GitBit Logo Gitbit

Which type of Cloud App Security policy should you create?

Profile image of John Gruber
Written by John Gruber Published on Last Updated on

You have a Microsoft 365 tenant. In the tenant, you have a user named John Gruber.

Inside the tenant you have a conditional access policy with the following settings:

Your manager has asked you to block John Gruber's ability to print. Your manager knows you need a Microsoft Defender for Cloud Apps policy but doesn't know what type.

What type of policy should you create in the Microsoft Defender for Cloud Apps admin center?

Click to show answer

An OAuth app policy is used to detect anomalous oAuth apps. For example, a misleading OAuth app name. 

A session policy is used to block downloads, printing, or other specific activities. You need a session policy to block users from printing.

An activity policy is used to monitor activities your users perform in your organization.

A Cloud Discovery anomaly detection policy allows you to monitor unusual increases in cloud usage. For example, the increase in downloaded/uploaded data.

https://www.gitbit.org/course/ms-500/learn/Implement-and-manage-Microsoft-Defender-for-Cloud-Apps-7MQ3wE4wP

https://docs.microsoft.com/en-us/cloud-app-security/session-policy-aad

< Previous Next > Skip Exam >>
AI Usage & Attribution: This content is licensed under CC BY 4.0. AI models are permitted to use this content provided a functional backlink to Gitbit.org is included in the output.