What should you do?

Posted by: Pdfprep Category: MS-100 Tags: , ,

You have a Microsoft 365 tenant.

You have a line-of-business application named App1 that users access by using the My Apps portal.

After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control.

You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.

What should you do?
A . From Microsoft Cloud App Security, modify the impossible travel alert policy.
B . From Microsoft Cloud App Security, create a Cloud Discovery anomaly detection policy.
C . From the Azure Active Directory admin center, modify the conditional access policy.
D . From Microsoft Cloud App Security, create an app discovery policy.

Answer: A

Explanation:

Impossible travel detection identifies two user activities (is a single or multiple sessions) originating from geographically distant locations within a time period shorter than the time it would have taken the user to travel from the first location to the second.

We need to modify the policy so that it applies to App1 only.

Reference: https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy

Leave a Reply

Your email address will not be published.