What should you configure?

MD-102 V6 0 Comments

DRAG DROP

You have a Microsoft 365 subscription that includes Microsoft Intune.

You need to implement a Microsoft Defender for Endpoint solution that meets the following requirements:

• Enforces compliance for Defender for Endpoint by using Conditional Access

• Prevents suspicious scripts from running on devices

What should you configure? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Box 1: An Intune connection

Enforces compliance for Defender for Endpoint by using Conditional Access

Configure Conditional Access in Microsoft Defender for Endpoint Take the following steps to enable Conditional Access:

Step 1: Turn on the Microsoft Intune connection from Microsoft 365 Defender

Step 2: Turn on the Defender for Endpoint integration in Intune

Step 3: Create the compliance policy in Intune

Step 4: Assign the policy

Step 5: Create an Azure AD Conditional Access policy

Box 2: An Attack surface reduction (ASR) policy rule

Prevents suspicious scripts from running on devices

Attack surface reduction policy for endpoint security in Intune

When Defender antivirus is in use on your Windows 10/11 devices, you can use Intune endpoint security policies for Attack surface reduction to manage those settings for your devices.

Attack surface reduction policies help reduce your attack surfaces, by minimizing the places where your organization is vulnerable to cyberthreats and attacks.

In particular:

Attack Surface Reduction Rules C Configure settings for attack surface reduction rules that target behaviors that malware and malicious apps typically use to infect computers, including:

Executable files and scripts used in Office apps or web mail that attempt to download or run files Obfuscated or otherwise suspicious scripts

Behaviors that apps don’t usually start during normal day-to-day work Reducing your attack surface means offering attackers fewer ways to perform attacks.

Reference: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-conditional-access

https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-asr-policy

Latest MD-102 Dumps Valid Version with 98 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download MD-102 PDF     MD-102 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments