You have an Azure AD tenant and 100 Windows 10 devices that are Azure AD joined and managed by using Microsoft Intune.
You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the devices. The solution must minimize administrative effort.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
To configure Microsoft Defender Antivirus, you should create a device configuration profile and configure the Device restrictions settings. This allows you to set up various antivirus policies such as exclusions and scanning options. To configure Microsoft Defender Firewall, you should create a device configuration profile and configure the Endpoint protection settings, which lets you manage and apply firewall rules. Both methods facilitate centralized management via Microsoft Intune, minimizing administrative effort.
for firewall E: https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune for antiviurs D: https://learn.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10#microsoft-defender-antivirus
DE is the Answer D:Microsoft Defender Antivirus: Device config-Device Restrictions- It has 28-34 settings for Antivrus. E: Microsoft Defender Firewall- Device config- Endpoint Protection (Global settings, netwok settings, Firewall rules) I have cross checked the lab. THe Endpoint Protection does not have the option for MS Defender Antivirus.
Checked this in Intune and DE is the only correct aswer!
B and C are the correct answers : B. Creating a device configuration profile and configuring the Device restrictions settings allows you to manage the Microsoft Defender Firewall settings on your Azure AD joined Windows 10 devices through Microsoft Intune. This profile can help you configure and manage firewall rules and settings without the need for traditional Group Policy. C. Creating a device configuration profile and configuring the Endpoint protection settings allows you to manage Microsoft Defender Antivirus settings on your Azure AD joined Windows 10 devices through Microsoft Intune. This profile enables you to configure antivirus settings, exclusions, scanning options, and more, all while minimizing administrative effort.
I just checked in the Intune portal, but there is no Defender firewall component in Device restrictions. However in device restrictions IS a Defender AV option. I consider your answer as wrong. I am still going for DE
Answers are C & E. You can manage both with endpoint security configuration profile. I have confirmed this in my own tenant. Device Restriction is more about what length of password users should have etc.
D. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Device restrictions settings. Configure Microsoft Defender Antivirus using Device restrictions in Intune E. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Endpoint protection settings. Configure Microsoft Defender Firewall rules using Endpoint protection in Intune These selections ensure that the configurations for both Microsoft Defender Antivirus and Microsoft Defender Firewall are managed through Intune, aligning with the goal of minimizing administrative effort.
D&E are correct options. Tested in lab 2024/07
C and E you can configure both from the endpoint protection template
actually from enpoint protection you enable the antivirus rather than configuring, so for that you will need a device restrictions template.
Perplexity AI To configure Microsoft Defender Firewall and Microsoft Defender Antivirus on your Azure AD-joined Windows 10 devices managed by Microsoft Intune, and to minimize administrative effort, you should perform the following actions: To configure Microsoft Defender Antivirus: Create a device configuration profile and configure the Endpoint protection settings. This allows you to manage antivirus policies directly through Intune, which is streamlined for managing multiple devices in an enterprise environment. To configure Microsoft Defender Firewall: Create a device configuration profile and configure the Endpoint protection settings. This approach also leverages Intune's capabilities to manage firewall settings across all devices efficiently. Therefore, the correct answers are: C. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Endpoint protection settings. E. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Endpoint protection settings.
DE is 100% right. I have verified. Be relaxed.
BC is the answer Microsoft defender firewall is managed in device restrictions and AV in endpoint protection...the way you guys get lost is disturbing
To configure Microsoft Defender Firewall and Microsoft Defender Antivirus on your Azure AD-joined Windows 10 devices while minimizing administrative effort, you should perform the following actions: B. To configure Microsoft Defender Firewall: Create a device configuration profile in Microsoft Intune. Configure the Device restrictions settings within the profile. Specify the desired firewall rules and settings for your devices. C. To configure Microsoft Defender Antivirus: Create another device configuration profile in Microsoft Intune. Configure the Endpoint protection settings within the profile. This allows you to manage antivirus settings, exclusions, and other related configurations. By following these steps, you can effectively set up both Microsoft Defender Firewall and Microsoft Defender Antivirus without the need for additional Group Policy Objects (GPOs) or manual administrative tasks.
Answer is DE
Dumb question. C is also correct it seems: "Antivirus policies include the same settings as found endpoint protection or device restriction templates for device configuration policy. However, those policy types include additional categories of settings that are unrelated to Antivirus. ----->>>>> The additional settings can complicate the task of configuring Antivirus workload" https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-antivirus-policy correct me if im wrong, but fail to see how
AGREE WITH DE
D & E - Just checked in the Lab
Went through the intune admin center: - Firewall config is done via Endpoint Protection - Antivirus config is done via Device restrictions
O Antivirus é configurado dentro de Device Restrictions e não dentro de Endpoint Protection. Dentro de Endpoint Protection é possível configurar: Application Guard Firewall Defender Smart Screen Windows Encryption Defender Exploit Guard Defender Application Control Defender Credential Guard Defender Security Center Local device security Options XBox Services
Correct answer is DE, took the exam today and the 2 points for this.
Good for you, but MS/Pearson does'n reveal right answers after test. Or did you get 900 points? Doubting that...
that's what I thought about this, you can only know which topics you did well on but no way can you tell based on a question