Exam MS-500 topic 2 question 30 discussion

The answer is D, Create two machine groups. Machine groups in Microsoft Defender Security Center allow you to group computers together based on specific criteria. In this case, you can create two machine groups: one for the executives and one for all other users. You can then configure different remediation settings for each machine group. For the executives, you can configure the remediation settings to require manual approval by a Microsoft Defender for Endpoint administrator. For all other users, you can configure the remediation settings to occur automatically. Here are the steps on how to create two machine groups in Microsoft Defender Security Center: Go to the Machine groups page in the Microsoft Defender Security Center console. Click Create machine group. Enter a name and description for the machine group. Select the Executives check box. Click Create. Repeat steps 3-5 to create the Other users machine group. Once the machine groups are created, you can configure the remediation settings for each machine group.

In Microsoft Defender for Endpoint, you can create device groups and use them to: Limit access to related alerts and data to specific Azure AD user groups with assigned RBAC roles Configure different auto-remediation settings for different sets of devices Assign specific remediation levels to apply during automated investigations In an investigation, filter the Devices list to specific device groups by using the Group filter.

Simple is good.

D - Keep it simple!

D is correct!

Create two device groups, one for the rest and one group for the 20 computers that needs these specific settings. Groups are used to manage access to alerts, auto-remediation, remediation levels etc. https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/machine-groups?view=o365-worldwide

The answer is correct