Microsoft Cybersecurity Architect — Question 5

A customer follows the Zero Trust model and explicitly verifies each attempt to access its corporate applications.
The customer discovers that several endpoints are infected with malware.
The customer suspends access attempts from the infected endpoints.
The malware is removed from the endpoints.
Which two conditions must be met before endpoint users can access the corporate applications again? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Answer options

• A. The client access tokens are refreshed.
• B. Microsoft Intune reports the endpoints as compliant.
• C. A new Azure Active Directory (Azure AD) Conditional Access policy is enforced.
• D. Microsoft Defender for Endpoint reports the endpoints as compliant.

Correct answer: A, B

Explanation

To ensure that the endpoints are secure before allowing access again, the client access tokens must be refreshed to reflect the new state of the endpoints. Additionally, Microsoft Intune must report the endpoints as compliant, indicating that they meet the security requirements. The other options do not directly verify the compliance status or access permissions necessary for secure access.