Correct Answers: B and
E.
As A Solution Architect, you need to know which connectors you can block using DLP. Data Loss Prevention (DLP) policy prevents unintentional exposure of the organization’s data. You can create a Data Loss Prevention policy in the Power Platform admin center. By default, all connectors are in the Non-Business/Default group. You can move them into other groups depending on an organization’s needs. You can block almost all the connectors except Microsoft Enterprise Plan standard connectors and Core Power Platform connectors.
The list of Microsoft Enterprise Plan standard connectors includes around 20 connectors, like SharePoint, Microsoft Teams, Microsoft 365 Outlook, OneDrive for Business, Power Bi, etc. And the list of the Core Power Platform connectors includes Approvals, Notifications, Dataverse, Dataverse (current environment), and Power Apps Notifications. All these connectors are required for the Power Platform operations.
When you create a DLP policy and on the Assign connectors screen (Number 1) select the connectors, you need to pay attention to the Blockable column (Number 2) that provides information about the possibility of connection blocking.
/answer/imgckeditor_18.png)
Power Platform defines two scope levels for DLP policy application: a tenant and environment. Important to remember that the environment-level DLP policy cannot overwrite the tenant DLP policy. Options B and E are correct because you can block Salesforce and OneDrive connectors.
All other options are incorrect because you cannot block these connections.
For more information about DLP policy, please visit the below URLs:
https://docs.microsoft.com/en-us/learn/modules/model-security/3-data-loss-prevention
https://docs.microsoft.com/en-us/power-platform/admin/wp-data-loss-prevention#list-of-connectors-that-cant-be-blocked
https://docs.microsoft.com/en-us/power-platform/admin/create-dlp-policy
https://docs.microsoft.com/en-us/power-platform/admin/prevent-data-loss