ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 1 question 63 discussion

Actual exam question from Microsoft's MS-500
Question #: 63
Topic #: 1
[All MS-500 Questions]

You have a Microsoft 365 tenant that has modern authentication enabled.
You have Windows 10, MacOS, Android, and iOS devices that are managed by using Microsoft Endpoint Manager.
Some users have older email client applications that use Basic authentication to connect to Microsoft Exchange Online.
You need to implement a solution to meet the following security requirements:
✑ Allow users to connect to Exchange Online only by using email client applications that support modern authentication protocols based on OAuth 2.0.
✑ Block connections to Exchange Online by any email client applications that do NOT support modern authentication.
What should you implement?

  • A. a conditional access policy in Azure Active Directory (Azure AD)
  • B. an application control profile in Microsoft Endpoint Manager
  • C. a compliance policy in Microsoft Endpoint Manager
  • D. an OAuth app policy in Microsoft Defender for Cloud Apps
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Block clients that don't support multi-factor with a Conditional Access policy.
Note: Clients that do not use modern authentication can bypass Conditional Access policies, so it's important to block these.
Incorrect:
Not D: OAuth app policies enable you to investigate which permissions each app requested and which users authorized them for Office 365, Google Workspace, and Salesforce. You're also able to mark these permissions as approved or banned.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/identity-access-policies
by pete26 at Oct. 15, 2022, 11:10 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
pete26
Highly Voted 2 years, 8 months ago
Valid on exam October 14, 2022
upvoted 6 times
...
RomanV
Most Recent 2 years, 2 months ago
Correct answer is A. A conditional access policy in Azure Active Directory (Azure AD) is the best option to implement to meet the security requirements. Once the policy is created, it will block any email client application that does not support modern authentication from accessing Exchange Online, and users will be allowed to connect to Exchange Online only by using email client applications that support modern authentication protocols based on OAuth 2.0.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel