Microsoft Identity and Access Administrator — Question 120

You have a Microsoft 365 E5 subscription.

Users authorize third-party cloud apps to access their data.

You need to configure an alert that will be triggered when an app requires high permissions and is authorized by more than 20 users.

Which type of policy should you create in Microsoft Defender for Cloud Apps?

Answer options

• A. app discovery policy
• B. access policy
• C. OAuth app policy
• D. activity policy

Correct answer: C

Explanation

The correct choice is the OAuth app policy, as it specifically focuses on monitoring and managing third-party applications that request OAuth permissions. The other options, such as app discovery policy, access policy, and activity policy, do not directly address the requirement of alerting on OAuth app permissions based on user authorization.