You have a Microsoft 365 subscription.
You have devices enrolled in Microsoft Intune as shown in the following table.
To which devices can you deploy apps by using Intune?
You have a Microsoft 365 subscription. The subscription contains 500 computers that run Windows 11 and are enrolled in Microsoft Intune. You need to manage the deployment of monthly security updates. The solution must meet the following requirements:
• Updates must be deployed to a group of test computers for quality assurance.
• Updates must be deployed automatically 15 days after the quality assurance testing.
What should you create in the Microsoft Intune admin center?
You have a Microsoft 365 E5 subscription. All Windows devices are enrolled in Microsoft Intune.
You need to create an app protection policy named Policy1 and apply Policy1 to the devices. What can you protect by using Policy1?
You have a Microsoft 365 subscription and use the Microsoft Intune Suite. You have the devices shown in the following table.

All the devices are enrolled in Intune.
Which devices can you query by using Device query?
Your company has a Remote Desktop Gateway (RD Gateway).
You have a server named Server1 that is accessible by using Remote Desktop Services (RDS) through the RD Gateway.
You need to configure a Remote Desktop connection to connect through the gateway.
Which setting should you configure?
You have a Microsoft 365 E5 subscription. You purchase the following types of devices:
• Windows
• Android
• iOS
You plan to enroll the devices in Microsoft Intune. You need to configure enrollment restrictions.
For which device types can you configure device manufacturer restrictions?
You have an Azure AD tenant that contains the users shown in the following table.

You have the devices shown in the following table.

You have a Conditional Access policy named CAPolicy1 that has the following settings:
• Assignments
o Users or workload identities: User 1. User1
o Cloud apps or actions: Office 365 Exchange Online
o Conditions: Device platforms: Windows, iOS
• Access controls
o Grant Require multi-factor authentication
You have a Conditional Access policy named CAPolicy2 that has the following settings:
Assignments
o Users or workload identities: Used, User2
o Cloud apps or actions: Office 365 Exch
o Conditions
â– Device platforms: Android, iOS
â– Filter for devices
â– Device matching the rule: Exclude filtered devices from policy
â– Rule syntax: device. displayName- contains " 1 "
â– Access controls
â– Grant Block access
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You have computers that run Windows 10 and are configured by using Windows AutoPilot.
A user performs the following tasks on a computer named Computer1:
Creates a VPN connection to the corporate network
Installs a Microsoft Store app named App1
Connects to a Wi-Fi network
You perform a Windows AutoPilot Reset on Computer1.
What will be the state of the computer when the user signs in? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a server named Server1 and computers that run Windows 8.1. Server1 has the Microsoft Deployment Toolkit (MDT) installed.
You plan to upgrade the Windows 8.1 computers to Windows 10 by using the MDT deployment wizard.
You need to create a deployment share on Server1.
What should you do on Server1, and what are the minimum components you should add to the MDT deployment share? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You use a Microsoft Intune subscription to manage iOS devices.
You configure a device compliance policy that blocks jailbroken iOS devices.
You need to enable Enhanced jailbreak detection.
What should you configure?
You need to implement mobile device management (MDM) for personal devices that run Windows 11. The solution must meet the following requirements:
• Ensure that you can manage the personal devices by using Microsoft Intune.
• Ensure that users can access company data seamlessly from their personal devices.
• Ensure that users can only sign in to their personal devices by using their personal account
What should you use to add the devices to Azure AD?
You have a Microsoft 365 subscription.
You need to enable passwordless authentication for all users. The solution must meet the following requirements:
• Users in the research department cannot use mobile devices and must authenticate from unmanaged Linux devices by using an alternative method.
• To access services, users in the sales department must authenticate by using their mobile phone.
• Administrative effort must be minimized.
Which authentication method should you use for each department? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 tenant that contains the objects shown in the following table.

You are creating a compliance policy named Compliance1.
Which objects can you specify in Compliance1 as additional recipients of noncompliance notifications?
You have a Microsoft Entra tenant named contoso.com that contains the users shown in the following table.

You purchase the devices shown in the following table.

Administrators perform the following actions:
• Join Device1 to contoso.com by using the credentials of Admin1.
• Register Device2 in contoso.com by using the credentials of Admin2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You have a Microsoft Intune subscription associated to an Azure AD tenant named contoso.com.
Users use one of the following three suffixes when they sign in to the tenant: us.contoso.com, eu.contoso.com, or contoso.com.
You need to ensure that the users are NOT required to specify the mobile device management (MDM) enrollment URL as part of the enrollment process. The solution must minimize the number of changes.
Which DNS records do you need?
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table.

The domain syncs to a Microsoft Entra tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

User2 fails to authenticate to the Microsoft Entra tenant when signing in as user2@fabrikam.com.
You need to ensure that User2 can access the resources in Microsoft Entra ID.
Solution: From the on-premises Active Directory domain, you set the UPN suffix for User2 to @contosoxom. You instruct User2 to sign in as user2@contoso.com.
Does this meet the goal?
You have a Microsoft 365 E5 subscription that contains devices enrolled in Microsoft Intune. You need to review security tasks in the Microsoft Intune admin center. What should you do first?
You have a Microsoft 365 subscription that uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices.
You plan to deploy two apps named App1 and App2 to all Windows devices. App1 must be installed before App2.
From the Intune admin center, you create and deploy two Windows app (Win32) apps.
You need to ensure that App1 is installed before App2 on every device.
What should you configure?
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1. User1 has a user principal name (UPN) of user1 @contoso.com.
You join a Windows 10 device named Client1 to contoso.com.
You need to add User1 to the local Administrators group of Client1.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 tenant that uses Microsoft Intune to manage personal and corporate devices. The tenant contains three Windows 10 devices as shown in the following exhibit.

How will Intune classify each device after the devices are enrolled in Intune automatically? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription that uses Microsoft Intune.
You plan to manage Windows updates by using Intune.
You create an update ring for Windows 10 and later and configure the User experience settings for the ring as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription. You are implementing Microsoft Defender for Cloud Apps. You need to ensure that you can create OAuth app policies-Solution: You configure Conditional Access app control. Does this meet the goal?
You have a Microsoft 365 subscription that contains the devices shown in the following table.

You plan to enroll the devices in Microsoft Intune.
How often will the compliance policy check-ins run after each device is enrolled in Intune? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have the device configuration profile shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription that contains 1,000 iOS devices. The devices are enrolled in Microsoft Intune as follows:
• Two hundred devices are enrolled by using the Intune Company Portal.
• Eight hundred devices are enrolled by using Apple Automated Device Enrollment (ADE).
You create an iOS/iPadOS software updates policy named Policy 1 that is configured to install iOS/iPadOS 15.5.
How many iOS devices will Policy1 update, and what should you configure to ensure that only iOS/iPadOS 15.5 is installed? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have a Hyper-V host. The host contains virtual machines that run Windows 10 as shown in following table.

Which virtual machines can be upgraded to Windows 11?
Your network contains an Active Directory domain. The domain contains 10 computers that run Windows 10. Users in the finance department use the computers.
You have a computer named Computer1 that runs Windows 10.
From Computer1, you plan to run a script that executes Windows PowerShell commands on the finance department computers.
You need to ensure that you can run the PowerShell commands on the finance department computers from Computer.
What should you do on the finance department computers?
You are evaluating which devices are compliant.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You need a new conditional access policy that has an assignment for Office 365 Exchange Online.
You need to configure the policy to meet the technical requirements for Group4.
Which two settings should you configure in the policy? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

What is the maximum number of devices that User1 and User2 can enroll in Intune? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to meet the technical requirements for the IT department.
What should you do first?
To which devices do Policy1 and Policy2 apply? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to meet the technical requirements for the new HR department computers.
How should you configure the provisioning package? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to meet the requirements for the MKG department users.
What should you do?
You need to prepare for the deployment of the Phoenix office computers.
What should you do first?
You need to meet the technical requirements for the iOS devices.
Which object should you create in Intune?
You need to prepare for the deployment of the Phoenix office computers.
What should you do first?
You need to meet the technical requirements for the LEG department computers.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You need to meet the OOBE requirements for Windows AutoPilot.
Which two settings should you configure from the Azure Active Directory blade? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

You need to recommend a solution to meet the device management requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to meet the device management requirements for the developers.
What should you implement?
You need to meet the technical requirements for Windows AutoPilot.
Which two settings should you configure from the Azure Active Directory blade? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

You need to resolve the performance issues in the Los Angeles office.
How should you configure the update settings? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

What should you configure to meet the technical requirements for the Azure AD-joined computers?
What should you upgrade before you can configure the environment to support co-management?
You need to capture the required information for the sales department computers to meet the technical
requirements.
Which Windows PowerShell command should you run first?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Which devices are registered by using the Windows Autopilot deployment service?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

You implement Boundary1 based on the planned changes.
Which devices have a network boundary of 192.168.1.0/24 applied?
You implement the planned changes for Connection1 and Connection2
How many VPN connections will there be for User1 when the user signs in to Device 1 and Devke2? To answer select the appropriate options in the answer area.
NOTE; Each correct selection is worth one point.

User1 and User2 plan to use Sync your settings.
On which devices can the users use Sync your settings? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You need to ensure that computer objects can be created as part of the Windows Autopilot deployment. The solution must meet the technical requirements.
To what should you grant the right to create the computer objects?