Valid MD-101 Dumps shared by PassLeader for Helping Passing MD-101 Exam! PassLeader now offer the newest MD-101 VCE dumps and MD-101 PDF dumps, the PassLeader MD-101 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader MD-101 dumps with VCE and PDF here: https://www.passleader.com/md-101.html (429 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader MD-101 dumps from Cloud Storage: https://drive.google.com/open?id=1UwF3c9A7A4qUM1Sf2toSsnG8jMk5SglH
NEW QUESTION 367
Your company Windows 10 computers that are enrolled in Microsoft Intune. You make use of Intune to manage the servicing channel settings of all company computers. You receive an enquiry regarding the servicing status of a specific computer. You need to review the necessary policy report.
Solution: You navigate to device status via Device configuration.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
https://docs.microsoft.com/en-us/intune/windows-update-compliance-reports
NEW QUESTION 368
Your company has a hybrid configuration of Microsoft Azure Active Directory (Azure AD). Your company also has a Microsoft 365 subscription. After creating a conditional access policy for Microsoft Exchange Online, you are tasked with configuring the policy to block access to Exchange Online. However, the policy should allow access for hybrid Azure AD-joined devices.
Solution: You should configure the Client apps settings.
Does the solution meet the goal?
A. Yes
B. No
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/conditions#device-state
NEW QUESTION 369
Your company has a number of Windows 10 Microsoft Azure Active Directory (Azure AD) joined workstations. These workstations have been enrolled in Microsoft Intune. You have been tasked with making sure that the workstations are only able to run applications that you have explicitly permitted.
Solution: You make use of Windows Defender Application Guard.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control
NEW QUESTION 370
Your company’s environment includes a Microsoft 365 subscription. Users in the company’s sales division have personal iOS or Android devices that are enrolled in Microsoft Intune. New users are added to the sales division on a monthly basis. After a mobile application is created for users in the sales division, you are instructed to make sure that the application can only be downloaded by the sales division users.
Solution: You start by adding the application to Intune.
Does the solution meet the goal?
A. Yes
B. No
Answer: A
Explanation:
https://docs.microsoft.com/en-us/intune/apps-add
NEW QUESTION 371
Your network contains an Active Directory domain. The domain contains 5,000 computers that run Windows 10. All users use Roaming User Profiles. Some users report that it takes a long time to sign in to the computers. You discover that the users have user profiles that are larger than 1 GB. You need to reduce the amount of time it takes for the users to sign in. What should you configure?
A. Folder Redirection by using a Group Policy Object (GPO).
B. Sync your settings in the Settings app.
C. Delivery Optimization in the Settings app.
D. Microsoft User Experience Virtualization (UE-V) by using PowerShell.
Answer: D
Explanation:
https://docs.microsoft.com/en-us/windows/configuration/ue-v/uev-for-windows
NEW QUESTION 372
You have been tasked with reusing a Windows 10 computer that was assigned to a user who is no longer with the company. The computer will be assigned to a new user. You plan to make use of Windows AutoPilot to redeploy the computer. Which of the following actions should you take FIRST?
A. Reset the computer.
B. Wipe the computer.
C. Create a HTML file containing the computer info.
D. Create a CSV file containing the computer info.
Answer: D
Explanation:
https://docs.microsoft.com/en-us/intune/enrollment-autopilot
https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot-reset
NEW QUESTION 373
Your company has an Active Directory domain that includes a large number of Windows 10 computers. You have recently configured hybrid Microsoft Azure Active Directory (Azure AD) and Microsoft Intune in the environment. You want to make sure that all the current computers are automatically registered to Azure AD, as well as enrolled in Intune. The strategy that you employ should reduce the administrative effort required to achieve your goal. Which of the following actions should you take?
A. You should make use of Windows Reset.
B. You should make use of a Windows AutoPilot deployment profile.
C. You should make use of a n Autodiscover service connection point (SCP).
D. You should make use of a device configuration profile.
Answer: B
Explanation:
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Autopilot-Hybrid-Azure-AD-join-and-automatic/ba-p/286126
NEW QUESTION 374
Your company has an Active Directory domain, named weylandindustries.com. The domain is synced to Microsoft Azure Active Directory (Azure AD) and all company computers have been enrolled in Microsoft Intune. You are preparing to perform a Wipe action on certain company devices. Which of the following operating systems support the Wipe action? (Choose two.)
A. Windows Vista
B. Windows 8.1
C. Windows 10
D. iOS
Answer: BC
Explanation:
https://docs.microsoft.com/en-us/intune/devices-wipe
NEW QUESTION 375
Your company has a number of Windows 10 Microsoft Azure Active Directory (Azure AD) joined workstations. These workstations have been enrolled in Microsoft Intune. You have been tasked with making sure that the has self-service password reset enabled on the logon screen. You have navigated to the Microsoft Intune blade. Which of the following is the setting you should configure?
A. The Device configuration settings.
B. The Device compliance settings.
C. The Windows AutoPilot deployment settings.
D. The App protection settings.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-sspr-windows
NEW QUESTION 376
Your company has a Microsoft 365 subscription configured for their environment. All devices in the environment have Windows 10 installed. You have been instructed to make sure that users are not allowed to enroll devices in the Windows Insider Program. To achieve your goal, you access Microsoft 365 Device Management. Which of the following actions should you take?
A. You should configure a Windows 10 security baseline.
B. You should configure an app protection policy.
C. You should configure device restriction policy.
D. You should configure a Windows 10 update ring.
Answer: D
NEW QUESTION 377
Your company makes use of Microsoft Intune to manage computers. You have been tasked with configuring Windows Hello for Business. You are preparing to create an Intune profile to achieve your goal. Which of the following is an operating system that supports Windows Hello for Business?
A. Windows Vista
B. Windows 8.1
C. Windows 10
D. macOS
Answer: C
Explanation:
https://docs.microsoft.com/en-us/intune/protect/identity-protection-windows-settings
NEW QUESTION 378
Your company has a large number of Android and iOS devices, which are enrolled in Intune. You are preparing to deploy new Intune policies will apply to devices, based on the version of Android or iOS that is being run. You are required to make sure that the policies are able to target the devices according to your plan. Which of the following actions should you take?
A. You should start by accessing Intune and configuring corporate device identifiers.
B. You should start by accessing Microsoft Azure Active Directory (Azure AD) and configuring Device settings.
C. You should start by accessing Microsoft Azure Active Directory (Azure AD) and configuring Application settings.
D. You should start by creating a distribution group.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/intune/compliance-policy-create-android
https://docs.microsoft.com/en-us/intune/compliance-policy-create-ios
NEW QUESTION 379
Your company has a Microsoft 365 subscription. You have enrolled all the company computers in Microsoft Intune. You have been tasked with making sure that Microsoft Exchange Online is only accessible from known locations. Which of the following actions should you take?
A. You should create a device configuration profile.
B. You should create a device compliance policy.
C. You should create a Windows AutoPilot deployment profile.
D. You should create a conditional access policy.
Answer: D
NEW QUESTION 380
Your company plans to deploy tablets to 50 meeting rooms. The tablets run Windows 10 and are managed by using Microsoft Intune. The tablets have an application named App1. You need to configure the tablets so that any user can use App1 without having to sign in. Users must be prevented from using other applications on the tablets. Which device configuration profile type should you use?
A. Kiosk.
B. Endpoint protection.
C. Identity protection.
D. Device restrictions.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/windows/configuration/kiosk-single-app
NEW QUESTION 381
You manage a large number of Windows 10 computers. You have been tasked with creating a provisioning package that will allow you to remove the Microsoft News and the Xbox Microsoft Store apps, as well as add a VPN connection to the company network. Which of the following are the customization settings you should configure?
A. Connections and Personalization.
B. ConnectivityProfiles and Policies.
C. Connections and Policies.
D. ConnectivityProfiles and Personalization.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/windows/configuration/wcd/wcd-connectivityprofiles
https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider#applicationmanagement-applicationrestrictions
https://docs.microsoft.com/en-us/windows/configuration/wcd/wcd-policies
NEW QUESTION 382
All users at your company have Azure AD joined Windows 10 workstations that are managed via Microsoft Intune. You have been tasked with making sure that Windows Analytics is used to monitor the workstations centrally. Which of the following actions should you take?
A. You should create a device configuration profile via Intune.
B. You should create a device compliance policy via Intune.
C. You should create a Windows AutoPilot deployment profile via Intune.
D. You should create an app configuration policy via Intune.
Answer: A
Explanation:
https://www.scconfigmgr.com/2019/03/27/windows-analytics-onboarding-with-intune/
NEW QUESTION 383
Your company has a number of Windows 10 Microsoft Azure Active Directory (Azure AD) joined workstations. These workstations have been enrolled in Microsoft Intune. You are creating a device configuration profile for the workstations. You have been informed that a custom image should be displayed on the sign-in screen. Which of the following is a Device restriction setting that should be configured?
A. Locked screen experience.
B. Personalization.
C. Display.
D. General.
Answer: A
Explanation:
Sign-in screen, or Locked screen, image is set under Locked screen experience.
https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10
NEW QUESTION 384
Your company’s environment includes the following:
– Microsoft Azure Active Directory (Azure AD).
– Microsoft 365.
– Microsoft Intune.
– Azure Information Protection.
A new security policy declares that enrollment for private devices in Intune is not required. However, to access corporate email information, users have to make use of a PIN for authentication purposes. Also, users are able to access corporate cloud services from their private iOS and Android devices. Furthermore, the copying corporate email information to a cloud storage service should not be allowed, unless users are copying the information to Microsoft OneDrive for Business. You have to make sure that security policy is enforced. Which of the following actions should you take?
A. You should create a data loss prevention (DLP) policy.
B. You should create a device enrollment policy.
C. You should create an app protection policy.
D. You should create a Windows AutoPilot deployment profile.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/intune/app-protection-policy
NEW QUESTION 385
You are currently making use of the Antimalware Assessment solution in Microsoft Azure Log Analytics. You have accessed the Protection Status dashboard and find that there is a device that has no real time protection. Which of the following could be a reason for this occurring?
A. Windows Defender has been disabled.
B. You need to install the Azure Diagnostic extension.
C. Windows Defender Credential Guard is incorrectly configured.
D. Windows Defender System Guard is incorrectly configured.
Answer: A
Explanation:
https://docs.microsoft.com/ga-ie/azure/security-center/security-center-install-endpoint-protection
NEW QUESTION 386
You manage one hundred Microsoft Azure Active Directory (Azure AD) joined Windows 10 devices. You want to make sure that users are unable to join their home PC’s to Azure AD. Which of the following actions should you take?
A. You should configure the Enrollment restriction settings via the Device enrollment blade in the Intune Admin Center.
B. You should configure the Enrollment restriction settings via the Security & Compliance Admin Center.
C. You should configure the Enrollment restriction settings via the Azure Active Directory Admin Center.
D. You should configure the Enrollment restriction settings via the Windows Defender Security Center.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/intune/enrollment-restrictions-set
NEW QUESTION 387
You company has a Microsoft Azure Active Directory (Azure AD) tenant that includes Microsoft Intune. All of the Windows 10 devices are enrolled in Intune. You are preparing to configure a Windows Information Protection (WIP) policy. You need to make sure that the policy is configured to allow for the logging of unacceptable data sharing, but not blocking the action. Which of the following is the WIP protection mode that you should use?
A. Block
B. Silent
C. Off
D. Allow Overrides
Answer: B
Explanation:
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune
NEW QUESTION 388
Your company has an Active Directory domain, named weylandindustries.com, and a Microsoft Office 365 subscription. The domain is also synced to Microsoft Azure Active Directory (Azure AD). All company computers are domain-joined, and are running the most recent Microsoft OneDrive sync client. You are currently configuring OneDrive group policy settings. Which of the following is the setting that will minimize the disk space consumed by a user profile, when enabled?
A. OneDrive Files On-Demand.
B. Silently move known folders to OneDrive.
C. Prompt users to move Windows known folders to OneDrive.
D. Silently configure OneDrive using the primary Windows account.
Answer: A
Explanation:
OneDrive Files On-Demand enables users to view, search for, and interact with files stored in OneDrive from within File Explorer without downloading them and taking up space on the local hard drive.
https://docs.microsoft.com/en-us/onedrive/plan-onedrive-enterprise
NEW QUESTION 389
You manage your company’s Microsoft 365 subscription. You are tasked with creating an app protection policy for the Microsoft Outlook app on iOS devices that are not enrolled in Microsoft 365 Device Management. You have to make sure that the policy is configured to prohibit the users from using the Outlook app if the operating system version is less than 12.0.0. You also have to make sure that an alphanumeric passcode is required for users to access the Outlook app. Which of the following is policy settings that you should configure? (Choose two.)
A. Conditional launch.
B. Data transfer exemptions.
C. Data protection.
D. Access requirements.
Answer: AD
Explanation:
https://docs.microsoft.com/en-us/intune/app-protection-policy-settings-ios
NEW QUESTION 390
You are responsible for your company’s Microsoft 365 environment, with co-management enabled. All company computers have been deployed via Microsoft Deployment Toolkit (MDT), and have Windows 10 installed. You have been tasked devising a strategy for deploying Microsoft Office 365 ProPlus to new computers. You have to make sure that most recent version is installed at all times, while also reducing the effort required to meet the prerequisites. Which of the following actions should you take?
A. You should make use of Windows Deployment Services (WDS).
B. You should make use of the Microsoft Deployment Toolkit.
C. You should make use of the Office Deployment Tool (ODT).
D. You should make use of a Windows Configuration Designer provisioning package.
Answer: C
Explanation:
https://docs.microsoft.com/en-us/deployoffice/overview-of-the-office-2016-deployment-tool
NEW QUESTION 391
HotSpot
Your network contains an Active Directory domain. The domain contains computers that are managed by using Microsoft Endpoint Configuration Manager. You plan to integrate Configuration Manager and Azure as part of a Desktop Analytics implementation. You create a new organizational unit (OU) and place several test computers that run Windows 10 into the OU. You need to collect diagnostic data from the test computers to Desktop Analytics:
– App usage and insights data.
– Health monitoring data.
– Deployment status data.
The solution must minimize the data collected. Which two Group Policy settings should you configure? (To answer, select the appropriate settings in the answer area.)
Answer:
Explanation:
https://docs.microsoft.com/en-us/enterprise-threat-detection/collector/collector-client-configuration-windows-10-telemetry-requirements
https://docs.microsoft.com/en-us/mem/configmgr/desktop-analytics/enable-data-sharing
NEW QUESTION 392
Drag and Drop
Your company has a number of Windows 7 computers that you want to upgrade to Windows 10. The computers all have a single MBR disk, and a disabled TPM chip. Also, the computers have hardware virtualization disabled, Data Execution Prevention (DEP) enabled, and UEFI firmware running in BIOS mode. You have been tasked with making sure that Secure Boot can be used by the computers. Which of the following actions should you take? (Answer by dragging the correct options from the list to the answer area. Choose two.)
Answer:
Explanation:
https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/boot-to-uefi-mode-or-legacy-bios-mode
NEW QUESTION 393
……
Get the newest PassLeader MD-101 VCE dumps here: https://www.passleader.com/md-101.html (429 Q&As Dumps)
And, DOWNLOAD the newest PassLeader MD-101 PDF dumps from Cloud Storage for free: https://drive.google.com/open?id=1UwF3c9A7A4qUM1Sf2toSsnG8jMk5SglH