Exam SC-300 topic 3 question 59 discussion

If you're working with a non-Microsoft IdP, make sure that you've also configured your IdP to work with Microsoft Defender for Cloud Apps. SSO or SAML2 are required first on the app.

Zonder traffic forwarding is er geen sessiecontrole mogelijk.

Answer is B: Even if you leave out the need for the session policy, it still applies. Why Configure SSO First? Prerequisite for Session Control: Configuring SSO is a necessary step to onboard the app to Conditional Access app control, which is required for implementing session control policies. Streamlined Access: SSO simplifies user access and ensures that the app is integrated with Microsoft Entra ID, enabling you to apply session policies effectively. Why Not the Other Options? A. Configure Cloud Discovery: Cloud discovery helps identify and monitor cloud apps but does not directly enable session control policies. C. Create an OAuth App Policy: OAuth app policies are useful for managing permissions but are not the first step in onboarding an app for session control. D. Configure a Traffic Forwarding Profile: Traffic forwarding profiles are related to network traffic management and are not directly involved in onboarding apps for session control

A. No. Cloud discovery analyzes your traffic logs against the Microsoft Defender for Cloud Apps catalog of over 31,000 cloud apps. B. Yes. When you use Single Sign-On (SSO) for a third-party SaaS application, you can implement session control policies through your identity provider (IdP), C. No. An OAuth app policy is primarily used to manage application permissions and access levels, not session management. D. No. A traffic forwarding profile determines which traffic to route through Global Secure Access.

Its B chatgpt