MD-102 Exam QuestionsBrowse all questions from this exam
Go to Exam

MD-102 Exam - Question 365

HOTSPOT

-

You have a Microsoft 365 E5 subscription.

The subscription contains users that have devices onboarded to Microsoft Defender for Endpoint. Defender for Endpoint is configured to forward signals to Microsoft Defender for Cloud Apps.

Cloud Discovery identifies a risky web app named App1.

You need to block users from connecting to App1 from Microsoft Edge. Users must be able to bypass the restriction.

Which type of app tag should you use, and what should you configure to integrate Defender for Endpoint with Defender for Cloud Apps? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Exam MD-102 Question 365
Show Answer
Correct Answer:
Exam MD-102 Question 365

Discussion

3 comments
Sign in to comment
neothwin
Feb 27, 2025

Should be monitored

ExamBud
Feb 28, 2025

But it says: "You need to block users from connecting to App1 from Microsoft Edge. Users must be able to bypass the restriction.". If you monitor it, you're not blocking. Unsanctioned would block and users can bypass.

siheom
Mar 18, 2025

Given Answer is correct.

Alex1184
Apr 16, 2025

No doubt about Enforce App Access but if you want the user to be able to make a decision to access it, you must instead Warn and allow bypass rather than block. Allowing bypass is exclusive to Monitored, as can be seen in this screenshot: https://learn.microsoft.com/en-us/defender-cloud-apps/media/mde-govern/mda-custom-block-url-config.png#lightbox Technically, you could set up a custom app. tag that blocks it for some users but allows for others, but then it wouldn't be any of the answer options, and also the user wouldn't technically be required to make the decision to access, it would just go through without any interaction. So for me, it's Monitored.