Microsoft Azure

Endpoint Administrator

MD-102

Demonstrate your skills as an Endpoint Administrator with the MD-102 exam.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 131–140 of 150

Q131

You are configuring an Azure Virtual Network and need to allow on-premises devices to connect. What should you implement?

  • A Virtual Gateway
  • B ExpressRoute
  • C VPN Gateway
  • D Application Gateway
Explanation A VPN Gateway is specifically designed to enable secure remote connections to Azure from on-premises; other options do not serve this purpose.
Q132

What happens when you delete a Recovery Services vault in Azure?

  • A Data is immediately erased
  • B Linked resources automatically delete
  • C Vault becomes inactive only
  • D Vault remains but unusable
Explanation Data backed up to the vault is erased upon deletion, as the vault's primary function is to store that data; the other options misrepresent the implications of deletion.
Q133

Which service allows you to manage devices within an organization?

  • A Azure Active Directory
  • B Intune
  • C Azure Automation
  • D Microsoft Defender
Explanation Intune specifically manages devices; the others do not focus on device management.
Q134

A company needs to restrict access to Azure resources based on user roles. What should they implement?

  • A Azure Backup
  • B Role-Based Access Control
  • C Virtual Network
  • D Azure Monitor
Explanation Role-Based Access Control (RBAC) is designed for restricting access based on roles; the others do not provide this function.
Q135

What happens when you enable auto-upgrade for an Azure VM?

  • A VM will automatically be deleted.
  • B VM will be upgraded on schedule.
  • C VM configurations will be reset.
  • D VM updates will be declined.
Explanation Enabling auto-upgrade allows the VM to receive scheduled updates automatically; the other options are incorrect.
Q136

Which Azure service manages role-based access control (RBAC)?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure Storage Accounts
  • D Azure DevOps
Explanation Azure Active Directory provides RBAC for resource access.
Q137

A company needs to ensure that sensitive data is encrypted at rest in Azure. What should they use?

  • A Azure Disk Encryption
  • B Azure Backup
  • C Managed Identities
  • D Azure Virtual Network
Explanation Azure Disk Encryption specifically encrypts data at rest.
Q138

You are configuring Intune for a group of users. What happens when a user’s device is non-compliant?

  • A Device will be approved automatically
  • B User can bypass compliance check
  • C User may lose access to resources
  • D Device remains unaffected by policies
Explanation Non-compliant devices may have limited access to corporate resources.
Q139

Which Azure service is primarily used for monitoring and analyzing security posture across multiple cloud services?

  • A Azure Security Center
  • B Azure Monitor
  • C Azure Sentinel
  • D Azure Log Analytics
Explanation Azure Security Center provides security recommendations and analysis, while other options focus on monitoring or logging.
Q140

A company needs to ensure that all endpoints are automatically updated with the latest Windows features and security patches. What should they configure?

  • A Windows Update for Business
  • B Azure Site Recovery
  • C Intune Device Compliance
  • D Azure Virtual Desktop
Explanation Windows Update for Business manages updates centrally, while other options do not control endpoint updates directly.