Microsoft MD-102 Practice Test - Questions Answers, Page 22

HOTSPOT

You have a Microsoft 365 subscription that contains a user named User1. The subscription contains devices enrolled in Microsoft intune as shown in the following table.

Microsoft Edge is available on all the devices.

Intune has the device compliance policies shown in the following table.

The Compliance policy settings are configured as shown in the exhibit. (Click the Exhibit tab.) You create the following Conditional Access policy:

* Name: Policy1

* Assignments

o Users and groups: User1

o Cloud apps or actions: Office 365 SharePoint Online

* Access controls

o Grant Require device to be marked as compliant

* Enable policy: On

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

You have an Azure AD tenant named contoso.com.

You need to ensure that users are not added automatically to the local Administrators group when they join their Windows 11 device to contoso.com.

What should you configure?

You have an Azure subscription.

You have an on-premises Windows 11 device named Device 1.

You plan to monitor Device1 by using Azure Monitor.

You create a data collection rule (DCR) named DCR1 in the subscription.

To what should you associate DCR1 ?

You have a Microsoft 365 E5 subscription and 100 unmanaged iPad devices.

You need to deploy a specific iOS update to the devices. Users must be prevented from manually installing a more recent version of iOS.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

HOTSPOT

You have a Microsoft 365 subscription.

You plan to enable Microsoft Intune enrollment for the following types of devices:

* Existing Windows 11 devices managed by using Configuration Manager

* Personal iOS devices

The solution must minimize user disruption.

Which enrollment method should you use for each device type? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Windows 10 device named Device! that is joined to Active Directory and enrolled in Microsoft Intune.

Device1 is managed by using Group Policy and Intune.

You need to ensure that the Intune settings override the Group Policy settings.

What should you configure?

HOTSPOT

You have an Azure Active Directory Premium Plan 2 subscription that contains the users shown in the following table.

You purchase the devices shown in the following table.

You configure automatic mobile device management (MDM) and mobile application management (MAM) enrollment by using the following settings:

* MDM user scope: Group1

* MAM user scope: Group2

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

HOTSPOT

You have the MDM Security Baseline profile shown in the MDM exhibit. (Click the MDM tab.)

You plan to deploy both profiles to devices enrolled in Microsoft Intune. You need to identify how the following settings will be configured on the devices:

* Block Office applications from creating executable content

* Block Win32 API calls from Office macro

Currently, the settings are disabled locally on each device.

What are the effective settings on the devices? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

DRAG DROP

You have an on-premises Active Directory domain that syncs to Azure AD tenant.

The tenant contains computers that run Windows 10. The computers are hybrid Azure AD joined and enrolled in Microsoft Intune. The Microsoft Office settings on the computers are configured by using an Group Policy Object (GPO).

You need to migrate the GPO to Intune.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.