Exam MS-500 topic 2 question 21 discussion

1. Go to Security.microsoft.com 2. Navigate to Policies and Rules > Threat Policies > Safe Links. 3. In Global Settings 4. In the Block the following URLs section, type in *.fabrikam.com. 5. untick the checkbox labelled Do not track when users click safe links. 6. Click Save to save the changes.

Seems like you cant use Safe Linnks for this anymore. Microsoft moved this functionality to the Tenant Allow/Block List.

To implement a solution to manage when users select links in documents or email messages from Microsoft Office 365 ProPlus applications or Android devices and meet the specified requirements, you can use the Microsoft Defender for Office 365 service. Here are the steps to follow: Sign in to the Microsoft 365 portal (portal.office.com) using your administrator credentials. Navigate to the Microsoft Defender Security Center. In the Microsoft Defender Security Center, go to the "Threat management" or "Threat & Vulnerability Management" section, depending on your subscription. Configure Safe Links policies: a. In the appropriate section (e.g., Safe Links), create a new policy or edit an existing policy. b. Configure the policy to block access to the domain named "fabrikam.com". This will prevent users from accessing any links to that domain. c. Enable the option to store information when users select links. This will allow you to track and review user interactions with the links. Save and apply the policy.

In Microsoft 365 Defender Email & Collaboration Policies & Rules Threat policies Tenant Allow/Block Lists

The features provided by global settings for Safe Links are only applied to users who are included in active Safe Links policies. There is no built-in or default Safe Links policy, so you need to create at least one Safe Links policy in order for these global settings to be active.

You will need to set up at least one policy so that you can have the global settings applied to users. I've tested in my lab and there was no default policy indeed. "The features provided by global settings for Safe Links are only applied to users who are included in active Safe Links policies. There is no built-in or default Safe Links policy, so you need to create at least one Safe Links policy in order for these global settings to be active." https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-global-settings-for-safe-links?view=o365-worldwide#what-do-you-need-to-know-before-you-begin So for your policy, I guess you will need to pay attention to these two options. *Apply Safe Links to email messages sent within the organization: Select this setting to apply the Safe Links policy to messages between internal senders and internal recipients. *Do not track user clicks: Leave this setting unselected to enable the tracking user clicks on URLs in email messages.

The settings have been rearranged. Blocking URLs should now be done under "Global Settings", see https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-global-settings-for-safe-links?view=o365-worldwide