Microsoft Azure

Endpoint Administrator

MD-102

Demonstrate your skills as an Endpoint Administrator with the MD-102 exam.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 11–20 of 150

Q11

A company needs to enforce compliance on device configurations. What should the administrator use?

  • A Azure Security Center
  • B Intune Compliance Policies
  • C Azure Sentinel
  • D Azure Policy
Explanation Intune Compliance Policies are specifically designed for device configurations, unlike the others.
Q12

You are configuring role-based access control in Azure. What happens when you assign a user the 'Reader' role?

  • A User can modify resources.
  • B User can only view resources.
  • C User can delete resources.
  • D User can add new resources.
Explanation The 'Reader' role allows viewing only, restricting alterations or deletions.
Q13

Which Azure service offers insights into security vulnerabilities?

  • A Azure Security Center
  • B Azure Storage
  • C Azure Active Directory
  • D Azure Monitor
Explanation Azure Security Center provides tools for security management, while the others focus on storage, identity, or performance monitoring.
Q14

You are configuring Azure Endpoint Security. What happens when you enable attack surface reduction?

  • A Blocks all Windows Firewall rules
  • B Reduces risk of malware execution
  • C Increases CPU usage significantly
  • D Disables antivirus software
Explanation Enabling attack surface reduction helps mitigate threat risks, unlike the other options which incorrectly suggest detrimental effects.
Q15

A company needs a solution for managing device compliance. Which Azure feature should they use?

  • A Intune Compliance Policies
  • B Azure Resource Manager
  • C Virtual Network Peering
  • D Azure Monitor Alerts
Explanation Intune Compliance Policies specifically manage device compliance, while the others serve different purposes.
Q16

Which service in Azure allows secure file sharing via SMB?

  • A Azure Files
  • B Blob Storage
  • C Azure Disks
  • D Data Lake Storage
Explanation Azure Files provides SMB share functionality, while others do not support this directly.
Q17

A company needs to deploy a new Windows 10 application to all devices in its Azure AD tenant. What is the most efficient way to ensure all users can access it?

  • A Use Microsoft Intune
  • B Deploy via direct download
  • C Host on Azure Web Apps
  • D Use Remote Desktop
Explanation Microsoft Intune provides streamlined deployment for applications to managed devices.
Q18

What happens when you configure Azure AD Conditional Access to require MFA for certain users?

  • A All users must use MFA
  • B Only specific users must use MFA
  • C No users can access without MFA
  • D MFA is enforced only for admins
Explanation Conditional Access allows targeted MFA enforcement based on user configurations, not all users.
Q19

Which Azure service is best for managing user identities?

  • A Azure Active Directory
  • B Azure Firewall
  • C Azure Storage
  • D Azure Virtual Machines
Explanation Azure Active Directory manages user identities, while the others serve different purposes.
Q20

A company needs to implement multi-factor authentication (MFA) for its users. Which method can be used for MFA in Azure?

  • A Password only
  • B Phone call or text
  • C Token generation only
  • D Biometrics alone
Explanation Phone calls or texts are methods supported by Azure MFA, whereas the others do not provide complete MFA solutions.