Learn how to use Azure Information Protection labels to control user access permissions to sensitive files. Explore a scenario and test your understanding.
Table of Contents
Question
You have an Azure Active Directory (Azure AD) tenant named contoso1812.onmicrosoft.com that contains the users shown in the following table.
| Name | Username | Type |
|---|---|---|
| User1 | [email protected] | Member |
| User2 | [email protected] | Member |
| User3 | [email protected] | Member |
| User4 | [email protected] | Guest |
You create an Azure Information Protection label named Label1. The Protection settings for Label1 are configured as shown in the exhibit. (Click the Exhibit tab.)
Label1 is applied to a file named File1.
For each of the following statements, select Yes if the statement is true, Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
- User1 can print File1.
- User3 can read File1.
- User4 can print File1.
Answer
- User1 can print File1: Yes
- User3 can read File1: No
- User4 can print File1: No
Explanation
Based on the Azure Information Protection settings shown for Label1, here is what we can determine about the permissions each user has for File1:
Can User1 print File1? Yes Explanation: User1 is listed in the Users section and granted Co-Author permissions. Co-Author permissions include the ability to view, edit, copy and print the file.
Can User3 read File1? No Explanation: User3 is not listed anywhere in the permissions for Label1. Only User1 and User2 are explicitly granted permissions. So User3 has no access to File1.
Can User4 print File1? No Explanation: User4 has a username from an external domain (outlook.com) indicating they are a guest user, not part of the contoso1812.onmicrosoft.com tenant. Guest users are not granted any permissions by default. Since User4 is not explicitly listed in the permissions, they cannot access File1 at all, including printing it.
In summary, when an Azure Information Protection label is applied to a file, only users explicitly granted permissions via that label can access the file, with their access limited to the permission level specified (Viewer, Reviewer, Co-Author, Co-Owner). Users not listed are not able to access the file at all.
Microsoft AZ-500 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft AZ-500 exam and earn Microsoft AZ-500 certification.