Answer-first summary for fast verification
Answer: application control policies in Microsoft Defender for Endpoint
The application control policies in Microsoft Defender for Endpoint are specifically designed to control which applications can run on endpoints, including virtual machines. This feature enforces an explicit list of allowed software, ensuring that unauthorized applications are automatically blocked until approved by an administrator. Other options, such as OAuth app policies or app protection policies, do not offer the same level of control over individual applications running on virtual machines.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are managing a Microsoft 365 subscription along with an Azure subscription that includes 50 virtual machines, each running different applications on Windows Server 2019. Both Microsoft 365 Defender and Microsoft Defender for Cloud are active across these systems. Your goal is to ensure that only authorized applications can execute on the virtual machines. If any unauthorized application tries to run or install, it should be automatically blocked until an administrator provides authorization. What security control would you recommend to achieve this?
A
OAuth app policies in Microsoft Defender for Cloud Apps
B
Azure Security Benchmark compliance controls in Defender for Cloud
C
application control policies in Microsoft Defender for Endpoint
D
app discovery anomaly detection policies in Microsoft Defender for Cloud Apps