A multinational company is implementing a Zero Trust security model. The security team needs to ensure that all access requests to critical applications are evaluated based on user identity, device health, and real-time risk signals. Which Microsoft solution should they use to centralize policy enforcement?
Trap 1: Microsoft Defender for Cloud Apps
Used for cloud app discovery and data protection, not authentication policy enforcement.
Trap 2: Azure AD Identity Protection
Detects identity risks but does not enforce access policies; works with Conditional Access.
Trap 3: Microsoft Purview Compliance Manager
Provides compliance assessments, not real-time access policy enforcement.
- A
Microsoft Defender for Cloud Apps
Why wrong: Used for cloud app discovery and data protection, not authentication policy enforcement.
- B
Microsoft Entra Conditional Access
Centralizes policy evaluation based on user, device, and risk signals.
- C
Azure AD Identity Protection
Why wrong: Detects identity risks but does not enforce access policies; works with Conditional Access.
- D
Microsoft Purview Compliance Manager
Why wrong: Provides compliance assessments, not real-time access policy enforcement.