Pre-Summer Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. Microsoft
  3. Microsoft 365 Certified: Endpoint Administrator Associate
  4. MD-102
  5. MD-102 - Endpoint Administrator

Microsoft MD-102 Endpoint Administrator Exam Practice Test

Page: 1 / 36
Total 363 questions
Get MD-102 Full Access Download MD-102 PDF

Endpoint Administrator Questions and Answers

Question 1

Which user can enroll Device6 in Intune?

Options:

A.

User4 and User2 only

B.

User4 and User 1 only

C.

User1, User2, User3, and User4

D.

User4. User Land User2 only

Question 2

User1 and User2 plan to use Sync your settings.

On which devices can the users use Sync your settings? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 2

Options:

Question 3

Which devices are registered by using the Windows Autopilot deployment service?

Options:

A.

Device1 only

B.

Device3 only

C.

Device1 and Device3 only

D.

Device1, Device2, and Device3

Question 4

Which users can purchase and assign App1?

Options:

A.

User3 only

B.

User1 and User3 only

C.

User1, User2, User3, and User4

D.

User1, User3, and User4 only

E.

User3 and User4 only

Question 5

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 5

Options:

Question 6

You implement the planned changes for Connection1 and Connection2

How many VPN connections will there be for User1 when the user signs in to Device 1 and Devke2? To answer select the appropriate options in the answer area.

NOTE; Each correct selection is worth one point.

Question # 6

Options:

Question 7

You implement Boundary1 based on the planned changes.

Which devices have a network boundary of 192.168.1.0/24 applied?

Options:

A.

Device2 only

B.

Device3 only

C.

Device 1. Device2. and Device5 only

D.

Device 1, Device2, Device3, and Device4 only

Question 8

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 8

Options:

Question 9

You need to ensure that computer objects can be created as part of the Windows Autopilot deployment. The solution must meet the technical requirements.

To what should you grant the right to create the computer objects?

Options:

A.

Server2

B.

Server1

C.

GroupA

D.

DC1

Question 10

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question # 10

Options:

Question 11

You need to resolve the performance issues in the Los Angeles office.

How should you configure the update settings? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 11

Options:

Question 12

You need to meet the OOBE requirements for Windows AutoPilot.

Which two settings should you configure from the Azure Active Directory blade? To answer, select the appropriate settings in the answer area.

NOTE: Each correct selection is worth one point.

Question # 12

Options:

Question 13

You need to meet the technical requirements for Windows AutoPilot.

Which two settings should you configure from the Azure Active Directory blade? To answer, select the appropriate settings in the answer area.

NOTE: Each correct selection is worth one point.

Question # 13

Options:

Question 14

You need to capture the required information for the sales department computers to meet the technical

requirements.

Which Windows PowerShell command should you run first?

Options:

A.

Install-Module WindowsAutoPilotIntune

B.

Install-Script Get-WindowsAutoPilotInfo

C.

Import-AutoPilotCSV

D.

Get-WindowsAutoPilotInfo

Question 15

You need to meet the device management requirements for the developers.

What should you implement?

Options:

A.

folder redirection

B.

Enterprise State Roaming

C.

home folders

D.

known folder redirection in Microsoft OneDrive

Question 16

What should you use to meet the technical requirements for Azure DevOps?

Options:

A.

An app protection policy

B.

Windows Information Protection (WIP)

C.

Conditional access

D.

A device configuration profile

Question 17

What should you upgrade before you can configure the environment to support co-management?

Options:

A.

the domain functional level

B.

Configuration Manager

C.

the domain controllers

D.

Windows Server Update Services (WSUS)

Question 18

What should you configure to meet the technical requirements for the Azure AD-joined computers?

Options:

A.

Windows Hello for Business from the Microsoft Intune blade in the Azure portal.

B.

The Accounts options in an endpoint protection profile.

C.

The Password Policy settings in a Group Policy object (GPO).

D.

A password policy from the Microsoft Office 365 portal.

Question 19

You need to recommend a solution to meet the device management requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 19

Options:

Question 20

You need a new conditional access policy that has an assignment for Office 365 Exchange Online.

You need to configure the policy to meet the technical requirements for Group4.

Which two settings should you configure in the policy? To answer, select the appropriate settings in the answer area.

NOTE: Each correct selection is worth one point.

Question # 20

Options:

Question 21

You need to prepare for the deployment of the Phoenix office computers.

What should you do first?

Options:

A.

Generalize the computers and configure the Mobility (MDM and MAM) settings from the Azure Active Directory admin center.

B.

Extract the hardware ID information of each computer to a CSV file and upload the file from the Microsoft Intune blade in the Azure portal.

C.

Extract the hardware ID information of each computer to an XML file and upload the file from the Devices settings in Microsoft Store for Business.

D.

Extract the serial number information of each computer to a CSV file and upload the file from the Microsoft Intune blade in the Azure portal.

Question 22

You need to meet the technical requirements for the iOS devices.

Which object should you create in Intune?

Options:

A.

A compliance policy

B.

An app protection policy

C.

A Deployment profile

D.

A device configuration profile

Question 23

To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 23

Options:

Question 24

What is the maximum number of devices that User1 and User2 can enroll in Intune? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 24

Options:

Question 25

You need to prepare for the deployment of the Phoenix office computers.

What should you do first?

Options:

A.

Extract the hardware ID information of each computer to a CSV file and upload the file from the Devices settings in Microsoft Store for Business.

B.

Generalize the computers and configure the Mobility (MDM and MAM) settings from the Azure ActiveDirectory blade in the Azure portal.

C.

Generalize the computers and configure the Device settings from the Azure Active Directory blade in the Azure portal.

D.

Extract the hardware ID information of each computer to an XLSX file and upload the file from the Devices settings in Microsoft Store for Business.

Question 26

You need to meet the technical requirements for the IT department.

What should you do first?

Options:

A.

From the Azure Active Directory blade in the Azure portal, enable Seamless single sign-on.

B.

From the Configuration Manager console, add an Intune subscription.

C.

From the Azure Active Directory blade in the Azure portal, configure the Mobility (MDM and MAM) settings.

D.

From the Microsoft Intune blade in the Azure portal, configure the Windows enrollment settings.

Question 27

You need to meet the technical requirements for the new HR department computers.

How should you configure the provisioning package? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 27

Options:

Question 28

You have a Microsoft 365 subscription that includes Microsoft Intune.

You need to implement a Microsoft Defender for Endpoint solution that meets the following requirements:

• Enforces compliance for Defender for Endpoint by using Conditional Access

• Prevents suspicious scripts from running on devices

What should you configure? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Question # 28

Options:

Question 29

You have a Microsoft 365 E5 subscription. The subscription contains devices that are Microsoft Entra joined and enrolled in Microsoft Intune.

You create a user named User1.

You need to ensure that User1 can rotate Bitlocker recovery keys by using Intune.

Solution: From the Microsoft Intune admin center, you assign the Help Desk Operator role to User1.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 30

Your company has a Microsoft 365 subscription.

All the users in the finance department own personal devices that run iOS or Android. All the devices are enrolled in Microsoft Intune.

The finance department adds new users each month.

The company develops a mobile application named App1 for the finance department users.

You need to ensure that only the finance department users can download Appl.

What should you do first?

Options:

A.

Register App1 in Microsoft Entra.

B.

Add App1 to the vendor stores for iOS and Android applications.

C.

Add App1 to a Microsoft Deployment Toolkit (MDT) deployment share.

D.

Add App1 to Intune.

Question 31

You have a Microsoft Entra tenant that contains the groups shown in the following table.

Question # 31

Microsoft Intune is configured with the enrollment restrictions shown in the following table.

Question # 31

You purchase the devices shown in the following table.

Question # 31

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 31

Options:

Question 32

You have a Microsoft 365 subscription that contains two security groups named Group1 and Group2. Microsoft 365 uses Microsoft Intune Suite.

You use Microsoft Intune to manage devices.

You need to assign roles in Intune to meet the following requirements:

• The members of Group1 must manage Intune roles and assignments.

• The members of Group2 must assign existing apps and policies to users and devices.

The solution must follow the principle of least privilege.

Which role should you assign to each group? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 32

Options:

Question 33

You have a Microsoft 365 E5 subscription.

All Windows devices are enrolled in Microsoft Intune.

You need to deploy the Remote Help app to all the devices.

The solution must minimize administrative effort.

Which type of app should you deploy?

Options:

A.

Windows app (Win32)

B.

Microsoft Store

C.

line-of-business (LOB)

D.

Microsoft 365

Question 34

You have a Microsoft 365 subscription that contains a user named User1. The subscription contains devices enrolled in Microsoft intune as shown in the following table.

Question # 34

Microsoft Edge is available on all the devices.

Intune has the device compliance policies shown in the following table.

Question # 34

The Compliance policy settings are configured as shown in the exhibit. (Click the Exhibit tab.) You create the following Conditional Access policy:

Question # 34

• Name: Policy1

• Assignments

o Users and groups: User1

o Cloud apps or actions: Office 365 SharePoint Online

• Access controls

o Grant Require device to be marked as compliant

• Enable policy: On

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question # 34

Options:

Question 35

You install a feature update on a computer that runs Windows 10.

How many days do you have to roll back the update?

Options:

A.

5

B.

10

C.

14

D.

30

Question 36

Your network contains an on-premises Active Directory domain and an Azure AD tenant.

The Default Domain Policy Group Policy Object (GPO) contains the settings shown in the following table.

Question # 36

Which device configuration profile type template should you use?

Options:

A.

Administrative Templates

B.

Endpoint protection

C.

Device restrictions

D.

Custom

Question 37

Your network contains an Active Directory domain. The domain contains 1.000 computers that run Windows 11.

You need to configure the Remote Desktop settings of all the computers. The solution must meet the following requirements:

• Prevent the sharing of clipboard contents.

• Ensure that users authenticate by using Network Level Authentication (NLA).

Which two nodes of the Group Policy Management Editor should you use? To answer, select the appropriate nodes in the answer area. NOTE: Each correct selection is worth one point.

Question # 37

Options:

Question 38

You have a Microsoft 365 E5 subscription that contains devices enrolled in Microsoft Intune as shown in the following table.

Question # 38

The Remote Help Tier1 role is configured as shown in the following exhibit.

Question # 38

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 38

Options:

Question 39

Your company has an infrastructure that has the following:

• A Microsoft 365 tenant

• An Active Directory forest

• Microsoft Intune

• A Key Management Service (KMS) server

• A Windows Deployment Services (WDS) server

• An Azure AD Premium tenant

The company purchases 100 new client computers that run Windows.

You need to ensure that the new computers are joined automatically to Azure AD by using Windows Autopilot.

What should you use? To answer, select the appropriate options in the answer area,

NOTE: Each correct selection is worth one point.

Question # 39

Options:

Question 40

You have a Microsoft 365 subscription that contains a user named User1.

You use Microsoft in tune to manage devices that run Windows 11.

You need to remove User1 from the local Administrators group on all enrolled devices. The solution must minimize administrative effort.

What should you configure?

Options:

A.

a device compliance policy

B.

an app configuration policy

C.

an account protection policy

Question 41

You have a Microsoft 365 subscription. You plan to enroll 25 new devices in Microsoft Intune. You need to configure an enrollment notification for the new devices.

Following three which two types of notifications can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Options:

A.

push

B.

SMS

C.

email

D.

phone call

E.

Microsoft Teams message

Question 42

You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.

Question # 42

You need to create two dynamic device groups named Group1 and Group2. The solution must meet the following requirements:

• Group1 must contain Device1 and Device2 only.

• Group2 must contain Device1 and Device3 only.

Which device membership rule should you configure for each group? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question # 42

Options:

Question 43

You have a Microsoft 365 subscription that includes Microsoft Intune and Microsoft Defender for Endpoint.

Users have devices that run Windows 11.

You deploy a connection from Defender for Endpoint to Intune.

You need to ensure that when a device is enrolled in Intune, the device is onboarded automatically to Defender for Endpoint

What should you configure, and which portal should you use? To answer, select the appropriate options in the answer area

NOTE: Each correct selection is worth one point.

Question # 43

Options:

Question 44

Your network contains an Active Directory domain. Active Directory is synced with Microsoft Azure Active Directory (Azure AD).

There are 500 Active Directory domain-joined computers that run Windows 10 and are enrolled in Microsoft Intune.

