Protecting user devices using Intune

Question 1

Your manager has asked you to set up the Microsoft 365 tenant so users can only join 5 devices to the tenant. What do you need to do to configure it? Put the answers in the correct order

Question 2

Your organization has a Microsoft 365 tenant with a default domain of gitbit.org Your organization's Azure AD contains the following users. Your organization's Microsoft Endpoint Manager admin center shows the following devices enrolled. Both devices have three apps named AppA, AppB, and AppC installed. You create an app protection policy named ProtectionPolicyA that has the following settings: Protected apps: AppA Exempt apps: AppB Windows Information Protection mode: Block You apply ProtectionPolicyA to GroupA and GroupC. You exclude GroupB from ProtectionPolicyA. Check the box next to each true statement

Question 3

You have a Microsoft 365 tenant with Defender for Endpoint. Intune is set up and installed on your Windows 10 devices. You open the Microsoft Endpoint Manager admin center and create an attack surface reduction policy. The policy is shown in the image below. Use the dropdowns below to complete the statement.

Question 4

Your organization has a Microsoft 365 tenant. Your manager has asked you to set up app-enforced restrictions for 20 users so they can't download attachments unless they are on a compliant device. From the Azure AD admin center, you create a security group called GroupA. What are the next two steps you need to take? Select the correct options below.

Question 5

Your organization has Microsoft 365 tenant configured with a hybrid on-premises Exchange server. Every user in your organization has a Windows 10 computer that's joined to the domain and has the latest version of Microsoft Office installed. All computers in the organization run Windows 10 Enterprise, are joined to the domain, and use Microsoft Office 365 ProPlus. You have a server named ServerA that runs Windows Server 2016 and hosts the telemetry database. You've been tasked with preventing private details in the telemetry data from being sent to Microsoft. What should you do?

Question 6

Your company has a Microsoft 365 subscription. The company does not permit users to enroll personal devices in mobile device management (MDM). Users in the sales department have personal iOS devices. You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant. The users must be prevented from backing up the app data to iCloud. What should you create?

Question 7

Your organization has a Microsoft 365 tenant named GitBit.org that contains the following users. 📷 Your organization has registered the following devices in Azure AD. 📷 You create the app protection policies in the Microsoft Endpoint Manager admin center as shown below. 📷 Check the box next to each true statement below.

Question 8

Your organization has a Microsoft 365 tenant. All the computers in your organization are running Windows 10. Every computer is joined to the domain and has Microsoft Intune installed. Your organization has updated its IT policy. Your new IT policy says only required telemetry data should be sent to Microsoft. You've been tasked with configuring the policy. How do you create the policy and apply it to all your Windows devices?

Question 9

Your organization has a Microsoft 365 tenant with devices registered in Azure AD. The devices are managed by using Microsoft Intune. Your manager asks you to enable and configure Windows Defender Exploit Guard (Windows Defender EG) on the devices. Which type of device configuration profile should you use?

Question 10

You have a Microsoft 365 tenant with the following devices enrolled in Intune. 📷 You've configured the following compliance policies in Intune including the groups they are assigned to: 📷 What policies will apply to which devices?

Question 11

You need to ensure that unmanaged mobile devices are quarantined when the devices attempt to connect to Exchange Online. What steps should you take to complete the task?

Question 12

Your organization has a Microsoft 365 tenant with a primary domain of gitbit.org The following Windows 10 devices are joined to Azure AD.

Question 13

The devices enrolled in Intune are configured as shown in the following table: 📷 The device compliance policies in Intune are configured as shown in the following table: 📷 The device compliance policies have the assignments shown in the following table: 📷 The Mark devices with no compliance policy are assigned as Compliant. You are evaluating which devices are compliant with Intune. Check the box if the device is compliant

Question 14

You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. Your organization uses Intune and it's managed through the Microsoft Endpoint Manager admin center. You've already configured the compliance policy settings as below. 📷 On April 1, 2022, you create the device compliance policies shown below 📷 On April 5, 2022, users enroll the following Windows 10 devices in Intune. 📷 Check the boxes below if the statements are true.

Protecting user devices using Intune

Questions for this test