Skip Navigation Links
 

Microsoft - MD-101: Managing Modern Desktops

Sample Questions

Question: 166
Measured Skill: Deploy and update operating systems (15-20%)

Your network contains an on-premises Active Directory forest named contoso.com that syncs to Azure Active Directory (Azure AD). Azure AD contains the users shown in the following table.



You assign Windows 10 Enterprise E5 licenses to Group1 and User2.

You add computers to the network as shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AIf User1 signs in to Computer1, Computer1 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
If User2 signs in to Computer2, Computer2 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
If User2 signs in to Computer3, Computer3 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
B If User1 signs in to Computer1, Computer1 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
If User2 signs in to Computer2, Computer2 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
If User2 signs in to Computer3, Computer3 will be upgraded to Windows 10 Enterprise E5 automatically: No
C If User1 signs in to Computer1, Computer1 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
If User2 signs in to Computer2, Computer2 will be upgraded to Windows 10 Enterprise E5 automatically: No
If User2 signs in to Computer3, Computer3 will be upgraded to Windows 10 Enterprise E5 automatically: No
D If User1 signs in to Computer1, Computer1 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
If User2 signs in to Computer2, Computer2 will be upgraded to Windows 10 Enterprise E5 automatically: No
If User2 signs in to Computer3, Computer3 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
E If User1 signs in to Computer1, Computer1 will be upgraded to Windows 10 Enterprise E5 automatically: No
If User2 signs in to Computer2, Computer2 will be upgraded to Windows 10 Enterprise E5 automatically: No
If User2 signs in to Computer3, Computer3 will be upgraded to Windows 10 Enterprise E5 automatically: Yes
F If User1 signs in to Computer1, Computer1 will be upgraded to Windows 10 Enterprise E5 automatically: No
If User2 signs in to Computer2, Computer2 will be upgraded to Windows 10 Enterprise E5 automatically: No
If User2 signs in to Computer3, Computer3 will be upgraded to Windows 10 Enterprise E5 automatically: No

Correct answer: B

Explanation:

Starting with Windows 10, version 1703 Windows 10 Pro supports the Subscription Activation feature, enabling users to “step-up” from Windows 10 Pro to Windows 10 Enterprise automatically if they are subscribed to Windows 10 Enterprise E3 or E5.

With Windows 10, version 1903 the Subscription Activation feature also supports the ability to step-up from Windows 10 Pro Education to the Enterprise grade edition for educational institutions – Windows 10 Education.

For Microsoft customers with Enterprise Agreements (EA) or Microsoft Products & Services Agreements (MPSA), you must have the following:
  • Windows 10 (Pro or Enterprise) version 1703 or later installed on the devices to be upgraded.
  • Azure Active Directory (Azure AD) available for identity management.
  • Devices must be Azure AD-joined or Hybrid Azure AD joined. Workgroup-joined or Azure AD registered devices are not supported.
How it works
When a licensed user signs in to a device that meets requirements using their Azure AD credentials, the operating system steps up from Windows 10 Pro to Windows 10 Enterprise (or Windows 10 Pro Education to Windows 10 Education) and all the appropriate Windows 10 Enterprise/Education features are unlocked. When a user’s subscription expires or is transferred to another user, the device reverts seamlessly to Windows 10 Pro / Windows 10 Pro Education edition, once current subscription validity expires.

Reference: Windows 10 Subscription Activation

Question: 167
Measured Skill: Deploy and update operating systems (15-20%)

Each employee at your company has a computer that runs Windows 10. You plan to monitor the computers by using the Update Compliance solution.

You create the required resources in Azure.

You need to configure the computers to send enhanced Update Compliance data.

Which two Group Policy settings should you configure?

(To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AAllow Desktop Analytics Processing
B Allow Telemetry
C Allow Update Compliance Processing
D Configure the Commercial ID
E Configure telemetry opt-in setting user interface
F Allow device name to be sent in Windows diagnostic data

Correct answer: B, F

Explanation:

Update Compliance is offered as an Azure Marketplace application which is linked to a new or existing Azure Log Analytics workspace within your Azure subscription.

All Group Policies that need to be configured for Update Compliance are under Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds. All of these policies must be in the Enabled state and set to the defined Value below.



To configure Computer1 to send enhanced update compliance data, we need to set "Allow Telemetry" to "2 - Enhanced" and enable "Allow device name to be sent in Windows diagnostic data".

The Commercial ID is used to correlate the transmitted data and with "Configure telemetry opt-in setting user interface" configuration changes by end users can be prevented. These two policies have no effect on the amount of collected data to be sent.

References:

Use Update Compliance

Manually Configuring Devices for Update Compliance

Question: 168
Measured Skill: Manage policies and profiles (35-40%)

You are licensed for Microsoft Endpoint Manager. You use Microsoft System Center Configuration Manager and Microsoft Intune.

You have devices enrolled in Configuration Manager as shown in the following table.



In Configuration Manager, you enable co-management and configure the following settings:
  • Automatic enrollment in Intune: Pilot
  • Intune Auto Enrollment: Collection1
In Configuration Manager, you configure co-management staging to have the following settings:
  • Compliance policies: Collection2
  • Device Configuration: Collection1
In Configuration Manager, you configure co-management workloads as shown in the following exhibit.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(To answer, select the appropriate objects in the answer area. Each correct selection is worth one point.)

www.cert2brain.com

AYou can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device1: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device2: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device3: Yes
B You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device1: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device2: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device3: No
C You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device1: No
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device2: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device3: No
D You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device1: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device2: No
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device3: Yes
E You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device1: No
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device2: Yes
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device3: Yes
F You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device1: No
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device2: No
You can use the Microsoft Endpoint Manager admin center to monitor the compliance status of Device3: No

Correct answer: E

Explanation:

The "Automatic enrollment in Intune" option is set to "Pilot". Only Configuration Manager clients that are members of the pilot collection are automatically registered with Intune. The pilot collection is set using the "Intune Auto Enrollment" option, which is set to "Collection1".

On the "Staging" tab, pilot collections can be defined for individual workloads. Collection2 is specified as a pilot group for compliance policies.

The compliance of devices that are a member of the Compliance Policies pilot collection is managed by Intune. The pilot collection for "Compliance Policies" is specified with Collection2. Compliance for computers that are members of Collection2 is managed by Intune. The compliance of all other devices is managed by Microsoft System Center Configuration Manager.

Reference: Enable co-management in Configuration Manager

Question: 169
Measured Skill: Deploy and update operating systems (15-20%)

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You plan to use Windows Autopilot to configure the Windows 10 devices shown in the following table.



Which devices can be configured by using Windows Autopilot self-deploying mode?

ADevice2 and Device3 only
B Device3 only
C Device2 only
D Device1, Device2, and Device3

Correct answer: B

Explanation:

Windows Autopilot self-deploying mode enables a device to be deployed with little to no user interaction. For devices with an Ethernet connection, no user interaction is required; for devices connected via Wi-fi, no interaction is required after making the Wi-fi connection (choosing the language, locale, and keyboard, then making a network connection).

Self-deploying mode joins the device into Azure Active Directory, enrolls the device in Intune (or another MDM service) leveraging Azure AD for automatic MDM enrollment, and ensures that all policies, applications, certificates, and networking profiles are provisioned on the device, leveraging the enrollment status page to prevent access to the desktop until the device is fully provisioned.

Because self-deploying mode uses a device’s TPM 2.0 hardware to authenticate the device into an organization’s Azure AD tenant, devices without TPM 2.0 cannot be used with this mode. The devices must also support TPM device attestation. (All newly-manufactured Windows devices should meet these requirements.)

Reference: Windows Autopilot Self-Deploying mode

Question: 170
Measured Skill: Manage apps and data (25-30%)

You have a Microsoft Intune subscription.

You have devices enrolled in Intune as shown in the following table.



An app named App1 is installed on each device.

What is the minimum number of app configuration policies required to manage App1?

A1
B 2
C 3
D 4
E 5

Correct answer: B

Explanation:

App configuration policies can help you eliminate app setup up problems by letting you assign configuration settings to a policy that is assigned to end-users before they run the app. The settings are then supplied automatically when the app is configured on the end-users device, and end-users don't need to take action. The configuration settings are unique for each app.

You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps. These configuration settings allow an app to be customized by using app configuration and management. The configuration policy settings are used when the app checks for these settings, typically the first time the app is run.

An app configuration setting, for example, might require you to specify any of the following details:
  • A custom port number
  • Language settings
  • Security settings
  • Branding settings such as a company logo


Reference: App configuration policies for Microsoft Intune



 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2020 by cert2brain.com