Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant and 500 computers that run Windows 10
The computers are onboarded to the Microsoft 365 compliance center.
You discover that a third-party application named Tailspin_scanner.exe accessed protected sensitive information on multiple computers.
Tailspin_scanner.exe is installed locally on the computers.
You need to block Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Solution: From the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings, you add a folder path to the file path exclusions.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B.
Folder path to the file path exclusions excludes certain paths and files from DLP monitoring.
Use the unallowed apps list instead.
https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-using?view=o365-worldwideThe proposed solution to add a folder path to the file path exclusions from the Microsoft 365 Endpoint data loss prevention (Endpoint DLP) settings does not meet the goal of blocking Tailspin_scanner.exe from accessing sensitive documents without preventing the application from accessing other documents.
Adding a folder path to the file path exclusions in Endpoint DLP settings would exclude all files in that particular folder and its subfolders from being scanned by Endpoint DLP, but it would not specifically block Tailspin_scanner.exe from accessing sensitive documents.
To meet the stated goal, you could use Windows Defender Application Control (WDAC) to create a rule that blocks Tailspin_scanner.exe from accessing sensitive documents while allowing it to access other documents. WDAC is a security feature in Windows 10 that helps prevent malicious code from running on a device.
To create a rule in WDAC to block Tailspin_scanner.exe from accessing sensitive documents, you would need to perform the following steps:
By following these steps, Tailspin_scanner.exe would be prevented from accessing the sensitive documents, while still being able to access other documents.