You have a Microsoft 365 tenant.
You have devices enrolled in Microsoft Intune.
You assign a conditional access policy named Policy1 to a group named Group1. Policy1 restricts devices marked as noncompliant from accessing Microsoft OneDrive for Business.
You need to identify which noncompliant devices attempt to access OneDrive for Business.
What should you do?
To identify which noncompliant devices attempt to access OneDrive for Business, you should use the Conditional Access Insights and Reporting workbook from the Microsoft Entra admin center. This tool provides comprehensive insights into conditional access policies, allowing you to track access attempts and see detailed information on devices that were blocked due to noncompliance. Reviewing device compliance or noncompliant device reports in Intune alone won't provide the specific details about access attempts to OneDrive for Business, which is what is required in this scenario.
A. From the Microsoft Entra admin center, review the Conditional Access Insights and Reporting workbook. https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-insights-reporting
I don't understand why this is the answer. That report does not even mention device compliance, it provides information on user sign-ins. The question asks to review device compliance, not Conditional Access. The device compliance report would show you that information, answer B. https://learn.microsoft.com/en-us/mem/intune/fundamentals/reports
I stand corrected, I misunderstood the question.
C. From the Microsoft Intune admin center, review the Noncompliant devices report. By reviewing the Noncompliant devices report in the Intune admin center, you can identify devices that are marked as noncompliant and attempting to access Microsoft OneDrive for Business. This report provides details about device names, users, and specific compliance issues.
A totally agree
I think the question is very badly formed. (on purpose, of course) If you have OD enabled and configured, than yes, any device (including the non-compliants) will try to access it. If it is not, the non*compliant report will give you only info about which device cannot access, not about did that device try it at all...so no audit info available. So I would vote on "A".
If the question have ended at "You need to identify noncompliant devices", then B would have been correct. But you need to know which non-compliant device "Accessed OneDrive for Business". That can only be done by A. Also there is no such thing as "noncompliant device report" in MS Intune > Reports. Stop copying answers from ChatGPT and use your research and test tenants.
A. From the Microsoft Endpoint Manager admin center, review the Conditional Access Insights and Reporting workbook. The Conditional Access Insights and Reporting workbook provides comprehensive insights into the usage and effectiveness of conditional access policies. You can use it to review detailed information about device compliance status and access attempts, including any instances where noncompliant devices attempted to access OneDrive for Business. This will help you identify which devices are noncompliant and attempted access to OneDrive for Business, allowing you to take appropriate actions to remediate the compliance issues.
A is correct.
ChatGPT: To identify which noncompliant devices attempt to access OneDrive for Business after assigning a conditional access policy, you should **review the Noncompliant devices report** (option C) in the Microsoft Intune admin center. This report will provide you with details on devices that are marked as noncompliant, allowing you to see which devices are attempting to access OneDrive for Business and are being restricted by Policy1.
Under Intune Admin, under Devices\Reports there are many reports available, e.g.: Noncompliant devices and settings See each device that is not compliant with policy alongside the compliance policy settings these devices are not compliant with.
A IS CORRECT
https://learn.microsoft.com/en-us/entra/identity/conditional-access/howto-conditional-access-insights-reporting
To identify noncompliant devices that attempt to access OneDrive for Business, you should review the Device compliance report in the Microsoft Intune admin center. Option B is the correct choice. This report will provide information about the compliance status of devices and can help you identify which devices are noncompliant and attempting to access OneDrive for Business. and I think 'Conditional access insights and reporting workbook' is only possible in 'Azure' not in Microsoft Entra admin center'
https://entra.microsoft.com/ from here you can go to Conditional Access via the "Protection" menu element.