What is the scope of the default Block Sender policy?

The correct answer is that the default Block Sender policy is scoped to a specific group in the organization. This means that when this policy is applied, it targets a predefined set of users, ensuring that only those users who are members of that specific group will experience the effects of the Block Sender policy.

This grouping allows for a more organized and effective way of managing email security, as it enables administrators to control which users are protected from unwanted communications from specific senders without affecting the entire organization. By limiting the policy to a specific group, it gives flexibility and granularity in email security management, allowing for tailored policies that meet the needs of different departments or teams.

In the context of other options, it’s important to note that while applying the policy only to selected users might seem plausible, it lacks the structural organization that comes from grouping users. The option stating that the policy is scoped to external recipients misinterprets the intent of the Block Sender policy, which is more about user control within the organization rather than solely targeting external communications. Lastly, suggesting that the policy applies to no one by default is misleading, as the purpose of a default policy is to provide a baseline for security that can be adjusted as needed rather than being entirely inactive.