Exam MD-102 All QuestionsBrowse all questions from this exam
Go to Exam
Question 23

DRAG DROP -

You have a Microsoft 365 subscription that includes Microsoft Intune.

You need to implement a Microsoft Defender for Endpoint solution that meets the following requirements:

Enforces compliance for Defender for Endpoint by using Conditional Access

Prevents suspicious scripts from running on devices

What should you configure? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

    Correct Answer:

Discussion
JP1900

Without an Intune connection, how can the policies apply? The original answer is correct.

MR_Eliot

Enforces compliance for Defender for Endpoint by using Conditional Access - A Device Restriction policy. After which you can configure conpliance policu, and conditional access policy to disallow non-compliant devices. Prevents suspicious scripts from running on devices - An attack surface reduction. Trust me on this. I do this a lot!

MR_Eliot

Btw, intune connection is required for Microsoft Defender integaration and Intune. So that answer is totally not correct!

7798da3

I believe your logic but the Microsoft practice tests do the same thing connection before policy these exams are so convoluted. LOL

VirtualJP

I believe this answer to be correct

mail2bala3011

Seems like the answer is correct: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-conditional-access?view=o365-worldwide

krzysztofbr

You are wrong Intune connection doesn't enforce antyhing

Futfuyfyjfj

No you are wrong compliance policy checks are device checkin dependent. Although this answer is not very well specified, its still the best one: https://learn.microsoft.com/en-us/mem/intune/configuration/device-profile-troubleshoot

iTomi

Question is "what should you configure?" Based on this you start configuration creating connections between defender and intune. https://learn.microsoft.com/fi-fi/mem/intune/protect/advanced-threat-protection-configure

krzysztofbr

the second part about ASR seems correct but enforces comliance "intune connection" it should be security baseline i guess. this is set off seetings relevant for compliance requirements

Futfuyfyjfj

I agree the answer is vague, but Intune enforces online compliance checks. Therefore an active intune connection is required. So Intune connection here is the best of the worst I guess. https://learn.microsoft.com/en-us/mem/intune/configuration/device-profile-troubleshoot

NoursBear

Configure Microsoft Defender for Endpoint in Intune Sign-in to the Microsoft 365 Defender portal – https://security.microsoft.com/ Select Settings > Endpoints > Advanced features > enable Microsoft Intune connection. https://support.blackpointcyber.com/article/125-microsoft-intune-defender-for-endpoint-setup-guide

OyYaGotta

This comment explains the vague "an Intune Connection" answer. It's within the 365 Defender Portal. Unusual that the answers are this vague so best to take the literally.

SaiK1234

The original answer is correct. Establish a connection and then you can enforce. second is ASR

Amir1909

Correct

iTomi

This is strange and tricky question, but I would choose "an intune connection" and ASR. If you go to Intune -> Endpoint security -> Microsoft Defender for Endpoint -> Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations You need to create connection between Intune and Defender before you can use it.

iTomi

https://learn.microsoft.com/fi-fi/mem/intune/protect/advanced-threat-protection-configure Use the information and procedures in this article to configure integration of Microsoft Defender for Endpoint with Intune. CONFIGURATION INCLUDES THE FOLLOWING GENERAL STEPS: - Establish a service-to-service connection between Intune and Microsoft Defender for Endpoint. - Use Intune policy to onboard devices with Microsoft Defender for Endpoint. You onboard devices to configure them to communicate with Microsoft Defender for Endpoint and to provide data that helps assess their risk level. - Use Intune device compliance policies to set the level of risk you want to allow. Microsoft Defender for Endpoint reports a devices risk level. - Use a conditional access policy to block users from accessing corporate resources from devices that are noncompliant. - Use app protection policies for Android and iOS/iPadOS, to set device risk levels.