Crucial Exams

Microsoft 365 Administrator Expert MS-102 Practice Question

Your company has a Microsoft 365 E5 subscription. All corporate Windows 11 devices are onboarded to Microsoft Defender for Endpoint (MDE). After running Cloud Discovery in Microsoft Defender for Cloud Apps, you identify several high-risk services that must be blocked when accessed from managed devices, but employees must remain free to use the same services from personal or unmanaged devices. You need to implement the solution without deploying additional proxies, network appliances, or browser extensions. Which action should you take in Microsoft Defender for Cloud Apps?

  • Deploy the Defender for Cloud Apps log collector appliance to ingest firewall logs and configure an anomaly detection policy for the services.

  • Create a Defender for Cloud Apps session policy that blocks upload and download traffic for the services and set the apps to Monitored.

  • Create a Conditional Access policy that applies Conditional Access App Control in Block mode to the identified services.

  • Enable the Microsoft Defender for Endpoint integration, turn on automatic blocking of unsanctioned apps, and mark the identified services as Unsanctioned.

Microsoft 365 Administrator Expert MS-102
Manage security and threats by using Microsoft Defender XDR
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot