You have devices enrolled in Microsoft Intune as shown in the following table.
You create an app protection policy named Policy1 that has the following settings:
– Platform: Windows 10
– Protected apps: App1
– Exempt apps: App2
– Network boundary: Cloud resources, IPv4 ranges
You assign Policy1 to Group1 and Group2. You exclude Group3 from Policy1.
Which devices will apply Policy1?
A . Device1, Device2, Device4, and Device5
B . Device1, Device4, and Device5 only
C . Device4 and Device5 only
D . Device1, Device3, Device4 and Device5
Answer: A
Explanation:
Policy1 is applied to all devices in Group1 and Group2. It is not applied to any devices in Group3, unless those devices are also members of Group1 or Group2.
Note: The phrase "You exclude Group3 from Policy1" is misleading. It means that Policy1 is not applied to Group3, rather than Group3 being blocked.
Incorrect answers:
B: Policy1 applies to Device2 as Policy1 is assigned to Group2.
C: Policy1 applies to Device1 as Policy1 is assigned to Group1. Policy1 also applies to Device2 as Policy1 is assigned to Group2.
D: Device3 is a member of Group3 only. Policy1 is not assigned to Group3.
References: https://docs.microsoft.com/en-us/intune/app-protection-policies
Leave a Reply