Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft MD-102 Exam - Topic 4 Question 47 Discussion

You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.You create a Conditional Access policy named CAPolicy1 that will block access to Microsoft Exchange Online from iOS devices. You assign CAPolicy1 to Group1.You discover that User1 can still connect to Exchange Online from an iOS device.You need to ensure that CAPolicy1 is enforced.What should you do?
B) Assign CAPolicy1 to Group2.
A) Configure a new terms of use (TOU).
C) Enable CAPolicy1
D) Add a condition in CAPolicy1 to filter for devices.

Microsoft MD-102 Exam - Topic 4 Question 47 Discussion

Actual exam question for Microsoft's MD-102 exam
Question #: 47
Topic #: 4
[All MD-102 Questions]

You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.

You create a Conditional Access policy named CAPolicy1 that will block access to Microsoft Exchange Online from iOS devices. You assign CAPolicy1 to Group1.

You discover that User1 can still connect to Exchange Online from an iOS device.

You need to ensure that CAPolicy1 is enforced.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

Common signals that Conditional Access can take in to account when making a policy decision include the following signals:

* User or group membership

Policies can be targeted to specific users and groups giving administrators fine-grained control over access.

* Device

Users with devices of specific platforms or marked with a specific state can be used when enforcing Conditional Access policies.

Use filters for devices to target policies to specific devices like privileged access workstations.

* Etc.


by Lamar at May 03, 2025, 03:44 PM

Limited Time Offer

25%

Off

Get Premium MD-102 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Reta
6 months ago
CAPolicy1 should already be enforced if set correctly.
upvoted 0 times
...
Fabiola
6 months ago
I think adding a condition for devices makes sense.
upvoted 0 times
...
Cornell
6 months ago
Assigning it to Group2 won't help if it's not enabled.
upvoted 0 times
...
Billy
6 months ago
Wait, how did User1 even connect? That's weird.
upvoted 0 times
...
Santos
7 months ago
You need to enable the policy first!
upvoted 0 times
...
Sabina
7 months ago
Adding a condition to filter devices sounds familiar, but I can't recall if that's the right approach for this specific scenario.
upvoted 0 times
...
Rosalyn
7 months ago
I'm a bit unsure, but I feel like enabling the policy might be necessary. Didn't we talk about that in our last practice session?
upvoted 0 times
...
Pearline
7 months ago
I think I saw a similar question where we had to assign a policy to a different group. Maybe that's what we need to do here?
upvoted 0 times
...
Alishia
7 months ago
I remember we discussed how Conditional Access policies can sometimes not apply if the conditions aren't set correctly.
upvoted 0 times
...
Ozell
8 months ago
I'm pretty confident I know the answer here. The policy is already enabled, so the issue must be with the group assignment. I'll try assigning the policy to Group2 and see if that resolves the problem.
upvoted 0 times
...
Louann
8 months ago
Okay, I think I've got this. The key is to add a condition to the Conditional Access policy to filter for iOS devices specifically. That should ensure the policy is enforced as intended.
upvoted 0 times
...
Isaac
8 months ago
Hmm, I'm a bit confused. The policy is already assigned to Group1, but User1 can still access Exchange Online from an iOS device. I'll need to think through the different options to figure out the best solution.
upvoted 0 times
...
Eva
8 months ago
This seems like a straightforward Conditional Access policy question. I'll need to carefully review the details to determine the appropriate action.
upvoted 0 times
...
Yasuko
12 months ago
I'd go with option C and enable the policy. Sometimes the simplest solution is the best. Although, with Microsoft, you never know what kind of unexpected bugs might crop up.
upvoted 0 times
Monroe
11 months ago
Let's give it a try and see if it works.
upvoted 0 times
...
Shawn
11 months ago
Enabling the policy might be the simplest solution.
upvoted 0 times
...
Emmett
11 months ago
Enabling the policy is the best way to make sure it is enforced.
upvoted 0 times
...
Hyman
12 months ago
That sounds like a good idea. Let's try enabling CAPolicy1.
upvoted 0 times
...
Vivienne
12 months ago
I think we should go with option C and enable the policy.
upvoted 0 times
...
Yesenia
12 months ago
I agree, let's enable CAPolicy1 to ensure it is enforced.
upvoted 0 times
...
Lashaun
12 months ago
I think we should go with option C and enable the policy.
upvoted 0 times
...
...
Hollis
12 months ago
I'm not sure, maybe we should also consider option C) Enable CAPolicy1 as a potential solution.
upvoted 0 times
...
Glendora
1 year ago
I agree with Carmen, option D seems like the best solution to enforce CAPolicy1.
upvoted 0 times
...
Carmen
1 year ago
I think we should try option D) Add a condition in CAPolicy1 to filter for devices.
upvoted 0 times
...
Emiko
1 year ago
Option B seems like the easiest fix. Just assign the policy to a different group and voila, problem solved. Unless, of course, User1 is secretly a member of Group2 as well.
upvoted 0 times
...
Sunny
1 year ago
Ah, I see the problem. User1 must be using some sort of magic iOS device that's immune to the policy. Maybe we need to call in the Hogwarts tech support team.
upvoted 0 times
Olen
11 months ago
That could be the solution to enforce the policy.
upvoted 0 times
...
Rory
11 months ago
Maybe we should assign CAPolicy1 to Group2.
upvoted 0 times
...
Mona
1 year ago
User1 must have a special iOS device.
upvoted 0 times
...
...
Viola
1 year ago
Hmm, it seems like the policy isn't being enforced properly. I'd go with option D and add a condition to filter for devices. That should do the trick.
upvoted 0 times
Ilona
12 months ago
User3: Agreed, let's add a device filter to ensure the policy is enforced.
upvoted 0 times
...
Bo
12 months ago
User2: That sounds like a good idea. Let's give it a try.
upvoted 0 times
...
Miles
1 year ago
User1: I think we should try option D and add a condition to filter for devices.
upvoted 0 times
...
...

Save Cancel