Microsoft 365 Security Administration — Question 98

You have several Conditional Access policies that block noncompliant devices from connecting to services.
You need to identify which devices are blocked by which policies.
What should you use?

Answer options

• A. the Device compliance report in the Microsoft Endpoint Manager admin center
• B. the Device compliance trends report in the Microsoft Endpoint Manager admin center
• C. Activity log in the Cloud App Security portal
• D. the Conditional Access Insights and Reporting workbook in the Azure Active Directory admin center

Correct answer: D

Explanation

The correct answer is D because the Conditional Access Insights and Reporting workbook in the Azure Active Directory admin center provides detailed information about which devices are blocked by specific policies. Options A and B focus on compliance reports, which do not specify blocking policies, and option C offers general activity logs without the specific context of Conditional Access policies.