Skip to content

Commit 4b013f5

Browse files
authored
Merge pull request #54081 from ceperezb/CEPEREZB-sc900-describe-priva-trust-portal
update module
2 parents 85baa8b + ec0477b commit 4b013f5

8 files changed

Lines changed: 76 additions & 50 deletions

File tree

learn-pr/wwl-sci/describe-compliance-management-capabilities-microsoft/5-knowledge-check.yml

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -18,38 +18,38 @@ quiz:
1818
title: "Check your knowledge"
1919
questions:
2020

21-
- content: "When browsing Microsoft compliance documentation in the Service Trust Portal, you have found several documents that are specific to your industry. What is the best way of ensuring you keep up to date with the latest updates?"
21+
- content: "A compliance team wants to receive an email notification whenever Microsoft updates a specific document on the Service Trust Portal. What should they do?"
2222
choices:
23-
- content: "Save the documents to your My Library."
23+
- content: "Save the document to My Library and enable notification settings."
2424
isCorrect: true
25-
explanation: "Correct. Saving the document to the My Library section of the Service Trust Portal, will ensure you have the latest updates."
26-
- content: "Print each document so you can easily refer to them."
25+
explanation: "Correct. Adding a document to My Library and configuring notification settings sends an email whenever Microsoft updates that document, including a link and brief description of the update."
26+
- content: "Download the document and periodically check the Service Trust Portal for a newer version."
2727
isCorrect: false
28-
explanation: "Incorrect. Printing the document doesn't ensure you have the latest updates."
29-
- content: "Download each document."
28+
explanation: "Incorrect. Downloading the document doesn't provide automatic notifications about updates."
29+
- content: "Submit a support request to Microsoft asking to be notified of document updates."
3030
isCorrect: false
31-
explanation: "Incorrect. Downloading the document doesn't ensure you have the latest updates."
31+
explanation: "Incorrect. The My Library notification feature in the Service Trust Portal handles document update notifications automatically, without requiring a support request."
3232

33-
- content: "Microsoft's approach to privacy is built on six principles: Three of the principles are strong legal protections for privacy, no content-based targeting, and benefits to customers from any data we collect. Identify the three other principles that are part of Microsoft's approach to privacy."
33+
- content: "A law enforcement agency submits a request directly to Microsoft for a commercial customer's data. What does Microsoft's data defense commitment specify will happen?"
3434
choices:
35-
- content: "Customer control, transparency, and security."
35+
- content: "Microsoft will scrutinize the request for legal validity, promptly notify the customer where legally permitted, and direct the requesting party to seek the data directly from the customer."
3636
isCorrect: true
37-
explanation: "Correct. The foundation of Microsoft's approach to privacy is built on the following six principles: customer control, transparency, security, strong legal protections for privacy, no content-based targeting, and benefits to customers from any data we collect."
38-
- content: "Shared responsibility, transparency, and security."
37+
explanation: "Correct. Microsoft's data defense commitment states that it won't give any government direct or unfettered access to customer data. Microsoft scrutinizes all government demands, notifies the customer where legally permitted, and directs the requesting party to seek the data directly from the customer."
38+
- content: "Microsoft will immediately comply with the request and provide the data to the law enforcement agency."
3939
isCorrect: false
40-
explanation: "Incorrect. The shared responsibility model identifies which security tasks are handled by the cloud provider, and which security tasks are handled by you, the customer."
41-
- content: "Customer control, transparency, and zero trust."
40+
explanation: "Incorrect. Microsoft doesn't give governments direct or unfettered access to customer data. It scrutinizes requests and will challenge those that aren't legally valid."
41+
- content: "Microsoft will refuse the request under any circumstances because government data requests are never permitted."
4242
isCorrect: false
43-
explanation: "Incorrect. Although zero trust is a model employed by Microsoft, it's not one of the privacy principles. The privacy principles include security more broadly. The general principles that represent Microsoft's approach to privacy are customer control, transparency, security, strong legal protections for privacy, no content-based targeting, and benefits to customers from any data we collect."
44-
45-
- content: A company needs to handle inquiries about personal data that they have collected, as per certain privacy regulations. Which Priva solution should they implement?
43+
explanation: "Incorrect. Microsoft will disclose data when required by law. However, it scrutinizes all government demands to ensure they're legally valid and appropriate, and notifies customers where legally permitted."
44+
45+
- content: "An organization's data privacy team identifies that some internal sites in their Microsoft 365 environment are accessible to far more users than necessary. Which Microsoft Priva Privacy Risk Management policy type is designed to detect and help remediate this issue?"
4646
choices:
47-
- content: Priva Privacy Assessments
47+
- content: "Data overexposure policy"
48+
isCorrect: true
49+
explanation: "Correct. Data overexposure policies detect situations in which data is insufficiently secured—such as when access to an internal site is open to too many people—and provide remediation options such as making content private or notifying content owners."
50+
- content: "Data transfer policy"
4851
isCorrect: false
49-
explanation: Incorrect. Priva Privacy Assessments automates the discovery, documentation, and evaluation of personal data use across the entire data estate.
50-
- content: Priva Consent Management
52+
explanation: "Incorrect. Data transfer policies monitor for transfers between different world regions, departments, or outside the organization. They don't address excessive access permissions on internal sites."
53+
- content: "Data minimization policy"
5154
isCorrect: false
52-
explanation: Incorrect. Priva Consent Management is used for streamlining the management of consented personal data.
53-
- content: Priva Subject Rights Requests
54-
isCorrect: true
55-
explanation: Correct. Priva Subject Rights Requests helps handle inquiries about personal data that companies have collected.
55+
explanation: "Incorrect. Data minimization policies look for data that has been stored for at least a certain length of time, to help manage ongoing storage practices. They don't address access permission issues."

