You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps and Conditional Access policies.
You need to block access to cloud apps when a user is assessed as high risk.
Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?
To block access to cloud apps when a user is assessed as high risk, the appropriate type of policy to create in the Microsoft Defender for Cloud Apps portal is an access policy. Access policies in Microsoft Defender for Cloud Apps provide real-time monitoring and control over access to cloud applications based on various factors such as user, location, device, and app. This allows you to enforce security measures like blocking access under certain risk conditions, which aligns with the requirement provided in the question.
Correct. A Microsoft Defender for Cloud Apps access policies enable real-time monitoring and control over access to cloud apps based on user, location, device, and app. https://learn.microsoft.com/en-us/defender-cloud-apps/access-policy-aad
Sign in to the Microsoft Defender for Cloud Apps portal. Click on the Access policies tab. Click Create policy.
Correct is A
A. access policy
A. access policy
bruh sheeple here in the comment section. Does anyone ever really look for the answer: Anomaly detection policies enable you to look for unusual activities on your cloud. Detection is based on the risk factors you set to alert you when something happens that is different from the baseline of your organization or from the user's regular activity
Anomaly detection doesn't "block" access, as the question is asking. It only generates reports.
the only reason why i will choose A is because "uses MS Defender for Cloud Apps AND CONDITIONAL ACCESS POLICIES" otherwise anomaly detection policy would suit better, and yes it can block users based on user risk in the Governance Actions section however anomaly detection policies dont really work with conditional access as far as i understand
the only reason why i will choose A is because "uses MS Defender for Cloud Apps AND CONDITIONAL ACCESS POLICIES" otherwise anomaly detection policy would suit better, and yes it can block users based on user risk in the Governance Actions section however anomaly detection policies dont really work with conditional access as far as i understand
Looks like answer A is it. While anomaly detection policies can include governance actions like suspending users or requiring password changes, they don't inherently block access to cloud apps based on user risk. For directly blocking access when a user is assessed as high risk, an access policy is more suitable because it allows you to enforce real-time access controls based on user risk levels.
A. The App Control policy you create as a prerequisite for a cloud app access policy can configured with the risk policies (Identity Protection) with the user risk set to 'high' and access control set to block instead of grant.
Sorry the Conditional Access Policy (App Control policy) you create as a prerequisite...
A. access policy: While anomaly detection policies can include governance actions like suspending users or requiring password changes, they don't inherently block access to cloud apps based on user risk1. For directly blocking access when a user is assessed as high risk, an access policy is more suitable because it allows you to enforce real-time access controls based on user risk levels2.