Monitor Cloud App Access Activities in Real Time

Correct Answer: D

You should create an Access Policy in Cloud App Security admin center.

After you create a conditional access policy in Azure AD to get your apps sessions to Cloud App Security, your application will appear in the Cloud App Security admin center under “Conditional Access App Control apps”

Now you can create an Access Policy for your app which will enable real-time monitoring of the application, as requested.

Option A is incorrect.

Session policies enables real-time session-level monitoring.

The request was monitoring of access in real time.

Option B is incorrect.

This feature connects Cloud App Security to a public app like Dropbox and GitHub, and is not the correct answer.

Option C is incorrect.

This adds an app to Intune.

Reference:

To know more about conditional access app control, please refer to the link below:

After registering the third-party cloud app and creating a conditional access policy in Azure AD, the next step is to enable monitoring of the app's access activities in real-time. This can be accomplished through Microsoft Cloud App Security, a comprehensive cloud access security broker (CASB) that allows organizations to gain visibility and control over their cloud apps and services.

The correct answer is A. In Cloud App Security admin center, create a Session Policy.

Here is a detailed explanation of why A is the correct answer:

A. In Cloud App Security admin center, create a Session Policy: Session Policies in Cloud App Security allow you to monitor and control user sessions in real-time. With session policies, you can define specific actions to take when certain conditions are met, such as blocking or logging user sessions based on specific criteria. To create a session policy for the third-party app in Cloud App Security, follow these steps:

1. Log in to the Microsoft Cloud App Security portal with your global administrator credentials.
2. Click on the "Policies" tab in the left-hand navigation menu.
3. Click on "Session Policies" and then click the "New Policy" button.
4. In the "General" tab, give your policy a name and description.
5. In the "Session Control" tab, select the third-party cloud app from the list of apps and set the conditions for the policy.
6. In the "Session Behavior" tab, select the actions to take when the policy conditions are met.
7. Click "Save" to create the policy.

With the session policy in place, you can now monitor and control user sessions for the third-party app in real-time.

B. In Cloud App Security admin center, connect an app: Connecting an app in Cloud App Security means integrating it with the CASB platform to enable monitoring and control of the app's usage. However, since you have already registered the app and created a conditional access policy in Azure AD, connecting the app in Cloud App Security is not necessary.

C. In Endpoint Management admin center, add an app: Endpoint Management is a separate service from Cloud App Security and is used for managing and securing mobile devices and apps. Adding the third-party app to Endpoint Management would not enable monitoring of the app's access activities in real-time.

D. In Cloud App Security admin center, create an Access Policy: Access Policies in Cloud App Security are used to define access controls and permissions for users and groups accessing cloud apps and services. However, creating an access policy would not enable monitoring of the third-party app's access activities in real-time.