learn-pr/wwl-sci/describe-compliance-management-capabilities-microsoft/includes/1-introduction.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11

2-
Microsoft Cloud services are built on a foundation of trust, security, and compliance. The Microsoft Service Trust Portal provides a variety of content, tools, and other resources about Microsoft security, privacy, and compliance practices.
2+
Microsoft Cloud services are built on a foundation of trust, security, and compliance. The Microsoft Service Trust Portal provides content, tools, and other resources about Microsoft security, privacy, and compliance practices.
33

44
Microsoft also helps organizations meet their privacy requirements, with Microsoft Priva. Priva helps organizations safeguard personal data and build a privacy-resilient workplace.
55

6-
In this module you'll learn about the Service Trust Portal and resources it provides, including audit reports, security assessments, and compliance guides that enable organizations to manage compliance. You'll learn about Microsoft's commitment to privacy and its privacy principles. Lastly, you'll learn about Microsoft Priva, which helps organizations meet their privacy goals.
6+
In this module, you learn about the Service Trust Portal and resources it provides, including audit reports, security assessments, and compliance guides that enable organizations to manage compliance. You learn about Microsoft's commitment to privacy and its privacy principles. Lastly, you learn about Microsoft Priva, which helps organizations meet their privacy goals.
77

88
After completing this module, you'll be able to:
99

learn-pr/wwl-sci/describe-compliance-management-capabilities-microsoft/includes/2-describe-service-trust-portal.md

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11

2-
The Microsoft Service Trust Portal provides a variety of content, tools, and other resources about how Microsoft cloud services protect your data, and how you can manage cloud data security and compliance for your organization.
2+
The Microsoft Service Trust Portal provides content, tools, and other resources about how Microsoft cloud services protect your data, and how you can manage cloud data security and compliance for your organization.
33

44
The Service Trust Portal (STP) is Microsoft's public site for publishing audit reports and other compliance-related information associated with Microsoft’s cloud services. STP users can download audit reports produced by external auditors and gain insight from Microsoft-authored whitepapers that provide details on how Microsoft cloud services protect your data, and how you can manage cloud data security and compliance for your organization.
55

66
### Accessing the Service Trust Portal
7-
To access some of the resources on the Service Trust Portal, you must log in as an authenticated user with your Microsoft cloud services account (Microsoft Entra organization account) and review and accept the Microsoft non-disclosure agreement for Compliance Materials.
7+
To access some of the resources on the Service Trust Portal, you must sign in as an authenticated user with your Microsoft cloud services account (Microsoft Entra organization account).
88

99
### Service Trust Portal Content Categories
1010
The Service Trust Portal landing page includes content that is organized into the following categories:
@@ -18,17 +18,17 @@ The Service Trust Portal landing page includes content that is organized into th
1818

1919
As users navigate to content in the different categories, selecting the Service Trust Portal link at the top of the page provides a quick way to get back to the home page.
2020

21-
:::image type="content" source="../media/stp-top-navigation.png" alt-text="Screenshot of the Service Trust Portal link at the top of the home page.":::
21+
:::image type="content" source="../media/stp-top-navigation.png" lightbox="../media/stp-top-navigation.png" alt-text="Screenshot of the Service Trust Portal link at the top of the home page.":::
2222

