A company uses Microsoft 365 and wants to protect its users from malicious links and attachments in email, as well as phishing attacks. Which Microsoft security solution is specifically designed for email and collaboration protection?
Defender for Office 365 safeguards Microsoft 365 email, Teams, and SharePoint from threats like phishing, malicious links, and attachments.
Why this answer
Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection) is the dedicated security solution for email and collaboration workloads. It provides protection against malicious links (Safe Links), malicious attachments (Safe Attachments), and anti-phishing policies specifically for Exchange Online, SharePoint, OneDrive, and Teams. This directly matches the question's requirement for email and collaboration protection.
Exam trap
The trap here is that candidates often confuse Microsoft Defender for Endpoint (device protection) with Microsoft Defender for Office 365 (email and collaboration protection), because both names start with 'Microsoft Defender' and both involve threat detection, but they protect completely different attack surfaces.
How to eliminate wrong answers
Option A is wrong because Microsoft Defender for Endpoint is designed for endpoint devices (Windows, macOS, Linux, Android, iOS) and focuses on preventing, detecting, and responding to threats on those devices, not on email or collaboration content. Option C is wrong because Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that provides visibility, data loss prevention, and threat protection for cloud applications (e.g., Shadow IT discovery), not specifically for email and collaboration protection. Option D is wrong because Microsoft Defender for Identity is an on-premises Active Directory security solution that uses signals to detect advanced attacks like Pass-the-Hash and Kerberos Golden Ticket attacks, not email or collaboration threats.