Dumps of MD-102 Cover all the requirements of the Real Exam
Correct Practice Tests of MD-102 Dumps with Practice Exam
Microsoft MD-102 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
| Topic 12 |
|
| Topic 13 |
|
NEW QUESTION # 30
You have a Microsoft 365 E5 subscription that contains a group named Group1.
You create a Conditional Access policy named CAPolicy1 and assign CAPolicy1 to Group1.
You need to configure CAPolicy1 to require the members of Group1 to reauthenticate every eight hours when they connect to Microsoft Exchange Online.
What should you configure?
- A. Grant access controls
- B. Session access controls
- C. an assignment that uses a Sign-in risk condition
- D. an assignment that uses a User risk condition
Answer: B
Explanation:
User sign-in frequency
Sign-in frequency defines the time period before a user is asked to sign in again when attempting to access a resource.
The Azure Active Directory (Azure AD) default configuration for user sign-in frequency is a rolling window of 90 days.
Sign-in frequency control
Sign in to the Azure portal as a global administrator, security administrator, or Conditional Access administrator.
Browse to Azure Active Directory > Security > Conditional Access.
Select New policy.
Give your policy a name. We recommend that organizations create a meaningful standard for the names of their policies.
Choose all required conditions for customer's environment, including the target cloud apps.
Under Access controls > Session.
Select Sign-in frequency.
Choose Periodic reauthentication and enter a value of hours or days or select Every time.
Save your policy.
NEW QUESTION # 31
You have a computer that runs Windows 10 and contains two local users named User! and User2. You need to ensure that the users can perform the following anions:
* User 1 must be able to adjust the date and time.
* User2 must be able to clear Windows logs.
The solution must use the principle of least privilege.
To which group should you add each user? To answer, drag the appropriate groups to the correct users. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 32
You are replacing 100 company-owned Windows devices.
You need to use the Microsoft Deployment Toolkit (MDT) to securely wipe and decommission the devices.
The solution must meet the following requirements:
* Back up the user state.
* Minimize administrative effort.
Which task sequence template should you use?
- A. Standard Client Task Sequence
- B. Sysprep and Capture
- C. Litetouch OEM Task Sequence
- D. Standard Client Replace Task Sequence
Answer: D
NEW QUESTION # 33
You have a Microsoft 365 subscription that uses Microsoft Intune Suite. You use Microsoft Intune to manage devices. Azure AD joined Windows devices enroll automatically in Intune. You have the devices shown in the following table.
You are preparing to upgrade the devices to Windows 11. All the devices are compatible with Windows 11.
You need to evaluate Windows Autopilot and in-place upgrade as deployment methods to implement Windows 11 Pro on the devices, while retaining all user settings and applications.
Which devices can be upgraded by using each method? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 34
Your company has a Remote Desktop Gateway (RD Gateway).
You have a server named Server1 that is accessible by using Remote Desktop Services (RDS) through the RD Gateway.
You need to configure a Remote Desktop connection to connect through the gateway.
Which setting should you configure?
- A. Server authentication
- B. Connect from anywhere
- C. Connection settings
- D. Local devices and resources
Answer: B
Explanation:
Explanation
To connect to a remote server through the RD Gateway, you need to configure the Connect from anywhere setting in the Remote Desktop Connection client. This setting allows you to specify the domain name and port of the RD Gateway server, as well as the authentication method. The other settings are not related to the RD Gateway connection. References: Configure Remote Desktop Connection Settings for Remote Desktop Gateway
NEW QUESTION # 35
You need to ensure that computer objects can be created as part of the Windows Autopilot deployment. The solution must meet the technical requirements.
To what should you grant the right to create the computer objects?
- A. Server1
- B. DC1
- C. GroupA
- D. Server2
Answer: A
Explanation:
Reference:
https://blog.matrixpost.net/set-up-windows-autopilot-production-environment-part-2/
NEW QUESTION # 36
You have a Microsoft 365 tenant that contains the objects shown in the following table.
In the Microsoft Intune admin center, you are creating a Microsoft 365 Apps app named App1. To which objects can you assign App1?
- A. Group1, Group3, and Group4 only
- B. Admin1, Group1. Group2, Group3, andGroup4
- C. Admin1, Group3, and Group4 only
- D. Group3 and Group4 only
- E. Group1, Group2, Group3, and Group4 only
Answer: A
Explanation:
Explanation
In the Microsoft Intune admin center, you can assign apps to users or devices. Users can be assigned to apps by using user groups or individual user accounts. Devices can be assigned to apps by using device groups. In this scenario, the objects shown in the table are as follows:
Admin1 is an individual user account that belongs to the Global administrators role group.
Group1 is a user group that contains 100 users.
Group2 is a device group that contains 50 devices.
Group3 is a user group that contains 200 users.
Group4 is a device group that contains 150 devices.
Since App1 is a Microsoft 365 Apps app, it can only be assigned to users, not devices. Therefore, Group2 and Group4 are not valid objects for app assignment. Admin1 is also not a valid object for app assignment, because individual user accounts can only be used for testing purposes, not for production deployment.
Therefore, the only valid objects for app assignment are Group1 and Group3, which are user groups.
NEW QUESTION # 37
You have a hybrid deployment of Azure AD that contains 50 Windows 10 devices. All the devices are enrolled in Microsoft Intune.
You discover that Group Policy settings override the settings configured in Microsoft Intune policies.
You need to ensure that the settings configured in Microsoft Intune override the Group Policy settings.
What should you do?
- A. From the Microsoft Intune admin center, create an Administrative Templates device profile.
- B. From the Microsoft Intune admin center, create a custom device profile.
- C. From Group Policy Management Editor, configure the Computer Configuration settings in the Default Domain Policy.
- D. From Group Policy Management Editor, configure the User Configuration settings in the Default Domain Policy.
Answer: A
NEW QUESTION # 38
You implement the planned changes for Connection1 and Connection2
How many VPN connections will there be for User1 when the user signs in to Device 1 and Devke2? To answer select the appropriate options in the answer area.
NOTE; Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 39
You have a Microsoft 365 subscription that contains 1,000 Windows 11 devices enrolled in Microsoft Intune.
You plan to create and monitor the results of a compliance policy used to validate the BIOS version of the devices.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
1 - Create a PowerSheel discovery script and a JSON file.
2 - Upload the PowerShell script to Intune.
3 - Upload the JSON file to Azure AD.
4 - Create and assign a custom compliance policy.
NEW QUESTION # 40
You have a Microsoft 365 subscription that contains two security groups named Group1 and Group2.
Microsoft 365 uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You need to assign roles in Intune to meet the following requirements:
* The members of Group1 must manage Intune roles and assignments.
* The members of Group2 must assign existing apps and policies to users and devices.
The solution must follow the principle of least privilege.
Which role should you assign to each group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
To assign roles in Intune to meet the requirements, you should assign the following roles to each group:
Group1: Intune Role Administrator Group2: Help Desk Operator
The Intune Role Administrator role is the only Intune role that can manage custom Intune roles and add assignments for built-in Intune roles1. This role meets the requirement for Group1 to manage Intune roles and assignments.
The Help Desk Operator role can perform remote tasks on users and devices, and can assign applications or policies to users or devices1. This role meets the requirement for Group2 to assign existing apps and policies to users and devices.
NEW QUESTION # 41
You have a Microsoft 365 E5 subscription.
You create an app protection policy for Android devices named Policy1 as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Install the Intune Company Portal app on the device
On Android, Android devices will prompt to install the Intune Company Portal app regardless of which Device type is chosen.
Bix 2: Devices only
For Android devices, unmanaged devices are devices where Intune MDM management has not been detected.
This includes devices managed by third-party MDM vendors.
Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policies#app-protection-policies-for-iosipados
NEW QUESTION # 42
You use Microsoft Intune and Intune Data Warehouse.
You need to create a device inventory report that includes the data stored in the data warehouse.
What should you use to create the report?
- A. the Company Portal app
- B. Microsoft Power Bl
- C. the Azure portal app
- D. Endpoint analytics
Answer: B
Explanation:
Explanation
You can use the Power BI Compliance app to load interactive, dynamically generated reports for your Intune tenant. Additionally, you can load your tenant data in Power BI using the OData link. Intune provides connection settings to your tenant so that you can view the following sample reports and charts related to:
Devices
Enrollment
App protection policy
Compliance policy
Device configuration profiles
Software updates
Device inventory logs
Note: Load the data in Power BI using the OData link
With a client authenticated to Azure AD, the OData URL connects to the RESTful endpoint in the Data Warehouse API that exposes the data model to your reporting client. Follow these instructions to use Power BI Desktop to connect and create your own reports.
Sign in to the Microsoft Endpoint Manager admin center.
Select Reports > Intune Data warehouse > Data warehouse.
Retrieve the custom feed URL from the reporting blade, for example:
https://fef.{yourtenant}.manage.microsoft.com/ReportingService/DataWarehouseFEService/dates?api-ver Open Power BI Desktop.
Choose File > Get Data. Select OData feed.
Choose Basic.
Type or paste the OData URL into the URL box.
Select OK.
If you have not authenticated to Azure AD for your tenant from the Power BI desktop client, type your credentials. To gain access to your data, you must authorize with Azure Active Directory (Azure AD) using OAuth 2.0.
Select Organizational account.
Type your username and password.
Select Sign In.
Select Connect.
Select Load.
Reference: https://docs.microsoft.com/en-us/mem/intune/developer/reports-proc-get-a-link-powerbi
NEW QUESTION # 43
You have a Microsoft 365 E5 subscription that contains 1,000 Windows 11 devices. All the devices are enrolled in Microsoft Intune.
You plan to integrate Intune with Microsoft Defender for Endpoint.
You need to establish a service-to-service connection between Intune and Defender for Endpoint.
Which settings should you configure in the Microsoft Endpoint Manager admin center?
- A. Connectors and tokens
- B. Microsoft Tunnel Gateway
- C. Tenant enrollment
- D. Premium add-ons
Answer: A
Explanation:
Microsoft Defender for Endpoint - Important Service and Endpoint Settings You Should Configure Right Now.
As a prerequisite, however, head to tenant administration > connectors and tokens > Microsoft Defender for Endpoint and confirm the connection is enabled. You previously set this up in the advanced settings of Microsoft 365 Defender.
NEW QUESTION # 44
You have a Microsoft 365 E5 subscription.
You create an app protection policy for Android devices named Policy1 as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Install the Intune Company Portal app on the device
On Android, Android devices will prompt to install the Intune Company Portal app regardless of which Device type is chosen.
Bix 2: Devices only
For Android devices, unmanaged devices are devices where Intune MDM management has not been detected.
This includes devices managed by third-party MDM vendors.
Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policies#app-protection-policies-for-iosipados
NEW QUESTION # 45
You have a Hyper-V host. The host contains virtual machines that run Windows 10 as shown in following table.
Which virtual machines can be upgraded to Windows 11?
- A. VM2 and VM3 only
- B. VM2 only
- C. VM1 only
- D. VM1.VM2. andVM3
Answer: A
Explanation:
Explanation
Windows 11 has certain hardware requirements that must be met in order to upgrade from Windows 10. Some of these requirements are as follows:
A processor with at least 1 GHz
A system firmware that supports
A Trusted Platform Module (TPM)
At least 4 GB of system memory (RAM).
At least 64 GB of storage space.
In this scenario, the virtual machines that run Windows 10 have the following specifications:
VM1 is a generation 1 virtual machine with no virtual TPM, 4 virtual processors, and 16 GB of memory.
VM2 is a generation 2 virtual machine with a virtual TPM, 2 virtual processors, and 4 GB of memory.
VM3 is a generation 2 virtual machine with a virtual TPM, 1 virtual processor, and 8 GB of memory.
VM1 cannot be upgraded to Windows 11 because it does not have a virtual TPM and it is not a generation 2 virtual machine. Generation 1 virtual machines do not support UEFI and Secure Boot, which are required for Windows 11. VM2 and VM3 can be upgraded to Windows 11 because they have a virtual TPM and they are generation 2 virtual machines. They also meet the minimum requirements for processor speed, cores, memory, and storage space.
NEW QUESTION # 46
You have a Microsoft 365 subscription that contains 1,000 Android devices enrolled in Microsoft Intune. You create an app configuration policy that contains the following settings:
* Device enrollment type: Managed devices
* Profile Type: All Profile Types
* Platform: Android Enterprise
Which two types of apps can be associated with the policy? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A. Android Enterprise system app
- B. Web link
- C. Android store app
- D. Managed Google Play store app
- E. Built-in Android app
Answer: A,D
NEW QUESTION # 47
To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/intune/device-profile-assign
NEW QUESTION # 48
You have an Azure subscription.
You have an on-premises Windows 11 device named Device 1.
You plan to monitor Device1 by using Azure Monitor.
You create a data collection rule (DCR) named DCR1 in the subscription.
To what should you associate DCR1 ?
- A. Device1
- B. a Monitored Object
- C. a Log Analytics workspace
- D. Azure Network Watcher
Answer: A
Explanation:
Explanation
To monitor Device1 by using Azure Monitor, you should associate DCR1 with Device1. A data collection rule (DCR) defines the data collection process in Azure Monitor, such as what data to collect, how to transform it, and where to send it. A DCR can be associated with multiple virtual machines and specify different data sources, such as Azure Monitor Agent, custom logs, or Azure Event Hubs1. To associate a DCR with a virtual machine, you need to install the Azure Monitor Agent on the machine and then select the DCR from the list of available rules2. You can also use Azure Policy to automatically install the agent and associate a DCR with any virtual machines or virtual machine scale sets as they are created in your subscription3.
The other options are not correct for this scenario because:
Azure Network Watcher is a service that provides network performance monitoring and diagnostics for Azure resources. It is not related to data collection rules or Azure Monitor4.
A Log Analytics workspace is a destination where you can send the data collected by a data collection rule. It is not an entity that you can associate a DCR with5.
A Monitored Object is not a valid term in the context of Azure Monitor or data collection rules.
References: Data collection rules in Azure Monitor, Configure data collection for Azure Monitor Agent, Use Azure Policy to install Azure Monitor Agent and associate with a DCR, What is Azure Network Watcher?, Log Analytics workspaces in Azure Monitor
NEW QUESTION # 49
......
Sample Questions of MD-102 Dumps With 100% Exam Passing Guarantee: https://realexamcollection.examslabs.com/Microsoft/Microsoft-365-Certified/best-MD-102-exam-dumps.html