Topic 4: Mix Question
You have a Microsoft 365 E5 subscription that uses Microsoft Intune.
You add apps to Intune as shown in the following table.
You need to create an app configuration policy named Policy1 for the Android Enterprise platform.
Which apps can you manage by using Policyl1?
A.
App2 only
B.
App3 only
C.
App1 and App3 only
D.
App2 and App3 only
E.
App1, App2, and App3
App2 and App3 only
Your network contains an Active Directory domain. The domain contains a user named Admin1. All computers run Windows 10.
You enable Windows PowerShell remoting on the computers.
You need to ensure that Admin1 can establish remote PowerShell connections to the computers. The solution must use the principle of least privilege.
To which group should you add Admin1?
A.
Access Control Assistance Operators
B.
Remote Desktop Users
C.
Power Users
D.
Remote Management Users
Remote Desktop Users
Your company has an Azure AD tenant named contoso.com that contains several Windows 10 devices.
When you join new Windows 10 devices to contoso.com, users are prompted to set up a four-digit pin.
You need to ensure that the users are prompted to set up a six-digit pin when they join the Windows 10 devices to contoso.com.
Solution: From the Microsoft Entra admin center, you configure automatic mobile device management (MDM) enrollment. From the Microsoft Intune admin center, you create and assign a device restrictions profile.
Does this meet the goal?
A.
Yes
B.
No
No
You have a Microsoft Intune subscription.
You have devices enrolled in intune as shown in the following table.
An app named App1 is installed on each device.
What is the minimum number of app configuration policies required to manage Appl?
A.
1
B.
2
C.
3
D.
4
E.
5
2
Explanation: The correct answer is B because you need to create two app configuration policies for managed devices, one for iOS/iPadOS devices and one for Android devices1. App configuration policies let you customize the settings of apps for iOS/iPadOS or Android devices1. The settings are assigned to user groups and applied when the app runs
1. The app developer or supplier provides the configuration settings (keys and values) that are exposed to Intune1. You can’t use a single app configuration policy for both iOS/iPadOS and Android devices because they have different configuration settings2.
References:
1: App configuration policies for Microsoft Intune | Microsoft Learn
https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
2: Add app configuration policies for managed iOS/iPadOS devices | Microsoft Learn
https://learn.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-use-ios
You have the Microsoft Deployment Toolkit (MDT) installed.
You install and customize Windows 11 on a reference computer
You need to capture an image of the reference computer and ensure that the image can be deployed to multiple computers.
Which command should you run before you capture the image?
A.
dism
B.
wpeinit
C.
sysprep
D.
bcdedit
sysprep
Explanation: To capture an image of a reference computer and make it ready for deployment to multiple computers, you need to run the sysprep command with the /generalize option. This option removes all unique system information from the Windows installation, such as the computer name, security identifier (SID), and driver cache. The other commands are not used for this purpose. References: Sysprep (Generalize) a Windows installation.
You have a Microsoft 365 E5 subscription that contains 100 iOS devices enrolled in Microsoft Intune.
You need to deploy a custom line-of-business (LOB) app to the devices by using Intune.
Which extension should you select for the app package file?
A.
.intunemac
B.
apk
C.
jpa
D.
.appx
jpa
Explanation:
iOS/iPadOS LOB apps: Select Line-of-business app as the app type, select the App package file, and then enter an iOS/iPadOS installation file with the extension .ipa.
Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/apps-add
You have the on-premises servers shown in the following table.
Your company has a computer named Computer1 that runs Windows 10.
Computed was used by a user who left the company.
You plan to repurpose Computer1 and assign the computer to a new user.
You need to redeploy Computer1 by using Windows Autopilot.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to implement mobile device management (MDM) for personal devices that run Windows 11. The solution must meet the following requirements:
• Ensure that you can manage the personal devices by using Microsoft Intune.
• Ensure that users can access company data seamlessly from their personal devices.
• Ensure that users can only sign in to their personal devices by using their personal account
What should you use to add the devices to Azure AD?
A.
Azure AD registered
B.
hybrid Azure AD join
C.
AD joined
Azure AD registered
Explanation:
To implement MDM for personal devices that run Windows 11, you should use Azure AD registered. Azure AD registered devices are devices that are connected to your organization’s resources using a personal device and a personal account. You can manage these devices by using Microsoft Intune and enable seamless access to company data. Users can only sign in to their personal devices by using their personal account, not their organizational account. Azure AD registered devices support Windows 10 or newer, iOS, Android, macOS, and Ubuntu 20.04/22.04 LTS1.
The other options are not suitable for this scenario because:
Hybrid Azure AD join is for corporate-owned and managed devices that are joined to both on-premises Active Directory and Azure AD. Users can sign in to these devices by using their organizational account that exists in both directories2. AD joined is for devices that are joined only to on-premises Active Directory. These devices are not managed by Microsoft Intune and do not have access to cloud resources3.
References: What are Azure AD registered devices?, What are hybrid Azure AD joined devices?, What is an Active Directory domain join?
In Microsoft Intune, you have the device compliance policies shown in the following table.
You have a server named Server1 and computers that run Windows 8.1. Server1 has the Microsoft Deployment Toolkit (MDT) installed.
You plan to upgrade the Windows 8.1 computers to Windows 10 by using the MDT deployment wizard.
You need to create a deployment share on Server1.
What should you do on Server1, and what are the minimum components you should add to the MDT deployment share? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft Intune subscription.
You are creating a Windows Autopilot deployment profile named Profile1 as shown in the following exhibit.
| Page 11 out of 27 Pages |
| Previous |