Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam

Exam SC-200 topic 1 question 6 discussion

Actual exam question from Microsoft's SC-200
Question #: 6
Topic #: 1
[All SC-200 Questions]

DRAG DROP -
You open the Cloud App Security portal as shown in the following exhibit.

Your environment does NOT have Microsoft Defender for Endpoint enabled.
You need to remediate the risk for the Launchpad app.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/governance-discovery

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
hteams
Highly Voted 2 weeks, 6 days ago
The "source appliance" mentioned here is the Firewall or Proxy in use. The Block script is specific to the product in use. The block is done by the firewall / proxy . Hope this helps you can find the screenshots at this link https://docs.microsoft.com/en-us/defender-cloud-apps/governance-discovery
upvoted 19 times
...
iwhoelse
Highly Voted 1 year, 7 months ago
Answer as shown is correct
upvoted 6 times
...
g_man_rap
Most Recent 1 month, 2 weeks ago
Select the app. You need to identify and select the Launchpad app within your management interface to apply further actions. Tag the app as Unsanctioned. Marking the app as "Unsanctioned" identifies it as not allowed within the organization's environment, signaling that it should be blocked or restricted. Generate a block script. After tagging the app as unsanctioned, you generate a block script that can be used to enforce the blocking of the app across your network. Run the script on the source appliance. Finally, you deploy the block script to the relevant network appliance or gateway device to actively block the app's traffic and mitigate the associated risks.
upvoted 2 times
...
e072f83
5 months ago
select the app, Tag the app as Unsanctioned, Generate a block script, Run the script on the source appliance
upvoted 5 times
...
estyj
9 months, 1 week ago
In this case it says your environment does NOT have MS Defender for Endpoint enabled, so even if you tag app as unsanctioned it will not block but enables you to monitor its use with Cloud Discover filters. In this case you need to generate block script and for the network source appliance, firewall, proxy and import the file you created to your appliance to actually block the app.
upvoted 3 times
...
smanzana
11 months ago
It’s correct
upvoted 1 times
...
chepeerick
11 months, 3 weeks ago
This is correct
upvoted 1 times
...
tatendazw
1 year, 4 months ago
https://learn.microsoft.com/en-us/defender-cloud-apps/governance-discovery#block-apps-by-exporting-a-block-script
upvoted 3 times
...
Hami3191
2 years, 2 months ago
correct answer
upvoted 4 times
...
vijeet
2 years, 7 months ago
If your tenant uses Microsoft Defender for Endpoint, Zscaler NSS, or iboss, any app you mark as unsanctioned is automatically blocked by Defender for Cloud Apps, and the following sections regarding creating blocking scripts are unnecessary. For more information, see Integrate with Microsoft Defender for Endpoint, Integrate with Zscaler, and Integrate with iboss respectively.
upvoted 3 times
...
pedromonteirozikado
2 years, 8 months ago
The answer provided is correct.
upvoted 4 times
...
cloudster998
2 years, 8 months ago
After you've reviewed the list of discovered apps in your environment, you can secure your environment by approving safe apps (Sanctioned) or prohibiting unwanted apps (Unsanctioned) in the following ways.
upvoted 2 times
...
Qadir
3 years ago
On other websites they have mentioned as "TAG the app as sanctioned"
upvoted 1 times
AlaReAla
3 years ago
I differ with your opinion. it should be Unsanction. The above URL clearly says "You can unsanction a specific risky app by clicking the three dots at the end of the row. Unsanctioning an app doesn't block use, but enables you to more easily monitor its use with the Cloud Discovery filters."
upvoted 9 times
AlaReAla
3 years ago
Somehow I still have doubts whether it should be executed on Source appliance OR Azure Cloud Shell? Any thoughts will be helpful.
upvoted 1 times
zaqwsx
3 years ago
I will go with the source appliance, you need to create a script to block it on the endpoint
upvoted 3 times
felipe_g
2 years, 7 months ago
But it says that Ms Defender for Endpoint is not deployed
upvoted 2 times
Anko6116
1 year, 8 months ago
In the provided article it is stated clearly that you should run on source appliance. Section: Block apps by exporting a block script; step 5: "Import the file created to your appliance." https://learn.microsoft.com/en-us/defender-cloud-apps/governance-discovery
upvoted 2 times
...
...
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...