power Apps and Power Automate links on the All Admin Centers page lead to the Power Platform admin center.

What happened to the specific admin centers for Power Apps, Power Automate, and Dynamics 365?

The Power Apps, Power Automate, and Dynamics 365 admin centers were deprecated by Microsoft in June 2020.

Where should you look for missing functions from older admin centers?

If you can't find a specific function in the deprecated admin centers, the first place to look for it would be the Power Platform admin center.

Auditing

A process that records specific user activities within a system, storing them in a log file. This log file can be accessed by administrators to monitor data access, security role changes, entity and field modifications, sharing privilege adjustments, and the timestamps and locations of updates.

Audit Log

A detailed record of actions taken within a system, including who performed the action, what they did, and when it occurred. This is valuable for troubleshooting, security analysis, and compliance purposes.

Audit Settings

A powerful feature in business applications that allows administrators to record and review user actions within the system, promoting accountability and enabling security analysis.

Access Audit Logs

The ability to view and analyze the information stored in the audit log, providing insights into system usage and potentially identifying security breaches or irregularities.

Auditing and Logs

The location in a Power Platform environment where administrators can manage audit settings and access audit logs, providing a central hub for system security monitoring.

What are DLP policies?

Data loss prevention (DLP) policies are rules that classify connectors based on their data sensitivity level.

What is the "Non-business" connector group?

Connectors classified as "Non-business" access non-sensitive data and cannot share data with "Business" connectors.

What is the "Business" connector group?

Connectors classified as "Business" access sensitive data and can only share data with other "Business" connectors.

What is the "Blocked" connector group?

Connectors classified as "Blocked" are prohibited from being used within the environment.

How are DLP policies applied?

Administrators can assign a DLP policy to an entire tenancy or specific environments within the tenancy using scope options.

What is the Microsoft Service Trust Portal (STP)?

The Service Trust Portal (STP) is a central repository of information about Microsoft's compliance with various standards and regulations.

What types of information does the STP offer?

The STP provides independent audit reports that evaluate Microsoft's cloud services against standards like ISO, SOC, NIST, FedRAMP, and GDPR.

What is the Compliance Manager tool?

The STP's "Compliance Manager" tool assesses an organization's compliance posture based on published standards and regulations.

What is the basis for Compliance Manager assessments?

Compliance Manager assesses an organization's compliance based on the capabilities of Microsoft cloud services and how the organization uses them.

How does Compliance Manager present compliance information?

Compliance Manager displays a dashboard with tiles representing assessments of various cloud services against specific standards.

What happens when you select a Compliance Manager tile?

Selecting a Compliance Manager tile displays detailed information about a cloud service assessment, including individual controls and compliance scores.

What information is presented for each control in Compliance Manager?

Each control in a Compliance Manager assessment lists who tested it, when, and the individual compliance score value.

What is auditing?

Auditing is another way to monitor compliance with data access regulations.

What are the benefits of auditing?

Auditing helps ensure that data access policies are followed and provides evidence of compliance.

Study Notes

Administrative Task Locations

• Microsoft 365 Admin Center: Primary interface for creating and managing user accounts, product subscriptions, and accessing other admin centers.
• Power Platform Admin Center: Provides administrative access to tenant environments, including creating and managing environments. The Power Apps, Power Automate, and Dynamics 365 admin centers have moved to this center.
• Power BI Admin Portal: Contains menus linking to other admin centers, including the Microsoft 365 admin center for user and audit log management.

Data Policies

• Data loss prevention (DLP) Policies: Created in Power Platform admin center, allowing classification of connectors into groups (Non-business, Business, Blocked.)
• Non-business group: For connectors accessing non-sensitive data; cannot share with Business group connectors.
• Business group: For connectors accessing sensitive data; can share only with other Business group connectors.
• Blocked group: For connectors not allowed in the environment.
• Policy Assignment: Administrators assign names and move connectors between groups in the admin center's wizard.
• Policy Scope: Policies can apply to entire tenancy or specific environments within the tenancy.

Microsoft Power Platform Privacy and Accessibility Support

• Service Trust Portal (STP): Provides information on compliance standards including reports, documents, and tools.
• Audit Reports: Independent audits and assessments of cloud services compliance with standards (ISO, SOC, NIST, FedRAMP, GDPR).
• Documents & Resources: Extensive library of compliance guides, white papers, FAQs, security blueprints, and data protection resources.
• Compliance Manager: Risk assessment tool for regulatory compliance; scores based on Microsoft cloud services use and pre-existing standards.
• Compliance Manager Dashboard: Displays tile representations of each assessment with numerical scores.
• Cloud Service Assessments: Shows results for each control, noting Microsoft's and customer's responsibilities.
• Auditing: Tracks specific activities and saves them to a log; allows monitoring data access, security role modifications, entity/field changes, and sharing privilege changes.
• Auditing Access: Accessed through the settings page in the Power Platform admin center (Audit and logs).