SC-200 Question #437: Real Exam Question with Answer & Explanation

Question

You have a Microsoft 365 subscription that uses Microsoft Defender XDR. The subscription contains 500 devices that are joined to Microsoft Entra, are in the Microsoft Defender for Endpoint default device group, and are managed by using Microsoft Intune. You need to implement Microsoft Defender Vulnerability Management. The solution must minimize the administrative effort. What should you do first in the Microsoft Defender portal?

Options

• AFrom Configuration management, configure the Enforcement scope settings.
• BConfigure auto remediation for the default device group.
• CSet Microsoft Intune connection to On.
• DSet Live Response to On.

Explanation

To get Defender Vulnerability Management (TVM) working with Intune-managed devices, first enable the Intune connection in the Defender portal (Settings > Endpoints > Advanced features) and then use Endpoint Security Policies (Configuration profiles) in Intune or the Defender portal to deploy security settings and onboard devices, creating device groups in Entra ID to target these policies effectively for vulnerabilities and remediation. Here are the key configuration steps: In the Microsoft Defender Portal (security.microsoft.com): *-> 1. Connect to Intune: Go to Settings > Endpoints > Advanced features, find the "Microsoft Intune connection," and turn the toggle On, then Save. 2. Check Device Onboarding: Verify devices appear in the Assets > Devices inventory, showing their risk, exposure, and management status. 3. Use Device Groups: Navigate to Endpoints > Device groups, create/manage groups (e.g., for Windows 11) to filter vulnerability data and apply specific settings. In Microsoft Intune (Microsoft Endpoint Manager admin center): 1. Onboard Devices 2. Deploy Security Settings 3. Create Remediation Tasks https://learn.microsoft.com/en-us/intune/intune-service/protect/microsoft-defender-integrate

No community discussion yet for this question.