Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-100 Exam - Topic 2 Question 28 Discussion

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.Which security control should you recommend?
C) app protection policies in Microsoft Endpoint Manager
A) Azure Active Directory (Azure AD) Conditional Access App Control policies
B) OAuth app policies in Microsoft Defender for Cloud Apps
D) application control policies in Microsoft Defender for Endpoint

Microsoft SC-100 Exam - Topic 2 Question 28 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 28
Topic #: 2
[All SC-100 Questions]

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.

The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.

You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.

Which security control should you recommend?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Linn at Aug 29, 2023, 12:01 PM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Freeman
6 months ago
Surprised this isn't a more common topic in discussions!
upvoted 0 times
...
Gail
7 months ago
I’ve used app protection policies before, but they don’t seem to fit this scenario.
upvoted 0 times
...
Karina
7 months ago
Wait, are we sure about that? I thought Azure AD Conditional Access was more relevant here.
upvoted 0 times
...
Louvenia
7 months ago
Definitely agree with that! It's the best fit for blocking unauthorized apps.
upvoted 0 times
...
Jeniffer
7 months ago
I think application control policies in Microsoft Defender for Endpoint are the way to go.
upvoted 0 times
...
Thaddeus
8 months ago
I'm leaning towards Azure AD Conditional Access, but I wonder if that really applies to blocking unauthorized applications directly.
upvoted 0 times
...
Jackie
8 months ago
I feel like I saw a similar question about application whitelisting in one of our practice exams. Was it related to Defender for Endpoint?
upvoted 0 times
...
Shawna
8 months ago
I think the answer might be related to Microsoft Endpoint Manager, but I can't recall the exact details of app protection policies.
upvoted 0 times
...
Jenelle
8 months ago
I remember studying application control policies, but I'm not entirely sure if it's specifically for Defender for Endpoint.
upvoted 0 times
...
Dorian
8 months ago
I'm pretty confident that option D is the right choice here. Application control policies in Microsoft Defender for Endpoint sound like they're designed exactly for this kind of use case. I'll make sure to read through the details, but I think that's the security control I'll recommend.
upvoted 0 times
...
Letha
8 months ago
Okay, let me think this through. We need a way to ensure only authorized apps can run on the VMs, and block any unauthorized apps. I'm leaning towards option C, the app protection policies in Microsoft Endpoint Manager. That seems like it could give us the control we need over the applications.
upvoted 0 times
...
Mel
8 months ago
Hmm, I'm a bit unsure about this one. The question mentions Microsoft 365 Defender and Microsoft Defender for Cloud, so I'm wondering if one of those solutions might be a better fit. Maybe I should look into the OAuth app policies in Microsoft Defender for Cloud Apps (option B) as well.
upvoted 0 times
...
Ronald
8 months ago
This looks like a pretty straightforward question about application control policies. I think I'll go with option D - Microsoft Defender for Endpoint's application control policies. That seems like the most direct way to control which apps can run on the VMs.
upvoted 0 times
...
Leatha
8 months ago
Okay, let's see... I know there are things like condition, error, and timeout, but I'm not sure about the other options. I'll have to review my notes on exception handling.
upvoted 0 times
...
Denise
8 months ago
Hmm, I'm not totally sure about this one. I know there are a few group techniques, but I can't remember the exact names. I'll have to think it through carefully.
upvoted 0 times
...
Wilda
8 months ago
I've got this! The query is updating the "name" field for all documents where the "id" is between 1 and 3, so the answer is 3 documents.
upvoted 0 times
...
Elly
8 months ago
I'm a bit confused by the question. Superscan and NBTscan don't seem like the right tools for this task. I'll have to review my notes on network reconnaissance and OS detection to make the best choice.
upvoted 0 times
...
Arlyne
8 months ago
I'm pretty confident about this one. The Schema Centralization pattern is all about having a shared schema that multiple services can depend on, so the answer has to be True.
upvoted 0 times
...
Dorathy
1 year ago
I bet the correct answer is B. Adaptive application controls in Defender for Cloud. It's like the bouncer at the virtual nightclub, keeping the unwanted apps out!
upvoted 0 times
...
Nina
1 year ago
B. Adaptive application controls in Defender for Cloud is the way to go! Easy to set up and will keep those rogue apps in check. No more 'unauthorized app of the day' surprises!
upvoted 0 times
Effie
12 months ago
I've had success with adaptive application controls in Defender for Cloud, it's effective.
upvoted 0 times
...
Truman
12 months ago
Definitely, it's a simple solution to keep those unauthorized apps at bay.
upvoted 0 times
...
Chaya
12 months ago
I agree, adaptive application controls are a great way to ensure only authorized apps run.
upvoted 0 times
...
Blondell
1 year ago
I've had success with adaptive application controls in Defender for Cloud, it's a reliable security control.
upvoted 0 times
...
Glennis
1 year ago
Definitely, it's a simple solution to ensure only authorized applications run on the virtual machines.
upvoted 0 times
...
Louann
1 year ago
I agree, adaptive application controls are great for keeping unauthorized apps in check.
upvoted 0 times
...
...
Leonora
1 year ago
Hmm, I'm leaning towards D. app protection policies in Microsoft Endpoint Manager. Seems like a comprehensive solution to manage and secure the applications across the VMs.
upvoted 0 times
France
12 months ago
What about A) app discovery anomaly detection policies in Microsoft Defender for Cloud Apps? It could help identify unauthorized applications before they even run.
upvoted 0 times
...
Margery
1 year ago
I see your point, but I still think D) app protection policies in Microsoft Endpoint Manager is the way to go. It offers a centralized approach to application management.
upvoted 0 times
...
Dominga
1 year ago
I disagree, C) Azure Security Benchmark compliance controls in Defender for Cloud would be my choice. It ensures that the virtual machines meet security best practices.
upvoted 0 times
...
Luisa
1 year ago
I think B) adaptive application controls in Defender for Cloud would be a better option. It provides more granular control over which applications can run.
upvoted 0 times
...
...
Suzan
1 year ago
I'm not sure about option B). I think option A) app discovery anomaly detection policies in Microsoft Defender for Cloud Apps might be a better choice. It could help us detect unauthorized applications more effectively.
upvoted 0 times
...
Yasuko
1 year ago
I agree with Kenneth. Option B) seems like the best choice to ensure only authorized applications can run on the virtual machines. It provides the control we need.
upvoted 0 times
...
Terina
1 year ago
I'd say C. Azure Security Benchmark compliance controls in Defender for Cloud. That way, we can ensure the VMs meet the security standards and prevent unauthorized apps.
upvoted 0 times
Nan
1 year ago
I think B might also work well to control which applications can run on the virtual machines.
upvoted 0 times
...
Jeanice
1 year ago
I agree, C sounds like the best option to ensure security standards are met.
upvoted 0 times
...
...
Karan
1 year ago
Definitely go with B. Adaptive application controls in Defender for Cloud. That's the perfect solution to control and monitor the authorized applications on the VMs.
upvoted 0 times
...
Kenneth
1 year ago
I think we should go with option B) adaptive application controls in Defender for Cloud. It sounds like it will help us control which applications can run on the virtual machines.
upvoted 0 times
...

Save Cancel