Microsoft 365 Mobility and Security (legacy) — Question 169

You have a Microsoft 365 tenant.
You have a line-of-business application named App1 that users access by using the My Apps portal.
After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control.
You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.
What should you do?

Answer options

• A. From Microsoft Cloud App Security, create a Cloud Discovery anomaly detection policy.
• B. From Microsoft Defender for Cloud Apps, modify the impossible travel alert policy.
• C. From Microsoft Defender for Cloud Apps, create an app discovery policy.
• D. From the Azure Active Directory admin center, modify the conditional access policy.

Correct answer: B

Explanation

The correct answer is B because modifying the impossible travel alert policy in Microsoft Defender for Cloud Apps directly addresses the requirement for alerts related to App1. Option A is incorrect as it pertains to a broader anomaly detection that is not specific to App1. Option C does not relate to alerting for impossible travel, and option D would not generate alerts specifically for the impossible travel scenario.