Examice

Exam MS-102 All QuestionsBrowse all questions from this exam

Question 125

Your company has a Microsoft 365 E5 subscription.

You onboard a device on the company's network to Microsoft Defender for Endpoint.

In the Microsoft 365 Defender portal, you notice that the device inventory displays many devices that have an Onboarding status of Can be onboarded.

You need to ensure that onboarded devices are prevented from polling the network for device discovery but can still discover devices with which they communicate directly.

What should you configure in the Microsoft 365 Defender portal?

standard discovery

device discovery exclusions

basic discovery

a network assessment job

Correct Answer: C

To ensure that onboarded devices do not poll the network for discovering other devices but can still discover devices with which they communicate directly, you should configure basic discovery. Basic discovery limits the devices to discover only those they directly communicate with, avoiding extensive network polling.

Discussion

netbwOption: C

C. Basic discovery https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide#discovery-methods

CfernandesOption: C

C esta correta.

IccenOption: B

To achieve the desired outcome of preventing onboarded devices from polling the network for device discovery while still allowing them to discover devices with which they communicate directly in the Microsoft 365 Defender portal, you should: B. Device discovery exclusions Explanation: By configuring device discovery exclusions, you can specify certain devices or ranges of IP addresses that should be excluded from the device discovery process. This allows you to prevent onboarded devices from indiscriminately polling the network for device discovery while still enabling them to discover devices with which they communicate directly. This approach provides a targeted solution to meet the specific requirements outlined in the scenario.

jt2214Option: C

It's C https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide#discovery-methods

Festus365Option: D

It could be D; A network assessment job

XylosSWOption: C

"In the Device Discovery settings, select Basic Device Discovery mode. This mode restricts the devices from polling the network to discover other devices. Instead, it allows devices to discover only those with which they directly communicate." Explanation: Standard Discovery: This mode might allow for broader network polling which doesn’t meet the requirement of limiting discovery to direct communications only. Device Discovery Exclusions: These settings are typically used to exclude specific devices or IP ranges from being discovered but don't inherently restrict onboarded devices from polling the network for discovery. ChatGPT 4-o says C

BossLGOption: C

I agree its C For further clarification read the FAQ https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery-faq?view=o365-worldwide

Amir1909Option: C

C is correct

VaeroxOption: D

I believe it's D. A basic or standard discovery will still scan for the entire network, the scan will just either be passive (less information, less network usage) or active (more information, more network usage). Please read the article below: https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/network-device-discovery-and-vulnerability-assessments/ba-p/2267548

RJTW070Option: A

AI says A: To prevent onboarded devices from polling the network for device discovery but still discover devices with which they communicate directly, you should configure the Standard discovery mode in the Microsoft Defender for Endpoint portal1. This mode allows endpoints to actively find devices in your network to enrich collected data and discover more devices - helping you build a reliable and coherent device inventory. In addition to devices that were observed using the passive method, standard mode also leverages common discovery protocols that use multicast queries in the network to find even more devices1. Summary: To prevent onboarded devices from polling the network for device discovery but still discover devices with which they communicate directly, you should configure the Standard discovery mode in the Microsoft Defender for Endpoint portal.

TheMCTOption: A

Standard discovery (recommended): This mode allows endpoints to actively find devices in your network to enrich collected data and discover more devices - helping you build a reliable and coherent device inventory. When Standard mode is enabled, minimal, and negligible network activity generated by the discovery sensor might be observed by network monitoring tools in your organization.

SesbriOption: B

For me it is B. See here for reference: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-device-discovery?view=o365-worldwide#exclude-devices-from-being-actively-probed-in-standard-discovery

Sas2003Option: B

I believe the correct answer is B. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide#discovery-methods

Sas2003

Oops I meant C