You plan to implement Microsoft Defender Exploit Guard.

You need to create a custom Microsoft Defender Exploit Guard policy, and then distribute the policy to all the computers.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 44

Options:

Question 45

You have a Microsoft 365 tenant that contains the objects shown in the following table.

Question # 45

You are creating a compliance policy named Compliance1.

Which objects can you specify in Compliance1 as additional recipients of noncompliance notifications?

Options:

A.

Group3 and Group4 only

B.

Group3, Group4, and Admin1 only

C.

Group1, Group2, and Group3 only

D.

Group1, Group2, Group3, and Group4 only

E.

Group1, Group2, Group3, Group4, and Admin1

Question 46

Your company uses Microsoft Intune to manage devices.

You need to ensure that only Android devices that use Android work profiles can enroll in intune.

Which two configurations should you perform in the device enrollment restrictions? Each correct answer presents part of the solution.

NOTE Each correct selection is worth one point.

Options:

A.

From Platform Settings, set Android device administrator Personally Owned to Block.

B.

From Platform Settings, set Android Enterprise (work profile) to Allow.

C.

From Platform Settings, set Android device administrator Personally Owned to Allow

D.

From Platform Settings, set Android device administrator to Block.

Question 47

In Microsoft Intune, you have the device compliance policies shown in the following table.

Question # 47

The Intune compliance policy settings are configured as shown in the following exhibit.

Question # 47

On June 1, you enroll Windows 11 devices in Intune as shown in the following table.

Question # 47

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point

Question # 47

Options:

Question 48

You have a Microsoft 365 E5 subscription that contains a group named Group1. You need to ensure that only the members of Group1 can join devices to the Microsoft Entra tenant. What should you configure in the Microsoft Entra admin center?

Options:

A.

Enterprise State Roaming

B.

Mobility

C.

Device settings

D.

User settings

Question 49

You have an Azure AD group named Group1. Group! contains two Windows 10 Enterprise devices named Device1 and Device2. You create a device configuration profile named Profile1. You assign Profile! to Group1. You need to ensure that Profile! applies to Device1 only. What should you modify in Profile 1?

Options:

A.

Assignments

B.

Settings

C.

Scope (Tags)

D.

Applicability Rules

Question 50

You have a Microsoft 365 E5 subscription.

You have a Microsoft Intune enrollment profile for Android Enterprise devices that has the following settings:

• Name: Profile1

• Token type: Corporate-owned, fully managed

You need to enroll a new Android device in Intune by using Profile1. What should you use to enroll the device?

Options:

A.

aQRcode

B.

the Microsoft Authenticate app

C.

the Intune app

D.

the Company Portal app

Question 51

You have a Microsoft 365 E5 subscription that is linked to a Microsoft Entra tenant named contoso.com. The subscription contains a user named User1 and a new Windows 11 device named Device1.

User1 must enroll Device1 in Microsoft Intune automatically.

You need to ensure that all other users cannot use automatic enrollment.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 51

Options:

Question 52

You have a Microsoft 365 subscription and use Microsoft Intune.

You have the Endpoint Privilege Management (EPM) elevation settings policy shown in the following exhibit.

Question # 52

No EPM elevation rules policies are configured.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Question # 52

Options:

Question 53

Your network contains an Active Directory domain. The domain contains 2,000 computers that run Windows 10. You implement hybrid Azure AD and Microsoft Intune.

You need to automatically register all the existing computers to Azure AD and enroll the computers in Intune. The solution must minimize administrative effort.

What should you use?

Options:

A.

an Autodiscover address record

B.

a Group Policy object (GPO)

C.

an Autodiscover service connection point (SCP)

D.

a Windows Autopilot deployment profile

Question 54

You have an on-premises Active Directory domain that syncs to Azure AD tenant.

The tenant contains computers that run Windows 10. The computers are hybrid Azure AD joined and enrolled in Microsoft Intune. The Microsoft Office settings on the computers are configured by using an Group Policy Object (GPO).

You need to migrate the GPO to Intune.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 54

Options:

Load More MD-102 Questions 
Page: 1 / 36
Total 363 questions
Get MD-102 Full Access Download MD-102 PDF