Your organization uses Microsoft Defender for Cloud Apps. You need to create a policy that automatically blocks downloads of files containing sensitive information from SharePoint Online to unmanaged devices. What type of policy should you create?
Correct: Session policies can block downloads based on content inspection.
Why this answer
Session policies in Defender for Cloud Apps can monitor and control user sessions in real-time, including blocking downloads based on content inspection. Option A is wrong because file policies are for alerts and governance actions on files at rest. Option B is wrong because activity policies trigger on events but do not control sessions.
Option D is wrong because this is a broader tool, not a specific policy type for this scenario.