ExamGecko
Search Search Login
Home Home / Microsoft / MD-102
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You have two computers that run Windows 10. The computers are enrolled in Microsoft Intune as shown in the following table. Windows 10 update rings are defined in Intune as shown in the following table. You assign the update rings as shown in the following table. What is the effect of the configurations on Computer1 and Computer2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have computers that run Windows 10 and are managed by using Microsoft Intune. Users store their files in a folder named D:\Folder1. You need to ensure that only a trusted list of applications is granted write access to D:\Folder1. What should you configure in the device configuration profile?
HOTSPOT You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the devices shown in the following table. Contoso.com contains the Azure Active Directory groups shown in the following table. You add a Windows Autopilot deployment profile. The profile is configured as shown in the following exhibit. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT You have a Microsoft 365 tenant and an internal certification authority (CA). You need to use Microsoft Intune to deploy the root CA certificate to managed devices. Which type of Intune policy and profile should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT User1 and User2 plan to use Sync your settings. On which devices can the users use Sync your settings? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have a Microsoft 365 tenant that uses Microsoft Intune. From the Microsoft Intune admin center, you plan to create a baseline to monitor the Startup score and the App reliability score of enrolled Windows 10 devices. You need to identify which tool to use to create the baseline and the minimum number of devices required to create the baseline. What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have a computer named Computed that has Windows 10 installed. You create a Windows PowerShell script named config.psl. You need to ensure that config.psl runs after feature updates are installed on Computer5. Which file should you modify on Computer5?
Your network contains an on-premises Active Directory domain. The domain contains two computers named Computer1 and Computer? that run Windows 10. You install Windows Admin Center on Computer1. You need to manage Computer2 from Computer1 by using Windows Admin Center. What should you do on Computed?
HOTSPOT You have a Microsoft 365 subscription. You plan to enroll devices in Microsoft Endpoint Manager that have the platforms and versions shown in the following table. You need to configure device enrollment to meet the following requirements: Ensure that only devices that have approved platforms and versions can enroll in Endpoint Manager. Ensure that devices are added to Microsoft Azure Active Directory (Azure AD) groups based on a selection made by users during the enrollment. Which device enrollment setting should you configure for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question 49 - MD-102 discussion

Report
Export

DRAG DROP

You have a Microsoft 365 subscription that includes Microsoft Intune.

You need to implement a Microsoft Defender for Endpoint solution that meets the following requirements:

• Enforces compliance for Defender for Endpoint by using Conditional Access

• Prevents suspicious scripts from running on devices

What should you configure? To answer, drag the appropriate features to the correct requirements.

Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Question 49
Correct answer: Question 49

Explanation:

To enforce compliance for Defender for Endpoint by using Conditional Access, you need to configure an Intune connection in the Defender for Endpoint portal. This allows you to use Intune device compliance policies to evaluate the health and compliance status of devices that are enrolled in

Defender for Endpoint. You can then use Conditional Access policies to block or allow access to cloud apps based on the device compliance status. Reference: https://docs.microsoft.com/enus/ windows/security/threat-protection/microsoft-defender-atp/conditional-access

To prevent suspicious scripts from running on devices, you need to configure an attack surface reduction (ASR) rule in Intune. ASR rules are part of the endpoint protection settings that you can apply to devices by using device configuration profiles. You can use the ASR rule "Block Office applications from creating child processes" to prevent Office applications from launching child processes such as scripts or executables. Reference: https://docs.microsoft.com/enus/ mem/intune/protect/endpoint-protection-windows-10#attack-surface-reduction-asr-rules

Show Answer
asked 05/10/2024
Kyle Norton
37 questions
PreviousPreviousNextNext
User
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms