Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your organization is in the process of implementing a Zero Trust security model and is currently evaluating its Conditional Access policies to ensure they align with this strategy. The organization operates in a highly regulated industry, requiring strict compliance with data protection standards. Additionally, the IT team is under pressure to minimize operational costs while ensuring the solution is scalable to accommodate future growth. Given these constraints, which of the following steps is the MOST effective for validating the alignment of Conditional Access policies with a Zero Trust strategy? (Choose one option)
A
Conduct a high-level review of the Conditional Access policies to ensure they are broadly applied across all users and resources, without delving into specific access contexts or compliance requirements.
B
Implement Conditional Access policies that are solely based on the geographical location of users and the device type, ignoring other contextual factors such as user behavior and resource sensitivity.
C
Validate that the Conditional Access policies are not only aligned with the organization's overarching security policies and compliance requirements but also consider the context of each access request, including user identity, device health, location, and the sensitivity of the resource being accessed.
D
Focus on automating the deployment of Conditional Access policies to reduce operational costs, without conducting a thorough review of how these policies align with the Zero Trust principles or compliance requirements.