• Home
  • Articles
  • 2024 Latest 100% Exam Passing Ratio - MD-102 Dumps PDF [Q165-Q183]

2024 Latest 100% Exam Passing Ratio - MD-102 Dumps PDF [Q165-Q183]

Share

2024 Latest 100% Exam Passing Ratio - MD-102 Dumps PDF

Pass Exam With Full Sureness - MD-102 Dumps with 289 Questions


Microsoft MD-102 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Implement and manage Local Administrative Passwords Solution (LAPS) for Azure AD
  • Manage role-based access control (RBAC) for Intune
Topic 2
  • Manage device configuration for all supported device platforms by using Intune
  • Monitor and troubleshoot configuration profiles
Topic 3
  • Implement endpoint protection for all supported device platforms
  • Manage Microsoft 365 Apps by using the Microsoft 365 Apps admin center
Topic 4
  • Implement the Intune Connector for Active Directory
  • Implement Conditional Access policies that require a compliance status
Topic 5
  • Deploy and update apps for all supported device platforms
  • Plan and implement app configuration policies for managed apps and managed devices
Topic 6
  • Implement Conditional Access policies for app protection policies
  • Configure policies for Office apps by using Group Policy or Intune
Topic 7
  • Plan and implement an MDT deployment infrastructure
  • Plan and implement a Windows client deployment by using Windows Autopilot

 

NEW QUESTION # 165
You need to meet the technical requirements for the new HR department computers.
How should you configure the provisioning package? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:

Reference:
https://docs.microsoft.com/en-us/windows/configuration/wcd/wcd-accounts


NEW QUESTION # 166
You have an Azure AD tenant and 100 Windows 10 devices that are Azure AD joined and managed by using Microsoft Intune.
You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the devices. The solution must minimize administrative effort.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. To configure Microsoft Defender Antivirus, create a Group Policy Object (GPO) and configure the Windows Defender Antivirus settings.
  • B. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Device restrictions settings.
  • C. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Endpoint protection settings.
  • D. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Device restrictions settings.
  • E. To configure Microsoft Defender Firewall, create a Group Policy Object (GPO) and configure Windows Defender Firewall with Advanced Security.
  • F. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Endpoint protection settings.

Answer: C,F

Explanation:
To configure Microsoft Defender Firewall and Microsoft Defender Antivirus on Azure AD joined devices that are managed by Intune, you need to create a device configuration profile and configure the Endpoint protection settings. You can use this profile to configure various settings for firewall and antivirus protection on the devices. Reference: https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-windows-10


NEW QUESTION # 167
You have a Microsoft Deployment Toolkit (MDT) deployment share that has a path of D:\MDTShare.
You need to add a feature pack to the boot image.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation:
A screenshot of a computer error Description automatically generated
Step 1: Copy the feature pack to D:\MDTShare\Tools\x86
Add a feature pack, DaRT 10 (part of MDOP 2015), to the boot images.
1. Copy the CAB files to the deployment share: MDTShare\Tools\x86
2. In the Deployment Workbench, right-click the MDTShare deployment share and select Properties.
Step 2: Modify the Windows PE properties of the deployment share
3. On the Windows PE tab, in the Platform drop-down list, make sure x86 is selected.
4. On the Features sub tab, select the Microsoft Diagnostics and Recovery Toolkit (DaRT) checkbox.
Step 3: Update the deployment share
Like the MDT Build Lab deployment share, the MDT Production deployment share needs to be updated after it has been configured. This is the process during which the Windows PE boot images are created.


NEW QUESTION # 168
You have 100 computers that run Windows 10. You have no servers. All the computers are joined to Microsoft Azure Active Directory (Azure AD).
The computers have different update settings, and some computers are configured for manual updates.
You need to configure Windows Update. The solution must meet the following requirements:
The configuration must be managed from a central location.
Internet traffic must be minimized.
Costs must be minimized.
How should you configure Windows Update? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/4-configure-group-policy-settings-for-automatic-updates


NEW QUESTION # 169
Your network contains an on-premises Active Directory domain. The domain contains two computers named Computer1 and Computer? that run Windows 10.
You install Windows Admin Center on Computer1.
You need to manage Computer2 from Computer1 by using Windows Admin Center.
What should you do on Computed?

