Microsoft 365 Administrator Expert MS-102 Practice Question
While troubleshooting a suspicious action performed by a user, you open the Activity log in Microsoft Defender for Cloud Apps. The entry shows the Traffic type field set to Proxy and the Session risk set to Medium. You need to understand what the Traffic type value indicates about how the action was collected. What does the Proxy traffic type tell you?
The activity was generated from the Microsoft 365 unified audit log that Defender for Cloud Apps ingests by default.
The activity was captured in near real time by the Conditional Access App Control proxy during the user session.
The activity was discovered from on-premises firewall and proxy logs that were uploaded through Cloud Discovery.
The activity was imported asynchronously from the app's audit API several hours after it occurred.
The Traffic type value specifies the telemetry path Defender for Cloud Apps used to capture the activity. A value of Proxy means the action was seen through the real-time Conditional Access App Control proxy. This mode inspects and, if configured, controls user traffic as it flows to the sanctioned SaaS app, so the log is generated almost immediately during the session. The other options describe data sources associated with different Traffic type values:
Cloud Discovery (from firewall/proxy logs) corresponds to the Discovery traffic type, not Proxy.
Connected app audit APIs generate an API traffic type entry collected after the activity occurs.
The Microsoft 365 unified audit log is also ingested through API connectors and therefore appears as API, not Proxy.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Conditional Access App Control proxy?
Open an interactive chat with Bash
How does Microsoft Defender for Cloud Apps identify session risk?
Open an interactive chat with Bash
What is the difference between the Proxy and API traffic types in Defender for Cloud Apps?
Open an interactive chat with Bash
Microsoft 365 Administrator Expert MS-102
Manage security and threats by using Microsoft Defender XDR
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .