Exam SC-200 topic 9 question 1 discussion

Correct answers. As Harold_Finch explained, unsactioned apps will be blocked using Defender for Cloud Apps (MCAS). You can also add URLs/Domains to block directly from Defender - Settings - Endpoints - Indicators - URLs/Domains tab - Add items --> to add cloud apps to block.

✅ C. Advanced features from Settings in Microsoft Defender Security Center - Go to Microsoft Defender Security Center → Settings → Advanced Features. - Enable Microsoft Defender for Endpoint integration with Defender for Cloud Apps. - This allows Defender for Endpoint to enforce blocking of unsanctioned apps. ✅ D. Cloud Discovery settings in Cloud App Security - Go to Microsoft Defender for Cloud Apps → Settings → Cloud Discovery. - Enable Microsoft Defender for Endpoint integration and Enforce app access. - This ensures that unsanctioned apps are blocked at the endpoint level.

C and D

The correct answers are B. Cloud App Security anomaly detection policies and C. Advanced features from Settings in Microsoft Defender Security Center.

B. Cloud App Security anomaly detection policies D. the Cloud Discovery settings in Cloud App Security To restrict cloud apps running on CLIENT1, you need to modify Cloud App Security anomaly detection policies and the Cloud Discovery settings in Cloud App Security. Cloud App Security allows you to create policies that can be used to identify and restrict cloud apps that are not sanctioned by your organization. You can also use Cloud Discovery to identify cloud apps that are being used in your organization and take action to restrict or block them. By configuring these settings, you can ensure that only sanctioned cloud apps are used on CLIENT1, meeting the Microsoft Defender for Endpoint requirements. Option A and C are not relevant to this scenario.

Answer B & D