Microsoft 365 Mobility and Security (legacy) — Question 70
You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpoint integrated with Microsoft Endpoint Manager.
Devices are onboarded by using Microsoft Defender for Endpoint.
You plan to block devices based on the results of the machine risk score calculated by Microsoft Defender for Endpoint.
What should you create first?
Answer options
- A. a device configuration policy
- B. a device compliance policy
- C. a conditional access policy
- D. an endpoint detection and response policy
Correct answer: B
Explanation
The correct answer is B, a device compliance policy, as it is essential for defining the compliance criteria based on the machine risk score. The other options, while relevant, do not directly establish compliance requirements necessary for blocking devices based on their risk assessment.