As it is increasingly vital for organizations to adhere to regulatory requirements and safeguard their business from unnecessary data leaks. It’s becoming crucial for IT admins to understand the efficient management and creation of sensitive information types to proficiently configure this functionality. In the context of the SC-400 Microsoft Information Protection Administrator exam, let’s take a look at how to create and manage custom sensitive information types (SITs).
Sensitive Information Types (SITs) are pre-configured or custom classifications that use a combination of pattern matching and keywords to identify sensitive content. The Microsoft 365 compliance center has 100+ built-in SITs representing information types for many commonly used categories of sensitive information, such as credit card numbers, social security numbers, and other personally identifiable information (PII). But in case your organization has specific sensitive information that doesn’t fit into these built-in types, you can create a custom SIT.
Creating Custom Sensitive Information Types:
Step 1: Visit the Microsoft 365 compliance center, go to Data classification > Sensitive info types.
Step 2: Click on the Create button.
Step 3: Specify a name and description for the SIT, keep it relevant to the information type you are defining.
Step 4: Add elements to the SIT, you can include patterns, keyword lists, keyword dictionaries, and supporting elements to define the SIT. For example, you might create a pattern to find nine-digit numbers arranged in a specific way to match employee ID numbers.
Step 5: Define confidence levels, any match found by the system will be assigned a confidence level of low, medium, or high based on the criteria you specify.
Step 6: Review your SIT definitions and then click on the Create button.
Remember it takes 1 hour for the SIT to be usable in a policy after creation and it becomes available across all Microsoft 365 locations and services.
Managing Custom Sensitive Information Types:
Once you’ve created a custom SIT, you must manage it effectively to ensure seamless functioning and to avoid any unwarranted security threats.
Here are some of the common tasks you can perform:
- Edit the SIT: To modify the pattern or elements in the SIT, navigate to the sensitive info types page in the Microsoft 365 compliance center, select the type you want to edit, and make your changes.
- Deactivate the SIT: If you wish to temporarily disable the SIT from detection without deleting it, select the SIT and change the status to Deactivated.
- Delete the SIT: To delete the SIT, select it and click on Delete. Only those SITs can be deleted which are not being used in a policy.
- Export a report: You can export a report in Excel format of your custom SIT for reference.
Understanding how to create and manage custom SITs is essential to ensure your organization’s sensitive data is classified and protected effectively, regardless of the platform it resides in or is shared with. This skill is necessary as part of the SC-400 Microsoft Information Protection Administrator exam, and also in real-world practices of managing sensitive data protocol.
Practice Test
True or False: Microsoft 365 enables you to define and manage custom sensitive information types.
– True
– False
Answer: True.
Explanation: Microsoft 365 does let you define and manage custom sensitive information types for a more granular control over data identification, labeling, and protection.
In Microsoft 365, which of the following can be used to categorize and protect sensitive content?
– a) Data Types
– b) Information Types
– c) Sensitive Information Types
– d) Data Formats
Answer: c) Sensitive Information Types
Explanation: Sensitive Information Types in Microsoft 365 are used to identify and protect sensitive content such as credit card numbers, bank account information etc.
True or False: The naming convention for custom sensitive information types does not support special characters.
– True
– False
Answer: True.
Explanation: When defining custom sensitive information types, they should be named in a way that they do not contain spaces or special characters.
Which among the following is used for creating a pattern in custom sensitive information type?
– a) Keywords
– b) Regular expressions
– c) Confidentiality tags
– d) All of the above
Answer: d) All of the above
Explanation: All methods, including keywords, regular expressions, and confidentiality tags, can be used while creating a pattern in custom sensitive information type.
True or False: You can use any entity type when defining a custom sensitive information type.
– True
– False
Answer: False.
Explanation: You can only use entity types that are provided by Microsoft in their entities reference table when defining a custom sensitive information type.
