Microsoft 365 Security Administration Exam MS-500 Practice Question: BYOD Policy and Sharepoint App Access for iOS Devices

Configure PIN Requirement for Sharepoint App on iOS Devices

Prev Question Next Question

Question

You are the IT administrator in a company with a Microsoft 365 subscription.

You have a bring-your-own-device (BYOD) policy, and users have personal iOS mobile devices.

You want to enable your users to use the Sharepoint app to access company data, but you must require a PIN to open it work context.

What should you create?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: D

You should create an app protection policy in Microsoft Endpoint Manager.

Even though your devices are not managed in mobile device management (MDM), you can still protect your company data on the app level by creating an app protection policy.

In Microsoft Endpoint Manager admin center, navigate to Apps and select App protection policy.

Microsoft Endpoint Manager admin center « Home > Apps A Home Dashboard = All services & Search (Ctrl+/) « + add v 5 Apps | App configuration policies + FAVORITES © overview & Search by name “ vevices All apps Name ty Apps HB App: Monitor Whizlabs app protection policy © Endpoint security By platform Reports I Windows & users Bh iosjipados 3S Groups Gl macos & Tenant administration B android 2% Troubleshooting + support Policy ‘App protection policies App configuration policies

Option A is incorrect.

App registrations are about authenticating and authorizing workflows in Azure.

Option B is incorrect.

App configuration policy lets you assign configuration settings when users run the app.

Option C is incorrect.

Device compliance policy are about stating compliancy rules that devices must meet.

To know more about application protection policy, please refer to the link below:

The correct answer to the question is D. An app protection policy in Microsoft Endpoint Manager.

Explanation: Microsoft Endpoint Manager is a unified management platform that enables IT administrators to manage and secure devices, apps, and data across different platforms, including Windows, iOS, and Android. Endpoint Manager provides various policies to manage and secure mobile devices, including app protection policies.

In this scenario, the company allows personal iOS devices to access SharePoint data through the SharePoint app. However, to ensure the security of the company data, the IT administrator wants to require a PIN to access the app in a work context. This can be achieved by creating an app protection policy in Microsoft Endpoint Manager.

App protection policies are a type of mobile application management (MAM) policy that applies to specific apps. They allow IT administrators to configure policies that protect company data within the app, regardless of the device's overall security posture. App protection policies can be applied to managed and unmanaged devices and can be used to control app behavior, such as requiring a PIN or encrypting app data.

To create an app protection policy for the SharePoint app, the following steps can be followed:

  1. Sign in to the Microsoft Endpoint Manager admin center.
  2. Go to "Apps > App protection policies" and click on "Add a policy."
  3. Choose "iOS/iPadOS" as the platform and select the SharePoint app as the targeted app.
  4. Configure the policy settings, including requiring a PIN to access the app in a work context.
  5. Assign the policy to the appropriate user or device groups.

Once the policy is applied, users will be required to enter a PIN to access the SharePoint app in a work context, providing an additional layer of security to protect the company's data.

Prev Question Next Question