Configure Tamper Protection for Specific Applications
Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Server1 that runs Windows Server.
You need to ensure that only specific applications can modify the data in protected folders on Server1.
Solution: From Virus & threat protection, you configure Tamper Protection
Does this meet the goal?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B.B
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlled-folders?view=o365-worldwideNo, configuring Tamper Protection from Virus & threat protection on Server1 will not meet the stated goal of allowing only specific applications to modify data in protected folders.
Tamper Protection is a security feature in Windows Defender that prevents malicious applications from disabling Windows Defender features or modifying important system settings. It does not provide granular control over which applications are allowed to modify data in specific folders.
To allow only specific applications to modify data in protected folders, you can use the Windows built-in feature called "Controlled Folder Access." Controlled Folder Access is a feature that can be enabled on Windows Server that prevents unauthorized access to sensitive data by allowing only trusted applications to modify protected folders. This feature can be configured using Group Policy or Windows PowerShell.
To configure Controlled Folder Access using Group Policy, follow these steps:
- Open the Group Policy Management Console on your domain controller.
- Create or edit a Group Policy Object (GPO) that applies to Server1.
- Navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access.
- Enable the "Configure Controlled Folder Access" policy setting and select "Enabled."
- Click the "Edit" button to configure the protected folders and trusted applications.
You can then specify the folders that you want to protect and add the specific applications that are allowed to modify data in those folders. This provides granular control over which applications are allowed to modify data in protected folders, ensuring that only authorized applications are able to access sensitive data.
In summary, configuring Tamper Protection from Virus & threat protection on Server1 will not meet the goal of allowing only specific applications to modify data in protected folders. Controlled Folder Access is the appropriate feature to use to achieve this goal.
