Exam SC-100 topic 3 question 6 discussion

I would go for B and C. Vuln management sits on top of defender for endpoint. (https://docs.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management?view=o365-worldwide)

B & C based on the requirements.

B. Onboard the kiosks to Microsoft Intune and Microsoft Defender for Endpoint: Onboarding the kiosks to Microsoft Intune allows for centralized management of device configurations, compliance policies, and application control to ensure that only authorized applications can run on the kiosks. Onboarding to Microsoft Defender for Endpoint provides advanced threat protection, endpoint security, and vulnerability management to regularly harden the kiosks against new threats. C. Implement threat and vulnerability management in Microsoft Defender for Endpoint: Implementing threat and vulnerability management in Microsoft Defender for Endpoint enables continuous monitoring, detection, and remediation of security vulnerabilities and threats on the kiosks, ensuring proactive security measures are in place

in exam Nov 23, Answer, B,C

B&C for sure.

The requirements provided emphasize controlling the applications that can run on the kiosks and regularly hardening them against new threats. With this focus on application control and threat protection, the correct actions would be: B. Onboard the kiosks to Microsoft Intune and Microsoft Defender for Endpoint. Microsoft Intune can manage and configure the kiosks, allowing control over which applications can run. Microsoft Defender for Endpoint will help to protect the kiosks against threats. C. Implement threat and vulnerability management in Microsoft Defender for Endpoint. This feature of Microsoft Defender for Endpoint helps to discover, prioritize, and remediate threats and vulnerabilities, helping to harden the kiosks against new and emerging threats. So the correct answers are: B. Onboard the kiosks to Microsoft Intune and Microsoft Defender for Endpoint. C. Implement threat and vulnerability management in Microsoft Defender for Endpoint.

it has to be BC, other options dont provide the best solution.

Microsoft Intune and Microsoft Defender for Endpoint provide a comprehensive set of security capabilities to manage and protect the Windows 10 kiosks, while threat and vulnerability management helps to proactively identify and remediate vulnerabilities.

recommended solution is not asking for least privilege, so no for PAW B&C definitely correct

PAW are for admin privileged purposes.

Answer: BC B. Onboard the kiosks to Microsoft Intune and Microsoft Defender for Endpoint to ensure that only authorized applications can run on the kiosks. This allows for the creation of a custom device configuration profile that can restrict which apps are allowed to run on the kiosks. Intune can also be used to regularly harden the kiosks against new threats. C. Implement threat and vulnerability management in Microsoft Defender for Endpoint to provide a centralized view of the security posture of the kiosks. This feature identifies potential vulnerabilities and provides guidance on how to mitigate them, allowing for regular hardening of the kiosks against new threats. Option E (Implement Privileged Access Workstation (PAW) for the kiosks) is not a suitable recommendation for securing the mobile self-service kiosks. PAWs are typically used for highly privileged users who need access to sensitive information or systems, and not for standard kiosks. Instead, implementing Microsoft Intune and Microsoft Defender for Endpoint as suggested in option B would provide better security measures for the kiosks.

I would go B & E: B: Microsoft Defender for Endpoint Intune integration Microsoft Defender for Endpoint and Microsoft Intune work together to help prevent security breaches. They can also limit the impact of breaches. ATP capabilities provide real-time threat detection as well as enable extensive auditing and logging of the end-point devices. https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-deployment E: PAW A Privileged workstation provides a hardened workstation that has clear application control and application guard. The workstation uses credential guard, device guard, app guard, and exploit guard to protect the host from malicious behavior. All local disks are encrypted with BitLocker and web traffic is restricted to a limit set of permitted destinations (Deny all). https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-devices

It has to be B because you do need to onboard MDE come on guys C = it has vulnerability scanning enabled

B and C are the recommended actions to secure the kiosks. Implementing threat and vulnerability management in Microsoft Defender for Endpoint and onboarding the kiosks to Microsoft Intune and Microsoft Defender for Endpoint will help ensure that only authorized applications can run on the kiosks and that the kiosks are regularly hardened against new threats.

B & C 100%

kiosks are NOT administrative workstations lol. We don't need PAW for kiosks.

PAW is the name of the admin workstation concept. Its not a technology and has nothing to do with kiosk. B and C