DRAG DROP
You have a Microsoft 365 subscription that includes Microsoft Intune.
You need to implement a Microsoft Defender for Endpoint solution that meets the following requirements:
• Enforces compliance for Defender for Endpoint by using Conditional Access
• Prevents suspicious scripts from running on devices
What should you configure? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Answer: 
Explanation:
Box 1: An Intune connection
Enforces compliance for Defender for Endpoint by using Conditional Access
Configure Conditional Access in Microsoft Defender for Endpoint Take the following steps to enable Conditional Access:
Step 1: Turn on the Microsoft Intune connection from Microsoft 365 Defender
Step 2: Turn on the Defender for Endpoint integration in Intune
Step 3: Create the compliance policy in Intune
Step 4: Assign the policy
Step 5: Create an Azure AD Conditional Access policy
Box 2: An Attack surface reduction (ASR) policy rule
Prevents suspicious scripts from running on devices
Attack surface reduction policy for endpoint security in Intune
When Defender antivirus is in use on your Windows 10/11 devices, you can use Intune endpoint security policies for Attack surface reduction to manage those settings for your devices.
Attack surface reduction policies help reduce your attack surfaces, by minimizing the places where your organization is vulnerable to cyberthreats and attacks.
In particular:
Attack Surface Reduction Rules C Configure settings for attack surface reduction rules that target behaviors that malware and malicious apps typically use to infect computers, including:
Executable files and scripts used in Office apps or web mail that attempt to download or run files Obfuscated or otherwise suspicious scripts
Behaviors that apps don’t usually start during normal day-to-day work Reducing your attack surface means offering attackers fewer ways to perform attacks.
Reference: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-conditional-access
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-asr-policy
Latest MD-102 Dumps Valid Version with 98 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund