GitBit
BlogFirst lesson
Sign Up

Question 4 of 7

Previous QuestionNext Question

Your organization has a Microsoft 365 tenant that's syncing the users and groups from an on-premises AD.

You've been asked to configure a new group that will be used for publishing sensitivity labels to pilot users. The group must contain only user accounts (excluding guest accounts). The membership of the group should be automatically updated.

Optional answers

A security group in your on-premises Active Directory Users and Computers

A security group in the Azure Active Directory admin center

A dynamic membership rule set to accountEnabled Equals true

A Microsoft 365 group in the Azure Active Directory admin center

A dynamic membership rule set to userType Equals Member

Correct answers

Membership criteria

correct answer here

What type of group should you create?

correct answer here

You can use any group type that has an email address. That includes a mail-enabled security group, a distribution group, or a Microsoft 365 group. You cannot use a security group because it doesn't have an email address.

You can set up a rule for dynamic membership on security groups or Microsoft 365 groups. The criteria should be set to userType -eq "Member"

https://www.gitbit.org/course/ms-500/learn/How-to-classify-data-using-labels-in-Microsoft-365-vLweLmxZf

https://docs.microsoft.com/en-us/azure/information-protection/prepare

Did you like the site?