exam questions

Exam CSCP All Questions

View all questions & answers for the CSCP exam

Exam SC-100 topic 4 question 28 discussion

Actual exam question from APICS's CSCP
Question #: 28
Topic #: 1
[All CSCP Questions]

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.

The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.

You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.

Which security control should you recommend?

  • A. app registrations in Azure AD
  • B. application control policies in Microsoft Defender for Endpoint
  • C. app discovery anomaly detection policies in Microsoft Defender for Cloud Apps
  • D. Azure AD Conditional Access App Control policies
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Ramye
11 months ago
lol - same question 7 times
upvoted 4 times
...
theplaceholder
1 year, 2 months ago
the same question 3 times in a row? gg ET >_<
upvoted 1 times
...
zellck
1 year, 6 months ago
Same as Question 27. https://www.examtopics.com/discussions/microsoft/view/106549-exam-sc-100-topic-4-question-27-discussion
upvoted 1 times
...
zellck
1 year, 6 months ago
Selected Answer: B
B is the answer. https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager prevents malicious code from running by ensuring that only approved code, that you know, can be run. Application Control is a software-based security layer that enforces an explicit list of software that is allowed to run on a PC. On its own, Application Control doesn't have any hardware or firmware prerequisites. Application Control policies deployed with Configuration Manager enable a policy on devices in targeted collections that meet the minimum Windows version and SKU requirements outlined in this article. Optionally, hypervisor-based protection of Application Control policies deployed through Configuration Manager can be enabled through group policy on capable hardware.
upvoted 2 times
...
CarisB
1 year, 7 months ago
Duplicate
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...