Online 350-701 Questions Video

Device compliance is the state of devices meeting the standards and regulations for the industry or organization. Device compliance policies define the rules and settings that users and devices must meet to be compliant, such as minimum operating systems, disk encryption, or Secure Boot. Device compliance policies can also include actions that apply to devices that are noncompliant, such as alerting users, blocking access, or wiping data. Device compliance policies can be integrated with Conditional Access, which can enforce attribute-driven policies based on the compliance status of the device. Attribute-driven policies are policies that use attributes of the device, user, or resource to determine the level of access or protection. For example, a policy can allow access to a resource only if the device is compliant, the user is in a certain group, and the resource is in a certain location. Attribute-driven policies provide more granular and flexible control over access and security than traditional policies based on roles or permissions. Therefore, the benefit of performing device compliance is providing attribute-driven policies, which is option D. References:

Device compliance policies in Microsoft Intune

Device Compliance settings for Windows 10/11 in Intune

Device Compliance: What it is and why you should use it

Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0

Explanation

The command “crypto isakmp identity address 172.19.20.24” is not valid. We can only use “crypto isakmp

identity {address | hostname}. The following example uses preshared keys at two peers and sets both their

ISAKMP identities to the IP address.

At the local peer (at 10.0.0.1) the ISAKMP identity is set and the preshared key is specified:

crypto isakmp identity address

crypto isakmp key sharedkeystring address 192.168.1.33

At the remote peer (at 192.168.1.33) the ISAKMP identity is set and the same preshared key is specified:

crypto isakmp identity address

crypto isakmp key sharedkeystring address 10.0.0.1