The correct answer is B. Create a Defender for Cloud Apps access policy.
According to the web search results, a Defender for Cloud Apps access policy is a rule that allows you to control and monitor the access to cloud apps from unmanaged devices or browsers1. You can use an access policy to identify which users access Facebook from their devices and browsers by creating a rule that matches the app name, the device type, and the browser type, and then applying an action such as Block, Allow, or Monitor2. You can also configure alerts and notifications for the access policy to get more visibility into the user activity3.
On the exam 7/18/24, answered B
The question is asking to "identify which users access Facebook " users, not enforce policies to restrict access. All other options are trying to trip you up!
1. Unsanctioning Facebook (Discovery):
This is the first step to enable monitoring.
Log in to the Microsoft Defender for Cloud Apps portal.
Navigate to Cloud Apps and then Governance.
Locate Facebook in the list of apps.
Click the three dots next to Facebook and select Unsanctioned.
#B
To identify which users access Facebook from their devices and browsers while minimizing administrative effort within a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps, the most suitable option is:
B. Create a Defender for Cloud Apps access policy.
Microsoft Defender for Cloud Apps (formerly known as Microsoft Cloud App Security) allows you to create access policies to control and monitor user access to various cloud applications, including Facebook. By creating an access policy, you can specify conditions under which users can access Facebook and monitor their activities without directly affecting the application's sanction status or resorting to other configurations like Conditional Access or Intune policies.
Option B enables you to specifically target Facebook usage without affecting other applications or requiring additional configuration outside of Defender for Cloud Apps. Therefore, it aligns with the requirement of minimizing administrative effort.
Question didn't ask you to block Facebook, just check who is using it. This can be viewed from the discovered app list or create a policy to send notifications
To identify which users access Facebook from their devices and browsers with minimal administrative effort, you should first unsanction Facebook from the Microsoft 365 Defender portal1. By tagging apps in Cloud App Security as unsanctioned, those app domains are then pushed to Microsoft Defender ATP as custom network indicators in near real-time1. This is a single-click control that can significantly improve security posture and save time1. So, the correct answer is A. From the Microsoft 365 Defender portal, unsanction Facebook.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
shuhaidawahab
Highly Voted 1 year, 2 months agoAlcpt
7 months, 3 weeks agoAlcpt
7 months, 3 weeks agothetootall
Highly Voted 5 months, 3 weeks agoCybersecgirl
Most Recent 3 months, 2 weeks agoCybersecgirl
3 months, 2 weeks agoklayytech
8 months, 3 weeks agoKRISTINMERIEANN
9 months agoGeorgiAngelov
10 months, 2 weeks agoSneekygeek
11 months, 2 weeks agoKrankenwagen
1 year, 1 month agoSorrynotsorry
1 year, 1 month agohaazybanj
1 year, 2 months agoJCkD4Ni3L
1 year, 2 months agoACSC
1 year, 3 months ago