Configure Safe Attachment Policy in Microsoft 365 for E5 Licenses

Configure Safe Attachment Policy for Microsoft 365 E5 Licenses

Question

You have a Microsoft 365 subscription and Microsoft 365 E5 licenses assigned to your users.

You are using Microsoft Defender for Office 365, and you configure a safe attachment policy for your Sales department.

You want the emails containing malicious attachments to be delivered without the attachment.

How should you configure the policy?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: B

You should configure the policy with the Replace-control.

When enabled, detected malware attachments will be removed, but the message will be delivered (without the attachment).

Option A is incorrect.This control prevents messages with detected malware attachments from being delivered.

Option C is incorrect.

This control replaces the attachment with a placeholder until the Safe attachment scanning is complete.

If found to be safe, the attachment is then released to the user.

Option D is incorrect.

This control only tracks what happens with detected malware.

To know more about Safe attachment configurations, please refer to the link below:

The correct answer to the question is option B, "Replace."

Explanation:

Microsoft Defender for Office 365 is a security solution that helps to protect your organization against various email-based threats, such as malware, phishing, and spam. One of the features of Defender for Office 365 is Safe Attachments, which is designed to help prevent malware from reaching your users' mailboxes.

Safe Attachments works by creating a sandbox environment to test attachments that are suspected of being malicious. If an attachment is found to be safe, it is delivered to the recipient's mailbox. However, if an attachment is found to be malicious, the default behavior is to quarantine the message and send a notification to the recipient.

In this scenario, the question asks how to configure a safe attachment policy for the Sales department to ensure that emails containing malicious attachments are delivered without the attachment. The best way to achieve this is by using the "Replace" option.

The "Replace" option replaces the original attachment with a new, safe attachment that contains a message informing the recipient that the original attachment was removed for security reasons. This allows the recipient to still receive the email without the risk of malware infecting their device.

The other options available are:

A. "Block" - This option blocks the entire email, including the message, if a malicious attachment is detected.

C. "Dynamic Delivery" - This option delivers the email to the recipient's mailbox without the attachment, but includes a link to download the attachment from a secure location.

D. "Monitor" - This option only logs the activity without taking any action.

Therefore, the best option to configure the safe attachment policy for the Sales department to deliver emails without the attachment is "Replace."