ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam PL-600 All Questions

View all questions & answers for the PL-600 exam
Go to Exam

Exam PL-600 topic 2 question 18 discussion

Actual exam question from Microsoft's PL-600
Question #: 18
Topic #: 2
[All PL-600 Questions]

HOTSPOT -
A company is creating a Power Platform solution to manage employees.
The company has the following requirements:
✑ Allow only the human resource manager to change an employee's employment status when an employee is dismissed.
✑ Allow only approved device types to access the solution and company data.
You need to recommend a solution that meets the requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: Field security profile -
Record-level permissions are granted at the entity level, but you may have certain fields associated with an entity that contain data that is more sensitive than the other fields. For these situations, you use field-level security to control access to specific fields.
Field-level security is available for the default fields on most out-of-box entities, custom fields, and custom fields on custom entities. Field-level security is managed by the security profiles.

Box 2: Compliancy policy -
Compliance policy settings ג€" Tenant-wide settings that are like a built-in compliance policy that every device receives. Compliance policy settings set a baseline for how compliance policy works in your Intune environment, including whether devices that haven't received any device compliance policies are compliant or noncompliant.
Note: Mobile device management (MDM) solutions like Intune can help protect organizational data by requiring users and devices to meet some requirements. In
Intune, this feature is called compliance policies.
Compliance policies in Intune:
Define the rules and settings that users and devices must meet to be compliant.
Include actions that apply to devices that are noncompliant. Actions for noncompliance can alert users to the conditions of noncompliance and safeguard data on noncompliant devices.
Can be combined with Conditional Access, which can then block users and devices that don't meet the rules.
Reference:
https://docs.microsoft.com/en-us/power-platform/admin/field-level-security https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started
by kenwj2342 at Nov. 24, 2021, 7:28 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kenwj2342
Highly Voted 3 years, 5 months ago
Second one should be conditional access.
upvoted 46 times
alaamohy
3 years, 5 months ago
Agreed
upvoted 3 times
...
...
giogo
Highly Voted 3 years, 2 months ago
1- Field Security profile 2- Conditional Access.
upvoted 18 times
...
loftuscheek
Most Recent 1 month, 2 weeks ago
field security conditional
upvoted 1 times
...
uberlord
6 months, 3 weeks ago
the second one is conditional access as we dont want to block logon from non compliant devices (compliance) but just deny access to the solution and data, they can still access the tenant and office etc with their account and non compliant device, but if the device is compliant they can see the solution and data
upvoted 1 times
...
ymiya
2 years, 1 month ago
2. Conditional access If you use Conditional Access, your Conditional Access policies can use your device compliance results to block access to resources from noncompliant devices. https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started#device-compliance-policies
upvoted 5 times
rober13
1 year, 9 months ago
thanks, it is more accurate answer with that paragraph
upvoted 1 times
...
...
CRMBug
2 years, 5 months ago
1- Field Security profile 2- Conditional Access.
upvoted 2 times
...
Ezekielibe
3 years, 1 month ago
1. Field Security Profile 2. Compliance policy (https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started)
upvoted 6 times
Icky
2 years, 10 months ago
I agree that its Compliance Policy. For device type, the Conditional Access must use the Compliance Policy to determine if the device, operating system etc. meets the policies set.
upvoted 1 times
uberlord
6 months, 3 weeks ago
what if theres no compliance against the device, conditional access would still detect this and go forward to block it
upvoted 1 times
...
...
originalwitness
2 years, 11 months ago
Second one should be conditional access. You can block access to M365 Cloud apps if a device is not compliant.
upvoted 2 times
Icky
2 years, 10 months ago
right, hence Compliance Policy is the answer
upvoted 3 times
m3ngi3
2 years, 8 months ago
Assuming that Compliancy policy is not a trick answer because these do not exist (Compliance policy is the right terminology) --> the policy would just state if a device is compliant or not and Conditional access is wat actually determines the access to the app based on that status...
upvoted 6 times
...
...
...
...
Prt33k
3 years, 4 months ago
It should be Field Security profile and Conditional Access. https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
upvoted 6 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago