ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 291 discussion

Actual exam question from Microsoft's MD-102
Question #: 291
Topic #: 1
[All MD-102 Questions]

HOTSPOT
-

You have a Microsoft 365 E5 subscription and use Microsoft Intune. The subscription contains a Microsoft Entra tenant that syncs with an on-premises Active Directory Domain Services (AD DS) domain. The tenant has Windows Local Administrator Password Solution (Windows LAPS) enabled.

You have the Windows devices shown in the following table.



You have an Endpoint security policy that is configured as shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by tonyyang1091 at Oct. 12, 2024, 1:53 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tonyyang1091
Highly Voted 4 months, 2 weeks ago
Answers are correct. Device 1 Yes Enrolled in Intune. Password will not backup, but reset will still apply. Device 2 Yes Backup is set to Azure AD Device 3 No Entra joined and not enrolled in Intune = Windows LAPS has to be setup manually.
upvoted 5 times
Meek_Learner
2 weeks, 6 days ago
The local administrator password of Device1 will be reset every 30 days = No Reason: Device1 is joined to the AD DS domain (simple words; Domain joined) and enrolled in Intune, but it is not Microsoft Entra joined, or hybrid joined. The Endpoint security policy (Policy1) is configured to back up the password to "Azure AD only" (Microsoft Entra ID). However, since Device1 is not connected to Microsoft Entra ID, it cannot store its local administrator password there.
upvoted 1 times
Meek_Learner
2 weeks, 6 days ago
While the policy will apply to Device1 due to its Intune enrolment, the password reset mechanism won't function correctly because of the mismatch between the device's join state and the backup directory setting. The policy requires Azure AD (Microsoft Entra ID) for password backup, which is not available for a purely AD DS domain-joined device. Therefore, the local administrator password of Device1 will not be reset every 30 days as intended by the policy. The LAPS functionality will be incomplete for this device due to the inability to back up the password to the specified location.
upvoted 1 times
...
...
...
batang_aratan
Most Recent 1 week, 3 days ago
NYN - LAPS is supported on Microsoft Entra joined or Microsoft Entra hybrid joined devices only. Microsoft Entra registered devices aren't supported. https://learn.microsoft.com/en-us/entra/identity/devices/howto-manage-local-admin-passwords#required-roles-or-permission
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago