You have a Microsoft 365 tenant that contains 1,000 Windows 10 devices. The devices are enrolled in Microsoft Intune.
Company policy requires that the devices have the following configurations:
Require complex passwords.
Require the encryption of removable data storage devices.
Have Microsoft Defender Antivirus real-time protection enabled.
You need to configure the devices to meet the requirements.
What should you use?
A. an app configuration policy
B. a compliance policy
C. a security baseline profile
D. a conditional access policy
Answer is C – Security Baseline Profile
The question reads ‘You need to configure the devices to meet the requirements’
A compliance profile will only mark the device as compliant / non compliant based on a set criteria
To configure the devices we need a Security Baseline profile, this is based on MS best practice, and can be modified to meet the device requirements for this question.