You have a Microsoft 365 E5 subscription.
Users authorize third-party cloud apps to access their data.
You need to configure an alert that will be triggered when an app requires high permissions and is authorized by more than 20 users.
Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?
To configure an alert that will be triggered when an app requires high permissions and is authorized by more than 20 users, you should create an OAuth app policy in the Microsoft Defender for Cloud Apps portal. OAuth app policies are specifically designed to manage and control the permissions and access of third-party cloud apps that use OAuth to connect to your cloud services. This type of policy allows you to define rules based on various criteria, such as the app's permission level and the number of users who have authorized it, making it suitable for the given scenario.
The correct answer is B. OAuth app policy. An OAuth app policy is a type of policy that allows you to control the permissions and access of third-party apps that use OAuth to connect to your cloud apps, such as Microsoft 365, Google Workspace, and Salesforce. You can create an OAuth app policy based on various criteria, such as the app name, the permission level, the number of users who authorized the app, and the group memberships of those users. You can also set an alert action for the policy, which will notify you when an app meets the conditions you specified. For example, you can create an OAuth app policy that will alert you when there are apps that require a high permission level and are authorized by more than 20 users1.
An OAuth app policy allows you to manage and control the permissions granted to third-party cloud apps that users authorize to access their data. By creating an OAuth app policy in the Microsoft Defender for Cloud Apps portal, you can define specific rules and conditions for app permissions and access. Option B, OAuth app policy, is the most appropriate choice for this scenario, as it specifically focuses on managing the authorization and permissions of third-party cloud apps. You can configure the policy to trigger an alert when an app requires high permissions and is AUTHhorized by more than 20 users, allowing you to monitor and manage the app permissions in your Microsoft 365 environment.
Correct Answer: OAuth App Policy https://learn.microsoft.com/en-us/defender-cloud-apps/app-permission-policy
https://learn.microsoft.com/en-us/defender-cloud-apps/app-permission-policy In addition to the existing investigation of OAuth apps connected to your environment, you can set permission policies so that you get automated notifications when an OAuth app meets certain criteria. For example, you can automatically be alerted when there are apps that require a high permission level and were authorized by more than 50 users
Answer B. You can consult these docs and see the answer in the first paragraph https://learn.microsoft.com/en-us/defender-cloud-apps/app-permission-policy
Correct Answer B
B - OAuth Policy
In addition to the existing investigation of OAuth apps connected to your environment, you can set permission policies so that you get automated notifications when an OAuth app meets certain criteria. For example, you can automatically be alerted when there are apps that require a high permission level and were authorized by more than 50 users.
If everyone agrees that OAuth app policy is the correct answer, why does the solution then tell me the correct answer is D? Is there something i am missing here?
because this is examtopics
B. OAuth app policy
B. OAuth app policy: OAuth app policies in Microsoft Defender for Cloud Apps allow you to control and manage permissions and access granted to third-party cloud apps. You can define policies to monitor or block apps with specific permissions or behaviors. In this scenario, you want to monitor and set an alert condition for apps with high permissions and a certain level of user authorization. OAuth app policies are designed for this kind of control and monitoring.
B is the answer
https://learn.microsoft.com/en-us/defender-cloud-apps/app-permission-policy Reason :In addition to the existing investigation of OAuth apps connected to your environment, you can set permission policies so that you get automated notifications when an OAuth app meets certain criteria. For example, you can automatically be alerted when there are apps that require a high permission level and were authorized by more than 50 users.
B. OAuth app policy
This is from ChatGPT. To configure an alert that triggers when an app requiring high permissions is authorized by more than 20 users, you should create: **B. OAuth app policy** An **OAuth app policy** in Microsoft Defender for Cloud Apps is specifically designed to monitor and manage OAuth applications that are authorized by users to access their data. This policy allows you to detect and respond to apps that request high permissions and to set thresholds, such as the number of users who have authorized the app, triggering alerts when these thresholds are exceeded.
Answer B. OAuth app policy: An OAuth app policy in Microsoft Defender for Cloud Apps allows you to manage and control OAuth applications that request access to your organization's data. These policies enable you to: Investigate permissions: See which permissions each app requested and which users authorized them. Set automated notifications: Get alerts when apps meet certain criteria, such as requiring high permission levels or being authorized by many users. Approve or ban apps: Mark apps as approved or banned based on their permissions and usage. Banning an app disables its access to your organization's data