You have an Azure virtual machine named VM1.
You enable Microsoft Defender SmartScreen on VM1.
You need to ensure that the SmartScreen messages displayed to users are logged.
What should you do?
Click on the arrows to vote for the correct answer
A. B. C. D.C
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overviewThe correct answer for this question is Option B: From the local Group Policy, modify the Advanced Audit Policy Configuration settings.
Explanation:
Microsoft Defender SmartScreen is a feature in Windows that helps protect your device from potentially dangerous downloads and websites. It uses warning messages to alert users when they attempt to download a file or access a website that has been deemed risky. To ensure that SmartScreen messages displayed to users are logged, you need to configure auditing policies.
The Advanced Audit Policy Configuration settings allow you to configure auditing policies that can track security-related events on Windows. By modifying the audit policy settings, you can enable auditing for different categories of events and specify which users and groups should be audited.
To configure SmartScreen message logging on VM1, you can follow these steps:
By enabling auditing for Plug and Play events, you can track events related to SmartScreen message display. These events will be logged in the Security log in Event Viewer. You can view the logs by opening Event Viewer and navigating to Windows Logs > Security.
Option A (From a command prompt, run WinRM quickconfig) is not relevant to configuring SmartScreen message logging.
Option C (From Event Viewer, enable the Debug log) is also not relevant to configuring SmartScreen message logging.
Option D (From the Windows Security app, configure the Virus & threat protection settings) is not relevant to configuring SmartScreen message logging. It only allows you to configure the settings for virus and threat protection, not auditing policies.