Microsoft 365 Administrator Expert MS-102 Practice Question
Your company uses Microsoft Defender for Cloud Apps and has enabled Continuous Report Export through Cloud Discovery. After analyzing the Cloud Discovery dashboard, you identify a high-risk cloud storage service that hosts sensitive data and must be immediately blocked on all corporate Windows 10/11 devices managed by Microsoft Defender for Endpoint (MDE).
You already marked the application as Unsanctioned in Defender for Cloud Apps.
Which additional action should you take to ensure that access to the unsanctioned application is automatically blocked from the managed devices within the next hour?
Create a Cloud Discovery activity policy that triggers an automatic governance action to suspend the application.
Enable the Block unsanctioned apps setting in the Microsoft 365 Defender portal so that Microsoft Defender for Endpoint can retrieve the updated unsanctioned app list.
Configure a Conditional Access App Control session policy that blocks downloads from the application.
Add the application's domains to the Endpoint DLP blocked URL list and publish the policy to all devices.
Marking an application as Unsanctioned in Microsoft Defender for Cloud Apps only labels it in the portal and in exported reports. To turn that label into real-time enforcement on endpoints, you must synchronize the unsanctioned app list with Microsoft Defender for Endpoint. Enabling the "Enforce App Control" (also shown as "Block unsanctioned apps") policy inside the Microsoft 365 Defender portal causes MDE to periodically (approximately every hour) download the current list of Unsanctioned applications from Defender for Cloud Apps. Devices that have Network protection enabled will then block HTTP/HTTPS traffic to the app's domains. None of the other options trigger endpoint-level blocking: creating an activity policy only generates alerts, editing a session policy requires Conditional Access App Control, and mapping domains in Endpoint DLP is unrelated to the Unsanctioned apps mechanism.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Microsoft Defender for Cloud Apps?
Open an interactive chat with Bash
How does the 'Block unsanctioned apps' setting work in Microsoft Defender for Endpoint?
Open an interactive chat with Bash
What is Network Protection in Microsoft Defender for Endpoint?
Open an interactive chat with Bash
Microsoft 365 Administrator Expert MS-102
Manage security and threats by using Microsoft Defender XDR
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .