You are an administrator for an international finance company.
You plan to deploy an Exchange Server 2013 organization.
The company’s compliance policy requires that all users be prevented from sending email messages
that contain more than one bank account number to external recipients.
You need to meet the compliance policy requirement.
What should you create?

A.
A data loss prevention (DLP) policy and a DLP policy rule

B.
A retention policy, a retention tag, and a Policy Tip

C.
A throttling policy and a throttling policy association

D.
A transport rule and a moderated mailbox

Explanation:
Sensitive Information Types in DLP Policies
When you create DLP policies, you can include rules that include checks for sensitive information.
The conditions that you establish within a policy, such as how many times something has to be
found before an action is taken or exactly what that action is can be customized within your new
custom policies in order to meet your business requirements. Sensitive information rules are
integrated with the transport rules framework by introduction of a condition that you can
customize: If the message contains…Sensitive Information. This condition can be configured with
one or more sensitive information types that are contained within the messages.