Restricting File Download and Sync in SharePoint Online on User-Owned Computers

B.

The correct answer is C. an Azure AD conditional access policy that has client apps conditions configured.

Explanation: The scenario describes a requirement to prevent users from downloading or syncing files from Microsoft SharePoint Online on their user-owned computers. This requirement can be achieved through the use of a conditional access policy that targets access to SharePoint Online and enforces certain conditions based on the client app that is being used to access SharePoint Online.

Azure AD conditional access policies allow you to define conditions under which users can access cloud applications like SharePoint Online. These conditions can include factors like user location, device compliance, and client app used for access. By defining a conditional access policy that specifically targets access to SharePoint Online, you can ensure that only users who meet the policy requirements are able to access SharePoint Online.

In this scenario, the policy should be configured to target client apps used for access, specifically preventing users who are accessing SharePoint Online from user-owned computers from being able to download or sync files. This can be achieved by setting a condition on the policy that requires the client app used for access to be a company-owned device, which would exclude users who are accessing SharePoint Online from their personal devices.

Therefore, the correct answer is C. an Azure AD conditional access policy that has client apps conditions configured. This policy can be configured to enforce specific requirements for accessing SharePoint Online based on the client app used for access, and can be targeted to only apply to users who are accessing SharePoint Online from their personal devices.