This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Contoso wants to remove permanent local administrator rights from end users without breaking apps that legitimately need to elevate. Which Endpoint Privilege Management capability addresses this requirement?
Just-in-time elevation for approved applications under EPM policy.
Adding all users back to the local Administrators group.
Disabling User Account Control (UAC) on all managed devices.
Where do you configure EPM elevation rules and policies?
In each device's local Group Policy editor.
In the Microsoft Intune admin center, under Endpoint security.
Through registry edits deployed by PowerShell scripts.
After deploying EPM, why is it important to review elevation reports?
Reports automatically grant new applications elevation rights.
To audit how elevation is being used, identify policies that need tuning, and detect misuse.
To allow end users to approve their own elevation requests.
You must answer all questions before checking your work.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?