A user reports that their Windows 10 computer is displaying a 'Your IT department has limited access to some features of this app' message when trying to run a legacy application. The application worked before the latest Windows update. Which security feature is most likely causing this issue?
Application Guard uses container technology to isolate untrusted apps, and the message is typical when an app tries to access resources outside the container.
Why this answer
Windows Defender Application Guard (WDAG) is a security feature that isolates untrusted applications in a Hyper-V container, restricting their access to system resources. The 'Your IT department has limited access to some features of this app' message indicates that WDAG is blocking the legacy application, likely because the app is not trusted or is being treated as untrusted after a Windows update that tightened WDAG policies.
Exam trap
The common mistake is confusing User Account Control (UAC) with Windows Defender Application Guard. UAC prompts for elevation when an app requires administrator privileges, while Application Guard restricts app features in an isolated container. The message 'Your IT department has limited access to some features of this app' indicates Application Guard is blocking the legacy app.
How to eliminate wrong answers
Option A is wrong because Windows Defender Firewall with Advanced Security controls network traffic based on rules, not application-level feature access within the OS, and would not produce this specific message. Option C is wrong because User Account Control (UAC) prompts for elevation or blocks changes requiring admin rights, but it does not limit access to app features with this message; UAC uses consent prompts, not feature restriction messages. Option D is wrong because BitLocker Drive Encryption encrypts the entire drive to protect data at rest, and does not interact with running applications to limit their features.