  • A. Allow Windows Remote Management (WinRM) through the Microsoft Defender firewall.
  • B. Run the Enable-PSRemoting cmdlet
  • C. Update the TrustedHosts list
  • D. Add an inbound Microsoft Defender Firewall rule.

Answer: C

Explanation:
To manage a remote computer from Windows Admin Center, you need to enable PowerShell remoting on the remote computer. You can do this by running the Enable-PSRemoting cmdlet, which configures the WinRM service, creates a listener, and allows inbound firewall rules for PowerShell remoting. The other options are not sufficient or necessary for this task. References: Installation and configuration for Windows Remote Management


NEW QUESTION # 170
You have two computers that run Windows 10. The computers are enrolled in Microsoft Intune as shown in the following table.

Windows 10 update rings are defined in Intune as shown in the following table.

You assign the update rings as shown in the following table.

What is the effect of the configurations on Computer1 and Computer2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
A screenshot of a computer Description automatically generated

Computer1 and Computer2 are members of Group1. Ring1 is applied to Group1.
Note: The term "Exclude" is misleading. It means that the ring is not applied to that group, rather than that group being blocked.
References:
https://docs.microsoft.com/en-us/windows/deployment/update/waas-wufb-intune
https://allthingscloud.blog/configure-windows-update-business-using-microsoft-intune/


NEW QUESTION # 171
You have a Microsoft 365 E5 subscription and 100 computers that run Windows 10.
You need to deploy Microsoft Office Professional Plus 2019 to the computers by using Microsoft Office Deployment Tool (ODT).
What should you use to create a customization file for ODT?

  • A. the Microsoft Purview compliance portal
  • B. the Microsoft Intune admin center
  • C. the Microsoft 365 admin center
  • D. the Microsoft 365 Apps admin center

Answer: D


NEW QUESTION # 172
You have a Microsoft 365 subscription that contains a user named User1. The subscription contains devices enrolled in Microsoft intune as shown in the following table.

Microsoft Edge is available on all the devices.
Intune has the device compliance policies shown in the following table.

The Compliance policy settings are configured as shown in the exhibit. (Click the Exhibit tab.) You create the following Conditional Access policy:

* Name: Policy1
* Assignments
o Users and groups: User1
o Cloud apps or actions: Office 365 SharePoint Online
* Access controls
o Grant Require device to be marked as compliant
* Enable policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 173
You have a Microsoft 365 subscription.
You plan to use Windows Autopilot to provision 25 Windows 11 devices.
You need to configure the Out-of-box experience (OOBE) settings.
What should you create in the Microsoft Intune admin center?

  • A. a PowerShell script
  • B. a deployment profile
  • C. an enrollment status page (ESP)
  • D. a configuration profile
  • E. a compliance policy

Answer: B

Explanation:
https://learn.microsoft.com/en-us/autopilot/profiles#:~:text=On%20the%20Out%2Dof%2Dbox%20experience%


NEW QUESTION # 174
You have a Microsoft Intune subscription that has the following device compliance policy settings:
Mark devices with no compliance policy assigned as: Compliant
Compliance status validity period (days): 14
On January 1, you enroll Windows 10 devices in Intune as shown in the following table.

On January 4, you create the following two device compliance policies:
Name: Policy1
Platform: Windows 10 and later
Require BitLocker: Require
Mark device noncompliant: 5 days after noncompliance
Scope (Tags): Tag1
Name: Policy2
Platform: Windows 10 and later
Firewall: Require
Mark device noncompliant: Immediately
Scope (Tags): Tag2
On January 5, you assign Policy1 and Policy2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:

Box 1: No.
Policy1 and Policy2 apply to Group1 which Device1 is a member of. Device1 does not meet the firewall requirement in Policy2 so the device will immediately be marked as non-compliant.
Box 2: No
For the same reason as Box1.
Box 3: Yes
Policy1 and Policy2 apply to Group1. Device2 is not a member of Group1 so the policies don't apply.
The Scope (tags) have nothing to do with whether the policy is applied or not. The tags are used in RBAC.


NEW QUESTION # 175
You have a Microsoft 365 subscription that includes Microsoft Intune.
You have computers that run Windows 11 as shown in the following table.

You have the groups shown in the following table.

You create and assign the compliance policies shown in the following table.

The next day, you review the compliance status of the computers.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 176
You have a Microsoft 365 subscription that contains a user named User1. User! is assigned a Windows 10/11 Enterprise E3 license. You use Microsoft Intune Suite to manage devices. User1 activates the following devices:
* Device1: Windows 11 Enterprise
* Device2: Windows 10 Enterprise
* Device3: Windows 11 Enterprise
How many more devices can User1 activate?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

Explanation:
https://learn.microsoft.com/en-us/windows/deployment/windows-subscription-activation#licenses


NEW QUESTION # 177
You have a computer named Computed that has Windows 10 installed.
You create a Windows PowerShell script named config.psl.
You need to ensure that config.psl runs after feature updates are installed on Computer5.
Which file should you modify on Computer5?

  • A. Unattend.xml
  • B. SetupConfig.ini
  • C. LiteTouch.wsf
  • D. Unattendb*

Answer: B

Explanation:
Explanation
SetupConfig.ini is a file that can be used to customize the behavior of Windows Setup during feature updates.
You can use this file to specify commands or scripts that run before or after the installation process. To run a PowerShell script after a feature update, you can use the PostOOBE parameter in SetupConfig.ini and specify the path to the script file. References: [SetupConfig.ini reference]


NEW QUESTION # 178
You have a Microsoft 365 subscription.
You plan to enable Microsoft Intune enrollment for the following types of devices:
* Existing Windows 11 devices managed by using Configuration Manager
* Personal iOS devices
The solution must minimize user disruption.
Which enrollment method should you use for each device type? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 179
You have the MDM Security Baseline profile shown in the MDM exhibit. (Click the MDM tab.) You have the ASR Endpoint Security profile shown in the ASR exhibit. (Click the ASR tab.)


You plan to deploy both profiles to devices enrolled in Microsoft Intune. You need to identify how the following settings will be configured on the devices:
* Block Office applications from creating executable content
* Block Win32 API calls from Office macro
Currently, the settings are disabled locally on each device.
What are the effective settings on the devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
lock Office App from creating executable content: Audit Mode
Both are set to Audit so that's what it will do.
Block Win32 API calls from the Office Macro: Audit
If you set the Baseline policy as Disable or Not Configured (same thing), and you have any other setting in the ASR, the ASR configuration will take over. That's how enterprise environments enforce granular controls of policies that are enforced for a smaller subset of the employee population. The article below (Jan 27, 2024) outlines the scenario and provides comments about this. In theory this also makes sense. If the baseline policy is configured to do nothing, and the ASR policy is configured to Audit, Block or Warn, I should think the ASR policy setting will take over the configuration.


NEW QUESTION # 180
You have a Microsoft 365 subscription that contains the devices shown in the following table.

You need to ensure that only devices running trusted firmware or operating system build can access network resources.
Which compliance policy setting should you configure for each device? To answer, drag the appropriate settings to the correct devices. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 181
You have a Microsoft 365 subscription.
You use Microsoft Intune Suite to manage devices.
You have the iOS app protection policy shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point,

Answer:

Explanation:

Explanation
Box 1 = PIN only
Box 2 = reset the PIN app
iOS/iPadOS app protection policy settings - Microsoft Intune | Microsoft Learn
https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-ios


NEW QUESTION # 182
You have a Microsoft 365 E5 subscription that uses Microsoft Intune. You have the Windows 11 devices shown in the following table.

You deploy the device compliance policy shown in the exhibit. (Click the Exhibit tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation


NEW QUESTION # 183
......

Verified MD-102 dumps Q&As - 100% Pass from Lead2PassExam: https://www.lead2passexam.com/Microsoft/valid-MD-102-exam-dumps.html

Pass MD-102 Exam in First Attempt Guaranteed 2024 Dumps: https://drive.google.com/open?id=1jA_jzLQ02-rp1BxHds7nSPJ4ySthtsZF

Related Articles

more
Microsoft MD-102 Certification Practice Exam