You have a Microsoft 365 tenant.
All users have computers that run Windows 10
Most computers are company-owned and joined to Azure Active Directory (Azure AD)
Some computers are user- owned and are only registered in Azure AD.
You need to prevent users who connect to Microsoft SharePoint Online on their user-owned computer from downloading or syncing files.
Other users must NOT be restricted.
Which policy type should you create?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aadThe correct answer is C. an Azure AD conditional access policy that has client apps conditions configured.
Explanation: The scenario describes a requirement to prevent users from downloading or syncing files from Microsoft SharePoint Online on their user-owned computers. This requirement can be achieved through the use of a conditional access policy that targets access to SharePoint Online and enforces certain conditions based on the client app that is being used to access SharePoint Online.
Azure AD conditional access policies allow you to define conditions under which users can access cloud applications like SharePoint Online. These conditions can include factors like user location, device compliance, and client app used for access. By defining a conditional access policy that specifically targets access to SharePoint Online, you can ensure that only users who meet the policy requirements are able to access SharePoint Online.
In this scenario, the policy should be configured to target client apps used for access, specifically preventing users who are accessing SharePoint Online from user-owned computers from being able to download or sync files. This can be achieved by setting a condition on the policy that requires the client app used for access to be a company-owned device, which would exclude users who are accessing SharePoint Online from their personal devices.
Therefore, the correct answer is C. an Azure AD conditional access policy that has client apps conditions configured. This policy can be configured to enforce specific requirements for accessing SharePoint Online based on the client app used for access, and can be targeted to only apply to users who are accessing SharePoint Online from their personal devices.