Microsoft MD-102 시험

Question No : 1

You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You have a Windows 11 device named Device1 that is enrolled in Intune. Device1 has been offline for 30 days.
You need to remove Device1 from Intune immediately. The solution must ensure that if the device checks in again, any apps and data provisioned by Intune are removed. User-installed apps, personal data, and OEM-installed apps must be retained.
What should you use?

• A.a Delete action
• B.a Retire action
• C.a Fresh Start action
• D.an Autopilot Reset action

답을 확인하기

정답:
Explanation:
A retire action removes a device from Intune management and removes any apps and data provisioned by Intune. User-installed apps, personal data, and OEM-installed apps are retained. A retire action can be performed on devices that are offline for more than 30 days.
Reference: https://docs.microsoft.com/en-us/mem/intune/remote-actions/devices-wipe

Question No : 2

You have a Microsoft 365 subscription.
You have 10 computers that run Windows 10 and are enrolled in mobile device management (MDM).
You need to deploy the Microsoft 36S Apps for enterprise suite to all the computers.
What should you do?

• A.From the Microsoft Intune admin center, create a Windows 10 device profile.
• B.From Azure AD, add an app registration.
• C.From Azure A
• D.add an enterprise application.
• E.From the Microsoft Intune admin center, add an app.

답을 확인하기

정답:
Explanation:
To deploy Microsoft 365 Apps for enterprise to Windows 10 devices that are enrolled in Intune, you need to add an app of type “Windows 10 app (Win32)” in the Microsoft Intune admin center and configure the app settings. You can then assign the app to groups of users or devices.
Reference: https://docs.microsoft.com/en-us/mem/intune/apps/apps-win32-app-management

Question No : 3

HOTSPOT
You have a Microsoft 365 subscription.
All users have Microsoft 365 apps deployed.
You need to configure Microsoft 365 apps to meet the following requirements:
• Enable the automatic installation of WebView2 Runtime.
• Prevent users from submitting feedback.
Which two settings should you configure in the Microsoft 365 Apps admin center? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:

Question No : 4

You have a Microsoft 365 E5 subscription that contains a user named User! and a web app named Appl.
App1 must only accept modern authentication requests.
You plan to create a Conditional Access policy named CAPolicy1 that will have the following settings:
• Assignments
° Users or workload identities: User1
° Cloud apps or actions: App1
• Access controls
° Grant: Block access
You need to block only legacy authentication requests to Appl.
Which condition should you add to CAPolicy1?

• A.Filter for devices
• B.Device platforms
• C.User risk
• D.Sign-in risk
• E.Client apps

답을 확인하기

정답:
Explanation:
you can use the client apps condition to block legacy authentication requests to App11. Legacy authentication is a term that refers to authentication protocols that do not support modern authentication features such as multi-factor authentication or conditional access2. Examples of legacy authentication protocols include Basic Authentication, Digest Authentication, NTLM, and Kerberos2. To block legacy authentication requests, you need to configure the client apps condition to include Other clients, which covers any client that uses legacy authentication protocols13.
Reference:
1: Conditional Access: Block legacy authentication | Microsoft Learn https://learn.microsoft.com/en-us/mem/identity-protection/conditional-access/block-legacy-authentication
2: What is legacy authentication? | Microsoft Learn https://learn.microsoft.com/en-us/mem/identity-protection/conditional-access/legacy-authentication
3: Client apps condition in Azure Active Directory Conditional Access | Microsoft Learn https://learn.microsoft.com/en-us/mem/identity-protection/conditional-access/client-apps-condition

Question No : 5

You have a Microsoft 365 E5 subscription that contains 100 iOS devices enrolled in Microsoft Intune.
You need to deploy a custom line-of-business (LOB) app to the devices by using Intune.
Which extension should you select for the app package file?

• A..intunemac
• B.apk
• C.jpa
• D..appx

답을 확인하기

정답:
Explanation:
iOS/iPadOS LOB apps: Select Line-of-business app as the app type, select the App package file, and then enter an iOS/iPadOS installation file with the extension .ipa.
Reference: https://docs.microsoft.com/en-us/mem/intune/apps/apps-add

Question No : 6

You have a Microsoft Intune subscription.
You have devices enrolled in intune as shown in the following table.



An app named App1 is installed on each device.
What is the minimum number of app configuration policies required to manage Appl ?

• A.1
• B.2
• C.3
• D.4
• E.5

답을 확인하기

정답:
Explanation:
The correct answer is B because you need to create two app configuration policies for managed devices, one for iOS/iPadOS devices and one for Android devices1. App configuration policies let you customize the settings of apps for iOS/iPadOS or Android devices1. The settings are assigned to user groups and applied when the app runs1. The app developer or supplier provides the configuration settings (keys and values) that are exposed to Intune1. You can’t use a single app configuration policy for both iOS/iPadOS and Android devices because they have different configuration settings2.
Reference:
1: App configuration policies for Microsoft Intune | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
2: Add app configuration policies for managed iOS/iPadOS devices | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-use-ios

Question No : 7

You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You plan to deploy two apps named App1 and App2 to all Windows devices. Appl must be installed before App2.
From the Intune admin center, you create and deploy two Windows app (Win32) apps.
You need to ensure that App1 is installed before App2 on every device.
What should you configure?

• A.the App1 deployment configurations
• B.a dynamic device group
• C.a detection rule
• D.the App2 deployment configurations

답을 확인하기

정답:
Explanation:
The correct answer is D because you can configure the dependencies for a Win32 app in the deployment configurations

Question No : 8

HOTSPOT
You have an Azure AD tenant named contoso.com that contains the devices shown in the following table.



AH devices contain an app named App1 and are enrolled in Microsoft Intune.
You need to prevent users from copying data from App1 and pasting the data into other apps.
Which type of policy and how many policies should you create in Intune? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:


Explanation:
Policy type: App protection policy Minimum number of policies:
1 Comprehensive Explanation of Correct Answer Only: The correct answer is app protection policy because it allows you to customize the settings of apps for iOS/iPadOS or Android devices1. One of the settings you can configure is Restrict cut, copy, and paste between other apps, which lets you prevent users from copying data from App1 and pasting the data into other apps

Question No : 9

You have devices enrolled in Microsoft Intune as shown in the following table.



On which devices can you apply app configuration policies?

• A.Device2 only
• B.Device1 and Device2 only
• C.Device3 and Device4 only
• D.Device2, Device3, and Device4 only
• E.Device1, Device2, Device B, and Device4

답을 확인하기

정답:
Explanation:
The correct answer is D because app configuration policies can be applied to managed devices and managed apps1. Managed devices are enrolled and managed by Intune, while managed apps are integrated with Intune App SDK or wrapped using the Intune Wrapping Tool1. Device2, Device3, and Device4 are either enrolled in Intune or have managed apps installed, so they can receive app configuration policies2. Device1 is not enrolled in any MDM solution and does not have any managed apps installed, so it cannot receive app configuration policies2.
Reference:
1: App configuration policies for Microsoft Intune | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
2: Policy sets - Microsoft Intune | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/fundamentals/policy-sets

Question No : 10

DRAG DROP
You have a Microsoft 365 E5 subscription and a computer that runs Windows 11.
You need to create a customized installation of Microsoft 365 Apps for enterprise.
Which four actions should you perform in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.

답을 확인하기

정답:


Explanation:

Question No : 11

Topic 3, Mix Question

HOTSPOT
You have a Microsoft 365 subscription.
You use Microsoft Intune Suite to manage devices.
You have the iOS app protection policy shown in the following exhibit.



Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point,

답을 확인하기

정답:


Explanation:
Box 1 = PIN only
Box 2 = reset the PIN app
iOS/iPadOS app protection policy settings - Microsoft Intune | Microsoft Learn https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-ios

Question No : 12

You need to meet the device management requirements for the developers.
What should you implement?

• A.folder redirection
• B.Enterprise State Roaming
• C.home folders
• D.known folder redirection in Microsoft OneDrive

답을 확인하기

정답:
Explanation:
Litware identifies the following device management requirements:
Ensure that Microsoft Edge Favorites are accessible from all computers to which the developers sign in.
Enterprise State Roaming allows for the synchronization of Microsoft Edge browser setting, including favorites and reading list, across devices.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/devices/enterprise-state-roaming-windows-settings-reference

Question No : 13

What should you upgrade before you can configure the environment to support co-management?

• A.the domain functional level
• B.Configuration Manager
• C.the domain controllers
• D.Windows Server Update Services (WSUS)

답을 확인하기

정답:
Explanation:
Reference: https://docs.microsoft.com/en-us/sccm/comanage/tutorial-co-manage-clients

Question No : 14

HOTSPOT
You need to meet the technical requirements for Windows AutoPilot.
Which two settings should you configure from the Azure Active Directory blade? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:


Explanation:
Reference: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot-reset

Question No : 15

HOTSPOT
You need to recommend a solution to meet the device management requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:


Explanation:
Reference:
https://github.com/MicrosoftDocs/IntuneDocs/blob/master/intune/app-protection-policy.md
https://docs.microsoft.com/en-us/azure/information-protection/configure-usage-rights#do-not-forward-option-for-emails