HOTSPOT
The legal department in your organization creates standardized disclaimers for all of their email messages. The disclaimers explain that any transmissions that are received in error should be reported back to the sender. You track any confidential documents that are attached to email messages.
Your security team reports that an employee may have mistakenly sent an email message that contained confidential information.
You need to identify whether the email message included the disclaimer and whether it contained confidential information.
Which two options should you configure? To answer, select the appropriate objects in the answer area.
Answer:
Explanation:
DLP stands for DataLossPrevention. A DLP policy is used to define exactly what constitutes a confidential email. For example: any email that has a credit card number of bank account number would be deemed to be confidential.
The DLP policy matches for sent mail report is used to display which emails contained content that matched a condition defined in a DLP policy. The DLP policy matches for sent mail report can be downloaded as a table that lists every single email that matched a DLP policy. This would identify in this question if the email did actually contain confidential information.
To identify whether the email message included the disclaimer, we need to view the “rule matches for sent mail” report. The disclaimer is added to an email by a transport rule. The rule defines which emails should have the disclaimer appended. A common example of this is all email sent to recipients outside the organization. By viewing the rule matches for sent mail, we can verify if the email in this question did match a rule and therefore did have the disclaimer appended.