MicrosoftMicrosoft
SC-300 · Question #453
SC-300 Question #453: Real Exam Question with Answer & Explanation
The correct answer is C: OAuth app policy. OAuth app policy You can create an OAuth app policy in the Microsoft Defender for Cloud Apps portal (now part of App Governance within Defender XDR) to generate alerts when an app requests high permissions and is authorized by a specified number of users, such as over 20, helping
Submitted by daniela_cl· Mar 6, 2026
Question
You have a Microsoft 365 E5 subscription. Users authorize third-party cloud apps to access their data. You need to configure an alert that will be triggered when an app requires high permissions and is authorized by more than 20 users. Which type of policy should you create in Microsoft Defender for Cloud Apps?
Options
- Aapp discovery policy
- Baccess policy
- COAuth app policy
- Dactivity policy
Explanation
- OAuth app policy You can create an OAuth app policy in the Microsoft Defender for Cloud Apps portal (now part of App Governance within Defender XDR) to generate alerts when an app requests high permissions and is authorized by a specified number of users, such as over 20, helping you detect potentially risky, overprivileged apps. These policies allow you to monitor, block, or flag apps based on permission levels (high, medium, low), publisher status, and user authorization count, enabling proactive security management. * activity policy * anomaly detection policy * app discovery policy https://learn.microsoft.com/en-us/defender-cloud-apps/app-permission-policy
Community Discussion
No community discussion yet for this question.