ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 5 question 46 discussion

Actual exam question from Microsoft's MS-100
Question #: 46
Topic #: 5
[All MS-100 Questions]

HOTSPOT -
Your network contains an Active Directory domain named contoso.com. The domain contains the file servers shown in the following table.

A file named File1.abc is stored on Server1. A file named File2.abc is stored on Server2. Three apps named App1, App2, and App3 all open files that have the
.abc file extension.
You implement Windows Information Protection (WIP) by using the following configurations:
✑ Exempt apps: App2
✑ Protected apps: App1
✑ Windows Information Protection mode: Block
✑ Network boundary: IPv4 range of 192.168.1.1-192.168.1.255
You need to identify the apps from which you can open File1.abc
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: Yes.
App1 is a protect app in the Windows Information Protection policy. File1 is stored on Server1 which is in the Network Boundary defined in the policy. Therefore, you can open File1 in App1.
Box 2: Yes.
App2 is exempt in the Windows Information Protection policy. The protection mode in the policy is block so all apps that are not included in the policy cannot be used to open the fileג€¦ except for exempt apps. Therefore, you can open File1 in App2.
Box 3: No.
The protection mode in the policy is block so all apps that are not included in the policy as protected apps or listed as exempt from the policy cannot be used to open the file. Therefore, you cannot open File from in App3.
Reference:
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure
by painkillers at Jan. 7, 2020, 10:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Asser
Highly Voted 5 years, 3 months ago
Protected apps: These apps are the apps that need to adhere to this policy. Exempt apps: These apps are exempt from this policy and can access corporate data without restrictions. --> Given answer seems to be correct
upvoted 15 times
minajahan
5 years, 3 months ago
Windows Information Protection mode: Block and App1 is a protected app... so answer for 1st option should be "NO" since access of App1 to File1.abc should be blocked...?
upvoted 1 times
FableFa
4 years, 11 months ago
yes but Server 1 is in the network boundary and then consiodered as "enterprise data" -> answer 1 is YES
upvoted 4 times
...
...
...
moh15
Highly Voted 4 years, 11 months ago
Ans. Is Correct
upvoted 6 times
...
Eggsamine
Most Recent 3 years, 7 months ago
MS-101?
upvoted 4 times
...
marco12345678
4 years, 2 months ago
why is app3 no
upvoted 2 times
Razuli
4 years ago
Because of the block rule and the app not being in policy I think
upvoted 1 times
chaoscreater
3 years, 11 months ago
Everytime I see your comment, it's absolutely incorrect. Don't bother commenting if you're unsure, it just misleads others and we have enough idiots here as it is. The answer is because App3 is accessing File1.abc, which is stored on Server1. Server 1 is included in the network boundary of the policy and therefore the policy applies.
upvoted 11 times
...
...
...
mkoprivnj
4 years, 5 months ago
Yes, Yes, No!
upvoted 3 times
Gresch123123
3 years, 2 months ago
for sure
upvoted 3 times
...
...
Mary_Yvette
5 years, 2 months ago
Using protected apps. Managed apps (apps that you've included on the Protected apps list in your WIP policy) are allowed to access your enterprise data and will interact differently when used with unallowed, non-enterprise aware, or personal-only apps. For example, if WIP management is set to Block, your employees can copy and paste from one protected app to another protected app, but not to personal apps.
upvoted 1 times
...
Infinity
5 years, 2 months ago
Shouldn't App3 can open file1.abc as the WIP is not applied on it?
upvoted 2 times
MerryWeasel
4 years, 4 months ago
Given answer seems to be correct, Y - Y - N. Explanation: Protected apps - These apps are the apps that need to comply with policy. Exempt apps: These apps are exempt from this policy and can access corporate data without any restrictions. As for App3: "Managed apps and restrictions. With WIP you can control which apps can access and use your enterprise data. After adding an app to your protected apps list, the app is trusted with enterprise data. All apps not on this list are stopped from accessing your enterprise data, depending on your WIP management-mode." Since App3 is not on WIP list it cannot access the corporate data. References: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip#why-use-wip
upvoted 7 times
...
...
painkillers
5 years, 5 months ago
I think app1 cannot open file1.abc in app1. File1.abc is in the network boundary, the protection mode is "block". Can someone let me know?
upvoted 5 times
Sisko
5 years, 4 months ago
I agree with you. Why is App1 a yes?
upvoted 1 times
steven1
5 years, 4 months ago
Because App3 is not included in the WIP label.
upvoted 1 times
...
...
ExamStudy68
5 years, 4 months ago
I think the network boundary is where apps CAN access the data - see this link about half way down https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure
upvoted 3 times
...
Davidf
5 years ago
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip "if WIP management is set to Block, your employees can copy and paste from one protected app to another protected app, but not to personal apps." It's not referring to blocking the file being opened, but where data can be copied to
upvoted 3 times
...
FableFa
4 years, 11 months ago
Will BLOCK only personal data. As this is in network boundary, it is considered as "enterprise data" - Answer 1 is YES correct
upvoted 1 times
...
Load full discussion...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel