Your customer has a requirement to prevent certain apps from using an active VPN on a fully-managed device. Which one would be the recommended way to configure this?
- (A) Add the applications that should go through the VPN to the allowlist
- (B) Assign managed application configurations to the applications on the denylist with policies to prevent use of the VPN
- (C) Block traffic to and from the app on the local network
- (D) Create a work profile on the fully managed device and route all traffic through the whole work profile