0% found this document useful (0 votes)

117 views

SIMULADO COMPLETO MD-102 1

Simulado para a MD-102

Uploaded by

Aline Kaolin

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

117 views

SIMULADO COMPLETO MD-102 1

Simulado para a MD-102

Uploaded by

Aline Kaolin

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 275

Avaliação Prática do Exame MD-102: Administrador

de Ponto de Extremidade

01 - Your network contains an on-premises Active Directory Domain Services (AD DS)
domain called contoso.com. Contoso.com contains the following groups:

1. Group1: Domain Local Security Group

2. Group2: Global Security Group
3. Group3: Universal Distribution Group

You have a device named Device1 that is a member of the contoso.com.

On Device1, create two groups named Group4 and Group5.

What groups can you add as members to Group5?

Group1 and Group2 only

Group1, Group2, and Group3 only
Group1, Group2, and Group4 only

Group1, Group2, Group3 e Group4

02 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

Intune contains the following features:

1. Comply1: Compliance Policy

2. Office1: Policy for Office apps
3. CA1: Conditional Access policy
4. Conf1: Device Configuration Profile

You plan to create a policy set named Set1.

What features can be added to Set1?

Somente CA1, Conf1 e Office1

Somente Comply1 e Conf1
Comply1, CA1, Conf1 e Office1
Somente Comply1
Somente Conf1

You have a Microsoft 365 subscription that includes a user named User1.

You need to ensure that User1 can enroll Windows devices in Microsoft Intune. The
solution should follow the principle of least privilege.

What role should you assign to User1?

Gerenciador de Registro de Dispositivos

Administrador Global
Administrador de Serviços do Intune
nenhuma atribuição de função

04 - You have a Microsoft 365 subscription.

You need to ensure that any Windows 10 device managed by Intune that has been
inactive for 180 days is automatically wiped and that the enrollment is deleted from
Microsoft Intune.

What should you set up?

Políticas de conformidade
Perfis de configuração
Device Wipe Rules
Linhas de base de segurança

05 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices
managed using Microsoft Intune.

You need to remove obsolete devices from the subscription. The solution should
minimize administrative efforts.

What should you do?

Set up a Device Wipe rule.
Crie uma política de conformidade.
Use as ações do dispositivo em massa para excluir os dispositivos.
Use as ações do dispositivo em massa para desativar dispositivos.

You have a Microsoft 365 subscription that includes 500 Windows 11 devices enrolled in
Microsoft Intune.

Create a new configuration profile and deploy it to all Windows 11 devices.

How long it will take to deploy the profile to all online devices.

5 minutos
60 minutos
8 horas
24 horas

07 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices
managed using Microsoft Intune.

You need to set up the Microsoft Edge startup page on all devices. The solution should
minimize administrative effort and support new devices to be added once registered.

What should you use?

Select only one answer.

uma política de conformidade
a Device Configuration profile
um script do PowerShell
uma política de Configuração de Aplicativo

08 - You have an Azure subscription and on-premises devices.

You plan to monitor the devices using Azure Monitor.

What should you deploy?

Select only one answer.
um banco de dados SQL do Azure
uma conta de Armazenamento do Azure
Um workspace do Azure Synapse Analytics
um workspace do Log Analytics

09 - You have an Azure subscription and on-premises devices.

You plan to monitor the devices using Azure Monitor.

You need to identify the agents that can be used to connect devices to Azure Monitor.

What are the two agents you can use? Each correct answer presents a complete
solution.

Selecione todas as respostas aplicáveis.

Azure Connected Machine Agent
Azure Monitor Agent
Agente do Azure Pipelines
Agents to Log Analytics
Agente de provisionamento do Microsoft Entra Connect

10 - You have a Microsoft 365 subscription that contains 100 devices running Windows
10 and are managed by Microsoft Intune.

You need to view an inventory of the apps and versions that are installed on the devices.
The solution should minimize administrative efforts.

What should you do?

Selecione somente uma resposta.

Crie uma nova Política de conformidade e atribua-a a todos os dispositivos.
Registre todos os dispositivos no Configuration Manager.
No Centro de Administração do Microsoft Endpoint Manager, use a
folha Relatórios para examinar o relatório Status de instalação de aplicativos.
In the Microsoft Endpoint Manager admin center, use the Apps blade to review
the discovered apps.
11 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices
managed using Microsoft Intune.

The subscription includes a monitoring solution that uses Azure Monitor and collects
Microsoft Entra ID sign-in logs.

You need to ensure that non-compliant device details are sent to Azure Monitor.

What are the two logs you should set up? Each correct answer presents a part of the
solution.

Logs de auditoria
Device Compliance Organization logs
IntuneDevices
Operation Logs

12 - You have an Azure subscription that includes a virtual machine named VM1 that runs
Windows 11 and is enrolled in Microsoft Intune.

VM1 hosts a legacy application called App1. App1 writes events to the event logs on VM1.

You need to ensure that all events created by App1 are sent to Azure Monitor. The
solution should minimize administrative efforts.

What should you do first?

Crie uma Regra de Coleta de Dados.

Habilite os Insights de VM do Azure.
Instale uma extensão da máquina virtual.
Install the Azure Monitor Agent.

13 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

Users enroll Windows 11 devices in Intune.

You need to set up an update schedule during which Windows updates are installed on
the enrolled devices.

What should you configure in Intune?

Selecione somente uma resposta.
política de conformidade
atualizações de recursos para Windows 10 e posterior
atualizações de qualidade para Windows 10 e posterior
Update ring for Windows 10 and later

14 - You have a Microsoft 365 E5 subscription that contains devices running Windows
11.

All devices are enrolled in Microsoft Intune.

You need to ensure that devices use Delivery Optimization when installing Windows
updates.

What should you configure in Intune?

Selecione somente uma resposta.

Device Configuration Profile
atualizações de recursos para Windows 10 e posterior
atualizações de qualidade para Windows 10 e posterior
anel de atualização para Windows 10 e posterior

15 - You have a Microsoft 365 subscription that includes 100 Windows devices enrolled
in Microsoft Intune.

You need to ensure that a group of test devices is updated to Windows 10 version
21H2. The solution should ensure that test devices do NOT receive feature updates for
at least two years.

What should you set up?

Selecione somente uma resposta.

Política de conformidade
Perfil de configuração
Feature Update Policy
Anel de Atualização
16 - You have a local network that includes a Hyper-V server that hosts a virtual machine
called VM1. VM1 runs Windows Server and hosts a legacy application that uses LDAP.

You plan to migrate VM1 to Azure by performing a lift-and-shift migration.

You need to provide an identity solution for VM1. The solution must meet the following
requirements:

1. Support the use of Azure Multi-Factor Authentication (MFA).

2. Make sure that users can only access the app using a trusted device.

Which service should you include in the solution?

Proxy de aplicativo do Microsoft Entra

Microsoft Entra Connect
Serviços de Domínio do Microsoft Entra
Sincronização de hash de senha do Microsoft Entra

17 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You plan to use the required device to be marked as a compliant setting in a

Conditional Access policy.

You need to ensure that the compliance of the device is assessed.

What should you do first?

Select only one answer.

Create and assign the security baseline profile in Intune.

Enroll devices in Intune.
Enter non-Microsoft devices enter ID.
Register devices not Microsoft Enter ID.

18 - You have a Microsoft 365 subscription that uses Microsoft Intune.

Create a Conditional Access policy named Policy1.

You need to configure Policy1 to prevent users from connecting to Microsoft 365
services using non-compliant devices.
What should you configure in Policy1?

Select only one answer.

Authentication Context
Continuous Access Assessment
Grant Controls
Session Controls

19 - You have a Microsoft 365 subscription.

You need to prevent users from connecting to the subscription when they're using
jailbroken devices.

What should you set up? Each correct answer presents a part of the solution.

Select all applicable responses.

a Conditional Access policy

a Device Compliance policy
a Device Configuration profile
a Device Registry manager
a Device Type restriction

20 - You have a Microsoft 365 subscription.

You need to enforce Intune compliance for the following device types:

1. iPad
2. iPhone
3. Windows 11
4. Windows 10
5. Android

What is the minimum number of compliance policies required?

Select only one answer.

1
3
4
5
21 - You have a Microsoft 365 subscription that uses Microsoft Intune.

You plan to implement a bring-your-own-device (BYOD) policy.

You need to ensure that any device that connects to the environment is subject to a
compliance policy. Devices that don't have a policy assigned should be marked as non-
compliant.

What should you set up first?

Select only one answer.

A compliance policy
a Conditional Access policy
an App Protection policy
the Compliance Policy settings

22 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices
managed using Microsoft Intune.

Your company uses Intune to manage devices and has set up compliance policies and
conditional access policies. Several users complain that they are unable to access the
company's resources.

You should identify potential issues for all users. The solution should require minimal
administrative effort.

What two services can you use to get an overview of potential issues? Each correct answer
presents a complete solution.

Select all applicable responses.

Review the Device Compliance report.
Review the Device Configuration report.
Review the sign-in logs.
Use troubleshooting + support.
View the details of the policy you created.

23 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You plan to create an Intune device limit restriction called Restriction1.

You need to set the maximum number of devices a user can enroll.

What is the maximum number of devices you can specify in Restriction1?

Selecione somente uma resposta.

15
30
50
100

24 - You have a Microsoft 365 subscription that includes a user named User1.

You need to ensure that User1 can enroll Windows devices in Microsoft Intune. The
solution should follow the principle of least privilege.

What role should you assign to User1?

Select only one answer.

Device Enrollment Manager

Global Administrator
Intune Service Administrator
No Role Assignment

25 - You have a Microsoft 365 subscription.

You need to ensure that any Windows 10 device managed by Intune that has been
inactive for 180 days is automatically wiped and that the enrollment is deleted from
Microsoft Intune.

What should you set up?

Select only one answer.

Compliance Policies
Configuration Profiles
Device Wipe Rules
Security baselines
26 – You have a Microsoft 365 subscription that includes 500 Windows 11 devices
managed using Microsoft Intune.

You need to remove obsolete devices from the subscription. The solution should
minimize administrative efforts.

What should you do?

Select only one answer.

Set up a Device Wipe rule.

Create a compliance policy.
Use device actions in bulk to delete the devices.
Use device actions in bulk to deactivate devices.

Your network contains an on-premises Active Directory Domain Services (AD DS)
domain and a Microsoft 365 E5 subscription.

You have the following devices enrolled in Microsoft Intune:

1. Device1: Windows 11
2. Device2: Android
3. Device3: iOS

You plan to implement Microsoft Tunnel for Intune.

Which devices can access on-premises resources using Microsoft Tunnel?

Select only one answer.

Device1 and Device2 only
Device1 and Device3
Device1, Device2 e Device3
Device1 only
Device2 and Device3 only

28 – You have a Microsoft 365 subscription that includes a group named Group1 and
two devices named Device1 and Device2.

Device1 runs Windows 10 Enterprise and is a member of Group1. Device2 runs Windows
11 Professional.
Create a new Windows 10 Configuration Profile and configure the following
assignments:

1. Groups Included: All Devices

2. Excluded Groups: Group1
3. Configure the following applicability rule:
4. Rule: Assign Profile If
5. Property: OS Edition
6. Valor: Windows 10/11 Enterprise

Which devices will receive the profile?

Select only one answer.

Device1 e Device2
Device1 only
Device2 only
neither Device1 nor Device2

29 – You have a Microsoft 365 subscription.

You purchased a device named Device1 and enrolled it in Microsoft Intune.

You need to configure Device1 to automatically log on and display a single web
application. The solution should ensure that only administrators can access other
features on the device.

What should you set up?

Select only one answer.

a Compliance Policy using custom compliance JSON settings
A Compliance Policy Using Kiosk Mode
a Configuration Profile using custom compliance JSON settings
a Configuration Profile Using Kiosk Mode

30 – You have a Microsoft 365 subscription that includes the following devices:

1. Device1: Windows 10 Home

2. Device2: Windows 11 Professional
3. Device3: Windows 8.1 Enterprise
• Device4: Android 9.0

You need to identify which devices support Intune configuration policies.

Which devices should you identify?

Select only one answer.

Device2 and Device3 only
Device2, Device3, and Device4 only
Device3 and Device4 only
Device1, Device2, Device3 e Device4

31 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices
managed using Microsoft Intune.

Deploy a new VPN provider for the subscription.

You need to set up new connection profiles for the VPN provider on Windows devices.
The solution should minimize administrative efforts.

What should you do?

Select only one answer.

Create a Conditional Access policy.
Create a Device Configuration profile with a Settings catalog.
Create a Device Configuration profile with templates.
Create an Endpoint Security policy.

32 - You have an Azure subscription that includes a virtual machine called VM1 that
runs Windows 11 and is enrolled in Microsoft Intune.

VM1 hosts a legacy application called App1. App1 writes events to the event logs on
VM1.

You need to ensure that all events created by App1 are sent to Azure Monitor. The
solution should minimize administrative efforts.

What should you do first?

Select only one answer.

Create a Data Collection Rule.
Enable Azure VM Insights.
Install a virtual machine extension.
Install the Azure Monitor Agent.

33 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

Users enroll Windows 11 devices in Intune.

You need to set up an update schedule during which Windows updates are installed on
the enrolled devices.

What should you configure in Intune?

Select only one answer.

Compliance Policy
Feature updates for Windows 10 and later
Quality updates for Windows 10 and later
Update ring for Windows 10 and later

34 – You have a Microsoft 365 subscription that includes 100 Windows devices enrolled
in Microsoft Intune.

You need to ensure that a group of test devices is updated to Windows 10 version
21H2. The solution should ensure that test devices do NOT receive feature updates for
at least two years.

What should you set up?

Select only one answer.

Compliance Policy
Configuration Profile
Feature Update Policy
Upgrade Ring
35 – You have a Microsoft 365 subscription that includes the following devices:

1. Device1: Windows 10 Pro version 1809

2. Device2: Windows 11 Pro version 22H2
3. Device3: Windows 11 Home version 22H2
4. Device4: Windows 11 Enterprise versão 21H2

You need to manage updates for Windows devices by using update rings in Microsoft
Intune.

Which devices can be managed using Microsoft Intune?

Select only one answer.

Device3 and Device4 only

Device2, Device3, and Device4 only
Device1, Device2, and Device4 only
Device4 only

36 - You have a Microsoft 365 subscription that includes 500 Windows 10 Enterprise 20H2
devices that are managed using Microsoft Intune.

You need to update the devices to Windows 11. The solution should ensure that users
can postpone the upgrade for a maximum of two weeks.

What should you set up first?

Select only one answer.

Device Configuration Profile

Feature update policy
Quality Update Profile
Update Ring Policy
37 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

The following devices have Microsoft 365 apps installed and are enrolled in Intune:

1. Device1: Windows 11
2. Device2: Android
3. Device3: iOS

You plan to use a Microsoft 365 Apps for business security baseline called Baseline1.

What devices can you apply Baseline1 to?

Select only one answer.

Device1 and Device2 only

Device1 and Device3
Device1, Device2 e Device3
Device1 only

You have a Microsoft 365 subscription that includes 100 Windows 10 devices enrolled in
Microsoft Intune.

Deploy Intune Security Baseline profiles to all Windows 10 devices.

Note that on some devices, settings were not applied due to a conflict with existing
policies.

You need to identify the conflicting policy. The solution should minimize administrative
efforts.

What should you do?

Select only one answer.

View the Assignment Failures report in the Microsoft 365 Defender portal.
View the Assignment Failures report in the Microsoft Endpoint Manager admin
center.
View the Non-compliant devices report in the Microsoft 365 Defender portal.
View the Non-compliant devices report in the Microsoft Endpoint Manager admin
center.
39 - You have a Microsoft 365 E5 subscription that includes 500 Windows 11 devices
that are managed using Microsoft Intune.

You need to apply granular security controls to the Microsoft Edge configuration on
each device. The solution should minimize administrative efforts.

What should you set up?

Select only one answer.

A compliance policy
a Security Baseline
Attack surface reduction
Endpoint detection and response

40 - You have a Microsoft 365 subscription that includes 500 Windows 11 Enterprise
devices that are managed using Microsoft Intune and Endpoint Security.

You need to ensure that users are automatically added to the on-premises RDP user
pool. The solution should follow the principle of least privilege.

What should you set up?

Select only one answer.

a Dynamic Group
Account protection
Device Compliance
Endpoint detection and response

41 – You have a Microsoft 365 subscription and 50 iOS devices.

You plan to roll out Defender for Endpoint to all corporate-owned iOS devices.

You need to onboard the iOS devices to Defender for Endpoint.

Which tool should you use?

Select only one answer.

Group Policy
JAMF Pro
Locais Scripts
Microsoft Intune

42 - You have a Microsoft 365 subscription that includes 500 Windows 11 Enterprise
devices that are managed using Microsoft Intune and Endpoint Protection.

You need to identify all the devices that have been infected by viruses.

Which report should you examine?

Select only one answer.

Anti-Virus Agent Status

Malware Detected
Device Status
Endpoint analytics

43 - You have a Microsoft 365 E5 subscription that contains a Microsoft Entra tenant.
The tenant contains the following devices:

1. Device1: Microsoft Entra is joined to the Windows 11 device

2. Device2: Registered Windows 11 device not Microsoft Entra
3. Device3: Microsoft Entra is joined to the Windows 10 device
4. Device4: Registered iOS Device Not Microsoft Enters

Which devices can be activated using subscription activation?

Select only one answer.

Device1 and Device2 only

Device1 and Device3
Device1 only
Device1, Device2, and Device3 only
Device1, Device2, Device3 e Device4
44 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You have a device named Device1 that runs Windows 11. Device1 contains a variety of
installed software and applications.

You need to reprovision Device1 and ensure that the device only contains the default
installation of Windows 11. The solution should minimize administrative efforts.

What should you use?

Select only one answer.

Microsoft Deployment Toolkit (MDT)

Sysprep
User Migration Tool (USMT)
Windows Autopilot

45 – You have a Microsoft 365 E5 subscription. The subscription contains a user named
User1 and a Microsoft Entra joined device named Device1 running Windows 11 Pro.

You need to implement subscription activation for Device1.

What should you do?

Select only one answer.

Assign a license to User1.

Configure Windows Autopilot and create a deployment profile.
Enroll Device1 in Microsoft Intune and assign a compliance policy.
Enroll Device1 in Microsoft Intune and assign a device configuration profile.

46 – You have 100 Windows 10 devices.

You need to update the devices to Windows 11. The solution must meet the following
requirements:

1. Ensure that only local user documents that have been accessed in the last
90 days on each device are retained.
2. Minimize administrative effort.
What are the two that you should include in the solution? Each correct answer presents
a part of the solution.

Select all applicable responses.

In-Place Upgrade
OneDrive for Business
User State Migration Tool
Windows Autopilot

47 – You have a Workgroup-joined device named Device1 that runs Windows 10

Professional and includes a user named User1.

Create a Microsoft 365 account for User1 and assign them a Windows 10 Enterprise E3
license.

You need to upgrade Device1 to Windows 10 Enterprise. The solution should minimize
administrative efforts.

What should you do?

Select only one answer.

Join Device1 to the Microsoft Entra ID.

Perform a device reset.
Perform an in-place upgrade.
Reimage your device with a Windows 10 Enterprise corporate image.

48 - You have a Microsoft 365 E3 subscription that includes 500 devices and uses
Microsoft Intune. Devices run Windows 10 22H2 and are configured with the Windows
Recovery Environment.

You need to deploy Windows Autopilot. The solution should minimize the time it takes
to revert devices to a business-ready state.

What should you do first?

Select only one answer.

Create a deployment profile.

Create a dynamic device group.
Habilite a política DisableAutomaticReDeploymentCredentials.
Manually enroll devices with Windows Autopilot.

49 – A Windows 10 device named Device1.

You plan to deploy a Windows 10 image to Device1 using the Microsoft Deployment
Toolkit.

You need to ensure that the Windows Product Key is automatically assigned as part of
the imaging process. The solution should minimize administrative efforts.

What should you modify?

Select only one answer.

Bootstrap file.ini
Deployment Sharing
Reference image
Task Sequence

50 – You plan to create and deploy a Windows 10 image using the Microsoft
Deployment Toolkit (MDT).

You need to ensure that when a device receives an image, the name assigned to the
device includes the device's serial number.

What should you set up?

Select only one answer.

a PowerShell script
DHCP Option 67
the Customsettings file.ini
The Reference Image
51 - You have a Microsoft Deployment Toolkit (MDT) deployment that includes a
Windows 10 reference image.

You plan to deploy 50 new Windows 10 devices.

Add the new drivers required for the devices to the MDT share.

You need to ensure that image deployments to a new device include only the updated
drivers.

What are two actions you should take? Each correct answer presents a part of the
solution.

Select all applicable responses.

Add a new app.

Add a new profile.
Create a new boot image.
Create a new task sequence.

Your company has offices in London and New York. The offices are connected using a
low-speed WAN link.

Deploy a Microsoft Deployment Toolkit (MDT) infrastructure in the New York office and
configure a Windows 10 image.

You need to deploy the image to 1000 devices in the London office. The solution must
meet the following requirements:

1. Make sure you can monitor bandwidth usage.

2. Minimize administrative effort.

What should you do first?

Select only one answer.

Create a linked deployment share.

Deploy a second instance of MDT in the London office.
Deploy a SQL Cluster.
Replicate the MDT deployment shares using DFS-R.
You have 100 devices running Windows 10.

Deploy a Microsoft Deployment Toolkit (MDT) environment.

You plan to update the devices with a new Windows 10 image using MDT.

You need to ensure that users keep their existing start menu layout when their devices
are updated.

What should you include in the solution?

Select only one answer.

A deployment rule
a PowerShell script
A reference image
the User State Migration Tool

54 - You have a device named Device1 that runs Windows 11 and contains the
following users:

1. User1: Member of the Administrators group

2. User2: Member of the Device Owners group
3. User3: Member of the Remote Desktop Users group
4. User4: Member of the Remote Management Users group

Enable Remote Desktop on Device1.

Which users can connect to Device1 using Remote Desktop?

Select only one answer.

User1 and User3 only

User1, User2, and User3 only
User1, User3, User3 e User4
User3 and User4 only
User3 only
55 - You have two workgroup computers running Windows 11 called Computer1 and
Computer2. Computer2 contains a user named User1. User1 is a member of the Remote
Desktop Users group.

On Computer1, you cannot establish a Remote Desktop Connection to Computer2.

You need to ensure that you establish a Remote Desktop Connection from Computer1
to Computer2.

What should you do on Computer2?

Select only one answer.

In the Computer Management application, add User1 to the Administrators group.

In the Computer Management application, add User1 to the Remote Management Users
group.
In the network adapter settings, set the network profile to Public.
In the Settings app, enable Remote Desktop.

56 - You have an Active Directory Domain Services (AD DS) domain that contains
Windows 11 devices.

You need to ensure that you can remotely administer the devices using PowerShell.

Which command should be used?

Select only one answer.

Enable-PSRemoting
Enter-PSSession
Set-PSDebug

57 - You have a Microsoft 365 subscription that includes 100 Android devices enrolled
in Microsoft Intune.

You plan to deploy an Android app to all Android devices that are managed using
Microsoft Intune.

Create a new app deployment and enter the name and details of the app.
What should you do next?

Select only one answer.

Enter the AppStore URL for the app.

Enter the publishers' download URL for the app.
Upload the app's APK to Azure storage.
Upload the app's APK to the Microsoft Endpoint Manager admin center.

58 – You have a Microsoft 365 subscription that includes the following features:

1. A user named User1

2. Two groups named Group1 and Group2
3. A Windows 10 device named Device1

Device1 is a member of Group1. User1 is a member of Group2.

Deploy a new Windows 10 app named App1 for User1 to Device1 with the following
assignments:

1. Required: Group1
2. Desinstalar: Group2

When User1 signs in to Device1, what is the status of App1 on the device?

Select only one answer.

The app will be installed and available in the Company Portal.

The app will be installed and will NOT be available in the Company Portal.
The app will be uninstalled and available in the Company Portal.
The app will be uninstalled and will NOT be available in the Company Portal.

59 - You have a Microsoft 365 subscription that includes 500 Windows 11 Enterprise
devices managed using Microsoft Intune.

Add an app called App1 to Microsoft Intune.

You need to ensure that App1 is automatically installed for all users.

What should you configure for App1?

Select only one answer.

Application Configuration Policies

App Settings
Application Assignments
Application Info

60 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You have the following devices:

1. Device1: Windows 11 device enrolled in Intune

2. Device2: Android device enrolled in Intune
3. Device3: Android device NOT enrolled in Intune
4. Device4: iOS device NOT enrolled in Intune

What devices can you apply an app configuration policy to?

Select only one answer.

Device1 and Device2 only

Device1, Device2, Device3 e Device4
Device1 only
Device2, Device3, and Device4 only
Device3 and Device4 only

61 - You have a Microsoft 365 subscription.

Users connect to Microsoft 365 services using their personal iOS and Android devices.
Devices are NOT managed by Intune.

You need to prevent Microsoft 365 files from being saved locally on unmanaged
devices.

What should you use?

Select only one answer.

Application Configuration Policies

Application Deployment
App Protection Policies
Configuration Profiles

62 - You have a Microsoft 365 subscription that includes a group called Group1 that
contains 500 Android devices.

Provision a new App Protection policy in Microsoft Intune with the following settings:

1. - Target for apps on all device types: Yes

2. Target Policy for: All Microsoft Apps
3. Save copies of organization data: Block
4. Allow user to save copies to selected services: OneDrive for Business
5. Assignments: Group1

Users report that they can save data on their devices.

You need to ensure that users are prevented from saving data on their local devices.

Which setting should you modify?

Select only one answer.

Allow user to save copies to selected services

Assignments
Save copies of organization data
Destination Policy for

63 - You have a Microsoft 365 subscription that includes iOS and Android devices
managed using Microsoft Intune.

You plan to implement a data protection framework for financial data.

You need to create app protection policies so that the framework protects company
data in the event that a device has root or jailbroken access.

What are two actions that the policy should perform? Each correct answer presents a
part of the solution.

Select all applicable responses.

Block access.
Encrypt organizational data.
Reset the PIN.
Erase the data.

64 - Case Study -

Overview -
ADatum Corporation is a consulting firm headquartered in Montreal with branches in Seattle and New York.
ADatum has a Microsoft 365 E5 subscription.

Environment -

Network Environment -
The network contains a local Active Directory domain named adatum.com. The domain contains the
servers shown in the following table.

ADatum has a hybrid Azure AD tenant called adatum.com.

Users and groups –

The tenant adatum.com contains the users shown in the following table.

All users receive a Microsoft Office 365 license and an Enterprise Mobility + Security E3 license.
Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have an association type of Assigned.

Devices -
ADatum has the Windows 10 devices shown in the following table.

Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.

A white rectangular box with black text Description automatically generated

All Azure AD-joined devices have an executable file named C:\AppA.exe and a folder named
D:\Folder1.Microsoft Intune

configuration -
Microsoft Intune has the compliance policies shown in the following table.

The Autoenrollment settings have the following settings:MDM user scope: GroupA -

MAM user scope: GroupB

- You have an Endpoint Protection configuration profile that has the following controlled folder access
settings
:Name: Protection1 -

Folder Protection: Enable -

List of applications that have access to protected folders: C:\*\AppA.exe

List of additional folders that need to be protected: D:\Folder1

Assignments:

Groups included: Group2, GroupB -

Windows Autopilot Configuration -
ADatum has a Windows Autopilot deployment profile configured as shown in the following exposure.

Currently, there are no devices deployed using Windows Autopilot.

The Intune connector for Active Directory is installed on Server1.

Requirements
- Planned changes -
ADatum plans to implement the following changes:
Purchase a new Windows 10 device named Device6 and enroll the device in Intune
New machines will be deployed using Windows Autopilot and will be joined to hybrid Azure AD.Deployed a
network boundary configuration profile that will have the following settings:Name:
Boundary1 -

Network boundary: 192.168.1.0/24

Scope Tags: Tag1

-Assignments:Groups included: Group1, Group2

- Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following
settings

:Name: Connection1 -
Connection Name: VPN1 -

Connection Type: L2TP -

Assignments

:
Groups Included: Group1, Group2, GroupA Excluded Groups: --Name:
Connection2 -
Connection Name: VPN2

-Connection Type: IKEv2

-Assignments:Groups Included: GroupA -

Excluded Groups
: GroupB -

Technical Requirements -

ADatum must meet the following technical requirements:

Users in GroupA must be able to deploy new computers.

Administrative effort should be minimized.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A group of black text Description automatically generatedA screenshot of a computer
Description automatically generated

A group of people in a group Description automatically generated

A white rectangular box with black text Description automatically generated

A screenshot of a computer Description automatically generated

A group of people in a group Description automatically generated

A white rectangular box with black text Description automatically generated

A close up of a sign Description automatically generated

A screenshot of a computer Description automatically generated

Todos os dispositivos ingressados no Azure AD têm um arquivo executável chamado C:\AppA.exe

e uma pasta chamada D:\Folder1.

Configuração do Microsoft Intune –O Microsoft Intune tem as políticas de conformidade

mostradas na tabela a seguir.

The Autoenrollment settings have the following settings:MDM user scope: GroupA -

MAM user scope: GroupB - You have an Endpoint Protection configuration profile that has the
following controlled folder access settings

:Name: Protection1 -
Folder Protection: Enable - List of applications that have access to protected folders:
C:\*\AppA.exeList of additional folders that need to be protected: D:\Folder1

Assignments

:Groups included: Group2, GroupB

- Windows Autopilot Configuration - ADatum has a Windows Autopilot deployment profile

configured as shown in the following exposure.
Currently, there are no devices deployed using Windows Autopilot.The Intune connector for Active
Directory is installed on Server1.

Requirements
- Planned changes - AD plans to implement the following changes: Purchase a new Windows 10
device named Device6 and enroll the device in IntuneNew machines will be deployed using
Windows Autopilot and will be joined to hybrid Azure AD. Deployed a network boundary
configuration profile that will have the following settings:Name:

Boundary1 - Network boundary: 192.168.1.0/24

Scope Tags: Tag1 -

Assignments

:Groups included: Group1, Group2 - Deploy two VPN configuration profiles named Connection1 and
Connection2 that will have the following settings

:Name: Connection1

-Connection Name: VPN1 -

Connection Type: L2TP -

Assignments:Groups Included: Group1, Group2, GroupAGubyd Groups: --

Name: Connection2

-Connection Name: VPN2

-Connection Type: IKEv2

-Assignments

:Groups Included: GroupA -Excluded Groups: GroupB

-Technical Requirements -

ADatum must meet the following technical requirements:Users in GroupA must be able to deploy
new computers. Administrative effort should be minimized.

What devices are enrolled using the Windows Autopilot deployment service?

1. The. Device only1

2. B. Device only3
3. C. Device1 and Device3 only
4. D. Device1, Device2, and Device3
A group of black text Description automatically generatedA screenshot of a computer
Description automatically generated

A group of people in a group Description automatically generated

A white rectangular box with black text Description automatically generated
A close up of a sign Description automatically generated

A screenshot of a computer Description automatically generated

The network contains a local Active Directory domain named adatum.com. The domain contains
the servers shown in the following table.

ADatum has a hybrid Azure AD tenant called adatum.com.

Users and groups –

The tenant adatum.com contains the users shown in the following table.

Devices -
ADatum has the Windows 10 devices shown in the following table.

Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.

Windows 10 devices are configured as shown in the following table.
Todos os dispositivos ingressados no Azure AD têm um arquivo executável chamado C:\AppA.exe
e uma pasta chamada D:\Folder1.

Configuração do Microsoft Intune –

O Microsoft Intune tem as políticas de conformidade mostradas na tabela a seguir.

As configurações de Registro Automático têm as seguintes configurações:

Escopo do usuário MDM: GrupoA -

Escopo do usuário MAM: GrupoB -

Você tem um perfil de configuração do Endpoint Protection que possui as seguintes
configurações de acesso controlado a pastas:

Nome: Proteção1 -

A screenshot of a computer Description automatically generated

Lista de aplicativos que ter acesso a pastas protegidas: C:\*\AppA.exe
Lista de pastas adicionais que precisam ser protegidas: D:\Folder1
Atribuições:

Grupos incluídos: Grupo2, GrupoB -

Configuração do Windows Autopilot -
ADatum tem um perfil de implantação do Windows Autopilot configurado como mostrado na
exposição a seguir.

Atualmente, não há dispositivos implantados usando o Windows Autopilot.

O conector do Intune para Active Directory está instalado no Servidor1.

Requisitos -
Alterações planejadas -
ADatum planeja implementar as seguintes alterações:
Adquirir um novo dispositivo Windows 10 chamado Device6 e registrar o dispositivo no Intune
Novos computadores serão implantados usando o Windows Autopilot e serão ingressados no
Azure AD híbrido.
Implantado um perfil de configuração de limite de rede que terá as seguintes configurações:

Nome: Limite1 -
Limite de rede: 192.168.1.0/24

Tags de escopo: Tag1 -

Atribuições:

Grupos incluídos: Grupo1, Grupo2 -

Implante dois perfis de configuração VPN chamados Conexão1 e Conexão2 que terão as
seguintes configurações:

Nome: Conexão1 -

Nome da conexão: VPN1 -

Tipo de conexão: L2TP -

Atribuições:
Grupos incluídos: Grupo1, Grupo2, GrupoA
Grupos excluídos: --

Nome: Conexão2 -

Nome da conexão: VPN2 -

Tipo de conexão: IKEv2 -

Atribuições:

Grupos incluídos: GrupoA -

Grupos excluídos: GrupoB -

Requisitos técnicos -
O ADatum deve atender aos seguintes requisitos técnicos:
Os usuários do GrupoA devem ser capazes de implantar novos computadores.
O esforço administrativo deve ser minimizado.
Para cada uma das afirmações a seguir, selecione Sim se a afirmação for verdadeira. Caso
contrário, selecione Não.
NOTA: Cada seleção correta vale um ponto.

67 - Estudo de caso -

A group of black text Description automatically generated

A screenshot of a computer Description automatically generated

A group of people in a group Description automatically generated

A white rectangular box with black text Description automatically generated

Usuários e grupos –O locatário adatum.com contém os usuários mostrados na tabela a seguir.

Todos os usuários recebem uma licença do Microsoft Office 365 e uma licença Enterprise Mobility
+ Security E3.O Enterprise State Roaming está habilitado para Grupo1 e GrupoA.O Grupo1 e o
Grupo2 têm um tipo de associação Atribuído.

Dispositivos -ADatum possui os dispositivos Windows 10 mostrados na tabela a seguir.

Os dispositivos Windows 10 estão associados ao Azure AD e inscritos no Microsoft Intune.Os
dispositivos Windows 10 são configurados conforme mostrado na tabela a seguir.

Todos os dispositivos ingressados no Azure AD têm um arquivo executável chamado C:\AppA.exe

e uma pasta chamada D:\Folder1.

Configuração do Microsoft Intune –O Microsoft Intune tem as políticas de conformidade

mostradas na tabela a seguir.

The Autoenrollment settings have the following settings:MDM User Scope: GroupA -

MAM User Scope: GroupB - You have an Endpoint Protection configuration profile that has the
following controlled folder access settings

:Name: Protection1 - Folder Protection: Enable - List of applications that have access to protected
folders: C:\*\
AppA.exeList

of additional folders that need to be protected: D:\Folder1Assignments:

Groups included: Group2, GroupB

- Windows Autopilot Configuration - ADatum has a Windows Autopilot deployment profile

configured as shown in the following exposure.

Currently, there are no devices deployed using Windows Autopilot.The Intune connector for Active
Directory is installed on Server1.

Requirements

-Planned Changes -ADatum plans to implement the following changes:

Purchase a new Windows 10 device named Device6 and enroll the device in IntuneNew PCs will be
deployed using Windows Autopilot and joined to hybrid Azure AD. Deployed a network boundary
configuration profile that will have the following settings:Name:

Boundary1 - Network boundary: 192.168.1.0/24

Scope Tags: Tag1

-Assignments:Groups included: Group1, Group2 -Deploy two VPN configuration profiles named
Connection1 and Connection2 that will have the following settings

:Name: Connection1

-Connection Name: VPN1

-Connection Type: L2TP -Assignments:Groups Included: Group1, Group2, GroupAGexcluded

groups: --

Name: Connection2

-Connection name: VPN2

-Connection type: IKEv2 -Assignments

:Groups included: GroupA -Excluded groups: GroupB

-Technical requirements -

ADatum must meet the following technical requirements:GroupA users must be able to deploy new
computers. Administrative effort should be minimized. You implement Boundary1 based on
planned changes.
Which devices have a 192.168.1.0/24 network limit applied?

1. The. Device only2

2. B. Device only3
3. C. Device1, Device2, and Device5 only
4. D. Device1, Device2, Device3, and Device4 only

68 - Você tem uma assinatura do Microsoft 365.

Você usa o Microsoft Intune Suite para gerenciar dispositivos.
Você tem a política de proteção de aplicativos iOS mostrada na exposição a seguir.
Use the drop-down menus to select the answer option that completes each statement based on the
information presented in the chart.
NOTE: Each correct selection is worth one point.

69 - You have a Microsoft 365 E5 subscription and a PC running Windows 11.

You need to create a custom installation of Microsoft 365 Apps for enterprise.
What are the four actions you should take in sequence? To respond, move the appropriate cmdlets from the
list of cmdlets to the answer area and arrange them in the correct order.
70 - You have devices enrolled in Microsoft Intune as shown in the following table.

On which devices can you apply app configuration policies?

• A. Device2 only
• B. Device1 and Device2 only
• C. Device3 and Device4 only
• D. Device2, Device3, and Device4 only
• E. Device1, Device2, Device3, and Device4

71 - HOTSPOT -
You have an Azure AD tenant named contoso.com that contains the devices shown in the following
table.

All devices contain an app named App1 and are enrolled in Microsoft Intune.
You need to prevent users from copying data from App1 and pasting the data into other apps.
Which type of policy and how many policies should you create in Intune? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
72 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You plan to deploy two apps named App1 and App2 to all Windows devices. App1 must be
installed before App2.
From the Intune admin center, you create and deploy two Windows app (Win32) apps.
You need to ensure that App1 is installed before App2 on every device.
What should you configure?

• A. the App1 deployment configurations

• B. a dynamic device group
• C. a detection rule
• D. the App2 deployment configurations

73 - You have a Microsoft Intune subscription.

You have devices enrolled in Intune as shown in the following table.

An app named App1 is installed on each device.

What is the minimum number of app configuration policies required to manage App1?

• A. 1
• B. 2 Most Voted
• C. 3
• D. 4
• E. 5

74 - You have a Microsoft 365 E5 subscription that contains 100 iOS devices enrolled in Microsoft
Intune.
You need to deploy a custom line-of-business (LOB) app to the devices by using Intune.
Which extension should you select for the app package file?

• A. .intunemac
• B. .ipa Most Voted
• C. .apk
• D. .appx

75 - You have a Microsoft 365 E5 subscription that contains a user named User1 and a web app
named App1.
App1 must only accept modern authentication requests.
You plan to create a Conditional Access policy named CAPolicy1 that will have the following
settings:

Assignments -
Users or workload identities: User1

Cloud apps or actions: App1 -

Access controls -

Grant: Block access -

You need to block only legacy authentication requests to App1.
Which condition should you add to CAPolicy1?

• A. Filter for devices

• B. Device platforms
• C. User risk
• D. Sign-in risk
• E. Client apps Most Voted

76 - HOTSPOT -
All users have Microsoft 365 apps deployed.
You need to configure Microsoft 365 apps to meet the following requirements:
Enable the automatic installation of WebView2 Runtime.
Prevent users from submitting feedback.
Which two settings should you configure in the Microsoft 365 Apps admin center? To answer,
select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
77 - You have a Microsoft 365 subscription.
You have 10 computers that run Windows 10 and are enrolled in mobile device management
(MDM).
You need to deploy the Microsoft 365 Apps for enterprise suite to all the computers.
What should you do?

• A. From the Microsoft Intune admin center, create a Windows 10 device profile.
• B. From Azure AD, add an app registration.
• C. From Azure AD, add an enterprise application.
• D. From the Microsoft Intune admin center, add an app. Most Voted
78 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You have a Windows 11 device named Device1 that is enrolled in Intune. Device1 has been offline
for 30 days.
You need to remove Device1 from Intune immediately. The solution must ensure that if the device
checks in again, any apps and data provisioned by Intune are removed. User-installed apps,
personal data, and OEM-installed apps must be retained.
What should you use?

• A. a Delete action
• B. a Retire action
• C. a Fresh Start action
• D. an Autopilot Reset action

79 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.You use Microsoft
Intune to manage devices. You need to review the boot times and restart the frequencies of the
devices.
What should you use?

1. A. Monitor Azure
2. B. Intune Data Warehouse
3. C. Microsoft Defender for Endpoint
4. D. Top Rated Endpoint Analytics

80 - HOTSPOT –
Você tem uma assinatura do Microsoft 365 E5.
Você cria uma nova política de anéis de atualização chamada Policy1, conforme mostrado na exposição a
seguir.
81 - You have computers that run Windows 10 and connect to an Azure Log Analytics workspace.
The workspace is configured to collect all available events from the Windows event logs.
The computers have the logged events shown in the following table.

Which events are collected in the Log Analytics workspace?

• A. 1 only
• B. 2 and 3 only
• C. 1 and 3 only
• D. 1, 2, and 4 only Most Voted
• E. 1, 2, 3, and 4

82 - You have a Microsoft 365 E5 subscription that contains 10 Android Enterprise devices. Each
device has a corporate-owned work profile and is enrolled in Microsoft Intune.
You need to configure the devices to run a single app in kiosk mode.
Which Configuration settings should you modify in the device restrictions profile?

• A. Users and Accounts

• B. General
• C. System security
• D. Device experience Most Voted

83 - You have a Microsoft 365 E5 subscription that contains 500 macOS devices enrolled in
Microsoft Intune.
You need to ensure that you can apply Microsoft Defender for Endpoint antivirus policies to the
macOS devices. The solution must minimize administrative effort.
What should you do?

• A. Onboard the macOS devices to the Microsoft Purview compliance portal.

• B. From the Microsoft Intune admin center, create a security baseline.
• C. Install Defender for Endpoint on the macOS devices.
• D. From the Microsoft Intune admin center, create a configuration profile. Most Voted
84 - You have an Azure AD tenant and 100 Windows 10 devices that are Azure AD joined and
managed by using Microsoft Intune.
You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the
devices. The solution must minimize administrative effort.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. To configure Microsoft Defender Antivirus, create a Group Policy Object (GPO) and
configure the Windows Defender Antivirus settings.
• B. To configure Microsoft Defender Firewall, create a device configuration profile and
configure the Device restrictions settings.
• C. To configure Microsoft Defender Antivirus, create a device configuration profile and
configure the Endpoint protection settings.
• D. To configure Microsoft Defender Antivirus, create a device configuration profile and
configure the Device restrictions settings. Most Voted
• E. To configure Microsoft Defender Firewall, create a device configuration profile and
configure the Endpoint protection settings. Most Voted
• F. To configure Microsoft Defender Firewall, create a Group Policy Object (GPO) and
configure Windows Defender Firewall with Advanced Security.

85 - You have an Azure AD group named Group1. Group1 contains two Windows 10 Enterprise
devices named Device1 and Device2.
You create a device configuration profile named Profile1. You assign Profile1 to Group1.
You need to ensure that Profile1 applies to Device1 only.
What should you modify in Profile1?

• A. Assignments Most Voted

• B. Settings
• C. Scope (Tags)
• D. Applicability Rules

86 - DRAG DROP -
You have a Microsoft 365 subscription that includes Microsoft Intune.
You need to implement a Microsoft Defender for Endpoint solution that meets the following requirements:
Enforces compliance for Defender for Endpoint by using Conditional Access
Prevents suspicious scripts from running on devices
What should you configure? To answer, drag the appropriate features to the correct requirements. Each
feature may be used once, more than once, or not at all. You may need to drag the split bar between panes
or scroll to view content.
NOTE: Each correct selection is worth one point.

87 - Your network contains an on-premises Active Directory domain and an Azure AD tenant.
The Default Domain Policy Group Policy Object (GPO) contains the settings shown in the following
table.

You need to migrate the existing Default Domain Policy GPO settings to a device configuration
profile.
Which device configuration profile type template should you use?

• A. Administrative Templates
• B. Endpoint protection
• C. Device restrictions Most Voted
• D. Custom
88 - You have 100 computers that run Windows 10 and connect to an Azure Log Analytics
workspace.
Which three types of data can you collect from the computers by using Log Analytics? Each correct
answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. failure events from the Security log

• B. the list of processes and their execution times
• C. the average processor utilization Most Voted
• D. error events from the System log Most Voted
• E. third-party application logs stored as text files Most Voted

89 - You have a Microsoft 365 E5 subscription. The subscription contains 25 computers that run
Windows 11 and are enrolled in Microsoft Intune.
You need to onboard the devices to Microsoft Defender for Endpoint.
What should you create in the Microsoft Intune admin center?

• A. an attack surface reduction (ASR) policy

• B. a security baseline
• C. an endpoint detection and response (EDR) policy Most Voted
• D. an account protection policy
• E. an antivirus policy

90 - Your company uses Microsoft Intune to manage devices.

You need to ensure that only Android devices that use Android work profiles can enroll in Intune.
Which two configurations should you perform in the device enrollment restrictions? Each correct
answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. From Platform Settings, set Android device administrator Personally Owned to Block.
• B. From Platform Settings, set Android Enterprise (work profile) to Allow. Most Voted
• C. From Platform Settings, set Android device administrator Personally Owned to Allow.
• D. From Platform Settings, set Android device administrator to Block. Most Voted
91 - HOTSPOT -
You have the device configuration profile shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.
NOTE: Each correct selection is worth one point.
92 - HOTSPOT -
You have 100 Windows 10 devices enrolled in Microsoft Intune.
You need to configure the devices to retrieve Windows updates from the internet and from other computers
on a local network.
Which Delivery Optimization setting should you configure, and which type of Intune object should you
create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

93 - HOTSPOT -
You have an Azure AD tenant that contains the users shown in the following table.

You have devices enrolled in Microsoft Intune as shown in the following table.
From Intune, you create and send a custom notification named Notification1 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

94 - You use Microsoft Intune and Intune Data Warehouse.You need to create a device inventory
report that includes the data stored in the data warehouse.
What should you use to create the report?

1. The. the Company Portal app

2. B. Endpoint Analytics
3. C. the Azure portal app
4. D.Microsoft Power BI

95 - You have a Microsoft 365 E5 subscription and 25 Apple iPads.

You need to enroll the iPads in Microsoft Intune by using the Apple Configurator enrollment
method.
What should you do first?

• A. Configure an Apply MDM push certificate. Most Voted

• B. Add your user account as a device enrollment manager (DEM).
• C. Modify the enrollment restrictions.
• D. Upload a file that has the device identifiers for each iPad.
96 - HOTSPOT -
You have 100 computers that run Windows 10. You have no servers. All the computers are joined to Azure
AD.
The computers have different update settings, and some computers are configured for manual updates.
You need to configure Windows Update. The solution must meet the following requirements:
The configuration must be managed from a central location.
Internet traffic must be minimized.
Costs must be minimized.
How should you configure Windows Update? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
97 - Your network contains an Active Directory domain named contoso.com. The domain contains
a computer named Computer1 that runs Windows 10.
You have the groups shown in the following table.

Which groups can you add to Group4?

• A. Group2 only Most Voted

• B. Group1 and Group2 only
• C. Group2 and Group3 only Most Voted
• D. Group1, Group2, and Group3

98 - DRAG DROP -
You have a Microsoft 365 subscription. The subscription contains PCs that are running Windows 11 and are
enrolled in Microsoft Intune.
You need to create a compliance policy that meets the following requirements:
Requires BitLocker (BitLocker) drive encryption on each device Requires
a minimum operating system version
Which compliance policy setting should you set for each requirement? To respond, drag the appropriate
settings to the correct requirements. Each setting can be used once, more than once, or never used at
all. You may need to drag the split bar between panels or scroll to view the contents.
NOTE: Each correct selection is worth one point.
99 - HOTSPOT - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.You have
the Windows 11 devices shown in the following table.

Você implanta a política de conformidade do dispositivo mostrada na exposição. (Clique na guia

Anexo.)

For each of the following statements, select Yes if the statement is true. Otherwise, select
No.NOTE: Each correct selection is worth one point.

Ocultar solução Discussão 15

Resposta correta:

A list of windows operating system Description automatically generatedDRAG DROP

–
você tem uma assinatura do Microsoft 365 que contém os dispositivos mostrados na tabela a seguir.

Você precisa garantir que apenas dispositivos que executam firmware confiável ou versões de sistema
operacional possam acessar os recursos da rede.
Qual configuração de política de conformidade você deve definir para cada dispositivo? Para responder,
arraste as configurações apropriadas para os dispositivos corretos. Cada configuração pode ser usada uma
vez, mais de uma vez ou nunca ser usada. Talvez seja necessário arrastar a barra de divisão entre os
painéis ou rolar para visualizar o conteúdo.
NOTA: Cada seleção correta vale um ponto.
101 - DRAG DROP -
You have a Microsoft 365 subscription that contains 1,000 Windows 11 devices enrolled in
Microsoft Intune.
You plan to create and monitor the results of a compliance policy used to validate the BIOS version
of the devices.
Which four actions should you perform in sequence? To answer, move the appropriate actions
from the list of actions to the answer area and arrange them in the correct order.
Correct Answer:

102 - DRAG DROP -

You have a computer that runs Windows 10 and contains two local users named User1 and User2.
You need to ensure that the users can perform the following actions:
User1 must be able to adjust the date and time.
User2 must be able to clear Windows logs.
The solution must use the principle of least privilege.
To which group should you add each user? To answer, drag the appropriate groups to the correct
users. Each group may be used once, more than once, or not at all. You may need to drag the split
bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Correct Answer:
103 - HOTSPOT –
A table with text on it Description automatically generated
Você tem os dispositivos mostrados na tabela a seguir.

Quais dispositivos podem ser ingressados no Azure AD e quais dispositivos podem ser registrados em
contoso.com? Para responder, selecione as opções apropriadas na área de resposta.
NOTA: Cada seleção correta vale um ponto.

A list of data Description automatically generated with medium confidenceA

screenshot of a computer Description automatically generated
Você tem um locatário do Azure AD chamado contoso.com que contém os usuários mostrados na tabela a
seguir.

Você tem um computador chamado Computador1 que executa o Windows 10. O Computador1 está em um
grupo de trabalho e tem os usuários locais mostrados na tabela a seguir.

UserA ingressa no Computer1 no Azure AD usando [email protected] .

Para cada uma das afirmações a seguir, selecione Sim se a afirmação for verdadeira. Caso contrário,
selecione Não.
NOTA: Cada seleção correta vale um ponto.

105 - Your network contains an Active Directory domain. The domain contains a user named
Admin1. All computers run Windows 10.
You enable Windows PowerShell remoting on the computers.
You need to ensure that Admin1 can establish remote PowerShell connections to the computers.
The solution must use the principle of least privilege.
To which group should you add Admin1?

• A. Access Control Assistance Operators

• B. Remote Desktop Users
• C. Power Users
• D. Remote Management Users Most Voted

106 - HOTSPOT -
You have a Microsoft Intune subscription.
You are creating a Windows Autopilot deployment profile named Profile1 as shown in the following exhibit.
Profile1 will be deployed to Windows 10 devices.
Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.
NOTE: Each correct selection is worth one point.
107 - HOTSPOT -
You have a server named Server1 and computers that run Windows 10. Server1 has the Microsoft
Deployment Toolkit (MDT) installed.
You plan to upgrade the Windows 10 computers to Windows 11 by using the MDT deployment wizard.
You need create a deployment share on Server1.
What should you do on Server1, and what are the minimum components you should add to the MDT
deployment share? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

108 - DRAG DROP -

Você tem um servidor Microsoft Deployment Toolkit (MDT) chamado MDT1.
Quando os computadores iniciam a partir da imagem LiteTouchPE_x64.iso e se conectam ao MDT1, a tela
de boas-vindas aparece conforme mostrado na exposição a seguir.
You need to prevent the welcome screen from appearing when computers connect to MDT1.
What are three actions you should perform in sequence? To respond, move the appropriate actions from the
watchlist to the response area and arrange them in the correct order.
109 - You use Windows Admin Center to remotely administer computers that run Windows 10.
When connecting to Windows Admin Center, you receive the message shown in the following
exhibit.

You need to prevent the message from appearing when you connect to Windows Admin Center.
To which certificate store should you import the certificate?

• A. Client Authentication Issuers

• B. Personal
• C. Trusted Root Certification Authorities Most Voted

110 - HOTSPOT -
You have an Azure AD tenant named contoso.com that contains the devices shown in the following
table.

Contoso.com contains the Azure AD groups shown in the following table.

You add a Windows Autopilot deployment profile. The profile is configured as shown in the
following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Hide Solution Discussion 16

Correct Answer:

111 - Your network contains an Active Directory domain. The domain contains 1,000 computers
that run Windows 11.
You need to configure the Remote Desktop settings of all the computers. The solution must meet
the following requirements:
Prevent the sharing of clipboard contents.
Ensure that users authenticate by using Network Level Authentication (NLA).
Which two nodes of the Group Policy Management Editor should you use? To answer, select the
appropriate nodes in the answer area.
NOTE: Each correct selection is worth one point.

Hide Solution Discussion 4

Correct Answer:

112 - HOTSPOT -
You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
Azure AD joined Windows devices enroll automatically in Intune.
You have the devices shown in the following table.

113 - DRAG DROP -

You have 100 computers that run Windows 10.
You plan to deploy Windows 11 to the computers by performing a wipe and load installation.
You need to recommend a method to retain the user settings and the user data.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate
actions from the list of actions to the answer area and arrange them in the correct order.
114 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You use Windows Autopilot to deploy Windows 11 to devices.
A support engineer reports that when a deployment fails, they cannot collect deployment logs from
failed device.
You need to ensure that when a deployment fails, the deployment logs can be collected.
What should you configure?

• A. the automatic enrollment settings

• B. the Windows Autopilot deployment profile
• C. the enrollment status page (ESP) profile Most Voted
• D. the device configuration profile

115 - You have a Microsoft 365 E5 subscription that contains a user named User1 and uses
Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You have a device named Devic1 that is enrolled in Intune.
You need to ensure that User1 can use Remote Help from the Intune admin center for Device1.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Deploy the Remote Help app to Device1. Most Voted

• B. Assign the Help Desk Operator role to User1. Most Voted
• C. Assign the Intune Administrator role to User1.
• D. Assign a Microsoft 365 E5 license to User1.
• E. Rerun device onboarding on Device1.
• F. Assign the Remote Help add-on license to User1. Most Voted

116 - You have a Windows 11 capable device named Device1 that runs the 64-bit version of
Windows 10 Enterprise and has Microsoft Office 2019 installed.
You have the Windows 11 Enterprise images shown in the following table.

Which images can be used to perform an in-place upgrade of Device1?

• A. Image1 only
• B. Image2 only Most Voted
• C. Image1 and Image2

117 - HOTSPOT -
You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an
Azure AD tenant by using Azure AD Connect.
You use Microsoft Intune and Configuration Manager to manage devices.
You need to recommend a deployment plan for new Windows 11 devices. The solution must meet the
following requirements:
Devices for the marketing department must be joined to the AD DS domain only. The IT department will
install complex applications on the devices at build time, before giving the devices to the marketing
department users.
Devices for the sales department must be Azure AD joined. The devices will be shipped directly from the
manufacturer to the homes of the sales department users.
Administrative effort must be minimized.
Which deployment method should you recommend for each department? To answer, select the appropriate
options in the answer area.
NOTE: Each correct selection is worth point.
118 - You have a Microsoft Deployment Toolkit (MDT) deployment share named DS1.
In the Out-of-Box Drivers node, you create folders that contain drivers for different hardware
models.
You need to configure the Inject Drivers MDT task to use PnP detection to install the drivers for
one of the hardware models.
What should you do first?

• A. Import an OS package.
• B. Create a selection profile.
• C. Add a Gather task to the task sequence.
• D. Add a Validate task to the task sequence.

119 - You have an on-premises server named Server1 that hosts a Microsoft Deployment Toolkit
(MDT) deployment share named MDT1.
You need to ensure that MDT1 supports multicast deployments.
What should you install on Server1?

• A. Multipath I/O (MPIO)

• B. Multipoint Connector
• C. Windows Deployment Services (WDS) Most Voted
• D. Windows Server Update Services (WSUS)
120 - Your company standardizes on Windows 10 Enterprise for all users.
Some users purchase their own computer from a retail store. The computers run Windows 10 Pro.
You need to recommend a solution to upgrade the computers to Windows 10 Enterprise, join the
computers to Azure AD, and install several Microsoft Store apps. The solution must meet the
following requirements:
Ensure that any applications installed by the users are retained.
Minimize user intervention.
What is the best recommendation to achieve the goal? More than one answer choice may achieve
the goal. Select the BEST answer.

• A. Windows Autopilot
• B. Microsoft Deployment Toolkit (MDT)
• C. a Windows Configuration Designer provisioning package Most Voted
• D. Windows Deployment Services (WDS)

121 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you modify the User settings and the Device
settings.
Does this meet the goal?

• A. Yes
• B. No

122 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you configure automatic mobile device
management (MDM) enrollment. From the Microsoft Intune admin center, you create and assign a
device restrictions profile.
Does this meet the goal?

• A. Yes
• B. No

123 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you configure automatic mobile device
management (MDM) enrollment. From the Microsoft Intune admin center, you configure the
Windows Hello for Business enrollment options.
Does this meet the goal?

• A. Yes
• B. No

124 - Case study -

Overview -

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in
Seattle and New York.

Contoso has the users and computers shown in the following table.
The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment -

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and
then four numbers, for example FIN-6785. All the computers are joined to the on-premises Active
Directory domain.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration -

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements -

Planned changes -

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.

Technical Requirements -
Contoso must meet the following technical requirements:

• Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from
devices that are enrolled in Intune.
• Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows
Autopilot.
• Create a provisioning package for new computers in the HR department.
• Block iOS devices from sending diagnostic and usage telemetry data.
• Use the principle of least privilege whenever possible.
• Enable the users in the MKG department to use App1.
• Pilot co-management for the IT department.

You need to meet the technical requirements for the iOS devices.

Which object should you create in Intune?

• A. a deployment profile
• B. an app protection policy
• C. a device configuration profile
• D. a compliance policy

125 - Case study

Overview
-

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in
Seattle and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.
Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment
-

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration
-

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements
-
Planned changes
-
Contoso plans to implement the following changes:
• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.

Technical Requirements
-
Contoso must meet the following technical requirements:

You are evaluating which devices are compliant.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Correct Answer:

126 - Case study -

Overview -

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in
Seattle and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.
Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment -

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration -

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.
The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements -

Planned changes -

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.

Technical Requirements -

Contoso must meet the following technical requirements:

You need to prepare for the deployment of the Phoenix office computers.

What should you do first?

• A. Generalize the computers and configure the Device settings from the Microsoft Entra
admin center.
• B. Extract the serial number of each computer to an XML file and upload the file from the
Microsoft Intune admin center.
• C. Extract the hardware ID information of each computer to a CSV file and upload the file
from the Microsoft Intune admin center.
• D. Generalize the computers and configure the Mobility (MDM and MAM) settings from the
Microsoft Entra admin center.
• E. Extract the serial number information of each computer to a CSV file and upload the file
from the Microsoft Intune admin center.

127 - HOTSPOT
-

Case study
-

Overview
-

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle
and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN) departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work
from home.

Existing Environment
-

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are managed
by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four
numbers, for example FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration
-

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.
The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements
-

Planned changes
-

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled
and were purchased already.
• Implement co-management for the computers.

Technical Requirements
-

Contoso must meet the following technical requirements:

• Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices
that are enrolled in Intune.
• Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
• Create a provisioning package for new computers in the HR department.
• Block iOS devices from sending diagnostic and usage telemetry data.
• Use the principle of least privilege whenever possible.
• Enable the users in the MKG department to use App1.
• Pilot co-management for the IT department.

What is the maximum number of devices that User1 and User2 can enroll in Intune? To answer, select the
appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

128 - Case study

Overview
-

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in
Seattle and New York.

Contoso has the users and computers shown in the following table.
The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment
-

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration
-

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements
-

Planned changes
-

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.
Technical Requirements
-

Contoso must meet the following technical requirements:

To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the
answer area.

NOTE: Each correct selection is worth one point.

Correct Answer:
129 - Your network contains an Active Directory domain named contoso.com. The domain
contains two computers named Computer1 and Computer2 that run Windows 10.

On Computer1, you need to run the Invoke-Command cmdlet to execute several PowerShell
commands on Computer2.

What should you do first?

• A. On Computer2, run the Enable-PSRemoting cmdlet.

• B. On Computer2, add Computer1 to the Remote Management Users group.
• C. From Active Directory, configure the Trusted for Delegation setting for the computer
account of Computer2.
• D. On Computer1, run the New-PSSession cmdlet.

130 - You have an Azure AD tenant that contains the devices shown in the following table.

Which devices can be activated by using subscription activation?

• A. Device1 only
• B. Device1 and Device2 only
• C. Device1 and Device3 only
• D. Device1, Device2, Device3, and Device4

131 - You have 25 computers that run Windows 10 Pro.

You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You need to upgrade the computers to Windows 11 Enterprise by using an in-place upgrade. The
solution must minimize administrative effort.

What should you use?

• A. Microsoft Deployment Toolkit (MDT) and a default image of Windows 11 Enterprise
• B. Microsoft Configuration Manager and a custom image of Windows 11 Enterprise
• C. Windows Autopilot
• D. Subscription Activation

132 - You use the Microsoft Deployment Toolkit (MDT) to manage Windows 11 deployments.

From Deployment Workbench, you modify the WinPE settings and add PowerShell support.

You need to generate a new set of WinPE boot image files that contain the updated settings.

What should you do?

• A. From the Deployment Shares node, update the deployment share.

• B. From the Advanced Configuration node, create new media.
• C. From the Packages node, import a new operating system package.
• D. From the Operating Systems node, import a new operating system.

133 - You are replacing 100 company-owned Windows devices.

You need to use the Microsoft Deployment Toolkit (MDT) to securely wipe and decommission the
devices. The solution must meet the following requirements:

• Back up the user state.

• Minimize administrative effort.

Which task sequence template should you use?

• A. Standard Client Task Sequence

• B. Standard Client Replace Task Sequence
• C. Litetouch OEM Task Sequence
• D. Sysprep and Capture

134 - Your network contains an Active Directory domain. The domain contains a computer named
Computer1 that runs Windows 11.

You need to enable the Windows Remote Management (WinRM) service on Computer1 and
perform the following configurations:

• For the WinRM service, set Startup type to Automatic.

• Create a listener that accepts requests from any IP address.
• Enable a firewall exception for WS-Management communications.

Which PowerShell cmdlet should you use?

• A. Connect-WSMan
• B. Enable-PSRemoting
• C. Invoke-WSManAction
• D. Enable-PSSessionConfiguration

135 - Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs
with an Azure AD tenant. The tenant contains the users shown in the following table.

You assign Windows 10/11 Enterprise E5 licenses to Group1 and User2.

You deploy the devices shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

136 - Your network contains an Active Directory domain named adatum.com, a workgroup, and
computers that run Windows 10. The computers are configured as shown in the following table.

The local Administrator accounts on Computer1, Computer2, and Computer3 have the same user
name and password.

On Computer1, Windows Defender Firewall is configured as shown in the following exhibit.

The services on Computer1 have the following states.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Correct Answer:

137 - You have a Hyper-V host that contains the virtual machines shown in the following table.

On which virtual machines can you install Windows 11?

• A. VM1 only
• B. VM3 only
• C. VM1 and VM2 only
• D. VM2 and VM3 only
• E. VM1, VM2, and VM3
138 - You have a Microsoft 365 subscription that uses Microsoft Intune and contains the users shown in
the following table.

Group2 has been assigned in the Enrollment Status Page.

You have the devices shown in the following table.

You capture and upload the hardware IDs of the devices in the marketing department.

You configure Windows Autopilot.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

139 - You have a Microsoft 365 subscription that contains a user named User1. User1 is assigned
a Windows 10/11 Enterprise E3 license.

You use Microsoft Intune Suite to manage devices.

User1 activates the following devices:

• Device1: Windows 11 Enterprise

• Device2: Windows 10 Enterprise
• Device3: Windows 11 Enterprise

How many more devices can User1 activate?

• A. 2
• B. 3
• C. 7
• D. 8

140 - Your company has a computer named Computer1 that runs Windows 10.

Computer1 was used by a user who left the company.

You plan to repurpose Computer1 and assign the computer to a new user.

You need to redeploy Computer1 by using Windows Autopilot.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list
of actions to the answer area and arrange them in the correct order.
141 - You use the Microsoft Deployment Toolkit (MDT) to deploy Windows 11.

You create a new task sequence by using the Standard Client Task Sequence template to deploy
Windows 11 Enterprise to new computers. The computers have a single hard disk.

You need to modify the task sequence to create a system volume and a data volume.

Which phase should you modify in the task sequence?

• A. Initialization
• B. State Restore
• C. Preinstall
• D. Postinstall

142 - You have a Microsoft Deployment Toolkit (MDT) deployment share.

From the Deployment Workbench, you open the New Task Sequence Wizard and select the
Standard Client Upgrade Task Sequence task sequence template.

You discover that there are no operating system images listed on the Select OS page as shown in
the following exhibit.

You need to be able to select an operating system image to perform a Windows 11 in-place
upgrade.

What should you do?

• A. Enable monitoring for the deployment share.

• B. Import a full set of source files. Most Voted
• C. Import a custom image file.
• D. Run the Update Deployment Share Wizard.
143 - Your company implements Azure AD, Microsoft 365, Microsoft Intune, and Azure
Information Protection.
The company's security policy states the following:

• Personal devices do not need to be enrolled in Intune.

• Users must authenticate by using a PIN before they can access corporate email data.
• Users can use their personal iOS and Android devices to access corporate cloud services.
• Users must be prevented from copying corporate email data to a cloud storage service other than
Microsoft OneDrive for Business.

You need to configure a solution to enforce the security policy.

What should you create?

• A. a device configuration profile from the Microsoft Intune admin center

• B. a data loss prevention (DLP) policy from the Microsoft Purview compliance portal
• C. an insider risk management policy from the Microsoft Purview compliance portal
• D. an app protection policy from the Microsoft Intune admin center

144 - You have a Microsoft 365 subscription that contains 500 Android Enterprise devices.

All the devices are enrolled in Microsoft Intune.

You need to deliver bookmarks to the Chrome browser on the devices.

What should you create?

• A. a compliance policy
• B. a configuration profile
• C. an app protection policy
• D. an app configuration policy

145 - You have a Microsoft 365 E5 subscription and 100 computers that run Windows 10.

You need to deploy Microsoft Office Professional Plus 2019 to the computers by using Microsoft
Office Deployment Tool (ODT).

What should you use to create a customization file for ODT?

• A. the Microsoft 365 admin center
• B. the Microsoft Intune admin center
• C. the Microsoft Purview compliance portal
• D. the Microsoft 365 Apps admin center

146 - You have a Microsoft 365 subscription that contains 1,000 Windows 11 devices enrolled in
Microsoft Intune.

You plan to use Intune to deploy an application named App1 that contains multiple installation
files.

What should you do first?

• A. Prepare the contents of App1 by using the Microsoft Win32 Content Prep Tool.
• B. Create an Android application package (APK).
• C. Upload the contents of App1 to Intune.
• D. Install the Microsoft Deployment Toolkit (MDT).

147 - You have groups that use the Dynamic Device membership type as shown in the following table.

You are deploying Microsoft 365 apps.

You have devices enrolled in Microsoft Intune as shown in the following table.

In the Microsoft Intune admin center, you create a Microsoft 365 Apps app as shown in the exhibit. (Click
the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

148 - You have a Microsoft 365 subscription. All devices run Windows 10.

You need to prevent users from enrolling the devices in the Windows Insider Program.

What two configurations should you perform from the Microsoft Intune admin center? Each correct
answer is a complete solution.

NOTE: Each correct selection is worth one point.

• A. a device restrictions device configuration profile

• B. an app configuration policy
• C. a Windows 10 and later security baseline
• D. a custom device configuration profile
• E. a Windows 10 and later update ring

149 - You have a Microsoft 365 E5 subscription that contains 100 Windows 10 devices enrolled in
Microsoft Intune.

You plan to use Endpoint analytics.

You need to create baseline metrics.

What should you do first?

• A. Modify the Baseline regression threshold.

• B. Onboard 10 devices to Endpoint analytics.
• C. Create a Log Analytics workspace.
• D. Create an Azure Monitor workbook.

150 - You install a feature update on a computer that runs Windows 10.

How many days do you have to roll back the update?

• A. 5
• B. 10
• C. 14
• D. 30
151 - You have a Microsoft Azure subscription that contains an Azure Log Analytics workspace.

You deploy a new computer named Computer1 that runs Windows 10. Computer1 is in a
workgroup.

You need to ensure that you can use Log Analytics to query events from Computer1.

What should you do on Computer1?

• A. Join Azure AD.

• B. Configure Windows Defender Firewall.
• C. Create an event subscription
• D. Install the Azure Monitor Agent.

152 - You have a Microsoft 365 E5 subscription and 100 unmanaged iPad devices.

You need to deploy a specific iOS update to the devices. Users must be prevented from manually
installing a more recent version of iOS.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

• A. Create a device configuration profile.

• B. Enroll the devices in Microsoft Intune by using the Intune Company Portal.
• C. Create a compliance policy.
• D. Create an iOS app provisioning profile.
• E. Enroll the devices in Microsoft Intune by using Apple Business Manager.

153 - You have a Microsoft 365 subscription that includes Microsoft Intune.

You have an update ring named UpdateRing1 that contains the following settings:

• Automatic update behavior: Auto install and restart at a scheduled time

• Automatic behavior frequency: First week of the month
• Scheduled install day: Tuesday
• Scheduled install time: 3 AM

From the Microsoft Intune admin center, you select Uninstall for the feature updates of
UpdateRing1.

When will devices start to remove the feature updates?

• A. when a user approves the uninstall

• B. as soon as the policy is received
• C. next Tuesday
• D. the first Tuesday of the next month

154 - You have a hybrid deployment of Azure AD that contains 50 Windows 10 devices. All the
devices are enrolled in Microsoft Intune.

You discover that Group Policy settings override the settings configured in Microsoft Intune
policies.

You need to ensure that the settings configured in Microsoft Intune override the Group Policy
settings.

What should you do?

• A. From Group Policy Management Editor, configure the Computer Configuration settings in
the Default Domain Policy.
• B. From the Microsoft Intune admin center, create a custom device profile.
• C. From the Microsoft Intune admin center, create an Administrative Templates device
profile.
• D. From Group Policy Management Editor, configure the User Configuration settings in the
Default Domain Policy.

155 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.

You use Microsoft Intune to manage devices.

You need to ensure that the startup performance of managed Windows 11 devices is captured and
available for review in the Intune admin center.

What should you configure?

• A. the Azure Monitor agent

• B. a device compliance policy
• C. a Conditional Access policy
• D. an Intune data collection policy

156 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

Devices are enrolled in Intune as shown in the following table.

The devices are the members of groups as shown in the following table.

You create an iOS/iPadOS update profile as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Correct
Answer:

157 - You have a Microsoft Intune deployment that contains the resources shown in the following
table.

You create a policy set named Set1 and add Comply1 to Set1.

Which additional resources can you add to Set1?

• A. Conf1 only
• B. Comply2 only
• C. Comply2 and Conf1 only
• D. CA1, Conf1, and Office1 only
• E. Comply2, CA1, Conf1, and Office1

158 - You use Microsoft Defender for Endpoint to protect computers that run Windows 10.

You need to assess the differences between the configuration of Microsoft Defender for Endpoint
and the Microsoft-recommended configuration baseline.
Which tool should you use?

• A. Microsoft Defender for Endpoint Power BI app

• B. Microsoft Secure Score
• C. Endpoint Analytics
• D. Microsoft 365 Defender portal

159 - You have a Microsoft 365 E5 subscription that contains 1,000 Windows 11 devices. All the
devices are enrolled in Microsoft Intune.

You plan to integrate Intune with Microsoft Defender for Endpoint.

You need to establish a service-to-service connection between Intune and Defender for Endpoint.

Which settings should you configure in the Microsoft Intune admin center?

• A. Premium add-ons
• B. Connectors and tokens
• C. Tenant enrollment
• D. Microsoft Tunnel Gateway

160 - You have a Microsoft Intune subscription that is configured to use a PFX certificate
connector to an on-premises Enterprise certification authority (CA).

You need to use Intune to configure autoenrollment for Android devices by using public key pair
(PKCS) certificates.

Which three actions should you perform in sequence? To answer, move the appropriate actions
from the list of actions to the answer area and arrange them in the correct order.
Hide Solution Discussion 1

Correct Answer:

161 - Your company uses Microsoft Intune.

More than 500 Android and iOS devices are enrolled in the Intune tenant.

You plan to deploy new Intune policies. Different policies will apply depending on the version of
Android or iOS installed on the device.

You need to ensure that the policies can target the devices based on their version of Android or
iOS.

What should you configure first?

• A. groups that have dynamic membership rules in Azure AD

• B. Device categories in Intune
• C. Corporate device identifiers in Intune
• D. Device settings in Azure AD
162 - You have 500 Windows 10 devices enrolled in Microsoft Intune.

You plan to use Exploit protection in Microsoft Intune to enable the following system settings on
the devices:
• Data Execution Prevention (DEP)
• Force randomization for images (Mandatory ASLR)

You need to configure a Windows 10 device that will be used to create a template file.

Which protection areas on the device should you configure in the Windows Security app before you
create the template file? To answer, drag the appropriate protection areas to the correct settings.
Each protection area may be used once, more than once, or not at all. You may need to drag the
split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Correct Answer:

163 - You have an Azure AD tenant named contoso.com.

You have a workgroup computer named Computer1 that runs Windows 11.

You need to add Computer1 to contoso.com.

What should you use?

• A. dsregcmd.exe
• B. Computer Management
• C. netdom.exe
• D. the Settings app

164 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.

You use Microsoft Intune to manage Windows 11 devices.

You need to implement passwordless authentication that requires users to use number matching.

Which authentication method should you use?

• A. Microsoft Authenticator
• B. voice calls
• C. FIDO2 security keys
• D. text messages

165 - You use a Microsoft Intune subscription to manage iOS devices.

You configure a device compliance policy that blocks jailbroken iOS devices.

You need to enable Enhanced jailbreak detection.

What should you configure?

• A. the Compliance policy settings

• B. the device compliance policy
• C. a network location
• D. a configuration profile
166 - You have a Microsoft 365 subscription that contains two users named User1 and User2.

You need to ensure that the users can perform the following tasks:
• User1 must be able to create groups and manage users.
• User2 must be able to reset passwords for nonadministrative users.

The solution must use the principle of least privilege.

Which role should you assign to each user? To answer, drag the appropriate roles to the correct
users. Each role may be used once, more than once, or not at all. You may need to drag the split
bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Correct Answer:

167 - You have a Microsoft Intune subscription that has the following device compliance policy
settings:
• Mark devices with no compliance policy assigned as: Compliant
• Compliance status validity period (days): 14

On January1, you enroll Windows 10 devices in Intune as shown in the following table.
On January 4, you create the following two device compliance policies:

• Name: Policy1
• Platform: Windows 10 and later
• Require BitLocker: Require
• Mark device noncompliant: 5 days after noncompliance
• Scope (Tags): Tag1

• Name: Policy2
• Platform: Windows 10 and later
• Firewall: Require
• Mark device noncompliant: Immediately
• Scope (Tags): Tag2

On January 5, you assign Policy1 and Policy2 to Group1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Correct Answer:
168 - You have a Microsoft 365 subscription that includes Microsoft Intune.

You have computers that run Windows 11 as shown in the following table.

You have the groups shown in the following table.

You create and assign the compliance policies shown in the following table.

The next day, you review the compliance status of the computers.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

169 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.

When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.

You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.

Solution: From the Microsoft Entra admin center, you configure the Authentication methods.

Does this meet the goal?

• A. Yes
• B. No

170 - You have a Microsoft 365 tenant that contains the objects shown in the following table.

You are creating a compliance policy named Compliance1.

Which objects can you specify in Compliance1 as additional recipients of noncompliance

notifications?

• A. Group3 and Group4 only

• B. Group3, Group4, and Admin1 only
• C. Group1, Group2, and Group3 only
• D. Group1, Group2, Group3, and Group4 only
• E. Group1, Group2, Group3, Group4, and Admin1
171 - You have an Azure AD tenant named contoso.com that contains a user named User1. User1
has a user principal name (UPN) of [email protected].

You join a Windows 11 device named Client1 to contoso.com.

You need to add User1 to the local Administrators group of Client1.

How should you complete the command? To answer, select the appropriate options in the answer
area.

NOTE: Each correct selection is worth one point.

Correct
Answer:

172 - You have a Microsoft 365 subscription.

You need to provide a user the ability Security defaults and create Conditional Access policies. The
solution must use the principle of least privilege.

Which role should you assign to the user?

• A. Global Administrator
• B. Conditional Access Administrator
• C. Security Administrator
• D. Intune Administrator
173 - In Microsoft Intune, you have the device compliance policies shown in the following table.

The Intune compliance policy settings are configured as shown in the following exhibit.

On June 1, you enroll Windows 10 devices in Intune as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Correct Answer:
174 - You have a Microsoft 365 subscription that contains a user named User1 and uses
Microsoft Intune Suite.

You use Microsoft Intune to manage devices that run Windows 11.

User provides remote support for 75 devices in the marketing department.

You need to add User1 to the Remote Desktop Users group on each marketing department device.

What should you configure?

• A. an app configuration policy

• B. a device compliance policy
• C. an account protection policy
• D. a device configuration profile

175 - You have an Azure AD tenant named contoso.com that contains the users shown in the
following table.

For contoso.com, the Mobility (MDM and MAM) settings have the following configurations:

• MDM user scope: Group1

• MAM user scope: Group2

You purchase the devices shown in the following table:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Correct Answer:

176 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.

You use Microsoft Intune to deploy and manage Windows devices.

You have 100 devices from users that left your company.

You need to repurpose the devices for new users by removing all the data and applications
installed by the previous users. The solution must minimize administrative effort.

What should you do?

• A. Deploy a new configuration profile to the devices.

• B. Perform a Windows Autopilot reset on the devices.
• C. Perform an in-place upgrade on the devices.
• D. Perform a clean installation of Windows 11 on the devices.

177 - You create a Windows Autopilot deployment profile.

You need to configure the profile settings to meet the following requirements:

• Automatically enroll new devices and provision system apps without requiring end-user
authentication
• Include the hardware serial number in the computer name.

Which two settings should you configure? To answer, select the appropriate settings in the answer
area.
NOTE: Each correct selection is worth one point.

Hide Solution Discussion 2

Correct
Answer:
178 - Note: The question is included in a number of questions that depicts the identical set-
up. However, every question has a distinctive result. Establish if the solution satisfies the
requirements.

Your company Windows 10 computers that are enrolled in Microsoft Intune. You make use of
Intune to manage the servicing channel settings of all company computers.

You receive an enquiry regarding the servicing status of a specific computer.

You need to review the necessary policy report.

Solution: You navigate to device status via Device configuration.

Does the solution meet the goal?

o Yes
o No

179 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company Windows 10 computers that are enrolled in Microsoft Intune. You
make use of Intune to manage the servicing channel settings of all company
computers.

You receive an enquiry regarding the servicing status of a specific computer.

You need to review the necessary policy report.

Solution: You navigate to the audit logs via Software updates.

Does the solution meet the goal?

• Yes
• No
180 - You have been tasked with reusing a Windows 10 computer that was assigned to a
user who is no longer with the company.

The computer will be assigned to a new user. You plan to make use of Windows AutoPilot to
redeploy the computer.

Which of the following actions should you take FIRST?

o Reset the computer.

o Wipe the computer.
o Create a HTML file containing the computer info.
o Create a CSV file containing the computer info.

181 - Your company has an Active Directory domain that includes a large number
of Windows 10 computers.

You have recently configured hybrid Microsoft Azure Active Directory (Azure AD)
and Microsoft Intune in the environment.

You want to make sure that all the current computers are automatically registered
to Azure AD, as well as enrolled in Intune. The strategy that you employ should
reduce the administrative effort required to achieve your goal.

Which of the following actions should you take?

• You should make use of Windows Reset.

• You should make use of a Windows AutoPilot deployment profile.
• You should make use of a n Autodiscover service connection point (SCP).
• You should make use of a device configuration profile.
182 - You need to consider the underlined segment to establish whether it is
accurate.

You have recently created a provisioning package that uses Comp%RAND:1% as the
device name.

You will be able to successfully run the package on as much as 5 devices.

Select “No adjustment required” if the underlined segment is accurate. If the

underlined segment is inaccurate, select the accurate option.

• No adjustment required
• 10
• 15
• 20

183 - Your company has a number of Windows 10 Microsoft Azure Active Directory (Azure
AD) joined workstations. These workstations have been enrolled in Microsoft Intune.

You have been tasked with making sure that the has self-service password reset enabled on
the logon screen. You have navigated to the Microsoft Intune blade.

Which of the following is the setting you should configure?

o The Device configuration settings.

o The Device compliance settings
o The Windows AutoPilot deployment settings
o The App protection settings

184 - You need to consider the underlined segment to establish whether it is accurate.
Your company’s Microsoft Azure subscription includes an Azure Log Analytics workspace.
After deploying a new Windows 10 computer, which belongs to a workgroup, you are tasked with
making sure that you are able to utilize Log Analytics to query events from the new computer.
You configure the new computer’s commercial ID.
Select “No adjustment required” if the underlined segment is accurate. If the underlined segment
is inaccurate, select the accurate option.
What should you do on Computer1?

o No adjustment required.
o install the Azure Diagnostic extension on the new computer
o install the Dependency agent on the new computer
o install the Microsoft Monitoring Agent on the new computer
185- You need to consider the underlined segment to establish whether it is
accurate.

After installing a feature update on a Windows 10 computer, you have 7 days to roll
back the update

Select “No adjustment required” if the underlined segment is accurate. If the

underlined segment is inaccurate, select the accurate option.

• No adjustment required.
• 10
• 90
• 30

186 - Your company has a Microsoft 365 subscription configured for their environment. All
devices in the environment have Windows 10 installed.

You have been instructed to make sure that users are not allowed to enroll devices in the
Windows Insider Program.

To achieve your goal, you access Microsoft 365 Device Management.

Which of the following actions should you take?

o You should configure a Windows 10 security baseline.

o You should configure an app protection policy.
o You should configure device restriction policy.
o You should configure a Windows 10 update ring.
187 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company has a hybrid configuration of Microsoft Azure Active Directory (Azure
AD). Your company also has a Microsoft 365 subscription.

After creating a conditional access policy for Microsoft Exchange Online, you are
tasked with configuring the policy to block access to Exchange Online. However, the
policy should allow access for hybrid Azure AD-joined devices

Solution: You should configure the Device platforms settings.

Does the solution meet the goal?

• Yes
• NO

188 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company has a hybrid configuration of Microsoft Azure Active Directory (Azure
AD). Your company also has a Microsoft 365 subscription.

Solution: You should configure the Client apps settings.

Does the solution meet the goal?

• Yes
• No
189 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company has a hybrid configuration of Microsoft Azure Active Directory (Azure
AD). Your company also has a Microsoft 365 subscription.

Solution: You should configure the Device state settings.

Does the solution meet the goal?

• Yes
• No

190 - Your company has a large number of Android and iOS devices, which are enrolled in
Intune.
You are preparing to deploy new Intune policies will apply to devices, based on the version of
Android or iOS that is being run.
You are required to make sure that the policies are able to target the devices according to your
plan.
Which of the following actions should you take?
o You should start by accessing Intune and configuring corporate device
identifiers.
o You should start by accessing Microsoft Azure Active Directory (Azure AD) and
configuring Device settings.
o You should start by accessing Microsoft Azure Active Directory (Azure AD) and
configuring Application settings.
o You should start by creating a distribution group.
191 - You need to consider the underlined segment to establish whether it is accurate.

Your company has Microsoft Azure Active Directory (Azure AD) joined Windows 10 Pro
computers that have been enrolled in Microsoft Intune.

You have been tasked with making sure that the computers are upgraded to Windows 10
Enterprise.

You start by configuring a device enrollment policy in Intune.

Select “No adjustment required” if the underlined segment is accurate. If the underlined segment
is inaccurate, select the accurate option.

What should you configure in Intune?

o No adjustment required
o an app protection policy
o a Windows AutoPilot deployment profile
o A device configuration profile

192 - Your company has a Microsoft 365 subscription.

You have enrolled all the company computers in Microsoft Intune.

You have been tasked with making sure that Microsoft Exchange Online is only accessible from
known locations.

Which of the following actions should you take?

o You should create a device configuration profile.

o You should create a device compliance policy.
o You should create a Windows AutoPilot deployment profile.
o You should create a conditional access policy.

193 - Your company has a Microsoft 365 subscription.

You have enrolled all the company computers in Microsoft Intune.
You have been tasked with making sure that devices with a high Windows Defender
Advanced Threat Protection (Windows Defender ATP) risk score are locked.
Which of the following actions should you take?
o You should create a device configuration profile.
o You should create a device compliance policy.
o You should create a Windows AutoPilot deployment profile.
o You should create a conditional access policy.
194 - Your company plans to deploy tablets to 50 meeting rooms.
The tablets run Windows 10 and are managed by using Microsoft Intune. The tablets have an
application named App1.
You need to configure the tablets so that any user can use App1 without having to sign in. Users
must be prevented from using other applications on the tablets.
Which device configuration profile type should you use?
o Kiosk
o Endpoint protection
o Identity protection
o Device restrictions

195 - All of your company’s devices are managed via Microsoft Intune.
conditional access is used to prevent devices that are not compliant with company security
policies, from accessing Microsoft 365 services.
You need to access Device compliance to view the non-compliant devices.
Where should you access Device compliance from?

o System Center Configuration Manager

o Windows Defender Security Center.
o The Intune admin center.
o The Azure Active Directory admin center.

196 - ou manage a large number of Windows 10 computers.

You have been tasked with creating a provisioning package that will allow you to
remove the Microsoft News and the Xbox Microsoft Store apps, as well as add a
VPN connection to the company network.

Which of the following are the customization settings you should configure?

• Connections and Personalization

• ConnectivityProfiles and Policies
• Connections and Policies
• ConnectivityProfiles and Personalization

197 - All users at your company have Azure AD joined Windows 10 workstations that are
managed via Microsoft Intune.
You have been tasked with making sure that Windows Analytics is used to monitor the
workstations centrally.
Which of the following actions should you take?
o You should create a device configuration profile via Intune.
o You should create a device compliance policy via Intune.
o You should create a Windows AutoPilot deployment profile via Intune.
o You should create an app configuration policy via Intune.
o
198 - Your company has a number of Windows 10 Microsoft Azure Active Directory
(Azure AD) joined workstations. These workstations have been enrolled in Microsoft
Intune.

You are creating a device configuration profile for the workstations. You have been
informed that a custom image should be displayed as the Desktop background
picture.

Which of the following is a Device restriction setting that should be configured?

• Locked screen experience

• Personalization
• Display
• General

199 - Your company’s environment includes the following:

– Microsoft Azure Active Directory (Azure AD)

– Microsoft 365
– Microsoft Intune
– Azure Information Protection.

A new security policy declares that enrollment for private devices in Intune is not
required. However, to access corporate email information, users have to make use
of a PIN for authentication purposes. Also, users are able to access corporate cloud
services from their private iOS and Android devices. Furthermore, the copying
corporate email information to a cloud storage service should not be allowed,
unless users are copying the information to Microsoft OneDrive for Business.

You have to make sure that security policy is enforced.

Which of the following actions should you take?

• You should create a data loss prevention (DLP) policy.

• You should create a device enrollment policy.
• You should create an app protection policy.
200 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company has a number of Windows 10 Microsoft Azure Active Directory

(Azure AD) joined workstations. These workstations have been enrolled in Microsoft
Intune.

You have been tasked with making sure that the workstations are only able to run
applications that you have explicitly permitted.

Solution: You make use of Windows Defender Antivirus.

Does the solution meet the goal?

• Yes
• No

201 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company has a number of Windows 10 Microsoft Azure Active Directory

(Azure AD) joined workstations. These workstations have been enrolled in Microsoft
Intune.

You have been tasked with making sure that the workstations are only able to run
applications that you have explicitly permitted.

Solution: You make use of Windows Defender SmartScreen.

Does the solution meet the goal?

• Yes
• No
202 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company has a number of Windows 10 Microsoft Azure Active Directory

(Azure AD) joined workstations. These workstations have been enrolled in Microsoft
Intune.

You have been tasked with making sure that the workstations are only able to run
applications that you have explicitly permitted.

Solution: You make use of Windows Defender Application Guard.

Does the solution meet the goal?

• Yes
• No

203 - You are currently making use of the Antimalware Assessment solution in Microsoft
Azure Log Analytics.

You have accessed the Protection Status dashboard and find that there is a device that has no
real time protection.

Which of the following could be a reason for this occurring?

o Windows Defender has been disabled.

o You need to install the Azure Diagnostic extension.
o Windows Defender Credential Guard is incorrectly configured.
o Windows Defender System Guard is incorrectly configured.

204 - You are currently making use of the Antimalware Assessment solution in Microsoft Azure
Log Analytics.

You have accessed the Protection Status dashboard and find that there is a device that is not
reporting.

Which of the following could be a reason for this occurring?

o Windows Defender System Guard is incorrectly configured.

o You need to install the Azure Diagnostic extension.
o Windows Defender Application Guard is incorrectly configured.
o The Microsoft Malicious Software Removal tool is installed.
205 - You need to consider the underlined segment to establish whether it is accurate.

To enable sideload a LOB application in Windows 10, you should run the Install-Package cmdlet.

Select “No adjustment required” if the underlined segment is accurate. If the underlined segment
is inaccurate, select the accurate option.

o No adjustment required.

o Install-PackageProvider

o Save-Package

o Add-AppxPackage

206 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company’s environment includes a Microsoft 365 subscription.

Users in the company’s sales division have personal iOS or Android devices that are
enrolled in Microsoft Intune. New users are added to the sales division on a
monthly basis.

After a mobile application is created for users in the sales division, you are
instructed to make sure that the application can only be downloaded by the sales
division users

Solution: You start by adding the application to Microsoft Store for Business.

Does the solution meet the goal?

• Yes
• No
207 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company’s environment includes a Microsoft 365 subscription.

Users in the company’s sales division have personal iOS or Android devices that are
enrolled in Microsoft Intune. New users are added to the sales division on a
monthly basis.

After a mobile application is created for users in the sales division, you are
instructed to make sure that the application can only be downloaded by the sales
division users

Solution: You start by assigning the application to a group.

Does the solution meet the goal?

• Yes
• No
208 - The question is included in a number of questions that depicts the identical
set-up. However, every question has a distinctive result. Establish if the solution
satisfies the requirements.

Your company’s environment includes a Microsoft 365 subscription.

Users in the company’s sales division have personal iOS or Android devices that are
enrolled in Microsoft Intune. New users are added to the sales division on a
monthly basis.

After a mobile application is created for users in the sales division, you are
instructed to make sure that the application can only be downloaded by the sales
division users.

Solution: You start by adding the application to Intune.

Does the solution meet the goal?

• Yes
• No

209 - Your company has an Active Directory domain, named

weylandindustries.com, and a Microsoft Office 365 subscription. The domain is also
synced to Microsoft Azure Active Directory (Azure AD).

All company computers are domain-joined, and are running the most recent
Microsoft OneDrive sync client.

You are currently configuring OneDrive group policy settings.

Which of the following is the setting that will minimize the disk space consumed by
a user profile, when enabled?

• OneDrive Files On-Demand

• Silently move known folders to OneDrive
• Prompt users to move Windows known folders to OneDrive
• Silently configure OneDrive using the primary Windows account
210 - You manage your company’s Microsoft 365 subscription.

You are tasked with creating an app protection policy for the Microsoft Outlook app on iOS
devices that are not enrolled in Microsoft 365 Device Management.

You have to make sure that the policy is configured to prohibit the users from using the
Outlook app if the operating system version is less than 12.0.0. You also have to make sure that
an alphanumeric passcode is required for users to access the Outlook app.

Which of the following is policy settings that you should configure? (Choose two.)

o Conditional launch
o Data transfer exemptions
o Data protection
o Access requirements

211 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company uses Windows Update for Business.

The research department has several computers that have specialized hardware
and software installed.

You need to prevent the video drivers from being updated automatically by using
Windows Update.

Solution: From the Device Installation and Restrictions settings in a Group Policy
object (GPO), you enable Prevent installation of devices using drivers that match
these device setup classes, and then you enter the device GUID.

Does this meet the goal?

• Yes
• No
212 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company uses Windows Update for Business.

The research department has several computers that have specialized hardware
and software installed.

You need to prevent the video drivers from being updated automatically by using
Windows Update.

Solution: From the Settings app, you clear the Give me updates for other Microsoft
products when I update Windows check box.

Does this meet the goal?

• Yes
• No
213 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company uses Windows Update for Business.

The research department has several computers that have specialized hardware
and software installed.

You need to prevent the video drivers from being updated automatically by using
Windows Update.

Solution: From the Device Installation settings in a Group Policy object (GPO), you
enable Specify search order for device driver source locations, and then you select
Do not search Windows Update.

Does this meet the goal?

• Yes
• No
214 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

You need to ensure that feature and quality updates install automatically during a
maintenance window.

Solution: In Group policy, from the Windows Update settings, you enable Configure
Automatic Updates, select 3 – Auto download and notify for Install, and then enter a
time.

Does this meet the goal?

• Yes
• No
215 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have 20 computers that run Windows 10 and are joined to Microsoft Azure
Active Directory (Azure AD).

You plan to replace the computers with new computers that run Windows 10. The
new computers will be joined to Azure AD.

You need to ensure that the desktop background, the favorites, and the browsing
history are available on the new computers.

Solution: You configure Enterprise State Roaming.

Does this meet the goal?

• Yes
• No
216 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have 20 computers that run Windows 10 and are joined to Microsoft Azure
Active Directory (Azure AD).

You plan to replace the computers with new computers that run Windows 10. The
new computers will be joined to Azure AD.

You need to ensure that the desktop background, the favorites, and the browsing
history are available on the new computers.

Solution: You configure roaming user profiles.

Does this meet the goal?

• Yes
• No
217 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company uses Windows Update for Business.

The research department has several computers that have specialized hardware
and software installed.

You need to prevent the video drivers from being updated automatically by using
Windows Update.

Solution: From the Windows Update settings in a Group Policy object (GPO), you
enable Do not include drivers with Windows Updates.

Does this meet the goal?

• Yes
• No
218 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company uses Windows Autopilot to configure the computer settings of

computers issued to users.

A user named User1 has a computer named Computer1 that runs Windows 10.

User1 leaves the company.

You plan to transfer the computer to a user named User2.

You need to ensure that when User2 first starts the computer, User2 is prompted
to select the language setting and to agree to the license agreement.

Solution: You perform a local Windows Autopilot Reset.

Does this meet the goal?

• Yes
• No
219 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your network contains an Active Directory domain. The domain contains member
computers that run Windows 8.1 and are enrolled in Microsoft Intune.

You need to identify which computers can be upgraded to Windows 10.

Solution: From the Microsoft Endpoint Manager admin center, you create a device
compliance policy and assign the policy to the computers. After 24 hours, you view
the Device compliance report in Intune.

Does this meet the goal?

• Yes
• No
220 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your network contains an Active Directory domain. The domain contains member
computers that run Windows 8.1 and are enrolled in Microsoft Intune.

You need to identify which computers can be upgraded to Windows 10.

Does this meet the goal?

• Yes
• No
221 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your network contains an Active Directory domain. The domain contains member
computers that run Windows 8.1 and are enrolled in Microsoft Intune.

You need to identify which computers can be upgraded to Windows 10.

Solution: From Windows on the Devices blade of the Microsoft Endpoint Manager
admin center, you create a filter and export the results as a CSV file.

Does this meet the goal?

• Yes
• No
222 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your network contains an Active Directory domain. The domain contains member
computers that run Windows 8.1 and are enrolled in Microsoft Intune.

You need to identify which computers can be upgraded to Windows 10.

Solution: You install the Microsoft Assessment and Planning Toolkit. From the
Microsoft Assessment and Planning Toolkit, you collect inventory data and run the
Windows 10 Readiness scenario.

Does this meet the goal?

• Yes
• No

223 - You have a Microsoft 365 tenant that uses Microsoft Intune for mobile device
management (MDM).

You associate a Microsoft Store for Business account with Intune.

You purchase an app named App1 from the Microsoft Store for Business.

You need to ensure that App1 can be deployed by using Intune.

What should you do?

o Sync purchased apps from the Microsoft Store for Business.

o Integrate the Windows Autopilot Deployment Program into the Microsoft Store
for Business.
o Create an app category in Intune.
o Create an app protection policy in Intune.
224 - You have the Microsoft Deployment Toolkit (MDT) installed.

You install and customize Windows 10 on a reference computer.

You need to capture an image of the reference computer and ensure that the image can be
deployed to multiple computers.

Which command should you run before you capture the image?

o dism

o wpeinit

o bcdedit

o sysprep
225 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com
and a Microsoft Intune subscription.

Contoso.com contains a user named [email protected].

You have a computer named Computer1 that runs Windows 8.1.

You need to perform an in-place upgrade of Computer1 to Windows 10.

Solution: You start Computer1 from the Windows 10 installation media and use the
Install option.

Does this meet the goal?

• Yes
• No
226 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com
and a Microsoft Intune subscription.

Contoso.com contains a user named [email protected].

You have a computer named Computer1 that runs Windows 8.1.

You need to perform an in-place upgrade of Computer1 to Windows 10.

Solution: You assign a Windows 10 license to User1. You instruct User1 to sign in to
Computer1.

Does this meet the goal?

• Yes
• No
227 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com
and a Microsoft Intune subscription.

Contoso.com contains a user named [email protected].

You have a computer named Computer1 that runs Windows 8.1.

You need to perform an in-place upgrade of Computer1 to Windows 10.

Solution: From Windows 8.1, you run setup.exe from the Windows 10 installation
media.

Does this meet the goal?

• Yes
• No

228 - You have 100 computers that run Windows 8.1.

You need to identify which computers can be upgraded to Windows 10.

What should you use?

o Microsoft Assessment and Planning (MAP) Toolkit

o Update Compliance in Azure
o Windows Assessment Toolkit
o Microsoft Deployment Toolkit (MDT)
229 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com
and a Microsoft Intune subscription.

Contoso.com contains a user named [email protected].

You have a computer named Computer1 that runs Windows 8.1.

You need to perform an in-place upgrade of Computer1 to Windows 10.

Solution: You assign an Enterprise Mobility + Security license to User1. You instruct
User1 to sign in to Computer1.

Does this meet the goal?

• Yes
• No
230 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

You have an Azure Directory group named Group1 that contains Windows 10
Enterprise devices and Windows 10 Pro devices.

From Microsoft Intune, you create a device configuration profile named Profile1.

You need to ensure that Profile1 applies to only the Windows 10 Enterprise devices
in Group1.

Solution: You create an Azure Active Directory group that contains only the
Windows 10 Enterprise devices. You assign Profile1 to the new group.

Does this meet the goal?

• Yes
• No
231 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

You have an Azure Directory group named Group1 that contains Windows 10
Enterprise devices and Windows 10 Pro devices.

From Microsoft Intune, you create a device configuration profile named Profile1.

You need to ensure that Profile1 applies to only the Windows 10 Enterprise devices
in Group1.

Solution: You create a scope tag, and then you add the scope tag to the Windows 10
Enterprise devices. You edit the settings of Profile1.

Does this meet the goal?

• Yes
• No
232 - This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated
goals. Some question sets might have more than one correct solution, while others
might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.

You have an Azure Directory group named Group1 that contains Windows 10
Enterprise devices and Windows 10 Pro devices.

From Microsoft Intune, you create a device configuration profile named Profile1.

You need to ensure that Profile1 applies to only the Windows 10 Enterprise devices
in Group1.

Solution: You configure an applicability rule for Profile1. You assign Profile1 to
Group1.

Does this meet the goal?

• Yes
• No

233 - Your company has computers that run Windows 10. The employees at the company use
the computers.

You plan to monitor the computers by using the Update Compliance solution.

You create the required resources in Azure.

You need to configure the computers to send enhanced Update Compliance data.

Which two Group Policy settings should you configure? To answer, select the appropriate
settings in the answer area.

NOTE: Each correct selection is worth one point.

234 - You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You create a terms of use (ToU) named Terms1 in contoso.com.

You are creating a conditional access policy named Policy1 to assign a cloud app named App1 to
the users in contoso.com.

You need to configure Policy1 to require the users to accept Terms1.

What should you configure in Policy1?

o Grant in the Access controls section

o Conditions in the Assignments section
o Cloud apps or actions in the Assignments section
o Session in the Access controls section

235 - You need to assign the same deployment profile to all the computers that
are configured by using Windows Autopilot.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

o Join the computers to Microsoft Azure Active Directory (Azure AD)
o Assign a Windows Autopilot deployment profile to a group
o Join the computers to an on-premises Active Directory domain
o Create a Microsoft Azure Active Directory (Azure AD) group that has dynamic
membership rules and uses the operatingSystem tag
o Create a Group Policy object (GPO) that is linked to a domain
o Create a Microsoft Azure Active Directory (Azure AD) group that has dynamic
membership rules and uses the ZTDID tag

236 - Your company has a Microsoft Azure Active Directory (Azure AD) tenant named
contoso.com. All users have computers that run Windows 10. The computers are joined to
Azure AD and managed by using Microsoft Intune.

You need to ensure that you can centrally monitor the computers by using the Update
Compliance solution.

What should you create in Intune?

o a device configuration profile

o a conditional access policy
o a device compliance policy
o an update policy
o
237 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

All devices are enrolled in Intune.

You plan to use Intune to deploy Microsoft 365 apps to all supported device platforms.

Which two device platforms support app deployment? Each correct answer presents a complete
solution.

macOS
Windows 11

238 - You have a Microsoft 365 subscription that includes 100 Android devices registered with
Microsoft Intune.

You plan to deploy an Android app to all Android devices managed using Microsoft Intune.

Create a new application deployment and enter the application name and details.

What should you do next?

Enter the AppStore URL for the app.

239 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

All Android devices are enrolled in Intune.

You need to add Android apps to Intune.

For which type of app should you first connect Intune to an Android Enterprise account?
Aplicativo Google Play gerenciado

240 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You have the following devices:

Device1: Windows 11 device registered with Intune

Device2: Android device registered with Intune
Device3: Android device NOT registered with Intune
Device4: iOS device NOT registered with Intune
To which devices can you apply an app configuration policy?

Select only one answer.

Only Device1 and Device2
Device1, Device2, Device3 and Device4
Device1 only
Only Device2, Device3 and Device4
Device3 and Device4 only

241 - You have a Microsoft 365 subscription that includes iOS and Android devices managed
using Microsoft Intune.

You need to prevent users from printing Microsoft Word documents stored in Microsoft 365
from their mobile devices by using an app protection policy.

What settings should you configure?

Select only one answer.

Access requirements
Conditional Access Policies
Conditional initialization
Data Protection

242 - You have a Microsoft 365 subscription that includes iOS and Android devices managed
using Microsoft Intune.

You plan to implement a data protection framework for financial data.

You need to create application protection policies so that the framework protects company data
in the event that a device is rooted or jailbroken.

What two actions should the policy take? Each correct answer presents a part of the solution.

Select all applicable answers.

Block access.

Encrypt organizational data.

Reset the PIN.

Erase the data.

243 - You have a Windows 11 device called Device1.

You need to ensure that when a user named User1 is logged into the device, User1 can update
the network settings on the device. The solution must follow the principle of least privilege.

Which local group should you add User1 to?

Select only one answer.

Administrators
Device Owners
Network Configuration Operators
Users

244 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You plan to use the required device to be marked as a compliant configuration in a Conditional
Access policy.

You need to ensure that device compliance is assessed.

What should you do first?

Select only one answer.

Create and assign the security baseline profile in Intune.

Enroll devices in Intune.

Join devices to Microsoft Entra ID.

Register devices with Microsoft Entra ID.

245 - You have a Microsoft 365 subscription that uses Microsoft Intune.

Create a Conditional Access policy named Policy1.

You need to configure Policy1 to prevent users from connecting to Microsoft 365 services using
unsupported devices.

What should you configure in Policy1?

Select only one answer.

Authentication Context

Continuous access assessment

Grant Controls

Session Controls

246 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices managed
using Microsoft Intune.

You need to deploy a Conditional Access policy that ensures users can only access the
subscription from Windows devices with BitLocker enabled.

What should you do first?

Select only one answer.

Create a compliance policy.

Create a Device Configuration policy.

Create an App Protection policy.

Enable jailbreak detection.

247 - You have a Microsoft 365 subscription that includes 500 Windows 11 devices managed
using Microsoft Intune.

Your company uses Intune to manage devices and has configured compliance policies and
conditional access policies. Several users complain that they are unable to access company
resources.

You must identify potential problems for all users. The solution should require minimal
administrative effort.

Which two services can you use to get an overview of potential issues? Each correct answer
presents a complete solution.

Select all applicable answers.

Review the device's Compliance report.

Review the Device Configuration report.

Examine the input logs.

Use troubleshooting + support.

View the details of the created policy.

248 – You are the mobile device administrator for School Uses Microsoft Intune to
manage its mobile devices. You plan to configure device enrollment for devices running
Ios.

You need to complete the prerequisites for iOS enrollment .

What should you do ?

249 - Overview -
ADatum Corporation is a consulting company that has a main office in Montreal and branch offices in
Seattle and New York.
ADatum has a Microsoft 365 E5 subscription.

Environment -

Network Environment -
The network contains an on-premises Active Directory domain named adatum.com. The domain contains
the servers shown in the following table.

ADatum has a hybrid Azure AD tenant named adatum.com.

Users and Groups -

The adatum.com tenant contains the users shown in the following table.

All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3 license.
Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have a Membership type of Assigned.
Devices -
ADatum has the Windows 10 devices shown in the following table.

The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:\Folder1.

Microsoft Intune Configuration -

Microsoft Intune has the compliance policies shown in the following table.

The Automatic Enrollment settings have the following configurations:

MDM user scope: GroupA -

MAM user scope: GroupB -

You have an Endpoint protection configuration profile that has the following Controlled folder access
settings:

Name: Protection1 -
Folder protection: Enable -
List of apps that have access to protected folders: C:\*\AppA.exe
List of additional folders that need to be protected: D:\Folder1
Assignments:

Included groups: Group2, GroupB -

Windows Autopilot Configuration -

ADatum has a Windows Autopilot deployment profile configured as shown in the following exhibit.
Currently, there are no devices deployed by using Windows Autopilot.
The Intune connector for Active Directory is installed on Server1.

Requirements -

Planned Changes -
ADatum plans to implement the following changes:
Purchase a new Windows 10 device named Device6 and enroll the device in Intune
New computers will be deployed by using Windows Autopilot and will be hybrid Azure AD joined.
Deployed a network boundary configuration profile that will have the following settings:

Name: Boundary1 -
Network boundary: 192.168.1.0/24

Scope tags: Tag1 -

Assignments:

Included groups: Group1, Group2 -

Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following
settings:

Name: Connection1 -

Connection name: VPN1 -

Connection type: L2TP -

Assignments:
Included groups: Group1, Group2, GroupA
Excluded groups: --

Name: Connection2 -

Connection name: VPN2 -

Connection type: IKEv2 -

Assignments:

Included groups: GroupA -

Excluded groups: GroupB -

Technical Requirements -
ADatum must meet the following technical requirements:
Users in GroupA must be able to deploy new computers.
Administrative effort must be minimized.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Overview -
ADatum Corporation is a consulting company that has a main office in Montreal and branch offices in
Seattle and New York.
ADatum has a Microsoft 365 E5 subscription.

Environment -

Network Environment -
The network contains an on-premises Active Directory domain named adatum.com. The domain contains
the servers shown in the following table.

ADatum has a hybrid Azure AD tenant named adatum.com.

Users and Groups -

The adatum.com tenant contains the users shown in the following table.

Devices -
ADatum has the Windows 10 devices shown in the following table.
The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:\Folder1.

Microsoft Intune Configuration -

Microsoft Intune has the compliance policies shown in the following table.

The Automatic Enrollment settings have the following configurations:

MDM user scope: GroupA -

MAM user scope: GroupB -

You have an Endpoint protection configuration profile that has the following Controlled folder access
settings:

Name: Protection1 -

Folder protection: Enable -

List of apps that have access to protected folders: C:\*\AppA.exe
List of additional folders that need to be protected: D:\Folder1
Assignments:

Included groups: Group2, GroupB -

Windows Autopilot Configuration -

Requirements -

Name: Boundary1 -
Network boundary: 192.168.1.0/24

Scope tags: Tag1 -

Assignments:

Included groups: Group1, Group2 -

Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following
settings:

Name: Connection1 -

Connection name: VPN1 -

Connection type: L2TP -

Assignments:
Included groups: Group1, Group2, GroupA
Excluded groups: --

Name: Connection2 -

Connection name: VPN2 -

Connection type: IKEv2 -

Assignments:

Included groups: GroupA -

Excluded groups: GroupB -

250 - Overview -
ADatum Corporation is a consulting company that has a main office in Montreal and branch offices
in Seattle and New York.
ADatum has a Microsoft 365 E5 subscription.

Environment -

Network Environment -
The network contains an on-premises Active Directory domain named adatum.com. The domain
contains the servers shown in the following table.

ADatum has a hybrid Azure AD tenant named adatum.com.

Users and Groups -

The adatum.com tenant contains the users shown in the following table.

All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3
license.
Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have a Membership type of Assigned.
Devices -
ADatum has the Windows 10 devices shown in the following table.

The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named
D:\Folder1.

Microsoft Intune Configuration -

Microsoft Intune has the compliance policies shown in the following table.

The Automatic Enrollment settings have the following configurations:

MDM user scope: GroupA -

MAM user scope: GroupB -
You have an Endpoint protection configuration profile that has the following Controlled folder
access settings:

Name: Protection1 -

Folder protection: Enable -

List of apps that have access to protected folders: C:\*\AppA.exe
List of additional folders that need to be protected: D:\Folder1

Assignments:

Included groups: Group2, GroupB -

Windows Autopilot Configuration -

ADatum has a Windows Autopilot deployment profile configured as shown in the following exhibit.

Currently, there are no devices deployed by using Windows Autopilot.

The Intune connector for Active Directory is installed on Server1.
Requirements -

Name: Boundary1 -
Network boundary: 192.168.1.0/24

Scope tags: Tag1 -

Assignments:

Included groups: Group1, Group2 -

Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the
following settings:

Name: Connection1 -

Connection name: VPN1 -

Connection type: L2TP -

Assignments:
Included groups: Group1, Group2, GroupA
Excluded groups: --

Name: Connection2 -

Connection name: VPN2 -

Connection type: IKEv2 -

Assignments:

Included groups: GroupA -

Excluded groups: GroupB -

Technical Requirements -
ADatum must meet the following technical requirements:
Users in GroupA must be able to deploy new computers.
Administrative effort must be minimized.

Which devices are registered by using the Windows Autopilot deployment service?

• A. Device1 only
• B. Device3 only
• C. Device1 and Device3 only
• D. Device1, Device2, and Device3

251 - Overview -
ADatum Corporation is a consulting company that has a main office in Montreal and branch offices in
Seattle and New York.
ADatum has a Microsoft 365 E5 subscription.

Environment -

Network Environment -
The network contains an on-premises Active Directory domain named adatum.com. The domain contains
the servers shown in the following table.

ADatum has a hybrid Azure AD tenant named adatum.com.

Users and Groups -

The adatum.com tenant contains the users shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:\Folder1.

Microsoft Intune Configuration -

Microsoft Intune has the compliance policies shown in the following table.

The Automatic Enrollment settings have the following configurations:

MDM user scope: GroupA -

MAM user scope: GroupB -

You have an Endpoint protection configuration profile that has the following Controlled folder access
settings:

Name: Protection1 -

Folder protection: Enable -

List of apps that have access to protected folders: C:\*\AppA.exe
List of additional folders that need to be protected: D:\Folder1
Assignments:

Included groups: Group2, GroupB -

Windows Autopilot Configuration -

Requirements -

Name: Boundary1 -
Network boundary: 192.168.1.0/24

Scope tags: Tag1 -

Assignments:

Included groups: Group1, Group2 -

Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following
settings:

Name: Connection1 -

Connection name: VPN1 -

Connection type: L2TP -

Assignments:
Included groups: Group1, Group2, GroupA
Excluded groups: --

Name: Connection2 -

Connection name: VPN2 -

Connection type: IKEv2 -

Assignments:

Included groups: GroupA -

Excluded groups: GroupB -

252 - Overview -
ADatum Corporation is a consulting company that has a main office in Montreal and branch offices
in Seattle and New York.
ADatum has a Microsoft 365 E5 subscription.

Environment -

Network Environment -
The network contains an on-premises Active Directory domain named adatum.com. The domain
contains the servers shown in the following table.

ADatum has a hybrid Azure AD tenant named adatum.com.

Users and Groups -

The adatum.com tenant contains the users shown in the following table.
All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3
license.
Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have a Membership type of Assigned.

Devices -
ADatum has the Windows 10 devices shown in the following table.

The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named
D:\Folder1.

Microsoft Intune Configuration -

Microsoft Intune has the compliance policies shown in the following table.
The Automatic Enrollment settings have the following configurations:

MDM user scope: GroupA -

MAM user scope: GroupB -

You have an Endpoint protection configuration profile that has the following Controlled folder
access settings:

Name: Protection1 -

Folder protection: Enable -

List of apps that have access to protected folders: C:\*\AppA.exe
List of additional folders that need to be protected: D:\Folder1
Assignments:

Included groups: Group2, GroupB -

Windows Autopilot Configuration -

Requirements -

Name: Boundary1 -
Network boundary: 192.168.1.0/24
Scope tags: Tag1 -
Assignments:

Included groups: Group1, Group2 -

Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the
following settings:

Name: Connection1 -

Connection name: VPN1 -

Connection type: L2TP -

Assignments:
Included groups: Group1, Group2, GroupA
Excluded groups: --

Name: Connection2 -

Connection name: VPN2 -

Connection type: IKEv2 -

Assignments:

Included groups: GroupA -

Excluded groups: GroupB -

Technical Requirements -
ADatum must meet the following technical requirements:
Users in GroupA must be able to deploy new computers.
Administrative effort must be minimized.
You implement Boundary1 based on the planned changes.
Which devices have a network boundary of 192.168.1.0/24 applied?

• A. Device2 only
• B. Device3 only
• C. Device1, Device2, and Device5 only
• D. Device1, Device2, Device3, and Device4 only
253 - You have a Microsoft 365 subscription.
You use Microsoft Intune Suite to manage devices.
You have the iOS app protection policy shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.
NOTE: Each correct selection is worth one point.
254 - You have a Microsoft 365 E5 subscription and a computer that runs Windows 11.
You need to create a customized installation of Microsoft 365 Apps for enterprise.
Which four actions should you perform in sequence? To answer, move the appropriate cmdlets from the list
of cmdlets to the answer area and arrange them in the correct order.
255 - You have devices enrolled in Microsoft Intune as shown in the following table.

On which devices can you apply app configuration policies?

• A. Device2 only
• B. Device1 and Device2 only
• C. Device3 and Device4 only
• D. Device2, Device3, and Device4 only
• E. Device1, Device2, Device3, and Device4

256 - You have an Azure AD tenant named contoso.com that contains the devices shown in the
following table.

Hide Solution Discussion 15

Correct Answer:
257 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You plan to deploy two apps named App1 and App2 to all Windows devices. App1 must be
installed before App2.
From the Intune admin center, you create and deploy two Windows app (Win32) apps.
You need to ensure that App1 is installed before App2 on every device.
What should you configure?

• A. the App1 deployment configurations

• B. a dynamic device group
• C. a detection rule
• D. the App2 deployment configurations

258 - You have a Microsoft Intune subscription.

You have devices enrolled in Intune as shown in the following table.

An app named App1 is installed on each device.

What is the minimum number of app configuration policies required to manage App1?

• A. 1
• B. 2
• C. 3
• D. 4
• E. 5

259 - You have a Microsoft 365 E5 subscription that contains 100 iOS devices enrolled in
Microsoft Intune.
You need to deploy a custom line-of-business (LOB) app to the devices by using Intune.
Which extension should you select for the app package file?

• A. .intunemac
• B. .ipa
• C. .apk
• D. .appx
260 - You have a Microsoft 365 E5 subscription that contains a user named User1 and a web app
named App1.
App1 must only accept modern authentication requests.
You plan to create a Conditional Access policy named CAPolicy1 that will have the following
settings:

Assignments -
Users or workload identities: User1

Cloud apps or actions: App1 -

Access controls -

Grant: Block access -

You need to block only legacy authentication requests to App1.
Which condition should you add to CAPolicy1?

• A. Filter for devices

• B. Device platforms
• C. User risk
• D. Sign-in risk
• E. Client apps

261 - All users have Microsoft 365 apps deployed.

You need to configure Microsoft 365 apps to meet the following requirements:
Enable the automatic installation of WebView2 Runtime.
Prevent users from submitting feedback.
Which two settings should you configure in the Microsoft 365 Apps admin center? To answer,
select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

Hide Solution Discussion 5

Correct Answer:

262 - You have a Microsoft 365 subscription.

You have 10 computers that run Windows 10 and are enrolled in mobile device management
(MDM).
You need to deploy the Microsoft 365 Apps for enterprise suite to all the computers.
What should you do?

263 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You have a Windows 11 device named Device1 that is enrolled in Intune. Device1 has been offline
for 30 days.
You need to remove Device1 from Intune immediately. The solution must ensure that if the device
checks in again, any apps and data provisioned by Intune are removed. User-installed apps,
personal data, and OEM-installed apps must be retained.
What should you use?

• A. a Delete action
• B. a Retire action
• C. a Fresh Start action
• D. an Autopilot Reset action

264 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You need to review the startup times and restart frequencies of the devices.
What should you use?

• A. Azure Monitor
• B. Intune Data Warehouse
• C. Microsoft Defender for Endpoint
• D. Endpoint analytics

265 - You have a Microsoft 365 E5 subscription.

You create a new update rings policy named Policy1 as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.
NOTE: Each correct selection is worth one point.
266 - You have computers that run Windows 10 and connect to an Azure Log Analytics
workspace. The workspace is configured to collect all available events from the Windows event
logs.
The computers have the logged events shown in the following table.

Which events are collected in the Log Analytics workspace?

• A. 1 only
• B. 2 and 3 only
• C. 1 and 3 only
• D. 1, 2, and 4 only
• E. 1, 2, 3, and 4

267 - You have a Microsoft 365 E5 subscription that contains 10 Android Enterprise devices. Each
device has a corporate-owned work profile and is enrolled in Microsoft Intune.
You need to configure the devices to run a single app in kiosk mode.
Which Configuration settings should you modify in the device restrictions profile?

• A. Users and Accounts

• B. General
• C. System security
• D. Device experience

268 - You have a Microsoft 365 E5 subscription that contains 500 macOS devices enrolled in
Microsoft Intune.
You need to ensure that you can apply Microsoft Defender for Endpoint antivirus policies to the
macOS devices. The solution must minimize administrative effort.
What should you do?

• A. Onboard the macOS devices to the Microsoft Purview compliance portal.

• B. From the Microsoft Intune admin center, create a security baseline.
• C. Install Defender for Endpoint on the macOS devices.
• D. From the Microsoft Intune admin center, create a configuration profile.
269 - You have an Azure AD tenant and 100 Windows 10 devices that are Azure AD joined and
managed by using Microsoft Intune.
You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the
devices. The solution must minimize administrative effort.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. To configure Microsoft Defender Antivirus, create a Group Policy Object (GPO) and
configure the Windows Defender Antivirus settings.
• B. To configure Microsoft Defender Firewall, create a device configuration profile and
configure the Device restrictions settings.
• C. To configure Microsoft Defender Antivirus, create a device configuration profile and
configure the Endpoint protection settings.
• D. To configure Microsoft Defender Antivirus, create a device configuration profile and
configure the Device restrictions settings.
• E. To configure Microsoft Defender Firewall, create a device configuration profile and
configure the Endpoint protection settings.
• F. To configure Microsoft Defender Firewall, create a Group Policy Object (GPO) and
configure Windows Defender Firewall with Advanced Security.

270 - You have an Azure AD group named Group1. Group1 contains two Windows 10 Enterprise
devices named Device1 and Device2.
You create a device configuration profile named Profile1. You assign Profile1 to Group1.
You need to ensure that Profile1 applies to Device1 only.
What should you modify in Profile1?

• A. Assignments
• B. Settings
• C. Scope (Tags)
• D. Applicability Rules

271 - You have a Microsoft 365 subscription that includes Microsoft Intune.
You need to implement a Microsoft Defender for Endpoint solution that meets the following
requirements:
Enforces compliance for Defender for Endpoint by using Conditional Access
Prevents suspicious scripts from running on devices
What should you configure? To answer, drag the appropriate features to the correct requirements.
Each feature may be used once, more than once, or not at all. You may need to drag the split bar
between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Hide Solution Discussion 11

Correct Answer:

272 - Your network contains an on-premises Active Directory domain and an Azure AD tenant.
The Default Domain Policy Group Policy Object (GPO) contains the settings shown in the following
table.

You need to migrate the existing Default Domain Policy GPO settings to a device configuration
profile.
Which device configuration profile type template should you use?

• A. Administrative Templates
• B. Endpoint protection
• C. Device restrictions
• D. Custom

273 - You have 100 computers that run Windows 10 and connect to an Azure Log Analytics
workspace.
Which three types of data can you collect from the computers by using Log Analytics? Each correct
answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. failure events from the Security log

• B. the list of processes and their execution times
• C. the average processor utilization
• D. error events from the System log
• E. third-party application logs stored as text files

274 - You have a Microsoft 365 E5 subscription. The subscription contains 25 computers that run
Windows 11 and are enrolled in Microsoft Intune.
You need to onboard the devices to Microsoft Defender for Endpoint.
What should you create in the Microsoft Intune admin center?

• A. an attack surface reduction (ASR) policy

• B. a security baseline
• C. an endpoint detection and response (EDR) policy
• D. an account protection policy
• E. an antivirus policy

275 - Your company uses Microsoft Intune to manage devices.

• A. From Platform Settings, set Android device administrator Personally Owned to Block.
• B. From Platform Settings, set Android Enterprise (work profile) to Allow.
• C. From Platform Settings, set Android device administrator Personally Owned to Allow.
• D. From Platform Settings, set Android device administrator to Block.
276 - You have the device configuration profile shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.
NOTE: Each correct selection is worth one point.
277 - You have 100 Windows 10 devices enrolled in Microsoft Intune.
You need to configure the devices to retrieve Windows updates from the internet and from other computers
on a local network.
Which Delivery Optimization setting should you configure, and which type of Intune object should you
create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

278 - You have an Azure AD tenant that contains the users shown in the following table.

279 - You use Microsoft Intune and Intune Data Warehouse.

You need to create a device inventory report that includes the data stored in the data warehouse.
What should you use to create the report?

• A. the Company Portal app

• B. Endpoint analytics
• C. the Azure portal app
• D. Microsoft Power BI

280 - You have a Microsoft 365 E5 subscription and 25 Apple iPads.

You need to enroll the iPads in Microsoft Intune by using the Apple Configurator enrollment
method.
What should you do first?

• A. Configure an Apply MDM push certificate.

• B. Add your user account as a device enrollment manager (DEM).
• C. Modify the enrollment restrictions.
• D. Upload a file that has the device identifiers for each iPad.

281 - You have 100 computers that run Windows 10. You have no servers. All the computers are joined to
Azure AD.
The computers have different update settings, and some computers are configured for manual updates.
You need to configure Windows Update. The solution must meet the following requirements:
The configuration must be managed from a central location.
Internet traffic must be minimized.
Costs must be minimized.
How should you configure Windows Update? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
282 - You have a Microsoft 365 E5 subscription that contains 150 hybrid Azure AD joined
Windows devices. All the devices are enrolled in Microsoft Intune.
You need to configure Delivery Optimization on the devices to meet the following requirements:
Allow downloads from the internet and from other computers on the local network.
Limit the percentage of used bandwidth to 50.
What should you use?

• A. a configuration profile
• B. a Windows Update for Business Group Policy setting
• C. a Microsoft Peer-to-Peer Networking Services Group Policy setting
• D. an Update ring for Windows 10 and later profile

283 - Your network contains an Active Directory domain named contoso.com. The domain
contains a computer named Computer1 that runs Windows 10.
You have the groups shown in the following table.

Which groups can you add to Group4?

• A. Group2 only
• B. Group1 and Group2 only
• C. Group2 and Group3 only
• D. Group1, Group2, and Group3

284 - You have a Microsoft 365 subscription. The subscription contains computers that run
Windows 11 and are enrolled in Microsoft Intune.
You need to create a compliance policy that meets the following requirements:
Requires BitLocker Drive Encryption (BitLocker) on each device
Requires a minimum operating system version
Which setting of the compliance policy should you configure for each requirement? To answer,
drag the appropriate settings to the correct requirements. Each setting may be used once, more
than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Hide Solution Discussion 8

Correct Answer:

285 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.
You have the Windows 11 devices shown in the following table.

You deploy the device compliance policy shown in the exhibit. (Click the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Correct
Answer:
286 - You have a Microsoft 365 subscription that contains the devices shown in the following table.

You need to ensure that only devices running trusted firmware or operating system builds can access
network resources.
Which compliance policy setting should you configure for each device? To answer, drag the appropriate
settings to the correct devices. Each setting may be used once, more than once, or not at all. You may need
to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

287 - You have a Microsoft 365 subscription that contains 1,000 Windows 11 devices enrolled in Microsoft
Intune.
You plan to create and monitor the results of a compliance policy used to validate the BIOS version of the
devices.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list
of actions to the answer area and arrange them in the correct order.
288 - You have a computer that runs Windows 10 and contains two local users named User1 and
User2.
You need to ensure that the users can perform the following actions:
User1 must be able to adjust the date and time.
User2 must be able to clear Windows logs.
The solution must use the principle of least privilege.
To which group should you add each user? To answer, drag the appropriate groups to the correct
users. Each group may be used once, more than once, or not at all. You may need to drag the split
bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

289 - You have an Azure AD tenant named contoso.com.

You have the devices shown in the following table.

Which devices can be Azure AD joined, and which devices can be registered in contoso.com? To answer,
select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

290 - You have an Azure AD tenant named contoso.com that contains the users shown in the following
table.

You have a computer named Computer1 that runs Windows 10. Computer1 is in a workgroup and has the
local users shown in the following table.
UserA joins Computer1 to Azure AD by using [email protected].
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

291 - Your network contains an Active Directory domain. The domain contains a user named
Admin1. All computers run Windows 10.
You enable Windows PowerShell remoting on the computers.
You need to ensure that Admin1 can establish remote PowerShell connections to the computers.
The solution must use the principle of least privilege.
To which group should you add Admin1?

• A. Access Control Assistance Operators

• B. Remote Desktop Users
• C. Power Users
• D. Remote Management Users

292 - You have a Microsoft Intune subscription.

You are creating a Windows Autopilot deployment profile named Profile1 as shown in the following exhibit.
Profile1 will be deployed to Windows 10 devices.
Use the drop-down menus to select the answer choice that completes each statement based on the
information presented in the graphic.
NOTE: Each correct selection is worth one point.
293 - You have a server named Server1 and computers that run Windows 10. Server1 has the
Microsoft Deployment Toolkit (MDT) installed.
You plan to upgrade the Windows 10 computers to Windows 11 by using the MDT deployment
wizard.
You need create a deployment share on Server1.
What should you do on Server1, and what are the minimum components you should add to the
MDT deployment share? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

294 - You have a Microsoft Deployment Toolkit (MDT) server named MDT1.
When computers start from the LiteTouchPE_x64.iso image and connect to MDT1, the welcome screen
appears as shown in the following exhibit.
You need to prevent the welcome screen from appearing when the computers connect to MDT1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list
of actions to the answer area and arrange them in the correct order.

Hide Solution Discussion 7

Correct Answer:

295 - You use Windows Admin Center to remotely administer computers that run Windows 10.
When connecting to Windows Admin Center, you receive the message shown in the following
exhibit.

You need to prevent the message from appearing when you connect to Windows Admin Center.
To which certificate store should you import the certificate?

• A. Client Authentication Issuers

• B. Personal
• C. Trusted Root Certification Authorities
296 - You have an Azure AD tenant named contoso.com that contains the devices shown in the following
table.

Contoso.com contains the Azure AD groups shown in the following table.

You add a Windows Autopilot deployment profile. The profile is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
297 - Your network contains an Active Directory domain. The domain contains 1,000 computers that run
Windows 11.
You need to configure the Remote Desktop settings of all the computers. The solution must meet the
following requirements:
Prevent the sharing of clipboard contents.
Ensure that users authenticate by using Network Level Authentication (NLA).
Which two nodes of the Group Policy Management Editor should you use? To answer, select the appropriate
nodes in the answer area.
NOTE: Each correct selection is worth one point.
298 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
Azure AD joined Windows devices enroll automatically in Intune.
You have the devices shown in the following table.

You are preparing to upgrade the devices to Windows11. All the devices are compatible with
Windows 11.
You need to evaluate Windows Autopilot and in-place upgrade as deployment methods to
implement Windows 11 Pro on the devices, while retaining all user settings and applications.
Which devices can be upgraded by using each method? To answer, select the appropriate options
in the answer area.
NOTE: Each correct selection is worth one point.
299 - You have 100 computers that run Windows 10.
You plan to deploy Windows 11 to the computers by performing a wipe and load installation.
You need to recommend a method to retain the user settings and the user data.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate
actions from the list of actions to the answer area and arrange them in the correct order.
300 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You use Windows Autopilot to deploy Windows 11 to devices.
A support engineer reports that when a deployment fails, they cannot collect deployment logs from
failed device.
You need to ensure that when a deployment fails, the deployment logs can be collected.
What should you configure?

• A. the automatic enrollment settings

• B. the Windows Autopilot deployment profile
• C. the enrollment status page (ESP) profile
• D. the device configuration profile

301 - You have a Microsoft 365 E5 subscription that contains a user named User1 and uses
Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You have a device named Devic1 that is enrolled in Intune.
You need to ensure that User1 can use Remote Help from the Intune admin center for Device1.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Deploy the Remote Help app to Device1.

• B. Assign the Help Desk Operator role to User1.
• C. Assign the Intune Administrator role to User1.
• D. Assign a Microsoft 365 E5 license to User1.
• E. Rerun device onboarding on Device1.
• F. Assign the Remote Help add-on license to User1.

302 - You have a Windows 11 capable device named Device1 that runs the 64-bit version of
Windows 10 Enterprise and has Microsoft Office 2019 installed.
You have the Windows 11 Enterprise images shown in the following table.

Which images can be used to perform an in-place upgrade of Device1?

• A. Image1 only
• B. Image2 only
• C. Image1 and Image2
303 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an
Azure AD tenant by using Azure AD Connect.
You use Microsoft Intune and Configuration Manager to manage devices.
You need to recommend a deployment plan for new Windows 11 devices. The solution must meet the
following requirements:
Devices for the marketing department must be joined to the AD DS domain only. The IT department will
install complex applications on the devices at build time, before giving the devices to the marketing
department users.
Devices for the sales department must be Azure AD joined. The devices will be shipped directly from the
manufacturer to the homes of the sales department users.
Administrative effort must be minimized.
Which deployment method should you recommend for each department? To answer, select the appropriate
options in the answer area.
NOTE: Each correct selection is worth point.

304 - You have a Microsoft Deployment Toolkit (MDT) deployment share named DS1.
In the Out-of-Box Drivers node, you create folders that contain drivers for different hardware
models.
You need to configure the Inject Drivers MDT task to use PnP detection to install the drivers for
one of the hardware models.
What should you do first?

• A. Import an OS package.
• B. Create a selection profile.
• C. Add a Gather task to the task sequence.
• D. Add a Validate task to the task sequence.

305 - You have an on-premises server named Server1 that hosts a Microsoft Deployment Toolkit
(MDT) deployment share named MDT1.
You need to ensure that MDT1 supports multicast deployments.
What should you install on Server1?

• A. Multipath I/O (MPIO)

• B. Multipoint Connector
• C. Windows Deployment Services (WDS)
• D. Windows Server Update Services (WSUS)

306 - Your company standardizes on Windows 10 Enterprise for all users.

Some users purchase their own computer from a retail store. The computers run Windows 10 Pro.
You need to recommend a solution to upgrade the computers to Windows 10 Enterprise, join the
computers to Azure AD, and install several Microsoft Store apps. The solution must meet the
following requirements:
Ensure that any applications installed by the users are retained.
Minimize user intervention.
What is the best recommendation to achieve the goal? More than one answer choice may achieve
the goal. Select the BEST answer.

• A. Windows Autopilot
• B. Microsoft Deployment Toolkit (MDT)
• C. a Windows Configuration Designer provisioning package
• D. Windows Deployment Services (WDS)

307 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you modify the User settings and the Device
settings.
Does this meet the goal?

• A. Yes
• B. No
308 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you configure automatic mobile device
management (MDM) enrollment. From the Microsoft Intune admin center, you create and assign a
device restrictions profile.
Does this meet the goal?

• A. Yes
• B. No

309 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you configure automatic mobile device
management (MDM) enrollment. From the Microsoft Intune admin center, you configure the
Windows Hello for Business enrollment options.
Does this meet the goal?

• A. Yes
• B. No

310 - Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch
offices in Seattle and New York.
Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment -

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration -

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements -

Planned changes -

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.

Technical Requirements -
Contoso must meet the following technical requirements:

You need to meet the technical requirements for the iOS devices.

Which object should you create in Intune?

• A. a deployment profile
• B. an app protection policy
• C. a device configuration profile
• D. a compliance policy

311 - Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in
Seattle and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN) departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work
from home.

Existing Environment
-
The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are managed
by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four
numbers, for example FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration
-

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.
The device limit restrictions in Intune are configured as shown in the following table.

Requirements
-

Planned changes
-

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled
and were purchased already.
• Implement co-management for the computers.

Technical Requirements
-

Contoso must meet the following technical requirements:

• Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices
that are enrolled in Intune.
• Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
• Create a provisioning package for new computers in the HR department.
• Block iOS devices from sending diagnostic and usage telemetry data.
• Use the principle of least privilege whenever possible.
• Enable the users in the MKG department to use App1.
• Pilot co-management for the IT department.

You are evaluating which devices are compliant.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

312 - Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch
offices in Seattle and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment -

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration -

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.
Requirements -

Planned changes -

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.

Technical Requirements -

Contoso must meet the following technical requirements:

You need to prepare for the deployment of the Phoenix office computers.

What should you do first?

313 - Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in
Seattle and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN) departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work
from home.

Existing Environment
-

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are managed
by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four
numbers, for example FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration
-

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements
-

Planned changes
-

Contoso plans to implement the following changes:

• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled
and were purchased already.
• Implement co-management for the computers.

Technical Requirements
-

Contoso must meet the following technical requirements:

• Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices
that are enrolled in Intune.
• Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
• Create a provisioning package for new computers in the HR department.
• Block iOS devices from sending diagnostic and usage telemetry data.
• Use the principle of least privilege whenever possible.
• Enable the users in the MKG department to use App1.
• Pilot co-management for the IT department.

What is the maximum number of devices that User1 and User2 can enroll in Intune? To answer, select the
appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

314 - Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch
offices in Seattle and New York.

Contoso has the users and computers shown in the following table.

The company has IT, human resources (HR), legal (LEG), marketing (MKG), and finance (FIN)
departments.

Contoso recently purchased a Microsoft 365 subscription.

The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office
will work from home.

Existing Environment
-

The network contains an Active Directory domain named contoso.com that is synced to Azure AD.

All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10
Enterprise.

The computers are managed by using Microsoft Configuration Manager. The mobile devices are
managed by using Microsoft Intune.

Each department has an organizational unit (OU) that contains a child OU named Computers. Each
computer account is in the Computers OU of its respective department.

Intune Configuration
-

The domain has the users shown in the following table.

User2 is a device enrollment manager (DEM) in Intune.

The devices enrolled in Intune are shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

Requirements
-

Planned changes
-
Contoso plans to implement the following changes:
• Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro
preinstalled and were purchased already.
• Implement co-management for the computers.

Technical Requirements
-

Contoso must meet the following technical requirements:

To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the
answer area.

NOTE: Each correct selection is worth one point.

Reveal Solution Discussion 7

Question #67Topic 1

Your network contains an Active Directory domain named contoso.com. The domain contains two
computers named Computer1 and Computer2 that run Windows 10.

On Computer1, you need to run the Invoke-Command cmdlet to execute several PowerShell
commands on Computer2.

What should you do first?

• A. On Computer2, run the Enable-PSRemoting cmdlet.

Reveal Solution Discussion 9

Question #68Topic 1
You have an Azure AD tenant that contains the devices shown in the following table.

Which devices can be activated by using subscription activation?

• A. Device1 only
• B. Device1 and Device2 only
• C. Device1 and Device3 only
• D. Device1, Device2, Device3, and Device4

315 - You have 25 computers that run Windows 10 Pro.

You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

You need to upgrade the computers to Windows 11 Enterprise by using an in-place upgrade. The
solution must minimize administrative effort.

What should you use?

• A. Microsoft Deployment Toolkit (MDT) and a default image of Windows 11 Enterprise

• B. Microsoft Configuration Manager and a custom image of Windows 11 Enterprise
• C. Windows Autopilot
• D. Subscription Activation

316 - You use the Microsoft Deployment Toolkit (MDT) to manage Windows 11 deployments.

From Deployment Workbench, you modify the WinPE settings and add PowerShell support.

You need to generate a new set of WinPE boot image files that contain the updated settings.

What should you do?

• A. From the Deployment Shares node, update the deployment share.

You need to use the Microsoft Deployment Toolkit (MDT) to securely wipe and decommission the
devices. The solution must meet the following requirements:

• Back up the user state.

• Minimize administrative effort.

Which task sequence template should you use?

• A. Standard Client Task Sequence

• B. Standard Client Replace Task Sequence
• C. Litetouch OEM Task Sequence
• D. Sysprep and Capture

318 - Your network contains an Active Directory domain. The domain contains a computer named
Computer1 that runs Windows 11.

You need to enable the Windows Remote Management (WinRM) service on Computer1 and
perform the following configurations:

• For the WinRM service, set Startup type to Automatic.

• Create a listener that accepts requests from any IP address.
• Enable a firewall exception for WS-Management communications.

Which PowerShell cmdlet should you use?

• A. Connect-WSMan
• B. Enable-PSRemoting
• C. Invoke-WSManAction
• D. Enable-PSSessionConfiguration

319 - Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs
with an Azure AD tenant. The tenant contains the users shown in the following table.

You assign Windows 10/11 Enterprise E5 licenses to Group1 and User2.

You deploy the devices shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

321 - Your network contains an Active Directory domain named adatum.com, a workgroup, and computers
that run Windows 10. The computers are configured as shown in the following table.

The local Administrator accounts on Computer1, Computer2, and Computer3 have the same user name and
password.

On Computer1, Windows Defender Firewall is configured as shown in the following exhibit.

The services on Computer1 have the following states.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

322 - You have a Hyper-V host that contains the virtual machines shown in the following table.

On which virtual machines can you install Windows 11?

• A. VM1 only
• B. VM3 only
• C. VM1 and VM2 only
• D. VM2 and VM3 only
• E. VM1, VM2, and VM3

323 - You have a Microsoft 365 subscription that uses Microsoft Intune and contains the users shown in
the following table.

Group2 has been assigned in the Enrollment Status Page.

You have the devices shown in the following table.

You capture and upload the hardware IDs of the devices in the marketing department.

You configure Windows Autopilot.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

324 - You have a Microsoft 365 subscription that contains a user named User1. User1 is assigned
a Windows 10/11 Enterprise E3 license.

You use Microsoft Intune Suite to manage devices.

User1 activates the following devices:

• Device1: Windows 11 Enterprise

• Device2: Windows 10 Enterprise
• Device3: Windows 11 Enterprise

How many more devices can User1 activate?

• A. 2
• B. 3
• C. 7
• D. 8

325 - Your company has a computer named Computer1 that runs Windows 10.

Computer1 was used by a user who left the company.

You plan to repurpose Computer1 and assign the computer to a new user.

You need to redeploy Computer1 by using Windows Autopilot.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list
of actions to the answer area and arrange them in the correct order.
326 - You use the Microsoft Deployment Toolkit (MDT) to deploy Windows 11.

You create a new task sequence by using the Standard Client Task Sequence template to deploy
Windows 11 Enterprise to new computers. The computers have a single hard disk.

You need to modify the task sequence to create a system volume and a data volume.

Which phase should you modify in the task sequence?

• A. Initialization
• B. State Restore
• C. Preinstall
• D. Postinstall
327 - You have a Microsoft Deployment Toolkit (MDT) deployment share.

From the Deployment Workbench, you open the New Task Sequence Wizard and select the
Standard Client Upgrade Task Sequence task sequence template.

You discover that there are no operating system images listed on the Select OS page as shown in
the following exhibit.

You need to be able to select an operating system image to perform a Windows 11 in-place
upgrade.

What should you do?

• A. Enable monitoring for the deployment share.

• B. Import a full set of source files.
• C. Import a custom image file.
• D. Run the Update Deployment Share Wizard.

328 - Your company implements Azure AD, Microsoft 365, Microsoft Intune, and Azure
Information Protection.
The company's security policy states the following:

• Personal devices do not need to be enrolled in Intune.

You need to configure a solution to enforce the security policy.

What should you create?

• A. a device configuration profile from the Microsoft Intune admin center

329 - You have a Microsoft 365 subscription that contains 500 Android Enterprise devices.

All the devices are enrolled in Microsoft Intune.

You need to deliver bookmarks to the Chrome browser on the devices.

What should you create?

• A. a compliance policy
• B. a configuration profile
• C. an app protection policy
• D. an app configuration policy

330 - You have a Microsoft 365 E5 subscription and 100 computers that run Windows 10.

You need to deploy Microsoft Office Professional Plus 2019 to the computers by using Microsoft
Office Deployment Tool (ODT).

What should you use to create a customization file for ODT?

• A. the Microsoft 365 admin center

• B. the Microsoft Intune admin center
• C. the Microsoft Purview compliance portal
• D. the Microsoft 365 Apps admin center

331 - You have a Microsoft 365 subscription that contains 1,000 Windows 11 devices enrolled in
Microsoft Intune.
You plan to use Intune to deploy an application named App1 that contains multiple installation
files.

What should you do first?

332 - You have groups that use the Dynamic Device membership type as shown in the following table.

You are deploying Microsoft 365 apps.

You have devices enrolled in Microsoft Intune as shown in the following table.

NOTE: Each correct selection is worth one point.

333 - You have a Microsoft 365 subscription. All devices run Windows 10.

You need to prevent users from enrolling the devices in the Windows Insider Program.

What two configurations should you perform from the Microsoft Intune admin center? Each correct
answer is a complete solution.

NOTE: Each correct selection is worth one point.

• A. a device restrictions device configuration profile

• B. an app configuration policy
• C. a Windows 10 and later security baseline
• D. a custom device configuration profile
• E. a Windows 10 and later update ring

334 - You have a Microsoft 365 E5 subscription that contains 100 Windows 10 devices enrolled in
Microsoft Intune.

You plan to use Endpoint analytics.

You need to create baseline metrics.

What should you do first?

• A. Modify the Baseline regression threshold.

• B. Onboard 10 devices to Endpoint analytics.
• C. Create a Log Analytics workspace.
• D. Create an Azure Monitor workbook.

335 - You install a feature update on a computer that runs Windows 10.

How many days do you have to roll back the update?

• A. 5
• B. 10
• C. 14
• D. 30
336 - You have a Microsoft Azure subscription that contains an Azure Log Analytics workspace.

You deploy a new computer named Computer1 that runs Windows 10. Computer1 is in a
workgroup.

You need to ensure that you can use Log Analytics to query events from Computer1.

What should you do on Computer1?

• A. Join Azure AD.

• B. Configure Windows Defender Firewall.
• C. Create an event subscription
• D. Install the Azure Monitor Agent.

337 - You have a Microsoft 365 E5 subscription and 100 unmanaged iPad devices.

You need to deploy a specific iOS update to the devices. Users must be prevented from manually
installing a more recent version of iOS.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

• A. Create a device configuration profile.

338 - You have a Microsoft 365 subscription that includes Microsoft Intune.

You have an update ring named UpdateRing1 that contains the following settings:

• Automatic update behavior: Auto install and restart at a scheduled time

• Automatic behavior frequency: First week of the month
• Scheduled install day: Tuesday
• Scheduled install time: 3 AM

From the Microsoft Intune admin center, you select Uninstall for the feature updates of
UpdateRing1.
When will devices start to remove the feature updates?

• A. when a user approves the uninstall

• B. as soon as the policy is received
• C. next Tuesday
• D. the first Tuesday of the next month

339 - You have a hybrid deployment of Azure AD that contains 50 Windows 10 devices. All the
devices are enrolled in Microsoft Intune.

You discover that Group Policy settings override the settings configured in Microsoft Intune
policies.

You need to ensure that the settings configured in Microsoft Intune override the Group Policy
settings.

What should you do?

340 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.

You use Microsoft Intune to manage devices.

You need to ensure that the startup performance of managed Windows 11 devices is captured and
available for review in the Intune admin center.

What should you configure?

• A. the Azure Monitor agent

• B. a device compliance policy
• C. a Conditional Access policy
• D. an Intune data collection policy
341 - You have a Microsoft 365 E5 subscription that uses Microsoft Intune.

Devices are enrolled in Intune as shown in the following table.

The devices are the members of groups as shown in the following table.

You create an iOS/iPadOS update profile as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

342 - You have a Microsoft Intune deployment that contains the resources shown in the following
table.

You create a policy set named Set1 and add Comply1 to Set1.

Which additional resources can you add to Set1?

• A. Conf1 only
• B. Comply2 only
• C. Comply2 and Conf1 only
• D. CA1, Conf1, and Office1 only
• E. Comply2, CA1, Conf1, and Office1

343 - You use Microsoft Defender for Endpoint to protect computers that run Windows 10.

You need to assess the differences between the configuration of Microsoft Defender for Endpoint
and the Microsoft-recommended configuration baseline.

Which tool should you use?

• A. Microsoft Defender for Endpoint Power BI app

• B. Microsoft Secure Score
• C. Endpoint Analytics
• D. Microsoft 365 Defender portal

344 - You have a Microsoft 365 E5 subscription that contains 1,000 Windows 11 devices. All the
devices are enrolled in Microsoft Intune.

You plan to integrate Intune with Microsoft Defender for Endpoint.

You need to establish a service-to-service connection between Intune and Defender for Endpoint.

Which settings should you configure in the Microsoft Intune admin center?

• A. Premium add-ons
• B. Connectors and tokens
• C. Tenant enrollment
• D. Microsoft Tunnel Gateway

345 - You have a Microsoft Intune subscription that is configured to use a PFX certificate connector to an
on-premises Enterprise certification authority (CA).

You need to use Intune to configure autoenrollment for Android devices by using public key pair (PKCS)
certificates.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list
of actions to the answer area and arrange them in the correct order.

346 - Your company uses Microsoft Intune.

More than 500 Android and iOS devices are enrolled in the Intune tenant.

You plan to deploy new Intune policies. Different policies will apply depending on the version of
Android or iOS installed on the device.

You need to ensure that the policies can target the devices based on their version of Android or
iOS.

What should you configure first?

• A. groups that have dynamic membership rules in Azure AD

• B. Device categories in Intune
• C. Corporate device identifiers in Intune
• D. Device settings in Azure AD

347 - You have 500 Windows 10 devices enrolled in Microsoft Intune.

You plan to use Exploit protection in Microsoft Intune to enable the following system settings on the
devices:
• Data Execution Prevention (DEP)
• Force randomization for images (Mandatory ASLR)

You need to configure a Windows 10 device that will be used to create a template file.

Which protection areas on the device should you configure in the Windows Security app before you create
the template file? To answer, drag the appropriate protection areas to the correct settings. Each protection
area may be used once, more than once, or not at all. You may need to drag the split bar between panes or
scroll to view content.

NOTE: Each correct selection is worth one point.

348 - You have an Azure AD tenant named contoso.com.

You have a workgroup computer named Computer1 that runs Windows 11.

You need to add Computer1 to contoso.com.

What should you use?

• A. dsregcmd.exe
• B. Computer Management
• C. netdom.exe
• D. the Settings app

349 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.

You use Microsoft Intune to manage Windows 11 devices.

You need to implement passwordless authentication that requires users to use number matching.

Which authentication method should you use?

• A. Microsoft Authenticator
• B. voice calls
• C. FIDO2 security keys
• D. text messages

350 - You use a Microsoft Intune subscription to manage iOS devices.

You configure a device compliance policy that blocks jailbroken iOS devices.

You need to enable Enhanced jailbreak detection.

What should you configure?

• A. the Compliance policy settings

• B. the device compliance policy
• C. a network location
• D. a configuration profile
351 - You have a Microsoft 365 subscription that contains two users named User1 and User2.

You need to ensure that the users can perform the following tasks:
• User1 must be able to create groups and manage users.
• User2 must be able to reset passwords for nonadministrative users.

The solution must use the principle of least privilege.

Which role should you assign to each user? To answer, drag the appropriate roles to the correct users. Each
role may be used once, more than once, or not at all. You may need to drag the split bar between panes or
scroll to view content.

NOTE: Each correct selection is worth one point.

352 - You have a Microsoft Intune subscription that has the following device compliance policy settings:
• Mark devices with no compliance policy assigned as: Compliant
• Compliance status validity period (days): 14

On January1, you enroll Windows 10 devices in Intune as shown in the following table.

On January 4, you create the following two device compliance policies:

• Name: Policy1
• Platform: Windows 10 and later
• Require BitLocker: Require
• Mark device noncompliant: 5 days after noncompliance
• Scope (Tags): Tag1

• Name: Policy2
• Platform: Windows 10 and later
• Firewall: Require
• Mark device noncompliant: Immediately
• Scope (Tags): Tag2

On January 5, you assign Policy1 and Policy2 to Group1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

353 - You have a Microsoft 365 subscription that includes Microsoft Intune.

You have computers that run Windows 11 as shown in the following table.

You have the groups shown in the following table.

You create and assign the compliance policies shown in the following table.

The next day, you review the compliance status of the computers.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

354 - Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question
sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.

Your company has an Azure AD tenant named contoso.com that contains several Windows 10
devices.

When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit
pin.

You need to ensure that the users are prompted to set up a six-digit pin when they join the
Windows 10 devices to contoso.com.

Solution: From the Microsoft Entra admin center, you configure the Authentication methods.

Does this meet the goal?

• A. Yes
• B. No

355 - You have a Microsoft 365 tenant that contains the objects shown in the following table.

You are creating a compliance policy named Compliance1.

Which objects can you specify in Compliance1 as additional recipients of noncompliance

notifications?

• A. Group3 and Group4 only

• B. Group3, Group4, and Admin1 only
• C. Group1, Group2, and Group3 only
• D. Group1, Group2, Group3, and Group4 only
• E. Group1, Group2, Group3, Group4, and Admin1

356 - You have an Azure AD tenant named contoso.com that contains a user named User1. User1 has a
user principal name (UPN) of [email protected].

You join a Windows 11 device named Client1 to contoso.com.

You need to add User1 to the local Administrators group of Client1.

How should you complete the command? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

357 - You have a Microsoft 365 subscription.

You need to provide a user the ability Security defaults and create Conditional Access policies. The
solution must use the principle of least privilege.

Which role should you assign to the user?

• A. Global Administrator
• B. Conditional Access Administrator
• C. Security Administrator
• D. Intune Administrator

358 - In Microsoft Intune, you have the device compliance policies shown in the following table.

The Intune compliance policy settings are configured as shown in the following exhibit.

On June 1, you enroll Windows 10 devices in Intune as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

359 - You have a Microsoft 365 subscription that contains a user named User1 and uses
Microsoft Intune Suite.

You use Microsoft Intune to manage devices that run Windows 11.

User provides remote support for 75 devices in the marketing department.

You need to add User1 to the Remote Desktop Users group on each marketing department device.

What should you configure?

• A. an app configuration policy

• B. a device compliance policy
• C. an account protection policy
• D. a device configuration profile

360 - You have an Azure AD tenant named contoso.com that contains the users shown in the following
table.

For contoso.com, the Mobility (MDM and MAM) settings have the following configurations:

• MDM user scope: Group1

• MAM user scope: Group2
You purchase the devices shown in the following table:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

361 - You have a Microsoft 365 subscription that uses Microsoft Intune Suite.

You use Microsoft Intune to deploy and manage Windows devices.

You have 100 devices from users that left your company.

You need to repurpose the devices for new users by removing all the data and applications
installed by the previous users. The solution must minimize administrative effort.

What should you do?

• A. Deploy a new configuration profile to the devices.

• B. Perform a Windows Autopilot reset on the devices.
• C. Perform an in-place upgrade on the devices.
• D. Perform a clean installation of Windows 11 on the devices.
362 - You create a Windows Autopilot deployment profile.

You need to configure the profile settings to meet the following requirements:

• Automatically enroll new devices and provision system apps without requiring end-user authentication
• Include the hardware serial number in the computer name.

Which two settings should you configure? To answer, select the appropriate settings in the answer area.

NOTE: Each correct selection is worth one point.

Microsoft.az 400.LAB .VMay 2024.by .Ancher.126q
No ratings yet
Microsoft.az 400.LAB .VMay 2024.by .Ancher.126q
116 pages
MD-102 Exam Dumps
No ratings yet
MD-102 Exam Dumps
202 pages
MS 102 Questions
No ratings yet
MS 102 Questions
8 pages
MD-102
No ratings yet
MD-102
585 pages
SC100 - Copy1
No ratings yet
SC100 - Copy1
63 pages
MD102
No ratings yet
MD102
312 pages
MD 102 Questions
No ratings yet
MD 102 Questions
6 pages
MS-900 Exam - Free Actual Q&As, Page 19 ExamTopics
No ratings yet
MS-900 Exam - Free Actual Q&As, Page 19 ExamTopics
3 pages
7 CertLibrary - Com SC 900
No ratings yet
7 CertLibrary - Com SC 900
9 pages
Shell Uploading Guide
No ratings yet
Shell Uploading Guide
10 pages
Visual Basic and AutoCAD PDF
No ratings yet
Visual Basic and AutoCAD PDF
672 pages
MD-102
No ratings yet
MD-102
10 pages
MS-102 Microsoft Updated Practice Questions
100% (1)
MS-102 Microsoft Updated Practice Questions
67 pages
MD-102 Exam - Free Actual Q&as, Page 2 - ExamTopics
No ratings yet
MD-102 Exam - Free Actual Q&as, Page 2 - ExamTopics
45 pages
MD 102
100% (2)
MD 102
142 pages
MD 102 Demo
100% (1)
MD 102 Demo
15 pages
MD-102 Exam - Free Actual Q&as, Page 1 - ExamTopics
No ratings yet
MD-102 Exam - Free Actual Q&as, Page 1 - ExamTopics
53 pages
MS-102 Exam Part 1
100% (1)
MS-102 Exam Part 1
41 pages
Microsoft MD 102 Dumpshq Actual Questions by George 29 01 2024 11qa
No ratings yet
Microsoft MD 102 Dumpshq Actual Questions by George 29 01 2024 11qa
19 pages
INTUNE Instructor Handout-V1.7
No ratings yet
INTUNE Instructor Handout-V1.7
210 pages
MS 101 Examcollection - Premium.exam.209q
100% (1)
MS 101 Examcollection - Premium.exam.209q
194 pages
MS-102-Dec 2024
No ratings yet
MS-102-Dec 2024
351 pages
Exam Sheet
No ratings yet
Exam Sheet
78 pages
Ms 101
No ratings yet
Ms 101
244 pages
MS-102 Exam Part 3
100% (1)
MS-102 Exam Part 3
43 pages
Intune Web Guide Link
No ratings yet
Intune Web Guide Link
22 pages
Microsoft 365 Certified Messaging Administrator Associate Skills Measured PDF
No ratings yet
Microsoft 365 Certified Messaging Administrator Associate Skills Measured PDF
5 pages
AZ-801 (169 Questions)
No ratings yet
AZ-801 (169 Questions)
10 pages
70-688 8.1 LM Worksheet Lab 12
No ratings yet
70-688 8.1 LM Worksheet Lab 12
7 pages
SharePoint 2013 - 2016 - 2019 - How To Replace Expired WorkFlow Manager Certificates - Microsoft Community Hub
No ratings yet
SharePoint 2013 - 2016 - 2019 - How To Replace Expired WorkFlow Manager Certificates - Microsoft Community Hub
13 pages
Sc 300 Questions Answers Only
No ratings yet
Sc 300 Questions Answers Only
334 pages
PL-200 V12.75 - Haseeb
No ratings yet
PL-200 V12.75 - Haseeb
55 pages
Olympia Lab Guide v3.28
No ratings yet
Olympia Lab Guide v3.28
115 pages
Exam Ms 201 Implementing A Hybrid and Secure Messaging Platform Skills Measured PDF
No ratings yet
Exam Ms 201 Implementing A Hybrid and Secure Messaging Platform Skills Measured PDF
5 pages
SC-401
No ratings yet
SC-401
11 pages
Apple Device Management: A Unified Theory of Managing Macs, iPads, iPhones, and Apple TVs, 2nd Edition Charles Edge 2024 scribd download
100% (4)
Apple Device Management: A Unified Theory of Managing Macs, iPads, iPhones, and Apple TVs, 2nd Edition Charles Edge 2024 scribd download
76 pages
iOS - Enroll to Intune in iOS device
No ratings yet
iOS - Enroll to Intune in iOS device
36 pages
CIS Apple IOS 17 and IPadOS 17 Intune Benchmark v1.0.0
No ratings yet
CIS Apple IOS 17 and IPadOS 17 Intune Benchmark v1.0.0
262 pages
(Ebook) Microsoft Intune Cookbook by anonymous - The special ebook edition is available for download now
100% (2)
(Ebook) Microsoft Intune Cookbook by anonymous - The special ebook edition is available for download now
82 pages
questions-for-microsoft-az-140-exam
No ratings yet
questions-for-microsoft-az-140-exam
13 pages
Microsoft Testkings Az-104 Vce 2023-Jun-17 by Hugh 408q Vce
No ratings yet
Microsoft Testkings Az-104 Vce 2023-Jun-17 by Hugh 408q Vce
44 pages
Module 1: Office 365 Services Overview Lab: Office 365 Services Overview
No ratings yet
Module 1: Office 365 Services Overview Lab: Office 365 Services Overview
6 pages
Getting Started With Intune Migrations
No ratings yet
Getting Started With Intune Migrations
37 pages
AZ-500-Demo
No ratings yet
AZ-500-Demo
42 pages
MD 100T00A ENU TrainerPrepGuide
No ratings yet
MD 100T00A ENU TrainerPrepGuide
7 pages
Microsoft - MD-102.vFeb-2024.by .Rina .114q
100% (1)
Microsoft - MD-102.vFeb-2024.by .Rina .114q
107 pages
DP 500 Questions
No ratings yet
DP 500 Questions
8 pages
Az-305 8
No ratings yet
Az-305 8
47 pages
MD - 102 (1 - 147)
No ratings yet
MD - 102 (1 - 147)
217 pages
sc-900 B9aaad101de9
No ratings yet
sc-900 B9aaad101de9
118 pages
Microsoft - Vceup .MS 900.24 June 2022
No ratings yet
Microsoft - Vceup .MS 900.24 June 2022
139 pages
Az 303
No ratings yet
Az 303
188 pages
MSFT CertPoster Digital
No ratings yet
MSFT CertPoster Digital
1 page
Aindumps - Ms 700.v2020!02!24.by - Alexander.29q
No ratings yet
Aindumps - Ms 700.v2020!02!24.by - Alexander.29q
29 pages
MD 102 Demo
No ratings yet
MD 102 Demo
6 pages
MS-102 Exam Part 2
No ratings yet
MS-102 Exam Part 2
47 pages
Az 800
No ratings yet
Az 800
162 pages
AZ-104 Exam - Free Actual Q&As, Page 3 - ExamTopics
No ratings yet
AZ-104 Exam - Free Actual Q&As, Page 3 - ExamTopics
6 pages
Microsoft MB-210 Exam Dumps With Latest MB-210 PDF
No ratings yet
Microsoft MB-210 Exam Dumps With Latest MB-210 PDF
10 pages
az-104_2
No ratings yet
az-104_2
57 pages
Microsoft AZURE® AZ-104 Administrator Practice Tests
From Everand
Microsoft AZURE® AZ-104 Administrator Practice Tests
iCertify Training
No ratings yet
Microsoft Certified: Power BI Data Analyst Associate PL 300 Practice Tests
From Everand
Microsoft Certified: Power BI Data Analyst Associate PL 300 Practice Tests
CertSquad Professional Trainers
No ratings yet
Graylog Deployment
No ratings yet
Graylog Deployment
3 pages
User Manual Telecare Ip Log Viewer: TD 92933en
No ratings yet
User Manual Telecare Ip Log Viewer: TD 92933en
28 pages
Chapter Four - Memory Managment
No ratings yet
Chapter Four - Memory Managment
16 pages
Offboard Storage Guide: Ibm Security Qradar
No ratings yet
Offboard Storage Guide: Ibm Security Qradar
54 pages
04-Linux Shell Scripting
No ratings yet
04-Linux Shell Scripting
57 pages
Kindly Note: MS Office-365 Credentials & window/OS Activation Procedures Are Being Shared With You
No ratings yet
Kindly Note: MS Office-365 Credentials & window/OS Activation Procedures Are Being Shared With You
8 pages
Dse Configuration Suite PC Software Installation Operation Manual
No ratings yet
Dse Configuration Suite PC Software Installation Operation Manual
38 pages
Multi-Store Operations Manual
No ratings yet
Multi-Store Operations Manual
86 pages
Drools Workbench Installation Notes
No ratings yet
Drools Workbench Installation Notes
4 pages
Operating System Questions With Their Answer
No ratings yet
Operating System Questions With Their Answer
14 pages
1127-Form8LLP A PDF
No ratings yet
1127-Form8LLP A PDF
1 page
Milos Radosevic - CV 2017 PDF
No ratings yet
Milos Radosevic - CV 2017 PDF
1 page
How To Connect To A VPN
No ratings yet
How To Connect To A VPN
3 pages
L-Series With Vspace For Linux: Updated: April 19, 2011 2011
No ratings yet
L-Series With Vspace For Linux: Updated: April 19, 2011 2011
24 pages
Mainframe Hands-On Exercises For IBMers Part One
No ratings yet
Mainframe Hands-On Exercises For IBMers Part One
43 pages
QUARC Installation Guide
50% (2)
QUARC Installation Guide
80 pages
Mastering CMake 118 270
No ratings yet
Mastering CMake 118 270
463 pages
Jlink Error
No ratings yet
Jlink Error
67 pages
Distributed System - Question Bank.
No ratings yet
Distributed System - Question Bank.
4 pages
FIFA Mod Manager Log20240703
No ratings yet
FIFA Mod Manager Log20240703
12 pages
Exam ITI DB
No ratings yet
Exam ITI DB
8 pages
Unit 1
No ratings yet
Unit 1
6 pages
1553-Cxa1170050 5-V3uen.b.
No ratings yet
1553-Cxa1170050 5-V3uen.b.
25 pages
OneDrive Problem and Solutions PDF
No ratings yet
OneDrive Problem and Solutions PDF
2 pages
How To Install - Silicon
No ratings yet
How To Install - Silicon
2 pages
AWS S3 - Integration - of - SFG
No ratings yet
AWS S3 - Integration - of - SFG
8 pages
Ibm Rs G8124e
No ratings yet
Ibm Rs G8124e
40 pages
Firmware NEXUS - 06 - 01 - 00.12 Is Available: For HP Latex 3x5 Printer Series
No ratings yet
Firmware NEXUS - 06 - 01 - 00.12 Is Available: For HP Latex 3x5 Printer Series
4 pages