Microsoft Endpoint Administrator — Question 197

You have a Microsoft 365 subscription that includes Microsoft Intune.

You create a new Android app protection policy named Policy1 that prevents screen captures in all Microsoft apps.

You discover that an unmanaged email client installed on Android devices can still capture screens.

You need to ensure that users can only use Microsoft apps to access email.

What should you do?

Answer options

• A. Create a Conditional Access policy.
• B. Create a compliance policy.
• C. Modify the Data protection settings of Policy1.
• D. Modify the assignments of Policy1.

Correct answer: A

Explanation

The correct answer is A because creating a Conditional Access policy can enforce restrictions on which applications can be used to access certain resources, ensuring users only utilize Microsoft apps for email. Options B, C, and D do not directly limit access to email through specified applications, thus failing to meet the requirement.