Your company implements Microsoft Azure Active Directory (Azure AD), Microsoft 365, Microsoft Intune, and Azure Information Protection.
The company’s security policy states the following:
– Personal devices do not need to be enrolled in Intune.
– Users must authenticate by using a PIN before they can access corporate email data.
– Users can use their personal iOS and Android devices to access corporate cloud services.
– Users must be prevented from copying corporate email data to a cloud storage service other than Microsoft OneDrive for Business.
You need to configure a solution to enforce the security policy.
What should you create?
A . a data loss prevention (DLP) policy from the Security & Compliance admin center
B . a supervision policy from the Security & Compliance admin center
C . an app protection policy from the Intune admin center
D . a device configuration profile from the Intune admin center
Answer: C
Explanation:
References: https://docs.microsoft.com/en-us/intune/app-protection-policy