ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 355 discussion

Actual exam question from Microsoft's MS-102
Question #: 355
Topic #: 1
[All MS-102 Questions]

HOTSPOT
-

You have a Microsoft 365 E5 subscription.

The subscription contains users that have devices onboarded to Microsoft Defender for Endpoint. Defender for Endpoint is configured to forward signals to Microsoft Defender for Cloud Apps.

Cloud Discovery identifies a risky web app named App1.

You need to block users from connecting to Appl from Microsoft Edge. Users must be able to bypass the restriction.

Which type of app tag should you use. and what should you configure to integrate Defender for Endpoint with Defender for Cloud Apps? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by 7d01a47 at Oct. 23, 2024, 4:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JohnDoe47
Highly Voted 6 months, 3 weeks ago
App tag type: Monitored (Not unsanctioned. Unsanctioned in combination with Microsoft Defender for Endpoint blocks the app. https://learn.microsoft.com/en-us/defender-cloud-apps/governance-discovery#blocking-apps-with-built-in-streams "Monitored" is a soft block allowing users to bypass it. https://jeffreyappel.nl/warn-monitor-users-for-shadow-it-usage-with-cloud-app-security/ Integrate by configuring: Enforce App Access
upvoted 11 times
SummerK
2 months ago
JohnDoe is correct: The Monitored App tag helps track risky web apps. Configuring Enforce app access ensures that access to App1 is restricted but still allows for bypass options based on your configuration.
upvoted 2 times
...
BigO76
4 months, 1 week ago
also here https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#educate-users-when-accessing-risky-apps "Defender for Cloud Apps uses the built-in Monitored app tag to mark cloud apps as risky for use. The tag is available on both the Cloud Discovery and Cloud App Catalog pages. By enabling the integration with Defender for Endpoint, you can seamlessly warn users on access to monitored apps with a single click in the Defender for Cloud Apps portal."
upvoted 1 times
...
BJS78
4 months, 1 week ago
"Unsanctioned" is a hard block, no bypass possible, so only Monitoring (soft block, bypass possible) is the way to go.
upvoted 1 times
...
...
IvanDJ
Most Recent 1 month ago
Users must be able to bypass the restriction !!! - Monitored - Enforce app access
upvoted 1 times
...
7d01a47
7 months ago
App Tag Type: Unsanctioned Integrate by Configuration: Enforce app access
upvoted 3 times
indope94
5 months, 3 weeks ago
To block access to a risky web app using Microsoft Defender for Cloud Apps and Microsoft Defender for Endpoint, follow these steps: App Tag Type: Unsanctioned: Label the app as "Unsanctioned" to indicate that it is not approved for use within the organization. https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern?utm_source=chatgpt.com Configure Integration: In the Microsoft 365 Defender portal, go to Settings > Cloud Apps > Cloud Discovery > Microsoft Defender for Endpoint. Enable the Enforce app access option to block access to unapproved apps through Defender for Endpoint. https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern?utm_source=chatgpt.com
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel