MS-102 Free Practice Test

HOTSPOT - (Topic 6)
You have several devices enrolled in Microsoft Endpoint Manager.
You have a Microsoft Azure Active Directory (Azure AD) tenant that includes the users shown in the following table.

The device type restrictions in Endpoint Manager are configured as shown in the following table.


Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Topic 6)
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table.

You configure Azure AD Connect to sync contoso.com to Azure AD.
Which objects will sync to Azure AD?

1. A. Group1 only
2. B. User1 and User2 only
3. C. Group1 and User1 only
4. D. Group1, User1, and User2

Correct Answer: D
Disabled accounts
Disabled accounts are synchronized as well to Azure AD. Disabled accounts are common to represent resources in Exchange, for example conference rooms. The exception is users with a linked mailbox; as previously mentioned, these will never provision an account to Azure AD.
The assumption is that if a disabled user account is found, then we won't find another active account later and the object is provisioned to Azure AD with the userPrincipalName and sourceAnchor found. In case another active account will join to the same metaverse object, then its userPrincipalName and sourceAnchor will be used.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/concept-azure-ad-connect-sync-user-and-contacts

HOTSPOT - (Topic 6)
You have a Microsoft 365 ES subscription that has three auto retention policies as show in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic NOTE Each correct selection is worth one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Topic 6)
Your on-premises network contains an Active Directory domain. You have a Microsoft 365 E5 subscription.
You plan to implement a hybrid configuration that has the following requirements:
• Minimizes the number of times users are prompted for credentials when they access Microsoft 365 resources
• Supports the use of Azure AD Identity Protection
You need to configure Azure AD Connect to support the planned implementation. Which two options should you select? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

1. A. Password Hash Synchronization
2. B. Password writeback
3. C. Directory extension attribute sync
4. D. Enable single sign-on
5. E. Pass-through authentication

Correct Answer: AB

- (Topic 6)
You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy.
You need to ensure that only devices marked as compliant can access Microsoft Office 365 apps.
Which policy type should you configure?

1. A. conditional access
2. B. account protection
3. C. attack surface reduction (ASR)
4. D. Endpoint detection and response

Correct Answer: A
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started