MS-102 Free Practice Test

- (Exam Topic 5)
You have a Microsoft 365 tenant that contains devices enrolled in Microsoft Intune. The devices are configured as shown in the following table.

You plan to perform the following device management tasks in Microsoft Endpoint Manager:
Deploy a VPN connection by using a VPN device configuration profile.
Configure security settings by using an Endpoint Protection device configuration profile. You support the management tasks.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Solution:
Graphical user interface, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/mem/intune/configuration/vpn-settings-configure https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-macos

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 5)
You have a Microsoft 365 E5 tenant.
You configure a device compliance policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Solution:
Graphical user interface, text, application, email Description automatically generated
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 5)
You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.com.
You create a Microsoft Defender for identity instance Contoso. The tenant contains the users shown in the following table.

You need to modify the configuration of the Defender for identify sensors.
Solutions: You instruct User3 to modify the Defender for identity sensor configuration. Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 3)
You need to configure the compliance settings to meet the technical requirements. What should you do in the Microsoft Endpoint Manager admin center?

1. A. From Compliance policies, modify the Notifications settings.
2. B. From Locations, create a new location for noncompliant devices.
3. C. From Retire Noncompliant Devices, select Clear All Devices Retire State.
4. D. Modify the Compliance policy settings.

Correct Answer: D
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started

- (Exam Topic 5)
You have a Microsoft 365 subscription.
You register two applications named App1 and App2 to Azure AD.
You need to ensure that users who connect to App1 require multi-factor authentication (MFA). MFA is required only for App1. What should you do?

1. A. From the Microsoft Entra admin center, create a conditional access policy
2. B. From the Microsoft 365 admin center, configure the Modem authentication settings.
3. C. From the Enterprise applications blade of the Microsoft Entra admin center, configure the Users settings.
4. D. From Multi-Factor Authentication, configure the service settings.

Correct Answer: A
Use Conditional Access policies
If your organization has more granular sign-in security needs, Conditional Access policies can offer you more control. Conditional Access lets you create and define policies that react to sign in events and request additional actions before a user is granted access to an application or service.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authenticati