You have a Microsoft 365 subscription.

You need provide a user the ability to disable Security defaults and principle of least privilege.

Which role should you assign to the user?

A. Global Administrator

B. Conditional Access Administrator

C. Security Administrator

D. Intune Administrator

You have an Azure AD tenant named contoso.com.

You plan to use Windows Autopilot to configure the Windows 10 devices shown in the following table.



Which devices can be configured by using Windows Autopilot self-deploying mode?

A. Device2 only

B. Device3 only

C. Device2 and Devnce3 only

D. Device 1, Device2, and Device3

You have a Microsoft 365 subscription.

You use Microsoft Intune to manage Windows 11 devices.

You need to implement Windows Local Administrator Password Solution (Windows LAPS).

What should you configure?

A. a device compliance policy

B. an app protection policy

C. an account protection policy

D. a configuration profile

You have a Microsoft 365 ES subscription.

You use Microsoft Intune to manage all devices.

You need to prepare a Win32 app named Appl.exe for deployment.

What should you do first?

A. From the Microsoft Intune admin center, create an app configuration policy.

B. Change App1.exe to the INIUNEW1N format.

C. From the Microsoft 365 Apps admin center, create a deployment configuration

D. Upload App1 exe to Azure Blob Storage.

You have a Microsoft 365 E5 subscription and use Microsoft Intune Suite.

You plan to use Intune to run remediation script packages.

What should you do first in the Microsoft Intune admin center?

A. Enable Windows diagnostic data in processor configuration.

B. Upload a Windows enterprise certificate.

C. Enable Windows license verification.

D. Configure the Derived Credential settings.

You have a Microsoft 365 subscription.

You use Microsoft Intune to manage all devices.

Users have iOS devices with Microsoft apps installed.

You need to prevent users from cutting, copying, and pasting data between Microsoft Excel and other apps installed on the devices.

What should you configure?

A. an iOS app provisioning profile

B. policies for Microsoft Office apps

C. an app configuration policy

D. an app protection policy

You have the Microsoft Deployment Toolkit (MDT) installed in three sites as shown in the following table.



You use Distributed File System (DFS) Replication to replicate images in a share named Production.

You configure the following settings in the Bootstrap.ini file.

You have an on-premises server named Server! that hosts a Microsoft Deployment Toolkit (MDT) deployment share named MDT1. You need to ensure that MDT1 supports multicast deployments. What should you install on Server1?

A. Multipath I/O (MPIO)

B. Multipoint Connector

C. Windows Deployment Services (WDS)

D. Windows Server Update Services (WSUS)

You have a Microsoft 365 ES subscription that includes Microsoft Intune.

The subscription contains Android Enterprise devices that are enrolled in Intune and have personally-owned work profiles. All the Android devices are members of a group named Group1.

You need to ensure that end users and Intune administrators receive an email message when an Android device does not have an up-to-date security provider

Which actions should you perform from the Microsoft Intune admin center in sequence? To answer, drag the appropriate actions to the correct order. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 tenant that contains Windows devices enrolled in Microsoft Intune as shown in the following table.

You create an Endpoint Privilege Management (EPM) elevation settings policy named

ElevationSettmgsl that has the following settings:

• Endpoint Privilege Management: Enabled

o Default elevation response: Require user confirmation

o Validation: Business justification

• Assignments: Group1 Each device contains a file named File1.exe that can be run only by an administrator. You create an EPM elevation rules policy named ElevattonRules1 that has the following settings:

• Rule name: Rule1

o Elevation type: Automatic

o File name: Filel.exe

o File hash:

• Assignments: Group2

For each of the following statements, select Yes if the statement is true. Otherwise, select

NOTE: Each correct selection is worth one point.