23-
#### Certifications, Regulations and Standards
23+
#### Certifications, Regulations, and Standards
2424

2525
The certification, regulations, and standards section of the STP provides a wealth of security implementation and design information with the goal of making it easier for you to meet regulatory compliance objectives by understanding how Microsoft Cloud services keep your data secure.
2626

27-
:::image type="content" source="../media/stp-certifications-standards.png" alt-text="Screenshot of the tiles available in the certifications, regulations, and standards section of the Service Trust Portal home page.":::
27+
:::image type="content" source="../media/stp-certifications-standards.png" lightbox="../media/stp-certifications-standards.png" alt-text="Screenshot of the tiles available in the certifications, regulations, and standards section of the Service Trust Portal home page.":::
2828

29-
Selecting a tile will provide a list of available documents, including a description and when it was last updated. The screenshot that follows shows some of the documents available by selecting the ISO/IEC tile.
29+
Selecting a tile provides a list of available documents, including a description and when it was last updated. The screenshot that follows shows some of the documents available by selecting the ISO/IEC tile.
3030

31-
:::image type="content" source="../media/stp-iso-iec.png" alt-text="Screenshot of the list of documents available by selecting the ISO/IEC tile.":::
31+
:::image type="content" source="../media/stp-iso-iec.png" lightbox="../media/stp-iso-iec.png" alt-text="Screenshot of the list of documents available by selecting the ISO/IEC tile.":::
3232

3333
#### Reports, Whitepapers, and Artifacts
3434

@@ -39,7 +39,7 @@ This section includes general documents relating to the following categories:
3939
- Privacy and Data Protection - Privacy and Data Protection Resources
4040
- FAQ and Whitepapers - Whitepapers and answers to frequently asked questions
4141

42-
:::image type="content" source="../media/stp-reports.png" alt-text="Screenshot that shows the tiles available in the reports, whitepapers, and artifacts section of the Service Trust Portal home page.":::
42+
:::image type="content" source="../media/stp-reports.png" lightbox="../media/stp-reports.png" alt-text="Screenshot that shows the tiles available in the reports, whitepapers, and artifacts section of the Service Trust Portal home page.":::
4343

4444
#### Industry and Regional Resources
4545

@@ -51,18 +51,18 @@ This section includes documents that apply to the following industries and regio
5151
- United States Government - Resources exclusively for US Government customers
5252
- Regional Resources - Documents describing compliance of Microsoft's online services with various regional policies and regulations
5353

54-
:::image type="content" source="../media/stp-industry-regions.png" alt-text="Screenshot of the tiles available in the reports, whitepapers, and artifacts section of the Service Trust Portal home page.":::
54+
:::image type="content" source="../media/stp-industry-regions.png" lightbox="../media/stp-industry-regions.png" alt-text="Screenshot of the tiles available in the reports, whitepapers, and artifacts section of the Service Trust Portal home page.":::
5555

5656
#### Resources for your Organization
5757
This section lists documents applying to your organization (restricted by tenant) based on your organization’s subscription and permissions.
5858

59-
:::image type="content" source="../media/stp-organization-resources.png" alt-text="Screenshot showing tiles available in the resources for your organization section of the Service Trust Portal home page.":::
59+
:::image type="content" source="../media/stp-organization-resources.png" lightbox="../media/stp-organization-resources.png" alt-text="Screenshot showing tiles available in the resources for your organization section of the Service Trust Portal home page.":::
6060

6161
### My Library
6262
Use the My Library feature to add documents and resources on the Service Trust Portal to your My Library page. This lets you access documents that are relevant to you in a single place. To add a document to your My Library, select the ellipsis (...) menu to the right of a document and then select Save to library.
6363

6464
Additionally, the notifications feature lets you configure your My Library so that an email message is sent to you whenever Microsoft updates a document that you've added to your My Library. To set up notifications, go to your My Library and select Notification Settings. You can choose the frequency of notifications and specify an email address in your organization to send notifications to. Email notifications include links to the documents that have been updated and a brief description of the update.
6565

66-
If a document is part of a series, you'll be subscribed to the series, and will receive notifications when there's an update to that series.
66+
If a document is part of a series, you're subscribed to the series, and receive notifications when there's an update to that series.
6767

68-
:::image type="content" source="../media/stp-my-library.png" alt-text="Screenshot of the documents listed in the My Library page.":::
68+
:::image type="content" source="../media/stp-my-library.png" lightbox="../media/stp-my-library.png" alt-text="Screenshot of the documents listed in the My Library page.":::

0 commit comments

Comments
 (0)