You have a Microsoft 365 tenant. In the tenant, you have a user named John Gruber.
Inside the tenant you have a conditional access policy with the following settings:
- Users or workload identities: John Gruber
- Cloud apps or actions: Office 365 Exchange Online
- Session: Use Conditional Access App Control.
Your manager has asked you to block John Gruber's ability to print. Your manager knows you need a Microsoft Defender for Cloud Apps policy but doesn't know what type.
What type of policy should you create in the Microsoft Defender for Cloud Apps admin center?
An OAuth app policy is used to detect anomalous oAuth apps. For example, a misleading OAuth app name.
A session policy is used to block downloads, printing, or other specific activities. You need a session policy to block users from printing.
An activity policy is used to monitor activities your users perform in your organization.
A Cloud Discovery anomaly detection policy allows you to monitor unusual increases in cloud usage. For example, the increase in downloaded/uploaded data.