HOTSPOT (Drag and Drop is not supported)
You have an Azure AD tenant named contoso.com that contains the users shown in the following table.
You have a computer named Computer1 that runs Windows 10. Computer1 is in a workgroup and has the local users shown in the following table.
UserA joins Computer1 to Azure AD by using user1@contoso.com.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
- See Explanation section for answer.
Answer(s): A
Explanation:
Box 1: No
Users may join devices to Azure AD: This setting enables you to select the users who can register their devices as Azure AD joined devices. The default is All.
Box 2: Yes
Admin1@contoso.com is a Azure AD security administrator
Security Administrator
Users with this role have permissions to manage security-related features in the Microsoft 365 Defender portal, Azure Active Directory Identity Protection, Azure
Active Directory Authentication, Azure Information Protection, and Office 365 Security & Compliance Center.
This includes:
* Microsoft Defender for Endpoint
Assign roles
Manage machine groups
Configure endpoint threat detection and automated remediation
View, investigate, and respond to alerts
View machines/device inventory
Box 3: No
Admin2@contoso.com is a Azure AD Cloud device administrator.
Cloud Device Administrator -
Users in this role can enable, disable, and delete devices in Azure AD and read Windows 10 BitLocker keys (if present) in the Azure portal. The role does not grant permissions to manage any other properties on the device.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal#configure-device-settings https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-administrator