ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 372 discussion

Actual exam question from Microsoft's MS-102
Question #: 372
Topic #: 1
[All MS-102 Questions]

HOTSPOT
-

You have an on-premises server named Server1 that runs Windows Server. Server1 is used to access a software as a service (SaaS) app named App1.

You have a Microsoft 365 E5 subscription and use Microsoft Defender for Cloud Apps, Microsoft Defender XDR, Microsoft Defender for Endpoint, and Microsoft Defender for Identity. You configure Cloud Discovery for App1 and Server1.

You need to meet the following requirements:

• Tag Server1 as a high-value device.
• Ensure that an alert is triggered when App1 is accessed.

What should you do for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by fabiomartinsnet at April 7, 2025, 10:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ca7859c
1 day, 15 hours ago
Tag Device As High Value Device: Defender for Endpoint Alert on Access: Defender for Cloud Apps (Access Policy)
upvoted 1 times
...
skids222
1 day, 19 hours ago
ChatGPT o3: *****Correct answers***** Tag the device in Defender for Endpoint Set Device value = High from the device’s page in Defender for Endpoint. This flags it as high-value for vulnerability and alert prioritisation. Tag App1 in Defender for Cloud Apps Tagging App1 as Unsanctioned (or with any tag) syncs its domains to Defender for Endpoint. This triggers an "Unsanctioned cloud app access" alert when accessed. ****Why not the others***** Critical asset classification in Defender XDR – requires creating a rule, doesn’t apply directly to a specific device. Tag in Defender for Identity – only marks it as “Sensitive,” used for identity-based detections, not device tagging or Cloud Discovery. IP indicator – not linked to SaaS app access from Cloud Discovery data.
upvoted 2 times
...
fabiomartinsnet
1 week, 4 days ago
That´s a terrible question... I´d go with: - tag the device in defender for endpoint (OK) - tag app1 in defender for cloud apps (that is what makes more sense to me, by proximity)
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago