What should you do?

You have a Microsoft Exchange Online tenant named contoso.com that uses Microsoft 365 Defender and contains a security group named Executives.

You perform the following tasks:

+ Configure a Strict protection preset security policy and apply the policy to the Executives group.

+ Create a Safe Attachments policy named Policy! and apply the policy to contoso.com.

You discover that Policy1 failed to apply to the Executives group.

You need to ensure that Policy1 is applied to all the members of the Executives group.

What should you do?
A . Increase the priority of Policy1.
B. Decrease the priority of Strict Preset Security Policy.
C. Remove the Executives group from the Strict protection preset security policy.
D. Modify the Strict protection preset security policy to match Policy! and assign the Strict protection preset security policy to contoso.com.

View Answer

Answer: C

Explanation:

✑ Remove the Executives group from the Strict protection preset security policy1. Preset security policies are policies that provide a centralized location for applying all of the recommended spam, malware, and phishing policies to users at once1. The policy settings are not configurable and are set by Microsoft based on best practices1.

There are two types of preset security policies: Standard protection and Strict protection1 . Standard protection is a baseline protection profile that’s suitable for most users1. Strict protection is a more aggressive protection profile for selected users who are high value targets or priority users1.

If you want to apply Policy1 to the Executives group, you need to remove them from the Strict protection preset security policy first. Otherwise, the preset security policy will take precedence over Policy1 and prevent it from being applied2.

To remove the Executives group from the Strict protection preset security policy, you can follow these steps2:

✑ Login to the Microsoft Security portal at https://security.microsoft.com.

✑ On the left nav, under Email & collaboration, select Policies & rules.

✑ Select Threat policies.

✑ Select Preset Security Policies underneath the Templated policies heading

✑ Select Manage underneath the Strict protection preset.

✑ Select Specific recipients and remove the Executives group from the list of recipients.

✑ Select Save.