[Jan-2024] Verified Microsoft MD-102 Bundle Real Exam Dumps PDF
MD-102 Dumps PDF New [2024] Ultimate Study Guide
Microsoft MD-102 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
NEW QUESTION # 129
You have computer that run Windows 10 and connect to an Azure Log Analytics workspace. The workspace is configured to collect all available events from Windows event logs.
The computers have the logged events shown in the following table.
Which events are collected in the Log Analytics workspace?
- A. 1 and 3 only
- B. 1, 2, and 4 on
- C. 2 and 3 only
- D. 1 only
- E. 1, 2, 3, and 4
Answer: E
Explanation:
Explanation
All events from Windows event logs are collected in the Log Analytics workspace, regardless of the event level or source. Therefore, events 1, 2, 3, and 4 are all collected in the workspace. References:
https://docs.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-windows-events
NEW QUESTION # 130
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
In the Microsoft 365 Apps admin center, you create a Microsoft Office customization.
Which users can download the Office customization file from the admin center?
- A. Admin1 and Admin3 only
- B. Admin1, Admin2, and Admin3 only
- C. Admin3 only
- D. Admin1, Admin2, Admin3. and Admin4
- E. Admin3 and Admin4 only
Answer: B
Explanation:
Explanation
* Admin1
An application admin has full access to enterprise applications, applications registrations, and application proxy settings.
* Admin2
Mark your app as publisher verified.
In Azure AD this user must be a member of one of the following roles: Application Admin, Cloud Application Admin, or Global Admin.
* Admin3
Office Apps admin - Assign the Office Apps admin role to users who need to do the following:
- Use the Office cloud policy service to create and manage cloud-based policies for Office
- Create and manage service requests
- Manage the What's New content that users see in their Office apps
- Monitor service health
Reference:
Office Apps admin - Assign the Office Apps admin role to users who need to do the following
https://docs.microsoft.com/en-us/azure/active-directory/develop/mark-app-as-publisher-verified
NEW QUESTION # 131
You have a server named Server1 and computers that run Windows 8.1. Server1 has the Microsoft Deployment Toolkit (MDT) installed.
You plan to upgrade the Windows 8.1 computers to Windows 10 by using the MDT deployment wizard.
You need to create a deployment share on Server1.
What should you do on Server1, and what are the minimum components you should add to the MDT deployment share? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Install the Windows Deployment Services role.
Install and initialize Windows Deployment Services (WDS)
On the server:
Open an elevated Windows PowerShell prompt and enter the following command:
Install-WindowsFeature -Name WDS -IncludeManagementTools
WDSUTIL /Verbose /Progress /Initialize-Server /Server:MDT01 /RemInst:"D:\RemoteInstall" WDSUTIL /Set-Server /AnswerClients:All Box 2: Windows 10 image and task sequence only Create the reference image task sequence In order to build and capture your Windows 10 reference image for deployment using MDT, you will create a task sequence.
Reference:
https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-w
https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/create-a-windows-10-reference-ima
NEW QUESTION # 132
You need to prepare for the deployment of the Phoenix office computers.
What should you do first?
- A. Generalize the computers and configure the Mobility (MDM and MAM) settings from the Azure Active Directory blade in the Azure portal.
- B. Extract the hardware ID information of each computer to a CSV file and upload the file from the Devices settings in Microsoft Store for Business.
- C. Generalize the computers and configure the Device settings from the Azure Active Directory blade in the Azure portal.
- D. Extract the hardware ID information of each computer to an XLSX file and upload the file from the Devices settings in Microsoft Store for Business.
Answer: B
Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles
NEW QUESTION # 133
You have an Azure AD group named Group1. Group! contains two Windows 10 Enterprise devices named Device1 and Device2. You create a device configuration profile named Profile1. You assign Profile! to Group1. You need to ensure that Profile! applies to Device1 only. What should you modify in Profile 1?
- A. Applicability Rules
- B. Assignments
- C. Scope (Tags)
- D. Settings
Answer: A
Explanation:
To ensure that Profile1 applies to Device1 only, you need to modify the Applicability Rules in Profile1. You can use applicability rules to filter which devices receive a profile based on criteria such as device model, manufacturer, or operating system version. You can create an applicability rule that matches Device1's properties and excludes Device2's properties. Reference: https://docs.microsoft.com/en-us/mem/intune/configuration/device-profile-assign#applicability-rules
NEW QUESTION # 134
You have a Microsoft 365 subscription that contains the devices shown in the following table.
You plan to enroll the devices in Microsoft Intune.
How often will the compliance policy check-ins run after each device is enrolled in Intune? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 135
You have a Microsoft 365 E5 subscription.
You create a new update rings policy named Policy1 as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point,
Answer:
Explanation:
NEW QUESTION # 136
Your company has an Azure AD tenant named contoso.com that contains several Windows 10 devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you configure automatic mobile device management (MDM) enrollment. From the Microsoft Intune admin center, you create and assign a device restrictions profile.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
NEW QUESTION # 137
Your company has devices enrolled in Microsoft Intune as shown in the following table.
In Microsoft Endpoint Manager, you define the company's network as a location named Location1.
Which devices can use network location-based compliance policies?
- A. Device2 only
- B. Device1, Device2, and Device3
- C. Device1 only
- D. Device1 and Device2 only
- E. Device2 and Device3 only
Answer: B
Explanation:
Explanation
Intune supported operating systems
Intune supports devices running the following operating systems (OS):
iOS
Android
Windows
macOS
Note: View the device compliance settings for the different device platforms:
Android device administrator
Android Enterprise
iOS
macOS
Windows Holographic for Business
Windows 8.1 and later
Windows 10/11
Reference: https://docs.microsoft.com/en-us/mem/intune/fundamentals/supported-devices-browsers
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started
NEW QUESTION # 138
You have an Azure Active Directory Premium Plan 2 subscription that contains the users shown in the following table.
You purchase the devices shown in the following table.
You configure automatic mobile device management (MDM) and mobile application management (MAM) enrollment by using the following settings:
MDM user scope: Group1
MAM user scope: Group2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, text, application Description automatically generated
Reference: https://docs.microsoft.com/en-us/mem/intune/enrollment/android-enroll
https://powerautomate.microsoft.com/fr-fr/blog/mam-flow-mobile/
NEW QUESTION # 139
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the devices shown in the following table.
Contoso.com contains the Azure Active Directory groups shown in the following table.
You add a Windows Autopilot deployment profile. The profile is configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: No Device1 has no Mobile device Management (MDM) configured.
Note: Device1 is running Windows 8.1, and is registered, but not joined.
Device1 is in Group1.
Profile1 is assigned to Group1.
Box 2: No
Device2 has no Mobile device Management (MDM) configured.
Note: Device2 is running Windows 10, and is joined.
Device2 is in Group2.
Group2 is in Group1.
Profile1 is assigned to Group1.
Box 3: Yes
Device3 has Mobile device Management (MDM) configured.
Device3 is running Windows 10, and is joined
Device1 is in Group1.
Profile1 is assigned to Group1.
Mobile device management (MDM) enrollment: Once your Windows 10 device joins Azure AD, Autopilot ensures your device is automatically enrolled with MDMs such as Microsoft Intune. This program can automatically push configurations, policies and settings to the device, and install Office 365 and other business apps without you having to get IT admins to manually sort the device. Intune can also apply the latest updates from Windows Update for Business.
Reference: https://xo.xello.com.au/blog/windows-autopilot
NEW QUESTION # 140
Your network contains an Active Directory domain. The domain contains a user named Admin1. All computers run Windows 10.
You enable Windows PowerShell remoting on the computers.
You need to ensure that Admin1 can establish remote PowerShell connections to the computers. The solution must use the principle of least privilege.
To which group should you add Admin1?
- A. Remote Management Users
- B. Remote Desktop Users
- C. Access Control Assistance Operators
- D. Power Users
Answer: B
NEW QUESTION # 141
You use Microsoft Endpoint Manager to manage Windows 10 devices.
You are designing a reporting solution that will provide reports on the following:
Compliance policy trends
Trends in device and user enrolment
App and operating system version breakdowns of mobile devices
You need to recommend a data source and a data visualization tool for the design.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/developer/reports-nav-create-intune-reports
https://docs.microsoft.com/en-us/mem/intune/developer/reports-proc-get-a-link-powerbi
NEW QUESTION # 142
Your network contains an Active Directory domain. Active Directory is synced with Microsoft Azure Active Directory (Azure AD).
There are 500 Active Directory domain-joined computers that run Windows 10 and are enrolled in Microsoft Intune.
You plan to implement Microsoft Defender Exploit Guard.
You need to create a custom Microsoft Defender Exploit Guard policy, and then distribute the policy to all the computers.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml#manage-or-deploy-a-configuration
https://docs.microsoft.com/en-us/intune/endpoint-protection-windows-10
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection
NEW QUESTION # 143
You have a Microsoft 365 subscription.
You have 10 computers that run Windows 10 and are enrolled in mobile device management (MDM).
You need to deploy the Microsoft 36S Apps for enterprise suite to all the computers.
What should you do?
- A. From the Microsoft Intune admin center, add an app.
- B. From Azure AD, add an app registration.
- C. From Azure AD. add an enterprise application.
- D. From the Microsoft Intune admin center, create a Windows 10 device profile.
Answer: A
Explanation:
Explanation
To deploy Microsoft 365 Apps for enterprise to Windows 10 devices that are enrolled in Intune, you need to add an app of type "Windows 10 app (Win32)" in the Microsoft Intune admin center and configure the app settings. You can then assign the app to groups of users or devices. References:
https://docs.microsoft.com/en-us/mem/intune/apps/apps-win32-app-management
NEW QUESTION # 144
You have a Microsoft Intune deployment that contains the resources shown in the following table.
You create a policy set named Set1 and add Comply1 to Set1.
Which additional resources can you add to Set1?
- A. Comply2. CA1, Conf1. and Office1
- B. CA1. Conf1. and Office 1 only
- C. Conf1 only
- D. Comply2 and Conf1 only
- E. Comply2 only
Answer: E
NEW QUESTION # 145
You have SOO Windows 10 devices enrolled in Microsoft Intune.
You plan to use Exploit protection in Microsoft Intune to enable the following system settings on the devices:
* Data Execution Prevention (DEP)
* Force randomization for images (Mandatory ASlR)
You need to configure a Windows 10 device that will be used to create a template file.
Which protection areas on the device should you configure in the Windows Security app before you create the template file? To answer, drag the appropriate protection areas to the correct settings. Each protection area may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 146
You have a computer that runs Windows 10 and contains two local users named User! and User2. You need to ensure that the users can perform the following anions:
* User 1 must be able to adjust the date and time.
* User2 must be able to clear Windows logs.
The solution must use the principle of least privilege.
To which group should you add each user? To answer, drag the appropriate groups to the correct users. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 147
You have a Microsoft 365 E5 subscription that contains 500 macOS devices enrolled in Microsoft Intune.
You need to ensure that you can apply Microsoft Defender for Endpoint antivirus policies to the macOS devices. The solution must minimize administrative effort.
What should you do?
- A. Onboard the macOS devices to the Microsoft Purview compliance portal.
- B. From the Microsoft Intune admin center, create a security baseline.
- C. From the Microsoft Intune admin center, create a configuration profile.
- D. Install Defender for Endpoint on the macOS devices.
Answer: D
Explanation:
Explanation
To apply Microsoft Defender for Endpoint antivirus policies to the macOS devices, you need to install Defender for Endpoint on the devices. You can use Intune to deploy a script that installs Defender for Endpoint on macOS devices. After installation, you can use Intune to create and assign antivirus policies to the devices. References:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-int
NEW QUESTION # 148
You have the on-premises servers shown in the following table.
You have a Microsoft 365 E5 subscription that contains Android and iOS devices. All the devices are managed by using Microsoft Intune.
You need to implement Microsoft Tunnel for Intune. The solution must minimize the number of open firewall ports.
To which server can you deploy a Tunnel Gateway server, and which inbound ports should be allowed on the server to support Microsoft Tunnel connections? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Server4
Microsoft Tunnel is a VPN gateway solution for Microsoft Intune that runs in a container on Linux and allows access to on-premises resources from iOS/iPadOS and Android Enterprise devices using modern authentication and Conditional Access.
Box 2: TCP 443 and UDP 443 only
Some traffic goes to your public facing IP address for the Tunnel. The VPN channel will use TCP, TLS, UDP, and DTLS over port 443.
By default, port 443 is used for both TCP and UDP, but this can be customized via the Intune Saerver Configuration - Server port setting. If changing the default port (443) ensure your inbound firewall rules are adjusted to the custom port.
Incorrect:
TCP 1723 is not used.
Reference: https://docs.microsoft.com/en-us/mem/intune/protect/microsoft-tunnel-overview
NEW QUESTION # 149
You need to ensure that computer objects can be created as part of the Windows Autopilot deployment. The solution must meet the technical requirements.
To what should you grant the right to create the computer objects?
- A. Server2
- B. GroupA
- C. Server1
- D. DC1
Answer: C
Explanation:
Reference:
https://blog.matrixpost.net/set-up-windows-autopilot-production-environment-part-2/
NEW QUESTION # 150
You have an Azure AD tenant and 100 Windows 10 devices that are Azure AD joined and managed by using Microsoft Intune.
You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the devices. The solution must minimize administrative effort.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- A. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Device restrictions settings.
- B. To configure Microsoft Defender Antivirus, create a Group Policy Object (GPO) and configure the Windows Defender Antivirus settings.
- C. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Device restrictions settings.
- D. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Endpoint protection settings.
- E. To configure Microsoft Defender Firewall, create a Group Policy Object (GPO) and configure Windows Defender Firewall with Advanced Security.
- F. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Endpoint protection settings.
Answer: D,F
Explanation:
Explanation
To configure Microsoft Defender Firewall and Microsoft Defender Antivirus on Azure AD joined devices that are managed by Intune, you need to create a device configuration profile and configure the Endpoint protection settings. You can use this profile to configure various settings for firewall and antivirus protection on the devices. References:
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-windows-10
NEW QUESTION # 151
Which users can purchase and assign App1?
- A. User3 only
- B. User1, User2, User3, and User4
- C. User1 and User3 only
- D. User3 and User4 only
- E. User1, User3, and User4 only
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-store/acquire-apps-microsoft-store-for-business
https://docs.microsoft.com/en-us/microsoft-store/assign-apps-to-employees
NEW QUESTION # 152
......
Pass Your Microsoft Exam with MD-102 Exam Dumps: https://pass4sure.itexamdownload.com/MD-102-valid-questions.html