Microsoft 365 Administrator — Question 216

You have a Microsoft 365 E5 subscription that contains a user named User1.

You have a Conditional Access policy applied to a cloud-based app named App1. App1 has Conditional Access App Control deployed.

You need to create a Microsoft Defender for Cloud Apps policy to block User1 from printing from App1.

Which type of policy should you create?

Answer options

• A. activity policy
• B. session policy
• C. OAuth app policy
• D. Cloud Discovery anomaly detection policy

Correct answer: B

Explanation

The correct choice is B, session policy, as it controls user sessions and can enforce restrictions like blocking printing. Option A, activity policy, is focused on activities rather than session controls, while C, OAuth app policy, pertains to OAuth applications and D, Cloud Discovery anomaly detection policy, is used for identifying anomalies in app usage rather than directly controlling user actions.