100% Free MD-102 Exam Dumps to Pass Exam Easily from PassSureExam
Free MD-102 Exam Questions MD-102 Actual Free Exam Questions
Microsoft MD-102 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
NEW QUESTION # 60
Your network contains an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. You have the groups shown in the following table.
Which groups can you add to Group4?
- A. Group1, Group2, and Group3
- B. Group2only
- C. Group1 and Group2 only
- D. Group2 and Group3 only
Answer: D
NEW QUESTION # 61
Your network contains an on-premises Active Directory Domain Services {AD DS) domain that syncs with an Azure AD tenant by using Azure AD Connect.
You use Microsoft Intune and Configuration Manager to manage devices.
You need to recommend a deployment plan for new Windows 11 devices. The solution must meet the following requirements:
* Devices for the marketing department must be joined to the AD DS domain only. The IT department will install complex applications on the devices at build time, before giving the devices to the marketing department users.
* Devices for The sales department must be Azure AD joined. The devices will be shipped directly from the manufacturer to The homes of the sales department users.
* Administrative effort must be minimized.
Which deployment method should you recommend for each department? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 62
You have a Microsoft 365 subscription that has Windows 365 Enterprise licenses.
You plan to use a custom Windows 11 image as a template for Cloud PCs.
You have a Hyper-V virtual machine that runs Windows 11 and has the following configurations:
* Name: VM1
* Disk size: 64 GB
* Disk format: VHDX
* Disk type: Fixed size
* Generation: Generation 2
You need to ensure that you can use VM1 as a source for the custom image. What should you do on VM1 first?
- A. Change the disk format to the VHD
- B. Change the disk type to Dynamically expanding
- C. Increase the disk size.
- D. Change the generation to Generation 1.
Answer: A
NEW QUESTION # 63
You have devices enrolled in Microsoft Intune as shown in the following table.
On which devices can you apply app configuration policies?
- A. Device2, Device3, and Device4 only
- B. Device1, Device2, Device B, and Device4
- C. Device1 and Device2 only
- D. Device3 and Device4 only
- E. Device2 only
Answer: A
Explanation:
Explanation
The correct answer is D because app configuration policies can be applied to managed devices and managed apps1. Managed devices are enrolled and managed by Intune, while managed apps are integrated with Intune App SDK or wrapped using the Intune Wrapping Tool . Device2, Device3, and Device4 are either enrolled in Intune or have managed apps installed, so they can receive app configuration policies2. Device1 is not enrolled in any MDM solution and does not have any managed apps installed, so it cannot receive app configuration policies2. References: : App configuration policies for Microsoft Intune | Microsoft Learn
https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview 2: Policy sets - Microsoft Intune | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/fundamentals/policy-sets
NEW QUESTION # 64
You have a Microsoft Intune subscription that is configured to use a PFX certificate connector to an on-premises Enterprise certification authority (CA).
You need to use Intune to configure autoenrollment for Android devices by using public key pair (PKCS) certificates.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation:
Graphical user interface, text, application, email Description automatically generated
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/certificates-pfx-configure
NEW QUESTION # 65
You have a computer named Computed that has Windows 10 installed.
You create a Windows PowerShell script named config.psl.
You need to ensure that config.psl runs after feature updates are installed on Computer5.
Which file should you modify on Computer5?
- A. Unattendb*
- B. SetupConfig.ini
- C. LiteTouch.wsf
- D. Unattend.xml
Answer: B
Explanation:
SetupConfig.ini is a file that can be used to customize the behavior of Windows Setup during feature updates.
You can use this file to specify commands or scripts that run before or after the installation process. To run a PowerShell script after a feature update, you can use the PostOOBE parameter in SetupConfig.ini and specify the path to the script file. References: [SetupConfig.ini reference]
NEW QUESTION # 66
You have a Microsoft 365 E5 subscription.
You need to download a report that lists all the devices that are NOT enrolled in Microsoft Intune and are assigned an app protection policy.
What should you select in the Microsoft Endpoint Manager admin center?
- A. Reports, and the Device compliance
- B. Devices, and then Monitor
- C. Apps. and then App protection policies
- D. Apps. and then Monitor
Answer: C
Explanation:
Explanation
App report: You can search by platform and app, and then this report will provide two different app protection statuses that you can select before generating the report. The statuses can be Protected or Unprotected.
Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policies-monitor
NEW QUESTION # 67
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Text, letter Description automatically generated
Topic 3, Contoso Ltd, Case 2
Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
Contoso has the users and computers shown in the following table.
The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments.
Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.
Existing Environment
The network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).
All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10 Enterprise.
The computers are managed by using Microsoft System Center Configuration Manager. The mobile devices are managed by using Microsoft Intune.
The naming convention for the computers is the department acronym, followed by a hyphen, and then four numbers, for example, FIN-6785. All the computers are joined to the on-premises Active Directory domain.
Each department has an organization unit (OU) that contains a child OU named Computers. Each computer account is in the Computers OU of its respective department.
Intune Configuration
Requirements
Planned Changes
Contoso plans to implement the following changes:
Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled and were purchased already.
Start using a free Microsoft Store for Business app named App1.
Implement co-management for the computers.
Technical Requirements:
Contoso must meet the following technical requirements:
Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
Monitor the computers in the LEG department by using Windows Analytics.
Create a provisioning package for new computers in the HR department.
Block iOS devices from sending diagnostic and usage telemetry data.
Use the principle of least privilege whenever possible.
Enable the users in the MKG department to use App1.
Pilot co-management for the IT department.
NEW QUESTION # 68
You have a Microsoft 365 E5 subscription that contains 500 macOS devices enrolled in Microsoft Intune.
You need to ensure that you can apply Microsoft Defender for Endpoint antivirus policies to the macOS devices. The solution must minimize administrative effort.
What should you do?
- A. From the Microsoft Endpoint Manager admin center, create a security baseline.
- B. Onboard the macOS devices to the Microsoft 365 compliance center.
- C. Install Defender for Endpoint on the macOS devices.
- D. From the Microsoft Endpoint Manager admin center, create a configuration profile.
Answer: C
Explanation:
Just install, and use Defender for Endpoint on Mac.
NEW QUESTION # 69
You have a Microsoft 365 E5 subscription and a computer that runs Windows 11.
You need to create a customized installation of Microsoft 365 Apps for enterprise.
Which four actions should you perform in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
1. Download ODT application
2. Create a configuration file (XML)
3. setup.exe /download to download the installation files
4. setup.exe /configure to deploy the application
https://learn.microsoft.com/en-us/deployoffice/deploy-microsoft-365-apps-local-source
NEW QUESTION # 70
You have a Microsoft 365 E5 subscription and 100 unmanaged iPad devices.
You need to deploy a specific iOS update to the devices. Users must be prevented from manually installing a more recent version of iOS.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- A. Enroll the devices in Microsoft Intune by using Apple Business Manager.
- B. Enroll the devices in Microsoft Intune by using the Intune Company Portal.
- C. Create an iOS app provisioning profile.
- D. Create a compliance policy.
- E. Create a device configuration profile.
Answer: A,E
Explanation:
To deploy a specific iOS update to the unmanaged iPad devices, you need to perform the following actions:
Enroll the devices in Microsoft Intune by using Apple Business Manager. Apple Business Manager is a service that allows you to enroll and manage iOS/iPadOS devices in bulk. You can use Apple Business Manager to assign devices to Microsoft Intune and enroll them as supervised devices. Supervised devices are devices that have more management features and restrictions than unsupervised devices. You can also use Apple Business Manager to create device groups and assign roles and permissions12.
Create a device configuration profile. A device configuration profile is a policy that you can create and assign in Microsoft Intune to configure settings on your devices. You can use a device configuration profile to manage software updates for iOS/iPadOS supervised devices. You can choose to deploy the latest update or an older update, specify a schedule for the update installation, and delay the visibility of software updates on the devices34.
The other options are not correct for this scenario because:
Enrolling the devices in Microsoft Intune by using the Intune Company Portal is not suitable for unmanaged devices. The Intune Company Portal is an app that users can download and install on their personal or corporate-owned devices to enroll them in Microsoft Intune. However, this method requires user interaction and consent, and does not enroll the devices as supervised devices5.
Creating a compliance policy is not necessary for this scenario. A compliance policy is a policy that you can create and assign in Microsoft Intune to evaluate and enforce compliance settings on your devices.
You can use a compliance policy to check if the devices meet certain requirements, such as minimum OS version, encryption, or password settings. However, a compliance policy does not deploy or manage software updates on the devices6.
Creating an iOS app provisioning profile is not relevant for this scenario. An iOS app provisioning profile is a file that contains information about the app and its distribution method. You can use an iOS app provisioning profile to deploy custom or line-of-business apps to your iOS/iPadOS devices by using Microsoft Intune. However, an iOS app provisioning profile does not affect the software updates on the devices7.
References: What is Apple Business Manager?, Enroll iOS/iPadOS devices in Intune, Manage iOS/iPadOS software update policies in Intune, Software updates planning guide and scenarios for supervised iOS/iPadOS devices in Microsoft Intune, Enroll your personal device in Intune, Device compliance policies in Microsoft Intune, Add an iOS app provisioning profile with Microsoft Intune
NEW QUESTION # 71
You have a Microsoft 365 subscription that uses Microsoft Intune Suite. You use Microsoft Intune to manage devices. Azure AD joined Windows devices enroll automatically in Intune. You have the devices shown in the following table.
You are preparing to upgrade the devices to Windows 11. All the devices are compatible with Windows 11.
You need to evaluate Windows Autopilot and in-place upgrade as deployment methods to implement Windows 11 Pro on the devices, while retaining all user settings and applications.
Which devices can be upgraded by using each method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 72
You implement the planned changes for Connection1 and Connection2
How many VPN connections will there be for User1 when the user signs in to Device 1 and Devke2? To answer select the appropriate options in the answer area.
NOTE; Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Graphical user interface, table Description automatically generated
NEW QUESTION # 73
You have an Azure AD tenant named contoso.com. You have the devices shown in the following table.
Which devices can be Azure AD joined, and which devices can be registered in contoso.com? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 74
You manage 1.000 devices by using Microsoft Intune. You review the Device compliance trends report. For how long will the report display trend data?
- A. 365 days
- B. 60 days
- C. 30 days
- D. 90 days
Answer: B
Explanation:
Explanation
The Device compliance trends report shows the number of devices that are compliant, noncompliant, and not evaluated over time. The report displays trend data for the last 60 days by default, but you can change the time range to view data for the last 7, 14, or 30 days as well. The report does not show data for more than 60 days. References: [Device compliance trends report]
NEW QUESTION # 75
You have 200 computers that run Windows 10. The computers are joined to Microsoft Azure Active Directory (Azure AD) and enrolled in Microsoft Intune.
You need to configure an Intune device configuration profile to meet the following requirements:
Prevent Microsoft Office applications from launching child processes.
Block users from transferring files over FTP.
Which two settings should you configure in Endpoint protection? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
A screenshot of a computer Description automatically generated
References:
https://docs.microsoft.com/en-us/intune/endpoint-protection-windows-10
NEW QUESTION # 76
You have a Microsoft 365 subscription that uses Microsoft Intune Suite. You use Microsoft Intune to manage devices.
You need to review the startup times and restart frequencies of the devices. What should you use?
- A. Microsoft Defender for Endpoint
- B. intune Data Warehouse
- C. Endpoint analytics
- D. Azure Monitor
Answer: C
Explanation:
Explanation
Endpoint analytics is a feature of Microsoft Intune that provides insights into the performance and health of devices. You can use endpoint analytics to review the startup times and restart frequencies of the devices, as well as other metrics such as sign-in times, battery life, app reliability, and software inventory. References:
https://docs.microsoft.com/en-us/mem/analytics/overview
NEW QUESTION # 77
You have a Microsoft 365 tenant that contains the objects shown in the following table.
You are creating a compliance policy named Compliance1.
Which objects can you specify in Compliance1 as additional recipients of noncompliance notifications?
- A. Group3, Group4, and Admin1 only
- B. Group1, Group2, Group3, and Group4 only
- C. Group1, Group2, and Group3 only
- D. Group1, Group2, Group3, Group4, and Admin1
- E. Group3 and Group4 only
Answer: C
Explanation:
Reference:
https://www.ravenswoodtechnology.com/microsoft-intune-compliance-notifications/
https://docs.microsoft.com/en-us/microsoft-365/admin/create-groups/compare-groups?view=o365-worldwide
NEW QUESTION # 78
You need to recommend a solution to meet the device management requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://github.com/MicrosoftDocs/IntuneDocs/blob/master/intune/app-protection-policy.md
https://docs.microsoft.com/en-us/azure/information-protection/configure-usage-rights#do-not-forward-option-for
NEW QUESTION # 79
What should you upgrade before you can configure the environment to support co-management?
- A. the domain functional level
- B. the domain controllers
- C. Configuration Manager
- D. Windows Server Update Services (WSUS)
Answer: C
Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/sccm/comanage/tutorial-co-manage-clients
Topic 2, Case Study Contoso, Ltd.Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.
Contoso has a Microsoft 365 E5 subscription.
Network Environment
The network contains an on-premises Active domain named Contoso.com. The domain contains the servers shown in the following table.
Contoso has a hybrid Azure Active Directory (Azure AD) tenant named Contoso.com.
Contoso has a Microsoft Store for Business instance.
Users and Groups
The Contoso.com tenant contains the users shown in the following table.
All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3 license.
Enterprise State Roaming is enabled for Group1 and GroupA.
Group and Group have a Membership type of Assign
Devices
Contoso has the Windows 10 devices shown in the following table.
The Windows 10 devices are joined to Azure AD and enrolled in Microsoft intune.
The Windows 10 devices are configured as shown in the following table.
All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:\Folder 1.
Microsoft Endpoint Manager Configuration
Microsoft Endpoint Manager has the compliance policies shown in the following table.
The Compliance policy settings are shown in the following exhibit.
The Automatic Enrolment settings have the following configurations:
* MDM user scope GroupA
* MAM user scope: GroupB
You have an Endpoint protection configuration profile that has the following Controlled folder access settings:
* Name: Protection1
* Folder protection: Enable
* List of apps that have access to protected folders: CV\AppA.exe
* List of additional folders that need to be protected: D:\Folderi1
* Assignments
Windows Autopilot Configuration
Currently, there are no devices deployed by using Window Autopilot
The Intune connector tor Active Directory is installed on Server 1.
Planned Changes
Contoso plans to implement the following changes:
* Purchase a new Windows 10 device named Device6 and enroll the device in Intune.
* New computers will be deployed by using Windows Autopilot and will be hybrid Azure AO joined.
* Deploy a network boundary configuration profile that will have the following settings:
* Name Boundary 1
* Network boundary 192.168.1.0/24
* Scope tags: Tag 1
* Assignments;
* included groups: Group 1. Group2
* Deploy two VPN configuration profiles named Connection! and Connection that will have the following settings:
* Name: Connection 1
* Connection name: VPNI
* Connection type: L2TP
* Assignments:
* Included groups: Group1. Group2, GroupA
* Excluded groups: -
* Name: Connection
* Connection name: VPN2
* Connection type: IKEv2 i Assignments:
* included groups: GroupA
* Excluded groups: GroupB
* Purchase an app named App1 that is available in Microsoft Store for Business and to assign the app to all the users.
Technical Requirements
Contoso must meet the following technical requirements:
* Users in GroupA must be able to deploy new computers.
* Administrative effort must be minimized.
NEW QUESTION # 80
You have computers that run Windows 10 and are configured by using Windows AutoPilot.
A user performs the following tasks on a computer named Computer1:
Creates a VPN connection to the corporate network
Installs a Microsoft Store app named App1
Connects to a Wi-Fi network
You perform a Windows AutoPilot Reset on Computer1.
What will be the state of the computer when the user signs in? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot-reset
NEW QUESTION # 81
You have the Microsoft Deployment Toolkit (MDT) installed in three sites as shown in the following table.
You use Distributed File System (DFS) Replication to replicate images in a share named Production.
You configure the following settings in the Bootstrap.ini file.
Answer:
Explanation:
Explanation
NEW QUESTION # 82
You have an Azure Active Directory Premium Plan 2 subscription that contains the users shown in the following table.
You purchase the devices shown in the following table.
You configure automatic mobile device management (MDM) and mobile application management (MAM) enrollment by using the following settings:
MDM user scope: Group1
MAM user scope: Group2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference: https://docs.microsoft.com/en-us/mem/intune/enrollment/android-enroll
https://powerautomate.microsoft.com/fr-fr/blog/mam-flow-mobile/
NEW QUESTION # 83
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
In the Microsoft 365 Apps admin center, you create a Microsoft Office customization.
Which users can download the Office customization file from the admin center?
- A. Admin3 and Admin4 only
- B. Admin1, Admin2, Admin3. and Admin4
- C. Admin1 and Admin3 only
- D. Admin3 only
- E. Admin1, Admin2, and Admin3 only
Answer: E
Explanation:
Explanation
* Admin1
An application admin has full access to enterprise applications, applications registrations, and application proxy settings.
* Admin2
Mark your app as publisher verified.
In Azure AD this user must be a member of one of the following roles: Application Admin, Cloud Application Admin, or Global Admin.
* Admin3
Office Apps admin - Assign the Office Apps admin role to users who need to do the following:
- Use the Office cloud policy service to create and manage cloud-based policies for Office
- Create and manage service requests
- Manage the What's New content that users see in their Office apps
- Monitor service health
Reference:
Office Apps admin - Assign the Office Apps admin role to users who need to do the following
https://docs.microsoft.com/en-us/azure/active-directory/develop/mark-app-as-publisher-verified
NEW QUESTION # 84
......
Latest 100% Passing Guarantee - Brilliant MD-102 Exam Questions PDF: https://www.passsureexam.com/MD-102-pass4sure-exam-dumps.html
Verified MD-102 dumps and 245 unique questions: https://drive.google.com/open?id=1-C5KUWfKaTOZ1U8g9EesLwdN4n2dAP_t