Managing Modern Desktops v1.0 (MD-101)

HOTSPOT -
Your company has an infrastructure that has the following:
✑ A Microsoft 365 tenant
✑ An Active Directory forest
✑ Microsoft Intune
✑ A Key Management Service (KMS) server
✑ A Windows Deployment Services (WDS) server
A Microsoft Azure Active Directory (Azure AD) Premium tenant

Your company purchases new computers that run Windows 10. The computers have cameras that support Windows Hello for Business.
You configure the Windows Hello for Business Group Policy settings as shown in the following exhibit.

You have 10 computers that run Windows 8.1 and have the following configurations:
✑ A single MBR disk
✑ A disabled TPM chip
✑ Disabled hardware virtualization
✑ UEFI firmware running in BIOS mode
✑ Enabled Data Execution Prevention (DEP)
You plan to upgrade the computers to Windows 10.
You need to ensure that the computers can use Secure Boot.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Your network contains an Active Directory domain. The domain contains 2,000 computers that run Windows 10.
You implement hybrid Microsoft Azure Active Directory (Azure AD) and Microsoft Intune.
You need to automatically register all the existing computers to Azure AD and enroll the computers in Intune. The solution must minimize administrative effort.
What should you use?

HOTSPOT -
Your network contains an Active Directory domain. The domain contains computers that run Windows 10 and are enrolled in Microsoft Intune. Updates are deployed by using Windows Update for Business.
Users in a group named Group1 must meet the following requirements:
✑ Update installations must occur any day only between 00:00 and 05:00.
✑ Updates must be downloaded from Microsoft and from other company computers that already downloaded the updates.
You need to configure the Windows 10 Update Rings settings in Intune to meet the requirements.
Which two settings should you modify? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Your network contains an Active Directory domain named contoso.com.
You create a provisioning package named Package1 as shown in the following exhibit.

HOTSPOT -
You have computers that run Windows 10 and are configured by using Windows Autopilot.
A user performs the following tasks on a computer named Computer1:
✑ Creates a VPN connection to the corporate network
✑ Installs a Microsoft Store app named App1
✑ Connects to a Wi-Fi network
You perform a Windows Autopilot Reset on Computer1.
What will be the state of the computer when the user signs in? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

HOTSPOT -
Your network contains an Active Directory domain named constoso.com that is synced to Microsoft Azure Active Directory (Azure AD). All computers are enrolled in Microsoft Intune.
The domain contains the computers shown in the following table.

You have the 64-bit computers shown in the following table.

You have 200 computers that run Windows 10. The computers are joined to Microsoft Azure Active Directory (AD) and enrolled in Microsoft Intune.
You need to enable self-service password reset on the sign-in screen.
Which settings should you configure from the Microsoft Endpoint Manager admin center?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Windows Update for Business.
The research department has several computers that have specialized hardware and software installed.
You need to prevent the video drivers from being updated automatically by using Windows Update.
Solution: From the Device Installation and Restrictions settings in a Group Policy object (GPO), you enable Prevent installation of devices using drivers that match these device setup classes, and then you enter the device GUID.
Does this meet the goal?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Windows Update for Business.
The research department has several computers that have specialized hardware and software installed.
You need to prevent the video drivers from being updated automatically by using Windows Update.
Solution: From the Settings app, you clear the Give me updates for other Microsoft products when I update Windows check box.
Does this meet the goal?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Windows Update for Business.
The research department has several computers that have specialized hardware and software installed.
You need to prevent the video drivers from being updated automatically by using Windows Update.
Solution: From the Device Installation settings in a Group Policy object (GPO), you enable Specify search order for device driver source locations, and then you select Do not search Windows Update.
Does this meet the goal?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to ensure that feature and quality updates install automatically during a maintenance window.
Solution: In Group policy, from the Windows Update settings, you enable Configure Automatic Updates, select 3 ג€" Auto download and notify for Install, and then enter a time.
Does this meet the goal?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have 20 computers that run Windows 10 and are joined to Microsoft Azure Active Directory (Azure AD).
You plan to replace the computers with new computers that run Windows 10. The new computers will be joined to Azure AD.
You need to ensure that the desktop background, the favorites, and the browsing history are available on the new computers.
Solution: You configure Enterprise State Roaming.
Does this meet the goal?