Microsoft 365 Certified Endpoint Administrator (MD-102) Practice Test

As an endpoint administrator, what should you recommend for configuring access to a sensitive application during business hours only?

• A. A) Configure Conditional Access policies
• B. B) Create and assign an access package
• C. C) Implement Azure AD Identity Protection
• D. D) Use Azure AD Application Proxy

The correct answer is: A) Configure Conditional Access policies

Recommending Conditional Access policies is an effective approach to configure access to a sensitive application during business hours only. Conditional Access policies enable you to define specific conditions under which users can access applications based on various criteria, such as the user's location, device state, or the time of day. By using this feature, you can create a policy that restricts access to the sensitive application so that it is only available during defined business hours. For example, you could specify that access is granted only between 9 AM and 5 PM, thus ensuring that users cannot log in outside of these times. This level of granularity in access control helps to protect sensitive applications from unauthorized access outside normal operating hours, thereby reducing the risk of data breaches or unauthorized usage. Other options, while beneficial in different contexts, do not directly address the requirement for time-based access control in the same way. For instance, access packages are more suited for broader group access and assignment scenarios, Azure AD Identity Protection focuses on risk detection and response, and the Azure AD Application Proxy primarily provides secure remote access without explicitly controlling access based on time.