ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 1 question 10 discussion

Actual exam question from Microsoft's MS-500
Question #: 10
Topic #: 1
[All MS-500 Questions]

Your company has a Microsoft 365 subscription.
The company does not permit users to enroll personal devices in mobile device management (MDM).
Users in the sales department have personal iOS devices.
You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant.
The users must be prevented from backing up the app's data to iCloud.
What should you create?

  • A. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition
  • B. an app protection policy in Microsoft Endpoint Manager
  • C. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition
  • D. a device compliance policy in Microsoft Endpoint Manager
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by kiketxu at March 13, 2021, 10:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kiketxu
Highly Voted 4 years, 3 months ago
Given answer is correct. @Examtopic, here missing the references link https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy#:~:text=You%20can%20use%20Intune%20app,in%20a%20device%20management%20solution. https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy#benefits-of-using-app-protection-policies:~:text=Prevent%20the%20saving%20of%20company%20app%20data%20to%20a%20personal%20storage%20location
upvoted 25 times
joergsi
3 years, 4 months ago
Following the firrst link you will find: There are additional benefits to using MDM with App protection policies, and companies can use App protection policies with and without MDM at the same time. For example, consider an employee that uses both a phone issued by the company, and their own personal tablet. The company phone is enrolled in MDM and protected by App protection policies while the personal device is protected by App protection policies only.
upvoted 3 times
...
...
DarkAndy
Highly Voted 3 years ago
Valid on exam. Jun 10, 2022
upvoted 6 times
...
heshmat2022
Most Recent 2 years, 2 months ago
You can use Intune app protection policies independent of any mobile-device management (MDM) solution. This independence helps you protect your company's data with or without enrolling devices in a device management solution. By implementing app-level policies, you can restrict access to company resources and keep data within the purview of your IT department.
upvoted 1 times
...
heshmat2022
2 years, 2 months ago
B is correct You can use Intune app protection policies independent of any mobile-device management (MDM) solution. This independence helps you protect your company's data with or without enrolling devices in a device management solution. By implementing app-level policies, you can restrict access to company resources and keep data within the purview of your IT department.
upvoted 1 times
...
RomanV
2 years, 2 months ago
Option B is the correct answer. An app protection policy in Microsoft Endpoint Manager can help protect company data by applying data protection policies to apps. With app protection policies, you can apply settings to the Microsoft Power BI app on personal devices to ensure that data is protected. Specifically, you can prevent users from backing up app data to iCloud, while allowing them to access the Power BI data in your tenant.
upvoted 1 times
...
Jonclark
2 years, 4 months ago
Selected Answer: B
The requirement is specifically about blocking users from backing up data from the app to iCloud. This is accomplished with Intune App protection. Don't forget, though that app protection does not block these users from logging in with their web browser and copying data out. You can prevent this by adding a conditional access policy which only allows access through the app, which you have protected with your shiny new app protection policy.
upvoted 3 times
Santini
2 years, 4 months ago
lol "which you have protected with your shiny new app protection policy."
upvoted 1 times
...
...
ChachaChatra
2 years, 5 months ago
Valid on 28/01/23
upvoted 1 times
...
pete26
2 years, 8 months ago
Valid on exam October, 14 2022
upvoted 4 times
...
Daniel830
2 years, 9 months ago
B is the correct answer. It is not talking about access, so there is no need for a conditional access.
upvoted 1 times
...
Eltooth
2 years, 11 months ago
Selected Answer: B
B is correct answer.
upvoted 2 times
...
Ferrix
3 years, 4 months ago
Selected Answer: B
Correct
upvoted 3 times
...
Fearless90
3 years, 7 months ago
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy#benefits-of-using-app-protection-policies:~:text=Prevent%20the%20saving%20of%20company%20app%20data%20to%20a%20personal%20storage%20location App protection policies makes sure that the app-layer protections are in place. For example, you can: Require a PIN to open an app in a work context Control the sharing of data between apps Prevent the saving of company app data to a personal storage location
upvoted 1 times
...
mkoprivnj
3 years, 7 months ago
Selected Answer: B
I go with B.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel