HOTSPOT -
You have an Azure AD tenant named contoso.com that contains the devices shown in the following table.
All devices contain an app named App1 and are enrolled in Microsoft Intune.
You need to prevent users from copying data from App1 and pasting the data into other apps.
Which type of policy and how many policies should you create in Intune? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Here's how you can achieve this: Create an App Protection Policy: Create a new App Protection Policy in the Microsoft Endpoint Manager admin center. Configure Data Transfer Settings: Within the App Protection Policy, configure the settings related to data transfer. In your case, you would likely look for settings related to the clipboard or data sharing. Assign the Policy: Assign the App Protection Policy to the specific app (App1) on the targeted platforms (Windows, Android, and iOS). In this scenario, you should create one App Protection Policy per platform. So, you would create: One App Protection Policy for Windows. One App Protection Policy for Android. One App Protection Policy for iOS.
Answer is correct. I research all my answers before commenting.
- (1) Policy for Android Devices, (1) for iOS devices and (1) for Windows devices which will apply for Windows 10 and 11 simultaneously. 3 policies. All 3 policies (copy, paste, cut, etc) settings blocked.
Windows Information Protection can be configured under App Protection Policies and has been around for a while, it's going to be replaced with Purview Information Protection though. So three sounds right to me based on the amount of options in protection policies. https://learn.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure
Given answer is correct
Policy type: App protection policy Minimum number of policies: 1 Comprehensive Explanation of Correct Answer Only: The correct answer is app protection policy because it allows you to customize the settings of apps for iOS/iPadOS or Android devices1. One of the settings you can configure is Restrict cut, copy, and paste between other apps, which lets you prevent users from copying data from App1 and pasting the data into other apps2. You only need one policy to apply this setting to all devices that have App1 installed1. Reference: 1: App configuration policies for Microsoft Intune | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies- overview 2: Troubleshoot restricting cut, copy, and paste between applications - Intune | Microsoft Learn https://learn.microsoft.com/en-us/troubleshoot/mem/intune/app-protection- policies/troubleshoot-cut-copy-paste
You are wrong. Minimun number of policies is 3. Each win, android and ios need own policies.
Since it mentioned Intune apps, it implies apps possibly managed by Intune, so I am thinking 2 possible scenarios as to why it's 3 policies: 1) for enrolled, un-enrolled, and Windows devices or 2) for the different platforms (even though windows has Windows-Information Protection instead of Intune)
https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policies 3 App protection policies. You can only target one platform at a time. Check the screenshot, as they don't seem o explicitly state this in the documentation but is visible in the provided screenshot.
You need to create separate App Protection Policies for each platform to prevent users from copying data from App1 and pasting it into other apps. Here's the breakdown: Windows: One App Protection Policy Android: One App Protection Policy iOS: One App Protection Policy So, you need a total of three App Protection Policies. The correct selections are: Policy type: App protection policy Minimum number of policies: 3
prevent copy/paste/cut/print using App protection policy Minimum of one policy that can be applied across multiple platforms.
I think the number of policies is 2 because in the WIP Policy I cannot find an entry to prevent copy/paste between apps, I see this setting only in Android/iOS Policies. I saw other options about receiving data but that was something else. Well that's my take on it.
OK I finally found what I was looking for about WIP: Using protected apps. Managed apps (apps that you've included on the Protected apps list in your WIP policy) are allowed to access your enterprise data and will interact differently when used with unallowed, non-enterprise aware, or personal-only apps. For example, if WIP management is set to Block, your employees can copy and paste from one protected app to another protected app, but not to personal apps. Imagine an HR person wants to copy a job description from a protected app to the internal career website, an enterprise-protected location, but makes a mistake and tries to paste into a personal app instead. The paste action fails and a notification pops up, saying that the app couldn't paste because of a policy restriction. The HR person then correctly pastes to the career website without a problem. But I just could not find the option within the policy itself. So 3 Policies it is.
But why is the minimum 3?
should be two. for Android and IOS only. protection for Windows is something pretty new. still in preview
Should be 3, windows information protection is often called app protection policies. The exam isn’t already adjusted on the recently released Windows App Protection Policies for Edge only.
one for each platform
answer seems be correct. just beacuse We also have protection for Windows but this is in PREVIEW https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-windows
They are referring to Windows Information Protection, it is there for quite Some time already and de deprecation was already announced, take a look in your Intune portal under app protection politiek