Exam MD-101 topic 5 question 14 discussion

Same question as in MS-100 Q31 Topic 1. 1. Correct, all Apps have still access, because "Silent" 2. App3 only

The apps that can open File1 are as follows: - **App1**: As a protected app, App1 can open File1 because it adheres to the Windows Information Protection (WIP) policy¹. - **App2**: As an exempt app, App2 can also open File1. Exempt apps are exempt from the WIP policy and can access corporate data without restrictions². However, **App3** will not be able to open File1. This is because it is neither a protected app nor an exempt app under the WIP policy, and therefore it won't have access to files created in App1¹². Please note that in silent mode, Windows Information Protection (WIP) doesn't block inappropriate data sharing, it just logs it¹. So, any attempts to open File1 from App3 will be logged. Source: Conversation with Bing, 9/25/2023

The apps that can open File1 are App1 and App2. Here’s why: App1 is listed as a protected app in the Windows Information Protection (WIP) policy, which means it can access enterprise data and open protected files. App2 is listed as an exempt app in the WIP policy. Exempt apps ignore the WIP policy and can open both protected and unprotected files. App3 is not listed in the WIP policy, so it cannot open protected files. Please note that this applies when the WIP mode is set to Silent An action will be logged when you attempt to open File1 from **App3**. Here's why: - **App1** is a protected app, so it can open protected files without triggering an audit event. - **App2** is an exempt app, so it can also open protected files without triggering an audit event. - **App3** is not listed in the Windows Information Protection (WIP) policy, so if it attempts to open a protected file, it will trigger an audit event¹. This is because WIP creates audit events in situations such as when data is marked as Work but shared to a personal app.

now it says protected apps app1 wth? so it should be app1 in this case

wth??? shouldn't it be app2? it says protected apps app2 so basically an event will be logged only when you try to open the file from app2. the policy doesn't say anything about app3 so why would an event be logged there?

Can someone please elaboprate as to why #2 is App 3 only?

Shouldn't the action be logged only from App3?

WIP runs silently, logging inappropriate data sharing, without blocking anything that would have been prompted for employee interaction while in Allow Override mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still stopped.

https://docs.microsoft.com/en-us/mem/intune/apps/windows-information-protection-policy-create