Skip Navigation Links
 

Microsoft - MD-101: Managing Modern Desktops

Sample Questions

Question: 180
Measured Skill: Manage and protect devices (15-20%)

You use Microsoft Endpoint Manager to manage Windows 10 devices. You are designing a reporting solution that will provide reports on the following:
  • Compliance policy trends
  • Trends in device and user enrolment
  • App and operating system version breakdowns of mobile devices
You need to recommend a data source and a data visualization tool for the design.

What should you recommend?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AData source: Audit logs in Azure Active Directory
Data visualization tool: Azure Portal
B Data source: Audit logs in Azure Active Directory
Data visualization tool: Azure Data Studio
C Data source: Audit logs in Microsoft Intune
Data visualization tool: Microsoft Power BI
D Data source: Audit logs in Microsoft Intune
Data visualization tool: Azure Data Studio
E Data source: Azure Synapse Analytics
Data visualization tool: Azure Portal
F Data source: Microsoft Intune Data Warehouse
Data visualization tool: Microsoft Power BI

Correct answer: F

Explanation:

Use the Intune Data Warehouse to build reports that provide insight into your enterprise mobile environment. For example, some of the reports include:

  • Trend of users enrolling in Intune so you can optimize your license purchases
  • App and OS versions breakdown so you can review that status of mobile devices
  • Enrollment and device compliance trends so you can smoothly roll out policy updates

You can use the Power BI Compliance app to load interactive, dynamically generated reports for your Intune tenant. Additionally, you can load your tenant data in Power BI using the OData link. Intune provides connection settings to your tenant so that you can view the following sample reports and charts related to:

  • Devices
  • Enrollment
  • App protection policy
  • Compliance policy
  • Device configuration profiles
  • Software updates
  • Device inventory logs

There are also trends highlighted for the enrollment, compliance, device configuration profile, and software updates. Sample charts and reports apply user-friendly filters to the canvas.

References:

Use the Microsoft Intune Data Warehouse

Connect to the Data Warehouse with Power BI



Question: 181
Measured Skill: Manage and protect devices (15-20%)

Your company has 1,000 Windows 10 devices that are enrolled in Windows Analytics.

You need to view the following information:
  • The number of devices that are vulnerable to Spectre and Meltdown vulnerabilities.
  • The number of devices that have Windows Defender real-time protection turned off.
Which Windows Analytics solutions should you use?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AThe number of devices that are vulnerable to Spectre and Meltdown vulnerabilities: Device Health
The number of devices that have Windows Defender real-time protection turned off: Device Health
B The number of devices that are vulnerable to Spectre and Meltdown vulnerabilities: Device Health
The number of devices that have Windows Defender real-time protection turned off: Update Compliance
C The number of devices that are vulnerable to Spectre and Meltdown vulnerabilities: Update Compliance
The number of devices that have Windows Defender real-time protection turned off: Update Compliance
D The number of devices that are vulnerable to Spectre and Meltdown vulnerabilities: Update Compliance
The number of devices that have Windows Defender real-time protection turned off: Upgrade Readiness
E The number of devices that are vulnerable to Spectre and Meltdown vulnerabilities: Upgrade Readiness
The number of devices that have Windows Defender real-time protection turned off: Device Health
F The number of devices that are vulnerable to Spectre and Meltdown vulnerabilities: Upgrade Readiness
The number of devices that have Windows Defender real-time protection turned off: Upgrade Readiness

Correct answer: A

Explanation:

Windows Analytics is the suite name following the original release of Upgrade readiness. The suite adds Device Health and Update Compliance under the same roof. Depending on the environment each sub-product will provide key information for end-user computer admins.

Upgrade readiness can help assess applications and drivers compatibility prior to migrate from Windows 7/8.1 to Windows 10, or even from one Windows 10 build to another.

Device Health provides extra information for admins to review various crash and health information within their environment.

Update compliance provides a way to track how updates and upgrades are doing in the environment. This will be particularly useful when mixed with Windows Update for Business.

All of the Windows Analytics features sit on Log Analytic from Azure.

Note: The Windows Analytics service is retired as of January 31, 2020. Desktop Analytics is the evolution of Windows Analytics.

For more information, see What is Desktop Analytics?



Question: 182
Measured Skill: Manage policies and profiles (35-40%)

In Microsoft Intune, you have the device compliance policies shown in the following table.



The Intune compliance policy settings are configured as shown in the following exhibit.



On June 1, you enroll Windows 10 devices in Intune as shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AOn June 4, Device1 is marked as compliant: Yes
On June 6, Device1 is marked as compliant: Yes
On June 9, Device2 is marked as compliant: Yes
B On June 4, Device1 is marked as compliant: Yes
On June 6, Device1 is marked as compliant: Yes
On June 9, Device2 is marked as compliant: No
C On June 4, Device1 is marked as compliant: No
On June 6, Device1 is marked as compliant: Yes
On June 9, Device2 is marked as compliant: No
D On June 4, Device1 is marked as compliant: No
On June 6, Device1 is marked as compliant: Yes
On June 9, Device2 is marked as compliant: Yes
E On June 4, Device1 is marked as compliant: No
On June 6, Device1 is marked as compliant: No
On June 9, Device2 is marked as compliant: Yes
F On June 4, Device1 is marked as compliant: No
On June 6, Device1 is marked as compliant: No
On June 9, Device2 is marked as compliant: No

Correct answer: F

Explanation:

Device1 is a member of Group1, which has Policy1 applied. Policy1 applies to Windows 8.1 and later but not to Windows 10 devices. Devices with no compliance policy assigned are marked as not compliant. Device1 will never be marked as compliant.

Device2 is a member of Group2, which has Policy2 and Policy3 applied. Device2 is compliant to Policy2 but not compliant to Policy3 (BitLocker is not enabled). When a device has multiple compliance policies, then the highest severity level of all the policies is assigned to that device.

Reference: Create a compliance policy in Microsoft Intune

Question: 183
Measured Skill: Manage policies and profiles (35-40%)

You have a Microsoft 365 subscription. You have 25 Microsoft Surface Hub devices that you plan to manage by using Microsoft Endpoint Manager.

You need to configure the devices to meet the following requirements:
  • Enable Windows Hello for Business.
  • Configure Microsoft Defender SmartScreen to block users from running unverified files.
Which profile types should you configure?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AWindows Hello for Business: Device restrictions
Windows Defender SmartScreen: Device restrictions
B Windows Hello for Business: Device restrictions (Windows 10 Team)
Windows Defender SmartScreen: Microsoft Defender ATP (Windows 10 Desktop)
C Windows Hello for Business: Endpoint protection
Windows Defender SmartScreen: Endpoint protection
D Windows Hello for Business: Endpoint protection
Windows Defender SmartScreen: Identity protection
E Windows Hello for Business: Identity protection
Windows Defender SmartScreen: Endpoint protection
F Windows Hello for Business: Microsoft Defender ATP (Windows 10 Desktop)
Windows Defender SmartScreen: Device restrictions

Correct answer: E

Explanation:

Surface Hub has been validated with Microsoft's first-party MDM providers:

  • Microsoft Intune standalone
  • On-premises MDM with Microsoft Endpoint Configuration Manager

You can also manage Surface Hubs using any third-party MDM provider that can communicate with Windows 10 using the MDM protocol.

Windows Hello for Business can be enbaled by use of an Identity Protection configuration policy.



Microsoft Defender Smartscreen can be configured by use of an Endpoint Protection configuration Policy.



Question: 184
Measured Skill: Manage and protect devices (15-20%)

You have a Microsoft 365 subscription. You plan to enroll devices in Microsoft Endpoint Manager that have the platforms and versions shown in the following table.



You need to configure device enrollment to meet the following requirements:
  • Ensure that only devices that have approved platforms and versions can enroll in Endpoint Manager.
  • Ensure that devices are added to Microsoft Azure Active Directory (Azure AD) groups based on a selection made by users during the enrollment.
Which device enrollment setting should you configure for each requirement?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AEnsure that only devices that have approved ... can enroll in Endpoint Manager: Android enrollment
Ensure that devices are added to Microsoft ... by users during the enrollment: Apple enrollment
B Ensure that only devices that have approved ... can enroll in Endpoint Manager: Apple enrollment
Ensure that devices are added to Microsoft ... by users during the enrollment: Android enrollment
C Ensure that only devices that have approved ... can enroll in Endpoint Manager: Corporate device identifiers
Ensure that devices are added to Microsoft ... by users during the enrollment: Windows Enrollment
D Ensure that only devices that have approved ... can enroll in Endpoint Manager: Device categories
Ensure that devices are added to Microsoft ... by users during the enrollment: Corporate device identifiers
E Ensure that only devices that have approved ... can enroll in Endpoint Manager: Enrollment restrictions
Ensure that devices are added to Microsoft ... by users during the enrollment: Device categories
F Ensure that only devices that have approved ... can enroll in Endpoint Manager: Windows Enrollment
Ensure that devices are added to Microsoft ... by users during the enrollment: Enrollment restrictions

Correct answer: E

Explanation:

Device type enrollment restrictions allow to specify the platform configuration restrictions that must be met for a device to enroll.



Device categories allow to add devices to groups based on selection made by users during enrollment.



References:

Set enrollment restrictions

Categorize devices into groups



 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2021 by cert2brain.com