In Microsoft 365, it is permitted to re-use the same pattern in different Sensitive Information types.
– a) True
– b) False
Answer: a) True.
Explanation: Microsoft 365 allows the reuse of the same pattern across different Sensitive Information types, as long as requirements permit.
What is necessary for creating a custom sensitive information type?
– a) Keyword dictionary
– b) Confidence level
– c) Support functions
– d) All of the above
Answer: d) All of the above.
Explanation: A keyword dictionary, confidence level, and support functions are all required to create a custom sensitive information type.
True or False: Exchange Online PowerShell cannot be used to manage sensitive information types.
– True
– False
Answer: False.
Explanation: Exchange Online PowerShell is an administrative tool that can be used to manage sensitive information types in Microsoft
Once created, a custom sensitive information type cannot be deleted.
– a) True
– b) False
Answer: b) False.
Explanation: A custom sensitive information type can be deleted if required, provided you have necessary permissions.
What is the maximum limit of custom sensitive information types that can be created in Microsoft 365?
– a) 500
– b) 800
– c) 1000
– d) No limit
Answer: b) 800
Explanation: A maximum of 800 custom sensitive information types can be created in Microsoft 365 under a single tenant.
Interview Questions
What is the purpose of Microsoft’s custom sensitive information types?
Microsoft’s custom sensitive information types allow admins to define a set of rules to identify unique sensitive data specific to their organization which is not covered by the pre-defined set of sensitive information types.
How can sensitive information types be classified in Microsoft Information Protection?
Sensitive Information Types can be classified using various identification methods such as keywords, pattern matches, regular expressions, checks for checksums or credit card Luhn algorithms, or specific dictionaries such as the U.S. Social Security Number (SSN) dictionary.
How many elements can a pattern contain in a custom information type?
A pattern in a custom sensitive information type can contain up to 10 elements.
Can confidence levels be set for sensitive information types?
Yes, confidence levels can be set for sensitive information types which represents the system confidence that the content matches the pattern of the defined sensitive information type.
What is the purpose of the grouping element in custom sensitive information types?
The grouping element in custom sensitive information types is used to find two or more expressions which must all be found in proximity to one another to constitute a match.
How do you test a custom sensitive information type in Microsoft 365?
A custom sensitive information type can be tested using the Test option in Microsoft 365 compliance center. The test option scans a document or text for any matches to the custom sensitive information type.
Can you use a dictionary for classification in a custom sensitive information type?
Yes, a dictionary can be used in classification. This helps in detecting sensitive data based on words or phrases from a dictionary specific to the sensitive info type.
What is the function of a validator in custom sensitive information types?
A validator in custom sensitive information types is used to perform additional checks or calculations on matches identified by patterns or keywords.
Can you adjust the proximity of elements in a match for a custom sensitive information type?
Yes. Using the maxDistance attribute, you can adjust the proximity of the elements in a match.
Can custom sensitive information types detect structured and unstructured data patterns?
Yes, custom sensitive information types can detect both structured and unstructured data patterns by defining different rules for each.
What is the role of regular expressions in custom sensitive information types?
Regular expressions (regex) are used to define a search pattern for sensitive information types. It can be used to find specific patterns in structured and unstructured data.
Are there any limits to the number of custom sensitive information types you can create?
Yes, you can create up to 500 custom sensitive information types per tenant.
Are there any limitations on the complexity of regex patterns used in custom sensitive information types?
Yes, regex patterns for sensitive information types cannot exceed 512 characters, and cannot use back-references.
Can the properties of a built-in sensitive information type be modified?
No, the properties of a built-in sensitive information type cannot be modified. But, you can create a custom sensitive information type based on the built-in type and modify the properties as required.
Can you use the same confidence level for multiple custom sensitive information types?
Yes, the same confidence level can be used across multiple custom sensitive information types. However, the overall accuracy of detection might vary depending on the nature and complexity of the patterns and information to be detected.
extutorials.com