🔥 3-day streak
Microsoft Cybersecurity Architect Expert156 / 158
Question 156 of 158

A financial services company is adopting the Zero Trust model and wants to strengthen the 'endpoints' pillar. Employees use a mix of corporate-managed Windows laptops and unmanaged personal devices to access a sensitive SaaS finance application through Microsoft Entra ID. Security leadership requires that only devices proven healthy and compliant at the moment of sign-in can reach the application, while unmanaged devices should be limited to browser-only access with no download capability. Which design best aligns with Zero Trust principles for verifying device signals explicitly?

Reviewed for accuracy · Report an issueNext question