Exam SC-300 topic 2 question 106 discussion

Also going with answer C. Research below OAuth App Policies: Purpose: Specifically designed to monitor and control permissions requested by OAuth apps. Capabilities: Allow you to investigate which permissions each app requested and which users authorized them. You can also set automated notifications for apps that meet certain criteria, and mark apps as approved or banned. Focus: Provides detailed insights into third-party app permissions and user authorizations, ensuring you have visibility and control over these apps. Access Policies: Purpose: Control access to cloud apps based on user, location, device, and app conditions. Capabilities: Provide real-time monitoring and control over access to cloud apps. Focus: More general control over access to cloud apps, not specifically tailored to monitoring OAuth app permissions. Given your need to monitor third-party apps specifically, OAuth app policies offer more targeted and detailed monitoring capabilities.

You have a Microsoft 365 subscription that uses Microsoft Defender for Cloud Apps. You have multiple third-party apps that access the resources in the subscription. You need to monitor the access of the third-party apps. What should you create? A. an access policy B. an app permission policy C. an OAuth app policy D. an endpoint protection policy To monitor the access of third-party apps in your Microsoft 365 subscription using Microsoft Defender for Cloud Apps, you should create an OAuth app policy2. This policy helps you manage and monitor the permissions granted to third-party apps, ensuring that only the necessary permissions are granted and unused permissions are identified and removed. If you have any other questions or need further assistance, feel free to ask!