AZ-500 · Question #440
AZ-500 Question #440: Real Exam Question with Answer & Explanation
The 'Conditions' setting is used to restrict access based on device platform (e.g., Windows only), as it contains the Device platforms filter where you can specify which operating systems are allowed. The 'Grant' setting is used to enforce compliance requirements, as it contains
Question
Drag and Drop Question You have an Azure subscription that contains an Azure web app named App1. You plan to configure a Conditional Access policy for App1. The solution must meet the following requirements: - Only allow access to App1 from Windows devices. - Only allow devices that are marked as compliant to access App1. Which Conditional Access policy settings should you configure? To answer, drag the appropriate settings to the correct requirements. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Answer:
Explanation
The 'Conditions' setting is used to restrict access based on device platform (e.g., Windows only), as it contains the Device platforms filter where you can specify which operating systems are allowed. The 'Grant' setting is used to enforce compliance requirements, as it contains the 'Require device to be marked as compliant' control that checks Intune or MDM compliance status before allowing access. Together, these two settings satisfy both requirements: Conditions scopes who/what can connect by platform, and Grant enforces the compliance gate.
Topics
Community Discussion
No community discussion yet for this question.