Practice Free MD-102 Exam Online Questions
HOTSPOT
You have 100 computers that run Windows 10. The computers are joined to a Microsoft Entra and enrolled in Microsoft Intune.
You need to configure the following device restrictions:
Block users from browsing to suspicious websites.
Scan all scripts loaded into Microsoft Edge.
Which two settings should you configure in the Device restrictions configuration profile? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Box 1: Windows Defender SmartScreen
Block users from browsing to suspicious websites.
Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
Microsoft Defender SmartScreen determines whether a site is potentially malicious
Box 2: Windows Defender Antivirus
Scan all scripts loaded into Microsoft Edge.
Reference: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-smartscreen/
windows-defender-smartscreen-overview
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
You need to create two dynamic device groups named Group1 and Group2. The solution must meet the following requirements:
Group1 must contain Device1 and Device2 only.
Group2 must contain Device1 and Device3 only.
Which device membership rule should you configure for each group? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Group1: (device.displayName -startsWith "Device") and (device.deviceOSType -eq "Windows")
Group2: (device.deviceTrustType -eq "AzureAD") or (device.deviceOSType -eq "iPhone")
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
You need to create two dynamic device groups named Group1 and Group2. The solution must meet the following requirements:
Group1 must contain Device1 and Device2 only.
Group2 must contain Device1 and Device3 only.
Which device membership rule should you configure for each group? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Group1: (device.displayName -startsWith "Device") and (device.deviceOSType -eq "Windows")
Group2: (device.deviceTrustType -eq "AzureAD") or (device.deviceOSType -eq "iPhone")
You are implementing Microsoft Intune Suite.
You enroll devices in Intune as shown in the following table.
The performance of which devices can be analyzed by using Endpoint analytics?
- A . Device1 only
- B . Device1 and Device2 only
- C . Device1, Device2, and Device3 only
- D . Device1, Device2, and Device4 only
- E . Device1, Device2, Device3, and Device4
B
Explanation:
Endpoint analytics
Prerequisites
You can enroll devices via Configuration Manager or Microsoft Intune.
To enroll devices via Intune requires:
* Intune enrolled or co-managed devices running the following: Windows 10 version 1903 or later
July 2021 cumulative update or later
* Pro, Pro Education, Enterprise, or Education. Home and long-term servicing channel (LTSC) aren’t supported.
* Windows devices must be Azure AD joined or hybrid Azure AD joined. Workplace joined or Azure AD registered devices aren’t supported.
Network connectivity from devices to the Microsoft public cloud.
Note: Endpoint analytics is part of the Microsoft Adoption Score. These analytics give you insights for measuring how your organization is working and the quality of the experience you’re delivering to your users. Endpoint analytics can help identify policies or hardware issues that may be slowing down devices and help you proactively make improvements before end-users generate a help desk ticket.
Reference: https://learn.microsoft.com/en-us/mem/analytics/overview
HOTSPOT
You have a Microsoft 365 E5 subscription and use Microsoft Intune.
You need to deploy new Android devices as shown in the following table.
Which enrollment profile should you use for each device? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Device1: Corporate-owned dedicated devices
Device2: Corporate-owned, fully managed user devices
Device3: Personally-owned devices with work profile
Device1 (Must be shared by shift workers):
The correct profile is Corporate-owned dedicated devices. This is the ideal profile for shared devices that are used by multiple users for specific tasks, such as warehouse inventory tracking.
Device2 (Must be assigned to a single user for work purposes only):
The correct profile is Corporate-owned, fully managed user devices. This profile is suitable for devices that are strictly for work purposes and managed fully by the organization.
Device3 (Must support both work and personal use and enrollment by using a QR code):
The correct profile is Personally-owned devices with work profile. This allows a single device to be used for both personal and work purposes, with separate profiles for each.
DRAG DROP
You have a Microsoft 365 subscription that contains the devices shown in the following table.
You need to configure the Microsoft Edge settings for each device.
What should you use? To answer, drag the appropriate Intune features to the correct devices. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Select and Place:
Explanation:
Box 1: Device configuration profile
Windows 10
Configure Microsoft Edge policy settings with Microsoft Intune
You can configure Microsoft Edge policies and settings by adding a device configuration profile to Microsoft Intune. Using Intune to manage and enforce policies is equivalent to using Active Directory Group Policy or configuring local Group Policy Object (GPO) settings on user devices.
Box 2: App configuration policy
Android Enterprise
App configuration policies for Microsoft Intune
App configuration policies can help you eliminate app setup problems by letting you assign configuration settings to a policy that is assigned to end-users before they run the app. The settings are then supplied automatically when the app is configured on the end-users device, and end-users don’t need to take action. The configuration settings are unique for each app.
You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps. These configuration settings allow an app to be customized by using app configuration and management. The configuration policy settings are used when the app checks for these settings, typically the first time the app is run.
Box 3: App configuration policy
iOS
Reference: https://learn.microsoft.com/en-us/deployedge/configure-edge-with-intune
https://learn.microsoft.com/en-us/mem/intune/apps/manage-microsoft-edge
https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
DRAG DROP
You have a Microsoft 365 subscription that contains the devices shown in the following table.
You need to configure the Microsoft Edge settings for each device.
What should you use? To answer, drag the appropriate Intune features to the correct devices. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Select and Place:
Explanation:
Box 1: Device configuration profile
Windows 10
Configure Microsoft Edge policy settings with Microsoft Intune
You can configure Microsoft Edge policies and settings by adding a device configuration profile to Microsoft Intune. Using Intune to manage and enforce policies is equivalent to using Active Directory Group Policy or configuring local Group Policy Object (GPO) settings on user devices.
Box 2: App configuration policy
Android Enterprise
App configuration policies for Microsoft Intune
App configuration policies can help you eliminate app setup problems by letting you assign configuration settings to a policy that is assigned to end-users before they run the app. The settings are then supplied automatically when the app is configured on the end-users device, and end-users don’t need to take action. The configuration settings are unique for each app.
You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps. These configuration settings allow an app to be customized by using app configuration and management. The configuration policy settings are used when the app checks for these settings, typically the first time the app is run.
Box 3: App configuration policy
iOS
Reference: https://learn.microsoft.com/en-us/deployedge/configure-edge-with-intune
https://learn.microsoft.com/en-us/mem/intune/apps/manage-microsoft-edge
https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
DRAG DROP
You have a Microsoft 365 subscription that contains the devices shown in the following table.
You need to configure the Microsoft Edge settings for each device.
What should you use? To answer, drag the appropriate Intune features to the correct devices. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Select and Place:
Explanation:
Box 1: Device configuration profile
Windows 10
Configure Microsoft Edge policy settings with Microsoft Intune
You can configure Microsoft Edge policies and settings by adding a device configuration profile to Microsoft Intune. Using Intune to manage and enforce policies is equivalent to using Active Directory Group Policy or configuring local Group Policy Object (GPO) settings on user devices.
Box 2: App configuration policy
Android Enterprise
App configuration policies for Microsoft Intune
App configuration policies can help you eliminate app setup problems by letting you assign configuration settings to a policy that is assigned to end-users before they run the app. The settings are then supplied automatically when the app is configured on the end-users device, and end-users don’t need to take action. The configuration settings are unique for each app.
You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps. These configuration settings allow an app to be customized by using app configuration and management. The configuration policy settings are used when the app checks for these settings, typically the first time the app is run.
Box 3: App configuration policy
iOS
Reference: https://learn.microsoft.com/en-us/deployedge/configure-edge-with-intune
https://learn.microsoft.com/en-us/mem/intune/apps/manage-microsoft-edge
https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
HOTSPOT
You have a Microsoft 365 subscription that contains a user named User1. The subscription contains devices enrolled in Microsoft Intune as shown in the following table.
Microsoft Edge is available on all the devices.
Intune has the device compliance policies shown in the following table.
The Compliance policy settings are configured as shown in the exhibit. (Click the Exhibit tab.)
You create the following Conditional Access policy:
Name: Policy1
Assignments
– Users and groups: User1
– Cloud apps or actions: Office 365 SharePoint Online Access controls
– Grant: Require device to be marked as compliant
Enable policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Box 1: Yes
Device1 is member of Group1.
No compliance policy applies to Group1.
From the Compliance policy settings exhibit we see: Mark devices with no compliance policy assigned as:
Compliant
Device1 is marked as compliant.
Policy1 is assigned to User1.
User1 on Device1 will be granted access to SharePoint online through Policy1.
Box 2: Yes
Device2 is member of Group2.
Compliance1 is applied to Group2.
Compliance1 requires encryption of data storage on device.
Device2 has disk encryption configured.
Compliance1 marks Device2 as compliant.
User1 on Device2 will be granted access to SharePoint online through Policy1.
Box 3: No
Device3 is member of Group3.
Compliance2 is applied to Group3.
Compliance2 requires encryption of data storage on device.
Device3 has not disk encryption configured.
Compliance1 marks Device3 as non-compliant.
Policy1 will not grant User1 access through Device3.
Reference: https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started
HOTSPOT
You have a Microsoft 365 subscription that contains a user named User1. The subscription contains devices enrolled in Microsoft Intune as shown in the following table.
Microsoft Edge is available on all the devices.
Intune has the device compliance policies shown in the following table.
The Compliance policy settings are configured as shown in the exhibit. (Click the Exhibit tab.)
You create the following Conditional Access policy:
Name: Policy1
Assignments
– Users and groups: User1
– Cloud apps or actions: Office 365 SharePoint Online Access controls
– Grant: Require device to be marked as compliant
Enable policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Box 1: Yes
Device1 is member of Group1.
No compliance policy applies to Group1.
From the Compliance policy settings exhibit we see: Mark devices with no compliance policy assigned as:
Compliant
Device1 is marked as compliant.
Policy1 is assigned to User1.
User1 on Device1 will be granted access to SharePoint online through Policy1.
Box 2: Yes
Device2 is member of Group2.
Compliance1 is applied to Group2.
Compliance1 requires encryption of data storage on device.
Device2 has disk encryption configured.
Compliance1 marks Device2 as compliant.
User1 on Device2 will be granted access to SharePoint online through Policy1.
Box 3: No
Device3 is member of Group3.
Compliance2 is applied to Group3.
Compliance2 requires encryption of data storage on device.
Device3 has not disk encryption configured.
Compliance1 marks Device3 as non-compliant.
Policy1 will not grant User1 access through Device3.
Reference: https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started