You have a Microsoft 365 subscription.

You plan to enable Microsoft Intune enrollment for the following types of devices:

• Existing Windows 11 devices managed by using Configuration Manager

• Personal iOS devices

The solution must minimize user disruption.

Which enrollment method should you use for each device type? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have an Azure AD tenant that contains the users shown in the following table.



You have the devices shown in the following table.



You have a Conditional Access policy named CAPolicy1 that has the following settings:

• Assignments

o Users or workload identities: User 1. User1

o Cloud apps or actions: Office 365 Exchange Online

o Conditions: Device platforms: Windows, iOS

• Access controls

o Grant Require multi-factor authentication

You have a Conditional Access policy named CAPolicy2 that has the following settings:

Assignments

o Users or workload identities: Used, User2

o Cloud apps or actions: Office 365 Exch

o Conditions

Device platforms: Android, iOS

Filter for devices

Device matching the rule: Exclude filtered devices from policy

Rule syntax: device. displayName- contains "1"

Access controls

Grant Block access

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You have a Microsoft 365 subscription that includes Microsoft Intune.

You have 500 corporate-owned Android devices enrolled as fully managed devices.

You need to prepare an app named App1 for deployment to the devices.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point,

A. From the Intune Company Portal, download Appl.

B. Create an OEMConfig profile.

C. From the Managed Google Play Store, approve App1.

D. Sync App1 with Intune.

You have a Microsoft 365 E5 subscription that contains a user named User! and a web app named Appl.

App1 must only accept modern authentication requests.

You plan to create a Conditional Access policy named CAPolicy1 that will have the following settings:

• Assignments

° Users or workload identities: User1

° Cloud apps or actions: App1

• Access controls

° Grant: Block access

You need to block only legacy authentication requests to Appl. Which condition should you add to CAPolicy1?

A. Filter for devices

B. Device platforms

C. User risk

D. Sign-in risk

E. Client apps

You have a Microsoft 365 subscription.

All users have Microsoft 365 apps deployed.

You need to configure Microsoft 365 apps to meet the following requirements:

• Enable the automatic installation of WebView2 Runtime.

• Prevent users from submitting feedback.

Which two settings should you configure in the Microsoft 365 Apps admin center? To answer, select the appropriate settings in the answer area.

NOTE: Each correct selection is worth one point.

Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.

After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.

You have a Microsoft Entra tenant named contoso.com.

You purchase an Android device named Device1.

You need to register Device1 in contoso.com.

Solution; You use the Microsoft Authenticator app.

Does this meet the goal?

A. Yes

B. No

You have a Microsoft Entra tenant named contoso.com.

You manage devices by using Microsoft Intune. Automatic Intune enrollment is disabled.

Users report that they must enter the mobile device management (MDM) server address during device enrollment.

To reduce user interaction during device enrollment, you plan to create the following CNAME DNS hostname records:

EnterpriseEnrollment.contoso.com

EnterpriseRegistration.contoso.com

You need to configure a fully qualified domain name (FQDN) for each CNAME record to redirect enrollment requests to the Intune servers.

How should you configure each FQDN? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Hyper-V host that contains the virtual machines shown in the following table.



On which virtual machines can you install Windows 11?

A. VM1 only

B. VM3only

C. VM1 and VM2 only

D. VM2 and VM3 only

E. VM1, VM2, and VM3

You have a Microsoft 365 subscription that contains 1,000 iOS devices and includes Microsoft Intune. You need to prevent the printing of corporate data from managed apps on the devices, should you configure?

A. an app configuration policy

B. a security baseline

C. an app protection policy

D. an iOS app provisioning profile

You have a Microsoft 365 tenant that uses Microsoft Intune.

You use the Company Portal app to access and install published apps to enrolled devices.

From the Microsoft Intune admin center, you add a Microsoft Store app.

Which two App information types are visible in the Company Portal?

NOTE: Each correct selection is worth one point.

A. Privacy URL

B. Information URL

C. Developer

D. Owner