Your network contains an Active Directory domain. The domain contains 100 computers that run Windows 10. You need to prevent users and apps from accessing dangerous websites. What should you configure?
Microsoft Defender SmartScreen.
Explanation:
While it wasn't listed among the options, SmartScreen is the most appropriate tool for this specific task. Here's why:
Purpose:
It's specifically designed to protect against malicious websites and downloads.
It blocks access to known phishing sites, malware distributors, and other dangerous content.
It works proactively, filtering websites and downloads in real-time.
Central Management:
It can be centrally managed through Group Policy for domain-joined devices.
This ensures consistent protection across all 100 computers in the Active Directory domain.
The best option to prevent users and apps from accessing dangerous websites is to configure Microsoft Defender Application Guard.
Microsoft Defender Application Guard uses hardware isolation to open untrusted sites in a isolated container separate from the host operating system. This prevents malicious sites from infecting the host device.
It allows access to sites while protecting the host. Users can browse any site, while enterprise resources are kept secured.
Microsoft Defender Exploit Guard focuses more on intrusion prevention rather than isolating browsers.
Microsoft Defender Firewall and Microsoft Defender Application Control do not provide web isolation capabilities.
So Microsoft Defender Application Guard is the most targeted solution for protecting devices from malicious or dangerous websites by containing browser sessions away from the host OS and enterprise data.
Tough one, both Exploit Guard and Application Guard seem to be able to do the job.
Most info I could gather point to the Exploit Guard, so I'd go for that.
Application Guard only runs Edge in a virtual container. It doesn't prevent users and APPS from accessing dangerous websites.
You need Exploit Guard > Network filtering
Check the link:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/network-protection?view=o365-worldwide
Just re-read the question "You need to prevent users and apps from accessing dangerous websites." since it says "users and apps" i agree that it should be exploit guard.
My bad...
I believe this should be application Guard.
"What is Application Guard and how does it work?
For Microsoft Edge, Application Guard helps to isolate enterprise-defined untrusted sites, protecting your company while your employees browse the Internet."
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview
From the same article as above. I believe it's Application Guard. It prevents access to/from untrusted sites for both users and applications.
"For Microsoft Office, Application Guard helps prevents untrusted Word, PowerPoint and Excel files from accessing trusted resources. Application Guard opens untrusted files in an isolated Hyper-V-enabled container. "
This section is not available anymore. Please use the main Exam Page.MD-101 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
hawkens
Highly Voted 3 years, 6 months agoPiPe
3 years, 4 months agoNeilSays
Most Recent 1 year, 5 months agoNeilSays
1 year, 5 months agoModerator
3 years, 3 months agoletters1234
3 years, 4 months agotf444
3 years, 8 months agoRodrigoT
3 years, 2 months agoSaph69
3 years, 11 months agoSaph69
3 years, 11 months agodaonga
3 years, 10 months agoforummj
3 years, 5 months agoletters1234
3 years, 4 months agosgarj
3 years, 12 months ago