Free MD-101 Exam Braindumps

Testlet 1
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

General Overview
Litware, Inc. is an international manufacturing company that has 3,000 employees. The company has sales, marketing, research, human resources (HR), development, and IT departments.

Litware has two main offices in New York and Los Angeles. Litware has five branch offices in Asia.

Existing Environment

Current Business Model
The Los Angeles office has 500 developers. The developers work flexible hours ranging from 11 AM to 10 PM.

Litware has a Microsoft System Center 2012 R2 Configuration Manager deployment.

During discovery, the company discovers a process where users are emailing bank account information of its customers to internal and external recipients.

Current Environment
The network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD). The functional level of the forest and the domain is Windows Server 2012 R2. All domain controllers run Windows Server 2012 R2.

Litware has the computers shown in the following table.


The development department uses projects in Azure DevOps to build applications.

Most of the employees in the sales department are contractors. Each contractor is assigned a computer that runs Windows 10. At the end of each contract, the computer is assigned to a different contractor. Currently, the computers are re-provisioned manually by the IT department.

Problem Statements
Litware identifies the following issues on the network:

-Employees in the Los Angeles office report slow Internet performance when updates are downloading. The employees also report that the updates frequently consume considerable resources when they are installed. The Update settings are configured as shown in the Updates exhibit. (Click the Updates button.)
-Management suspects that the source code for the proprietary applications in Azure DevOps in being shared externally.
-Re-provisioning the sales department computers is too time consuming.

Requirements

Business Goals
Litware plans to transition to co-management for all the company-owned Windows 10 computers.

Whenever possible, Litware wants to minimize hardware and software costs.

Device Management Requirements
Litware identifies the following device management requirements:

-Prevent the sales department employees from forwarding email that contains bank account information.
-Ensure that Microsoft Edge Favorites are accessible from all computers to which the developers sign in.
-Prevent employees in the research department from copying patented information from trusted applications to untrusted applications.

Technical Requirements
Litware identifies the following technical requirements for the planned deployment:

-Re-provision the sales department computers by using Windows AutoPilot.
-Ensure that the projects in Azure DevOps can be accessed from the corporate network only.
-Ensure that users can sign in to the Azure AD-joined computers by using a PIN. The PIN must expire every 30 days.
-Ensure that the company name and logo appears during the Out of Box Experience (OOBE) when using Windows AutoPilot.

Exhibits

Testlet 2
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. Contoso has the users and computers shown in the following table.


The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments. Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.

Existing Environment
The network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10 Enterprise.
The computers are managed by using Microsoft System Center Configuration Manager. The mobile devices are managed by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four numbers, for example, FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organization unit (OU) that contains a child OU named Computers. Each computer account is in the Computers OU of its respective department.

Intune Configuration


Requirements

Planned Changes
Contoso plans to implement the following changes:

-Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled and were purchased already.
-Start using a free Microsoft Store for Business app named App1.
-Implement co-management for the computers.

Technical Requirements:
Contoso must meet the following technical requirements:

-Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
-Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
-Monitor the computers in the LEG department by using Windows Analytics.
-Create a provisioning package for new computers in the HR department.
-Block iOS devices from sending diagnostic and usage telemetry data.
-Use the principle of least privilege whenever possible.
-Enable the users in the MKG department to use App1.
-Pilot co-management for the IT department.
-

Testlet 3

Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.
Contoso has a Microsoft 365 E5 subscription.

Environment
Network Environment
The network contains an on-premises Active Directory domain named contoso.com. The domain contains the servers shown in the following table.


Contoso has a hybrid Azure Active Directory (Azure AD) tenant named contoso.com.
Contoso has a Microsoft Store for Business instance.

Users and Groups
The contoso.com tenant contains the users shown in the following table.


All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3 license. Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have a Membership type of Assigned.

Devices
Contoso has the Windows 10 devices shown in the following table.


The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:
\Folder1.

Microsoft Endpoint Manager Configuration
Microsoft Endpoint Manager has the compliance policies shown in the following table.


The Compliance policy settings are shown in the following exhibit.


The Automatic Enrollment settings have the following configurations:
-MDM user scope: GroupA
-MAM user scope: GroupB

You have an Endpoint protection configuration profile that has the following Controlled folder access settings:

-Name: Protection1
-Folder protection: Enable
-List of apps that have access to protected folders: C:\*\AppA.exe
-List of additional folders that need to be protected: D:\Folder1
-Assignments:
-Included groups: Group2, GroupB

Windows Autopilot Configuration
Contoso has a Windows Autopilot deployment profile configured as shown in the following exhibit.



Currently, there are no devices deployed by using Window Autopilot.
The Intune connector for Active Directory is installed on Server1.

Requirements
Planned Changes
Contoso plans to implement the following changes:

-Purchase a new Windows 10 device named Device6 and enroll the device in Intune.
-New computers will be deployed by using Windows Autopilot and will be hybrid Azure AD joined.

-Deploy a network boundary configuration profile that will have the following settings:
-Name: Boundary1
-Network boundary: 192.168.1.0/24
-Scope tags: Tag1
-Assignments:
-- Included groups: Group1, Group2

-Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following settings:
-Name: Connection1
-Connection name: VPN1
-Connection type: L2TP

-Assignments:
-- Included groups: Group1, Group2, GroupA
-- Excluded groups: --

-Name: Connection2
-Connection name: VPN2
-Connection type: IKEv2
-Assignments:
-- Included groups: GroupA
-- Excluded groups: GroupB

-Purchase an app named App1 that is available in Microsoft Store for Business and to assign the app to all the users.

Technical Requirements
Contoso must meet the following technical requirements:
-Users in GroupA must be able to deploy new computers.
-Administrative effort must be minimized.
-

This Exam Topic does not have a case study.

Testlet 1
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

General Overview
Litware, Inc. is an international manufacturing company that has 3,000 employees. The company has sales, marketing, research, human resources (HR), development, and IT departments.

Litware has two main offices in New York and Los Angeles. Litware has five branch offices in Asia.

Existing Environment

Current Business Model
The Los Angeles office has 500 developers. The developers work flexible hours ranging from 11 AM to 10 PM.

Litware has a Microsoft System Center 2012 R2 Configuration Manager deployment.

During discovery, the company discovers a process where users are emailing bank account information of its customers to internal and external recipients.

Current Environment
The network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD). The functional level of the forest and the domain is Windows Server 2012 R2. All domain controllers run Windows Server 2012 R2.

Litware has the computers shown in the following table.


The development department uses projects in Azure DevOps to build applications.

Most of the employees in the sales department are contractors. Each contractor is assigned a computer that runs Windows 10. At the end of each contract, the computer is assigned to a different contractor. Currently, the computers are re-provisioned manually by the IT department.

Problem Statements
Litware identifies the following issues on the network:

-Employees in the Los Angeles office report slow Internet performance when updates are downloading. The employees also report that the updates frequently consume considerable resources when they are installed. The Update settings are configured as shown in the Updates exhibit. (Click the Updates button.)
-Management suspects that the source code for the proprietary applications in Azure DevOps in being shared externally.
-Re-provisioning the sales department computers is too time consuming.

Requirements

Business Goals
Litware plans to transition to co-management for all the company-owned Windows 10 computers.

Whenever possible, Litware wants to minimize hardware and software costs.

Device Management Requirements
Litware identifies the following device management requirements:

-Prevent the sales department employees from forwarding email that contains bank account information.
-Ensure that Microsoft Edge Favorites are accessible from all computers to which the developers sign in.
-Prevent employees in the research department from copying patented information from trusted applications to untrusted applications.

Technical Requirements
Litware identifies the following technical requirements for the planned deployment:

-Re-provision the sales department computers by using Windows AutoPilot.
-Ensure that the projects in Azure DevOps can be accessed from the corporate network only.
-Ensure that users can sign in to the Azure AD-joined computers by using a PIN. The PIN must expire every 30 days.
-Ensure that the company name and logo appears during the Out of Box Experience (OOBE) when using Windows AutoPilot.

Exhibits

Testlet 2
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. Contoso has the users and computers shown in the following table.


The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments. Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.

Existing Environment
The network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10 Enterprise.
The computers are managed by using Microsoft System Center Configuration Manager. The mobile devices are managed by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four numbers, for example, FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organization unit (OU) that contains a child OU named Computers. Each computer account is in the Computers OU of its respective department.

Intune Configuration


Requirements

Planned Changes
Contoso plans to implement the following changes:

-Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled and were purchased already.
-Start using a free Microsoft Store for Business app named App1.
-Implement co-management for the computers.

Technical Requirements:
Contoso must meet the following technical requirements:

-Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
-Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
-Monitor the computers in the LEG department by using Windows Analytics.
-Create a provisioning package for new computers in the HR department.
-Block iOS devices from sending diagnostic and usage telemetry data.
-Use the principle of least privilege whenever possible.
-Enable the users in the MKG department to use App1.
-Pilot co-management for the IT department.

Testlet 3
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.
Contoso has a Microsoft 365 E5 subscription.

Environment
Network Environment
The network contains an on-premises Active Directory domain named contoso.com. The domain contains the servers shown in the following table.


Contoso has a hybrid Azure Active Directory (Azure AD) tenant named contoso.com.
Contoso has a Microsoft Store for Business instance.

Users and Groups
The contoso.com tenant contains the users shown in the following table.


All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3 license. Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have a Membership type of Assigned.

Devices
Contoso has the Windows 10 devices shown in the following table.


The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:
\Folder1.

Microsoft Endpoint Manager Configuration
Microsoft Endpoint Manager has the compliance policies shown in the following table.


The Compliance policy settings are shown in the following exhibit.


The Automatic Enrollment settings have the following configurations:
-MDM user scope: GroupA
-MAM user scope: GroupB

You have an Endpoint protection configuration profile that has the following Controlled folder access settings:

-Name: Protection1
-Folder protection: Enable
-List of apps that have access to protected folders: C:\*\AppA.exe
-List of additional folders that need to be protected: D:\Folder1
-Assignments:
-Included groups: Group2, GroupB

Windows Autopilot Configuration
Contoso has a Windows Autopilot deployment profile configured as shown in the following exhibit.



Currently, there are no devices deployed by using Window Autopilot.
The Intune connector for Active Directory is installed on Server1.

Requirements
Planned Changes
Contoso plans to implement the following changes:

-Purchase a new Windows 10 device named Device6 and enroll the device in Intune.
-New computers will be deployed by using Windows Autopilot and will be hybrid Azure AD joined.

-Deploy a network boundary configuration profile that will have the following settings:
-Name: Boundary1
-Network boundary: 192.168.1.0/24
-Scope tags: Tag1
-Assignments:
-- Included groups: Group1, Group2

-Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following settings:
-Name: Connection1
-Connection name: VPN1
-Connection type: L2TP

-Assignments:
-- Included groups: Group1, Group2, GroupA
-- Excluded groups: --

-Name: Connection2
-Connection name: VPN2
-Connection type: IKEv2
-Assignments:
-- Included groups: GroupA
-- Excluded groups: GroupB

-Purchase an app named App1 that is available in Microsoft Store for Business and to assign the app to all the users.

Technical Requirements
Contoso must meet the following technical requirements:
-Users in GroupA must be able to deploy new computers.
-Administrative effort must be minimized.
-

This Exam Topic does not have a case study.

Testlet 1
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. Contoso has the users and computers shown in the following table.


The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments. Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.

Existing Environment
The network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10 Enterprise.
The computers are managed by using Microsoft System Center Configuration Manager. The mobile devices are managed by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four numbers, for example, FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organization unit (OU) that contains a child OU named Computers. Each computer account is in the Computers OU of its respective department.

Intune Configuration


Requirements

Planned Changes
Contoso plans to implement the following changes:

-Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled and were purchased already.
-Start using a free Microsoft Store for Business app named App1.
-Implement co-management for the computers.

Technical Requirements:
Contoso must meet the following technical requirements:

-Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
-Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
-Monitor the computers in the LEG department by using Windows Analytics.
-Create a provisioning package for new computers in the HR department.
-Block iOS devices from sending diagnostic and usage telemetry data.
-Use the principle of least privilege whenever possible.
-Enable the users in the MKG department to use App1.
-Pilot co-management for the IT department.
-

This Exam Topic does not have a case study.

Testlet 1
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.
Contoso has a Microsoft 365 E5 subscription.

Environment
Network Environment
The network contains an on-premises Active Directory domain named contoso.com. The domain contains the servers shown in the following table.


Contoso has a hybrid Azure Active Directory (Azure AD) tenant named contoso.com.
Contoso has a Microsoft Store for Business instance.

Users and Groups
The contoso.com tenant contains the users shown in the following table.


All users are assigned a Microsoft Office 365 license and an Enterprise Mobility + Security E3 license. Enterprise State Roaming is enabled for Group1 and GroupA.
Group1 and Group2 have a Membership type of Assigned.

Devices
Contoso has the Windows 10 devices shown in the following table.


The Windows 10 devices are joined to Azure AD and enrolled in Microsoft Intune.
The Windows 10 devices are configured as shown in the following table.

All the Azure AD joined devices have an executable file named C:\AppA.exe and a folder named D:
\Folder1.

Microsoft Endpoint Manager Configuration
Microsoft Endpoint Manager has the compliance policies shown in the following table.


The Compliance policy settings are shown in the following exhibit.


The Automatic Enrollment settings have the following configurations:
-MDM user scope: GroupA
-MAM user scope: GroupB

You have an Endpoint protection configuration profile that has the following Controlled folder access settings:

-Name: Protection1
-Folder protection: Enable
-List of apps that have access to protected folders: C:\*\AppA.exe
-List of additional folders that need to be protected: D:\Folder1
-Assignments:
-Included groups: Group2, GroupB

Windows Autopilot Configuration
Contoso has a Windows Autopilot deployment profile configured as shown in the following exhibit.



Currently, there are no devices deployed by using Window Autopilot.
The Intune connector for Active Directory is installed on Server1.

Requirements
Planned Changes
Contoso plans to implement the following changes:

-Purchase a new Windows 10 device named Device6 and enroll the device in Intune.
-New computers will be deployed by using Windows Autopilot and will be hybrid Azure AD joined.

-Deploy a network boundary configuration profile that will have the following settings:
-Name: Boundary1
-Network boundary: 192.168.1.0/24
-Scope tags: Tag1
-Assignments:
-- Included groups: Group1, Group2

-Deploy two VPN configuration profiles named Connection1 and Connection2 that will have the following settings:
-Name: Connection1
-Connection name: VPN1
-Connection type: L2TP

-Assignments:
-- Included groups: Group1, Group2, GroupA
-- Excluded groups: --

-Name: Connection2
-Connection name: VPN2
-Connection type: IKEv2
-Assignments:
-- Included groups: GroupA
-- Excluded groups: GroupB

-Purchase an app named App1 that is available in Microsoft Store for Business and to assign the app to all the users.

Technical Requirements
Contoso must meet the following technical requirements:
-Users in GroupA must be able to deploy new computers.
-Administrative effort must be minimized.

Testlet 2
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

General Overview
Litware, Inc. is an international manufacturing company that has 3,000 employees. The company has sales, marketing, research, human resources (HR), development, and IT departments.

Litware has two main offices in New York and Los Angeles. Litware has five branch offices in Asia.

Existing Environment

Current Business Model
The Los Angeles office has 500 developers. The developers work flexible hours ranging from 11 AM to 10 PM.

Litware has a Microsoft System Center 2012 R2 Configuration Manager deployment.

During discovery, the company discovers a process where users are emailing bank account information of its customers to internal and external recipients.

Current Environment
The network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD). The functional level of the forest and the domain is Windows Server 2012 R2. All domain controllers run Windows Server 2012 R2.

Litware has the computers shown in the following table.


The development department uses projects in Azure DevOps to build applications.

Most of the employees in the sales department are contractors. Each contractor is assigned a computer that runs Windows 10. At the end of each contract, the computer is assigned to a different contractor. Currently, the computers are re-provisioned manually by the IT department.

Problem Statements
Litware identifies the following issues on the network:

-Employees in the Los Angeles office report slow Internet performance when updates are downloading. The employees also report that the updates frequently consume considerable resources when they are installed. The Update settings are configured as shown in the Updates exhibit. (Click the Updates button.)
-Management suspects that the source code for the proprietary applications in Azure DevOps in being shared externally.
-Re-provisioning the sales department computers is too time consuming.

Requirements

Business Goals
Litware plans to transition to co-management for all the company-owned Windows 10 computers.

Whenever possible, Litware wants to minimize hardware and software costs.

Device Management Requirements
Litware identifies the following device management requirements:

-Prevent the sales department employees from forwarding email that contains bank account information.
-Ensure that Microsoft Edge Favorites are accessible from all computers to which the developers sign in.
-Prevent employees in the research department from copying patented information from trusted applications to untrusted applications.

Technical Requirements
Litware identifies the following technical requirements for the planned deployment:

-Re-provision the sales department computers by using Windows AutoPilot.
-Ensure that the projects in Azure DevOps can be accessed from the corporate network only.
-Ensure that users can sign in to the Azure AD-joined computers by using a PIN. The PIN must expire every 30 days.
-Ensure that the company name and logo appears during the Out of Box Experience (OOBE) when using Windows AutoPilot.

Exhibits

Testlet 3
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the question button to return to the question.

Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. Contoso has the users and computers shown in the following table.


The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments. Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.

Existing Environment
The network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10 Enterprise.
The computers are managed by using Microsoft System Center Configuration Manager. The mobile devices are managed by using Microsoft Intune.

The naming convention for the computers is the department acronym, followed by a hyphen, and then four numbers, for example, FIN-6785. All the computers are joined to the on-premises Active Directory domain.

Each department has an organization unit (OU) that contains a child OU named Computers. Each computer account is in the Computers OU of its respective department.

Intune Configuration


Requirements

Planned Changes
Contoso plans to implement the following changes:

-Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled and were purchased already.
-Start using a free Microsoft Store for Business app named App1.
-Implement co-management for the computers.

Technical Requirements:
Contoso must meet the following technical requirements:

-Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
-Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
-Monitor the computers in the LEG department by using Windows Analytics.
-Create a provisioning package for new computers in the HR department.
-Block iOS devices from sending diagnostic and usage telemetry data.
-Use the principle of least privilege whenever possible.
-Enable the users in the MKG department to use App1.
-Pilot co-management for the IT department.

This Exam Topic does not have a case study.

This Exam Topic does not have a case study.