Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Microsoft Discussions

Exam MS-500 topic 3 question 17 discussion

Actual exam question from Microsoft's MS-500
Question #: 17
Topic #: 3
[All MS-500 Questions]

You have a Microsoft 365 subscription.
Some users access Microsoft SharePoint Online from unmanaged devices.
You create a conditional access policy in Azure Active Directory.
You need to prevent the users from downloading, printing, and syncing files.
What should you do?

  • A. From the Microsoft Azure portal, create an Azure Active Directory (Azure AD) Identity Protection user risk policy.
  • B. From the Microsoft Azure portal, create an Azure Active Directory (Azure AD) conditional access policy.
  • C. From the SharePoint admin center, configure the Access control settings.
  • D. From the Microsoft Azure portal, create an Azure Active Directory (Azure AD) Identity Protection sign-in risk policy.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
As a SharePoint or global admin in Microsoft 365, you can use the Access control page of the SharePoint admin center or the Set-SPOTenant -
ConditionalAccessPolicy cmdlet to block or limit access to SharePoint and OneDrive content from unmanaged devices.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
1. Run the Set-SPOTenant cmdlet and specify the -ConditionalAccessPolicy parameter.
2. From the SharePoint admin center, configure the Access control settings.
Other incorrect answer options you may see on the exam include the following:
1. From the SharePoint admin center, configure the secure store settings.
2. From the Microsoft Azure portal, create an Azure AD Identity Protection user risk policy.
3. From the Microsoft 365 Compliance center, create a data loss prevention (DLP) policy.
Reference:
https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenant?view=sharepoint-ps https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices
by WMG at Aug. 11, 2021, 12:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
mkoprivnj
2 years, 4 months ago
Selected Answer: C
C is correct!
upvoted 3 times
...
hyve
2 years, 5 months ago
The answer is below and C is correct: https://docs.microsoft.com/en-US/sharepoint/control-access-from-unmanaged-devices#block-or-limit-access-to-specific-sharepoint-site-collections-or-onedrive-accounts
upvoted 3 times
...
WMG
2 years, 8 months ago
C is correct, but question is slightly confusing. Question says you create a CA policy in Azure. One of the answers is that you create a CA policy in Azure? Conditional Access is a AAD P1 license requirement; you cannot assume you have that ("a M365 subscription", not all M365 have CA), so C has to be the answer as that will always work for this specific purpose.
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel