MD-102 Online Practice Questions

Home / Microsoft / MD-102

Latest MD-102 Exam Practice Questions

The practice questions for MD-102 exam was last updated on 2025-04-26 .

Viewing page 1 out of 23 pages.

Viewing questions 1 out of 116 questions.

Question#1

Your company has 200 computers that run Windows 10. The computers are managed by using Microsoft Intune.
Currently, Windows updates are downloaded without using Delivery Optimization. You need to configure the computers to use Delivery Optimization.
What should you create in Intune?
F: a device compliance policy
G: a Windows 10 update ring
H: a device configuration profile
I: an app protection policy

A. C

Explanation:
With Intune, use Delivery Optimization settings for your Windows devices to reduce bandwidth consumption when those devices download applications and updates. Configure Delivery Optimization as part of your device configuration profiles.
Reference: https://docs.microsoft.com/en-us/intune/delivery-optimization-windows

Question#2

You have a Microsoft 365 E5 subscription and 25 Apple iPads.
You need to enroll the iPads in Microsoft Intune by using the Apple Configurator enrollment method.
What should you do first?

A. Configure an Apply MDM push certificate.
B. Add your user account as a device enrollment manager (DEM).
C. Modify the enrollment restrictions.
D. Upload a file that has the device identifiers for each iPad.

Explanation:
Set up iOS/iPadOS device enrollment with Apple Configurator Prerequisites
Physical access to iOS/iPadOS devices
Set MDM authority
An Apple MDM push certificate
Device serial numbers (Setup Assistant enrollment only)
USB connection cables
macOS computer running Apple Configurator 2.0
Note:
Upload and renew your Apple MDM push certificates in Microsoft Intune. An Apple MDM Push certificate is required to manage iOS/iPadOS and macOS devices in Microsoft Intune, and enables devices to enroll via:
The Intune Company Portal app.
Apple bulk enrollment methods, such as the Device Enrollment Program, Apple School Manager, and Apple Configurator.
Certificates must be renewed annually.
Reference: https://learn.microsoft.com/en-us/mem/intune/enrollment/apple-mdm-push-certificate-get

Question#3

You have a Microsoft 365 tenant that contains the devices shown in the following table.



The devices are managed by using Microsoft Intune.
You create a compliance policy named Policy1 and assign Policy1 to Group1. Policy1 is configured to mark a device as Compliant only if the device security settings match the settings specified in the policy.
You discover that devices that are not members of Group1 are shown as Compliant.
You need to ensure that only devices that are assigned a compliance policy can be shown as Compliant. All other devices must be shown as Not compliant.
What should you do from the Microsoft Intune admin center?

A. From Device compliance, configure the Compliance policy settings.
B. From Endpoint security, configure the Conditional access settings.
C. From Tenant administration, modify the Diagnostic settings.
D. From Policy1, modify the actions for noncompliance.

Explanation:
There are two parts to compliance policies in Intune:
Compliance policy settings C Tenant- wide settings that are like a built-in compliance policy that every device receives. Compliance policy settings set a baseline for how compliance policy works in your Intune environment, including whether devices that haven’t received any device compliance policies are compliant or noncompliant.
Device compliance policy C Platform-specific rules you configure and deploy to groups of users or devices.
These rules define requirements for devices, like minimum operating systems or the use of disk encryption.
Devices must meet these rules to be considered compliant.
Reference: https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started

Question#4

You have a Microsoft 365 subscription.
Each user is assigned a Windows 365 Enterprise license.
You need to deploy Cloud PCs that will be Microsoft Entra hybrid joined.
What should you do first?

A. Create an Azure network connection (ANC).
B. Create a provisioning policy.
C. Create a configuration profile in Microsoft Intune.
D. Upload a custom image.

Explanation:
Overview of Windows 365 deployment
After your organization has purchased one or more Windows 365 licenses, the Windows 365 node in Microsoft Intune will become active for management. At this point, you can provision Cloud PCs.
To set up your system to provision on-demand Cloud PCs to your users, follow these steps:

Question#5

HOTSPOT
You have a Microsoft 365 E5 subscription and use Microsoft Intune. The subscription contains a Microsoft Entra tenant that syncs with an on-premises Active Directory Domain Services (AD DS) domain. The tenant has Windows Local Administrator Password Solution (Windows LAPS) enabled.
You have the Windows devices shown in the following table.



You have an Endpoint security policy that is configured as shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:


A. 

Explanation:
Box 1: Yes
Yes - The local administrator password of Device1 will be reset every 30 days.
Device1 is joined to the AD DS domain, and is enrolled in Intune.
You can use Microsoft Intune endpoint security policies for account protection to manage LAPS on devices that have enrolled with Intune. In
Box 2: Yes
Yes - The local administrator password of Device2 will be recoverable from Microsoft Entra ID.
Device2 is Entra hybrid joined.
Intune support for Windows LAPS includes the following capabilities:
- Backup accounts and passwords C You can choose to have devices back up their account and password in either Microsoft Entra ID in the cloud, or your on-premises Active Directory. Passwords are stored using strong encryption.
- Etc.
Cloud C Cloud supports backup to your Microsoft Entra ID for the following scenarios:
-> Microsoft Entra hybrid join
Microsoft Entra join
Box 3: No
Device is not enrolled.
Note: Every Windows machine has a built-in local administrator account that can’t be deleted, and which has full permissions to the device. Securing this account is an important step in securing your organization. Windows devices include Windows Local Administrator Password Solution (LAPS), a built-in solution to help manage local admin accounts.
You can use Microsoft Intune endpoint security policies for account protection to manage LAPS on devices that have enrolled with Intune. Intune policies can:
Enforce password requirements for local admin accounts
Back up a local admin account from devices to your Active Directory (AD) or Microsoft Entra Schedule rotation of those account passwords to help keep them safe.
Reference: https://learn.microsoft.com/en-us/mem/intune/protect/windows-laps-overview

Exam Code: MD-102Q & A: 332 Q&AsUpdated:  2025-04-26

 Get All MD-102 Q&As

Top 20 Exams

CertQuestionsBank doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All CertQuestionsBank content is sourced from the Internet.

Important Links

Know Us

Follow Us

Copyright © 2025 CertQuestionsBank NETWORK CO.,LIMITED. All Rights Reserved.