MT.1017 and MT.1018 to enforce non persistent browser session for non-corporate devices suggestion

[JonesMikael]

This is something we usually configure and I agree it's good best practice.

However, we run mostly Cloud Only environments and want to keep just the following Filter for devices condition:

However, that will Fail the Maester test. It seems like it's required that you also add the following to Pass the test: device.trustType -eq "ServerAD"

I argue only one of them should be required to Pass the test.