Exam MD-101 topic 1 question 28 discussion

Actual exam question from Microsoft's MD-101

Question #: 28
Topic #: 1

Your company's environment includes the following:
✑ Microsoft Azure Active Directory (Azure AD)
✑ Microsoft 365
✑ Microsoft Intune
✑ Azure Information Protection.
A new security policy declares that enrollment for private devices in Intune is not required. However, to access corporate email information, users have to make use of a PIN for authentication purposes. Also, users are able to access corporate cloud services from their private iOS and Android devices. Furthermore, the copying corporate email information to a cloud storage service should not be allowed, unless users are copying the information to Microsoft OneDrive for
Business.
You have to make sure that security policy is enforced.
Which of the following actions should you take?

A. You should create a data loss prevention (DLP) policy.
B. You should create a device enrollment policy.
C. You should create an app protection policy.
D. You should create a Windows AutoPilot deployment profile.

Show Suggested Answer

Suggested Answer: C 🗳️

by CaloyB_IT at Nov. 26, 2021, 12:22 p.m.

Comments

Submit Cancel

CaloyB_IT

Highly Voted 3 years, 7 months ago

Selected Answer: C

https://docs.microsoft.com/en-us/intune/app-protection-policy App protection policies (APP) are rules that ensure an organization's data remains safe or contained in a managed app. A policy can be a rule that is enforced when the user attempts to access or move "corporate" data, or a set of actions that are prohibited or monitored when the user is inside the app. A managed app is an app that has app protection policies applied to it, and can be managed by Intune.

upvoted 10 times

...