contestada

you have a microsoft 365 subscription. all computers are enrolled in microsoft intune enterprise mobility security (ems). you have business requirements for securing your windows 10 devices. you need to lock any device that has a high windows defender advanced threat protection (atp) risk score. which device configuration profile type should you use to accomplish this task?

Respuesta :

To lock a device that has a Windows Defender Advanced Threat Protection (ATP) risk score using Microsoft Intune, you can use the Compliance Policy device configuration profile type.

To create a Compliance Policy profile in Microsoft Intune:

  • Sign in to the Microsoft Endpoint Manager admin center.

  • Go to Devices > Configuration profiles > Create profile.

  • Select Windows 10 and later as the platform.

  • Select Compliance Policy as the profile type.

  • In the Settings section, click Add to add a new setting.

  • Select Windows Defender ATP > Require ATP security risk level to be above a certain level > Configure.

  • Set the required ATP security risk level and choose whether to block or allow access to the device based on the risk level.

  • Click OK to save the setting.

  • Click Create to save the Compliance Policy profile.

  • Assign the Compliance Policy profile to the relevant group of devices through the Assignments tab.

This will enforce the specified security risk level for the devices and lock any device that has a risk score above the specified level.

To learn more about Windows Defender, visit: https://brainly.com/question/29352945

#SPJ4