You have a Microsoft 365 subscription. You create a Microsoft Defender for Office 365 safe attachments policy. You need to configure the retention duration for the attachments in quarantine. Which type of threat management policy should you create?
The answer is D, Anti-malware.
Anti-malware policies are used to scan email attachments for malicious content. They can also be used to quarantine attachments that are suspected to be malicious. The retention duration for attachments in quarantine can be configured in the anti-malware policy.
The other options are incorrect. Anti-phishing policies are used to protect against phishing attacks. DKIM is a domain-based message authentication, reporting, and conformance standard that helps to prevent email spoofing. Anti-spam policies are used to protect against spam.
Here is a table that summarizes the different types of threat management policies in Microsoft Defender for Office 365:
Type of policy Description
Anti-malware Scans email attachments for malicious content and quarantines attachments that are suspected to be malicious.
Anti-phishing Protects against phishing attacks.
DKIM Helps to prevent email spoofing.
Anti-spam Protects against spam.
For those of you (like me that expected the answer to involve quarantine policies. Here is something explaining why it is in the anti-spam policy even though the question is asking about safe-attachments.
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide
" Note
How long quarantined messages are held in quarantine before they expire is controlled by the Retain spam in quarantine for this many days (QuarantineRetentionPeriod) in anti-spam policies. For more information, see Configure anti-spam policies in EOP."
It is like they are testing us on what the devs did that is not intuitive.
"The default value is 15 days in the default anti-spam policy and in new anti-spam policies that you create in PowerShell. The default value is 30 days in new anti-spam policies that you create in the Microsoft 365 Defender portal.A valid value is from 1 to 30 days."
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide
This section is not available anymore. Please use the main Exam Page.MS-500 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Maxx4
2 years agoDhamus
2 years, 3 months agoEM1234
2 years, 4 months agoTommy0000
2 years, 4 months agoNishBlade
2 years, 5 months agopete26
2 years, 9 months agoskycrap
2 years, 9 months ago