Microsoft 365 Security Administration — Question 28

You have a Microsoft 365 E5 subscription that has Microsoft Defender for Cloud Apps enabled.
You need to create an alert in Defender for Cloud Apps when source code is shared externally.
Which type of policy should you create?

Answer options

• A. activity
• B. Cloud Discovery anomaly detection
• C. access
• D. file

Correct answer: D

Explanation

Creating a 'file' policy is the correct choice because it specifically targets file activities, such as sharing source code, and can trigger alerts based on those actions. The other options either focus on user activity, access controls, or anomaly detection, which do not directly address the need to monitor file sharing.