Free MD-101 Exam Braindumps (page: 54)

Page 54 of 105

HOTSPOT (Drag and Drop is not supported)
You have a Microsoft 365 E5 tenant that connects to Microsoft Defender for Endpoint.
You have devices enrolled in Microsoft Intune as shown in the following table.

You plan to use risk levels in Microsoft Defender for Endpoint to identify whether a device is compliant. Noncompliant devices must be blocked from accessing corporate resources.
You need to identify which devices can be onboarded to Microsoft Defender for Endpoint, and which Endpoint security policies must be configured.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Device 1, Device2, Device 3, and Device 4
Supported Windows versions include Windows 8.1 and Windows 10
Other supported operating systems

Android
iOS
Linux
macOS
Box 2: Device configuration profile, device compliance policy, and conditional access policy
We need all three policies.
Establish a service-to-service connection between Intune and Microsoft Defender for Endpoint. This connection lets Microsoft Defender for Endpoint collect data about machine risk from supported devices you manage with Intune.
Use a device configuration profile to onboard devices with Microsoft Defender for Endpoint. You onboard devices to configure them to communicate with Microsoft
Defender for Endpoint and to provide data that helps assess their risk level.
Use a device compliance policy to set the level of risk you want to allow. Risk levels are reported by Microsoft Defender for Endpoint. Devices that exceed the allowed risk level are identified as noncompliant.
Use a conditional access policy to block users from accessing corporate resources from devices that are noncompliant.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/minimum-requirements https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection#onboard-devices-by-using-a-configuration-profile



Your on-premises network contains a database server and is accessible by using a VPN server.
You have a Microsoft 365 tenant.
You manage devices by using Microsoft Endpoint Manager.
You have an application named App1 that is deployed to every computer enrolled in Microsoft Intune. Each computer has a VPN profile assigned.
You need to ensure that App1 can access only the database server. App1 must be prevented from accessing other resources on the on-premises network.
What should you modify in the VPN profile?

  1. Proxy
  2. Network traffic rules
  3. DNS Settings
  4. Conditional Access

Answer(s): B

Explanation:

You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.
A network security group contains zero, or as many rules as desired, within Azure subscription limits.


Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview



HOTSPOT (Drag and Drop is not supported)
You have the MDM Security Baseline profile shown in the MDM exhibit. (Click the MDM tab.)


You have the ASR Endpoint Security profile shown in the ASR exhibit. (Click the ASR tab.)


You plan to deploy both profiles to devices enrolled in Microsoft Intune.
You need to identify how the following settings will be configured on the devices:
-Block Office applications from creating executable content
-Block Win32 API calls from Office macro
Currently, the settings are disabled locally on each device.
What are the effective settings on the devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Audit mode
According to the ASR Endpoint Security profile and to the MDM Security Baseline profile
, Block Office applications from creating executable content is set to Audit mode.

Box 2: Disable
Block Win32 API calls from Office macro: According to MDM Security Baseline profile it is set to disable. According to the ASR Endpoint Security profile it is set to
Audit mode.
The profiles are merged. The Baseline profile overrides the Endpoint Security profile.
Note:
When two or more policies have conflicting settings, the conflicting settings are not added to the combined policy, while settings that don't conflict are added to the superset policy that applies to a device.
Attack surface reduction rule merge behavior is as follows:
Endpoint security > Security baselines > Microsoft Defender for Endpoint Baseline > Attack Surface Reduction Rules.
MDM Security Baseline profile ASR Endpoint Security profile.


Reference:

https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-asr-policy



HOTSPOT (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

MFA has a trusted IP address range of 123.30.20.0/24.
You have the Azure AD named locations shown in the following table.

You create a Conditional Access policy that has the following settings:
-Name: CAPolicy1
-Assignments
- Users or workload identities
- Include: Group1
- Cloud apps or actions: App1
-Conditions
- Locations
- Include: All trusted locations
-Access controls
- Grant access
- Require multi-factor authentication

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Yes
Location2 is not trusted.
Box 2: No
Location1 is trusted.
Box 3: No
MFA IP range is also trusted.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa



Page 54 of 105



Post your Comments and Discuss Microsoft MD-101 exam with other Community members:

Goben commented on October 10, 2024
Passed in one shot.
GERMANY
upvote

karol commented on June 22, 2023
Really need this dump.
POLAND
upvote

Paraveen commented on May 19, 2023
I bought the exam dumps questions after reading the reviews. The dumps is very helpful.
INDIA
upvote

Kelly S. commented on July 27, 2022
Thank you Support team for the quick reply and getting me the updated version of the files. I really appreciate it.
SINGAPORE
upvote

Sanket commented on June 24, 2022
I passed my second exam this morning. Good dump and valid questions.
INDIA
upvote

Anita commented on July 19, 2021
The 50% discount makes this well worth it. I bought 2 exams and already passed one.
UNITED STATES
upvote

Xavir commented on July 16, 2021
Good price and good product.
FRANCE
upvote

T-Bone commented on November 09, 2020
Just passed my exam today... wanted to let you guys know.
UNITED STATES
upvote

dboy commented on October 27, 2020
Passed yesterday, great exam stuff!!
NETHERLANDS
upvote