Exam Code : MD-101
Exam Name : Managing Modern Desktops
Vendor Name :
"Microsoft"
MD-101 Dumps
MD-101 Braindumps MD-101 Real Questions MD-101 Practice Test
MD-101 Actual Questions
Managing Modern Desktops
https://killexams.com/pass4sure/exam-detail/MD-101
Question: 61
Topic 1, Litware inc
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.
General Overview
Litware, Inc. is an international manufacturing company that has 3,000 employees. The company has sales, marketing, research, human resources (HR), development, and IT departments.
Litware has two main offices in New York and Los Angeles. Litware has five branch offices in Asia. Existing Environment
Current Business Model
The Los Angeles office has 500 developers. The developers work flexible hours ranging from 11 AM to 10 PM. Litware has a Microsoft System Center 2012 R2 Configuration Manager deployment.
During discovery, the company discovers a process where users are emailing bank account information of its customers to internal and external recipients.
Current Environment
The network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD). The functional level of the forest and the domain is Windows Server 2012 R2. All domain controllers run Windows Server 2012 R2.
Litware has the computers shown in the following table.
The development department uses projects in Azure DevOps to build applications.
Most of the employees in the sales department are contractors. Each contractor is assigned a computer that runs Windows 10. At the end of each contract, the computer is assigned to a different contractor. Currently, the computers are re-provisioned manually by the IT department.
Problem Statements
Litware identifies the following issues on the network:
Employees in the Los Angeles office report slow Internet performance when updates are downloading. The employees also report that the updates frequently consume considerable resources when they are installed. The Update settings are configured as shown in the Updates exhibit. (Click the Updates button.)
Management suspects that the source code for the proprietary applications in Azure DevOps in being shared externally.
Re-provisioning the sales department computers is too time consuming. Requirements
Business Goals
Litware plans to transition to co-management for all the company-owned Windows 10 computers. Whenever possible, Litware wants to minimize hardware and software costs.
Device Management Requirements
Litware identifies the following device management requirements:
Prevent the sales department employees from forwarding email that contains bank account information.
Ensure that Microsoft Edge Favorites are accessible from all computers to which the developers sign in.
Prevent employees in the research department from copying patented information from trusted applications to untrusted applications.
Technical Requirements
Litware identifies the following technical requirements for the planned deployment:
Re-provision the sales department computers by using Windows AutoPilot.
Ensure that the projects in Azure DevOps can be accessed from the corporate network only.
Ensure that users can sign in to the Azure AD-joined computers by using a PIN. The PIN must expire every 30 days.
Ensure that the company name and logo appears during the Out of Box Experience (OOBE) when using Windows AutoPilot.
Exhibits Updates
HOTSPOT
You need to recommend a solution to meet the device management requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question: 62
You implement Boundary1 based on the planned changes.
Which devices have a network boundary of 192.168.1.0/24 applied?
Device2 only
Device3 only
Device 1. Device2. and Device5 only
Device 1, Device2, Device3, and Device4 only
Explanation:
Reference: https://docs.microsoft.com/en-us/mem/intune/configuration/network-boundary-windows
Question: 63
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain. The domain contains member computers that run Windows 8.1 and are enrolled in Microsoft Intune.
You need to identify which computers can be upgraded to Windows 10.
Solution: From Windows on the Devices blade of the Microsoft Endpoint Manager admin center, you create a filter and export the results as a CSV file.
Does this meet the goal?
Yes
No
Question: 64
You need to meet the requirements for the MKG department users. What should you do?
Assign the MKG department users the Purchaser role in Microsoft Store for Business
Download the APPX file for App1 from Microsoft Store for Business
Add App1 to the private store
Assign the MKG department users the Basic Purchaser role in Microsoft Store for Business
Acquire App1 from Microsoft Store for Business
References: https://docs.microsoft.com/en-us/microsoft-store/distribute-apps-from-your-private-store Enable the users in the MKG department to use App1.
The private store is a feature in Microsoft Store for Business and Education that organizations receive during the signup process. When admins add apps to the private store, all employees in the organization can view and download the apps. Your private store is available as a tab in Microsoft Store app, and is usually named for your company or organization. Only apps with online licenses can be added to the private store.
Reference: https://docs.microsoft.com/en-us/microsoft-store/distribute-apps-from-your-private-store
Question: 65
You are creating a device configuration profile in Microsoft Intune. You need to configure specific OMA-URI settings in the profile. Which profile type should you use?
Identity protection
Custom
Device restrictions (Windows 10 Team)
Device restrictions
Reference: https://docs.microsoft.com/en-us/mem/intune/configuration/custom-settings-windows-10
Question: 66
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
A screenshot of a computer
Description automatically generated with medium confidence
Question: 67
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant named adatum.com that contains the users shown in the following table.
You configure the following device settings for the tenant: Users may join devices to Azure AD: User1
Additional local administrators on Azure AD joined devices: None You install Windows 10 on a computer named Computer1.
You need to identify which users can join Computer1 to adatum.com, and which users will be added to the Administrators group after joining adatum.com.
Which users should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question: 68
HOTSPOT
You have computers that run Windows 10 and are configured by using Windows AutoPilot. A user performs the following tasks on a computer named Computer1:
Creates a VPN connection to the corporate network Installs a Microsoft Store app named App1 Connects to a Wi-Fi network
You perform a Windows AutoPilot Reset on Computer1.
What will be the state of the computer when the user signs in? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question: 69
HOTSPOT
To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question: 70
HOTSPOT
You have the MDM Security Baseline profile shown in the MDM exhibit. (Click the MDM tab.)
You have the ASR Endpoint Security profile shown in the ASR exhibit. (Click the ASR tab.)
You plan to deploy both profiles to devices enrolled in Microsoft Intune.
You need to identify how the following settings will be configured on the devices: Block Office applications from creating executable content
Block Win32 API calls from Office macro
Currently, the settings are disabled locally on each device.
What are the effective settings on the devices? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: Audit mode
According to the ASR Endpoint Security profile and to the MDM Security Baseline profile, Block Office applications from creating executable content is set to Audit mode.
Box 2: Disable
Block Win32 API calls from Office macro: According to MDM Security Baseline profile it is set to disable. According to the ASR Endpoint Security profile it is set to Audit mode.
The profiles are merged. The Baseline profile overrides the Endpoint Security profile.
Note:
When two or more policies have conflicting settings, the conflicting settings are not added to the combined policy, while settings that don’t conflict are added to the superset policy that applies to a device.
Attack surface reduction rule merge behavior is as follows:
Endpoint security > Security baselines > Microsoft Defender for Endpoint Baseline > Attack Surface Reduction Rules. MDM Security Baseline profile ASR Endpoint Security profile.