Managing Modern Desktops v1.0 (MD-101)

Page:    1 / 21   
Total 310 questions

HOTSPOT -
Your company has an infrastructure that has the following:
✑ A Microsoft 365 tenant
✑ An Active Directory forest
✑ Microsoft Intune
✑ A Key Management Service (KMS) server
✑ A Windows Deployment Services (WDS) server
A Microsoft Azure Active Directory (Azure AD) Premium tenant


The company purchases 100 new computers that run Windows 10.
You need to ensure that the new computers are joined automatically to Azure AD by using Windows Autopilot.
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:



Answer :

Reference:
https://docs.microsoft.com/en-us/intune/enrollment-autopilot

Your company purchases new computers that run Windows 10. The computers have cameras that support Windows Hello for Business.
You configure the Windows Hello for Business Group Policy settings as shown in the following exhibit.


What are two valid methods a user can use to sign in? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Facial recognition
  • B. A smartwatch that is Bluetooth-enabled
  • C. A PIN
  • D. A USB key


Answer : AC

Reference:
https://community.windows.com/en-us/stories/windows-sign-in-options https://fossbytes.com/how-to-unlock-windows-10/

You have 10 computers that run Windows 8.1 and have the following configurations:
✑ A single MBR disk
✑ A disabled TPM chip
✑ Disabled hardware virtualization
✑ UEFI firmware running in BIOS mode
✑ Enabled Data Execution Prevention (DEP)
You plan to upgrade the computers to Windows 10.
You need to ensure that the computers can use Secure Boot.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Convert the MBR disk to a GPT disk
  • B. Enable the TPM chip.
  • C. Disable DEP
  • D. Enable hardware virtualization
  • E. Convert the firmware from BIOS to UEFI.


Answer : AE

Reference:
https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/boot-to-uefi-mode-or-legacy-bios-mode

Your network contains an Active Directory domain. The domain contains 2,000 computers that run Windows 10.
You implement hybrid Microsoft Azure Active Directory (Azure AD) and Microsoft Intune.
You need to automatically register all the existing computers to Azure AD and enroll the computers in Intune. The solution must minimize administrative effort.
What should you use?

  • A. An Autodiscover address record.
  • B. A Windows AutoPilot deployment profile.
  • C. An Autodiscover service connection point (SCP).
  • D. A Group Policy object (GPO).


Answer : B

Reference:
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Autopilot-Hybrid-Azure-AD-join-and-automatic/ba-p/286126

HOTSPOT -
Your network contains an Active Directory domain. The domain contains computers that run Windows 10 and are enrolled in Microsoft Intune. Updates are deployed by using Windows Update for Business.
Users in a group named Group1 must meet the following requirements:
✑ Update installations must occur any day only between 00:00 and 05:00.
✑ Updates must be downloaded from Microsoft and from other company computers that already downloaded the updates.
You need to configure the Windows 10 Update Rings settings in Intune to meet the requirements.
Which two settings should you modify? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:




Answer :

Reference:
https://github.com/MicrosoftDocs/IntuneDocs/blob/master/intune/windows-update-settings.md https://docs.microsoft.com/en-us/intune/delivery-optimization-windows#move-from-existing-update-rings-to-delivery-optimization

Your network contains an Active Directory domain named contoso.com.
You create a provisioning package named Package1 as shown in the following exhibit.


What is the maximum number of devices on which you can run Package1 successfully?

  • A. 1
  • B. 10
  • C. 25
  • D. unlimited


Answer : B

Explanation:
The device name uses a single random number (applied by %RAND:1%). This allows for 10 unique values (0 ג€" 9).

HOTSPOT -
You have computers that run Windows 10 and are configured by using Windows Autopilot.
A user performs the following tasks on a computer named Computer1:
✑ Creates a VPN connection to the corporate network
✑ Installs a Microsoft Store app named App1
✑ Connects to a Wi-Fi network
You perform a Windows Autopilot Reset on Computer1.
What will be the state of the computer when the user signs in? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:




Answer :

Reference:
https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot-reset

HOTSPOT -
Your network contains an Active Directory domain named constoso.com that is synced to Microsoft Azure Active Directory (Azure AD). All computers are enrolled in Microsoft Intune.
The domain contains the computers shown in the following table.


You are evaluating which Intune actions you can use to reset the computers to run Windows 10 Enterprise with the latest update.
Which computers can you reset by using each action? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:



Answer :

Reference:
https://docs.microsoft.com/en-us/intune/device-fresh-start
https://docs.microsoft.com/en-us/intune/devices-wipe

You have the 64-bit computers shown in the following table.


You plan to perform an in-place upgrade to the 64-bit version of Windows 10.
Which computers can you upgrade to the 64-bit version of Windows 10 in their current state?

  • A. Computer2 and Computer4 only
  • B. Computer4 only
  • C. Computer3 and Computer4 only
  • D. Computer1, Computer2, Computer3 and Computer4
  • E. Computer2, Computer3, and Computer4 only


Answer : A

Reference:
https://docs.microsoft.com/en-us/windows/deployment/windows-10-deployment-scenarios

You have 200 computers that run Windows 10. The computers are joined to Microsoft Azure Active Directory (AD) and enrolled in Microsoft Intune.
You need to enable self-service password reset on the sign-in screen.
Which settings should you configure from the Microsoft Endpoint Manager admin center?

  • A. Device configuration
  • B. Device compliance
  • C. Device enrollment
  • D. Conditional access


Answer : A

Reference:
https://docs.microsoft.com/en-us/mem/intune/configuration/device-profile-create https://www.inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Windows Update for Business.
The research department has several computers that have specialized hardware and software installed.
You need to prevent the video drivers from being updated automatically by using Windows Update.
Solution: From the Device Installation and Restrictions settings in a Group Policy object (GPO), you enable Prevent installation of devices using drivers that match these device setup classes, and then you enter the device GUID.
Does this meet the goal?

  • A. Yes
  • B. No


Answer : B

Reference:
https://www.stigviewer.com/stig/microsoft_windows_server_2012_member_server/2013-07-25/finding/WN12-CC-000024

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Windows Update for Business.
The research department has several computers that have specialized hardware and software installed.
You need to prevent the video drivers from being updated automatically by using Windows Update.
Solution: From the Settings app, you clear the Give me updates for other Microsoft products when I update Windows check box.
Does this meet the goal?

  • A. Yes
  • B. No


Answer : B

Reference:
https://www.stigviewer.com/stig/microsoft_windows_server_2012_member_server/2013-07-25/finding/WN12-CC-000024

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Windows Update for Business.
The research department has several computers that have specialized hardware and software installed.
You need to prevent the video drivers from being updated automatically by using Windows Update.
Solution: From the Device Installation settings in a Group Policy object (GPO), you enable Specify search order for device driver source locations, and then you select Do not search Windows Update.
Does this meet the goal?

  • A. Yes
  • B. No


Answer : A

Reference:
https://www.stigviewer.com/stig/microsoft_windows_server_2012_member_server/2013-07-25/finding/WN12-CC-000024

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to ensure that feature and quality updates install automatically during a maintenance window.
Solution: In Group policy, from the Windows Update settings, you enable Configure Automatic Updates, select 3 ג€" Auto download and notify for Install, and then enter a time.
Does this meet the goal?

  • A. Yes
  • B. No


Answer : B

Reference:
https://docs.microsoft.com/en-us/sccm/sum/deploy-use/automatically-deploy-software-updates

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You have 20 computers that run Windows 10 and are joined to Microsoft Azure Active Directory (Azure AD).
You plan to replace the computers with new computers that run Windows 10. The new computers will be joined to Azure AD.
You need to ensure that the desktop background, the favorites, and the browsing history are available on the new computers.
Solution: You configure Enterprise State Roaming.
Does this meet the goal?

  • A. Yes
  • B. No


Answer : A

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/enterprise-state-roaming-windows-settings-reference

Page:    1 / 21   
Total 310 questions