clapgeek logo
You have a computer that runs Windows 10 and contains two local users named User! and User2. You need to ensure that the users can perform the following anions:
• User 1 must be able to adjust the date and time.
• User2 must be able to clear Windows logs.
The solution must use the principle of least privilege.
To which group should you add each user? To answer, drag the appropriate groups to the correct users. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Your company has 200 computers that run Windows 10. The computers are managed by using Microsoft Intune. Currently, Windows updates are downloaded without using Delivery Optimization. You need to configure the computers to use Delivery Optimization. What should you create in Intune?
You have a Microsoft 365 subscription that includes Microsoft Intune and Microsoft Defender for Endpoint.
Users have devices that run Windows 11.
You deploy a connection from Defender for Endpoint to Intune.
You need to ensure that when a device is enrolled in Intune, the device is onboarded automatically to Defender for Endpoint
What should you configure, and which portal should you use? To answer, select the appropriate options in the answer area
NOTE: Each correct selection is worth one point.
You have an Azure AD tenant named contoso.com.
You plan to use Windows Autopilot to configure the Windows 10 devices shown in the following table.
Which devices can be configured by using Windows Autopilot self-deploying mode?
You have a Microsoft 365 subscription that contains 1,000 iOS devices and includes Microsoft Intune. You need to prevent the printing of corporate data from managed apps on the devices, should you configure?
You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You need to configure an update ring that meets the following requirements:
• Fixes and improvements to existing Windows functionality can be deferred for 14 days but will install automatically seven days after that date.
• The installation of new Windows features can be deferred for 90 days but will install automatically 10 days after that date.
• Devices must restart automatically three days after an update is installed.
How should you configure the update ring? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Your on-premises network contains an Active Directory domain named contoso.com. The domain contains a user account named Admin1 and the resources shown in the following table.
You have a Microsoft 365 E5 subscription.
You have a Microsoft Entra tenant that syncs with contoso.com.
Admin! plans to use Windows Autopilot to deploy 10X3 Windows 11 devices. The deployment must meet the following requirements:
• The devices must be Microsoft Entra hybrid joined during the deployment.
• Computer objects must be created in 0U1.
You need to configure Server1 and Active Directory delegation to support the deployment.
How should you configure Server1, and on which resource should you configure delegated permissions? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription that has Windows 365 Enterprise licenses.
You plan to use a custom Windows 11 image as a template for Cloud PCs.
You have a Hyper-V virtual machine that runs Windows 11 and has the following configurations:
• Name: VM1
• Disk size: 64 GB
• Disk format: VHDX
• Disk type: Fixed size
• Generation: Generation 2
You need to ensure that you can use VM1 as a source for the custom image. What should you do on VM1 first?
Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure AD tenant.
You have a Microsoft 365 subscription
You plan to use Windows Autopilot to deploy new Windows devices.
You plan to create a deployment profile.
You need to ensure that The deployment meets the following requirements:
• Devices must be joined to AD DS regardless of their current working location.
• Users in the marketing department must have a Iine-of-business (LOB) app installed during the deployment.
The solution must minimize administrative effort.
What should you do for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription.
You plan to use Windows Autopilot to provision 25 Windows 11 devices.
You need to configure the Out-of-box experience (OOBE) settings.
What should you create in the Microsoft Intune admin center?
You have an on-premises Active Directory domain that syncs to Azure AD tenant.
The tenant contains computers that run Windows 10. The computers are hybrid Azure AD joined and enrolled in Microsoft Intune.
The Microsoft Office settings on the computers are configured by using a Group Policy Object (GPO).
You need to migrate the GPO to Intune.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You have a Windows 10 device named Computer1 enrolled in Microsoft Intune.
You need to configure Computer1 as a public workstation that will run a single customer-facing, full-screen application.
Which configuration profile type template should you use in Microsoft Intune admin center?
Your network contains an Active Directory domain. Active Directory is synced with Microsoft Azure Active Directory (Azure AD).
There are 500 Active Directory domain-joined computers that run Windows 10 and are enrolled in Microsoft Intune.
You plan to implement Microsoft Defender Exploit Guard.
You need to create a custom Microsoft Defender Exploit Guard policy, and then distribute the policy to all the computers.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription. The subscription contains devices that are Microsoft Entra joined and enrolled in Microsoft Intune
You create a user named User1.
You need to ensure that User1 can rotate BitLocker recovery keys by using Intune.
Solution: From the Microsoft Entra admin center, you assign the Helpdesk Administrator role to User1.
Does this meet the goal?
What should you configure to meet the technical requirements for the Azure AD-joined computers?
You need to resolve the performance issues in the Los Angeles office.
How should you configure the update settings? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You are evaluating which devices are compliant.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You need to meet the requirements for the MKG department users.
What should you do?
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You need a new conditional access policy that has an assignment for Office 365 Exchange Online.
You need to configure the policy to meet the technical requirements for Group4.
Which two settings should you configure in the policy? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to meet the technical requirements for the iOS devices.
Which object should you create in Intune?
You need to meet the technical requirements for the new HR department computers.
How should you configure the provisioning package? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to prepare for the deployment of the Phoenix office computers.
What should you do first?
You need to meet the technical requirements for the LEG department computers.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
What is the maximum number of devices that User1 and User2 can enroll in Intune? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to meet the technical requirements for the IT department.
What should you do first?
You need to prepare for the deployment of the Phoenix office computers.
What should you do first?
You implement the planned changes for Connection1 and Connection2
How many VPN connections will there be for User1 when the user signs in to Device 1 and Devke2? To answer select the appropriate options in the answer area.
NOTE; Each correct selection is worth one point.
You implement Boundary1 based on the planned changes.
Which devices have a network boundary of 192.168.1.0/24 applied?
User1 and User2 plan to use Sync your settings.
On which devices can the users use Sync your settings? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to ensure that computer objects can be created as part of the Windows Autopilot deployment. The solution must meet the technical requirements.
To what should you grant the right to create the computer objects?
Which devices are registered by using the Windows Autopilot deployment service?
You have a Microsoft 365 subscription.
You plan to enable Microsoft Intune enrollment for the following types of devices:
• Existing Windows 11 devices managed by using Configuration Manager
• Personal iOS devices
The solution must minimize user disruption.
Which enrollment method should you use for each device type? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains a group named Group1. You need to ensure that only the members of Group1 can join devices to the Microsoft Entra tenant. What should you configure in the Microsoft Entra admin center?
Your company has computers that run Windows 10 and are Microsoft Azure Active Directory (Azure AD)-joined.
The company purchases an Azure subscription.
You need to collect Windows events from the Windows 10 computers in Azure. The solution must enable you to create alerts based on the collected events.
What should you create in Azure and what should you configure on the computers? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a computer named Computer! that runs Windows 11.
A user named User1 plans to use Remote Desktop to connect to Computer1.
You need to ensure that the device of User1 is authenticated before the Remote Desktop connection is established and the sign in page appears.
What should you do on Computer1?
Your company uses Microsoft Intune.
More than 500 Android and iOS devices are enrolled in the Intune tenant.
You plan to deploy new Intune policies. Different policies will apply depending on the version of Android or iOS installed on the device.
You need to ensure that the policies can target the devices based on their version of Android or iOS.
What should you configure first?
You have a Microsoft 365 subscription.
You have devices enrolled in Microsoft Intune as shown in the following table.
To which devices can you deploy apps by using Intune?
You have a Microsoft 365 tenant that contains the devices shown in the following table.
The devices are managed by using Microsoft Intune.
You create a compliance policy named Policy1 and assign Policy1 to Group1. Policy1 is configured to mark a device as Compliant only if the device security settings match the settings specified in the policy.
You discover that devices that are not members of Group1 are shown as Compliant.
You need to ensure that only devices that are assigned a compliance policy can be shown as Compliant. All other devices must be shown as Not compliant.
What should you do from the Microsoft Intune admin center?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
TESTED 04 Dec 2024
A screenshot of a computer
Description automatically generated
