This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
What is Conditional Access?
Conditional Access allows anonymous users to access organizational resources on trusted devices.
Conditional Access prevents trusted users from accessing trusted devices and trusted apps.
Conditional Access ensures that only trusted users can access organizational resources on trusted devices using trusted apps.
When you assign a policy, what is the difference between using an assigned group and using a dynamic group?
An assigned group is a group of users or devices that you manually add into a static group. A dynamic group is a group of users or devices that are automatically assigned based on an expression you create. In addition, dynamic groups requires Microsoft Entra ID P1 or P2.
An assigned group is a group of users or devices that automatically set. A dynamic group is a group of users that you manually set.
For policies, there are no differences when assigning based on assigned group or dynamic group.
When would you assign a policy to a device group?
Assign a policy to a device group when you want to have different policy settings for each user.
If you want to apply policy settings on a device, regardless of who's signed in, then assign your policies to a device group.
If you don't want to have any policy settings for the device, use a device group.
It is possible to integrate Microsoft Defender ATP with Intune, but is it possible to integrate Microsoft Defender ATP with Configuration Manager?
Yes. Using tenant attach in a co-managed endpoint management scenario, you can integrate Configuration Manager with Microsoft Defender ATP to gain access to security tasks that help enterprises detect, investigate, and respond to advanced attacks on their networks.
No. You can only integrate Microsoft Defender ATP with Intune.
You must answer all questions before checking your work.
Was this page helpful?