MD-102 Microsoft Endpoint Administrator Free Practice Exam Questions (2025 Updated)
Prepare effectively for your Microsoft MD-102 Endpoint Administrator certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
You have devices enrolled in Microsoft Intune as shown in the following table.
On which devices can you apply app configuration policies?
You have following types of devices enrolled in Microsoft Intune:
• Windows 10
• Android
• iOS
For which types of devices can you create VPN profiles in Microsoft Intune admin center?
Your network contains an Active Directory domain. The domain contains 1.000 computers that run Windows 11.
You need to configure the Remote Desktop settings of all the computers. The solution must meet the following requirements:
• Prevent the sharing of clipboard contents.
• Ensure that users authenticate by using Network Level Authentication (NLA).
Which two nodes of the Group Policy Management Editor should you use? To answer, select the appropriate nodes in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure AD tenant named contoso.com.
You plan to purchase 25 computers that run Windows 11. You plan to deliver the computers directly to users.
You need to ensure that during the out-of-box experience (OBE), users are prompted to sign in, and then the computers are configured to use Microsoft Intune.
Which two components should you configure? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have computer that run Windows 10 and connect to an Azure Log Analytics workspace. The workspace is configured to collect all available events from Windows event logs.
The computers have the logged events shown in the following table.
Which events are collected in the Log Analytics workspace?
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains 100 client computers that run Windows 10.
Currently, your company does NOT have a deployment infrastructure.
The company purchases Windows 11 licenses through a volume licensing agreement.
You need to recommend how to upgrade the computers to Windows 11. The solution must minimize licensing costs.
What should you include in the recommendation?
-
You manage a Microsoft Deployment Toolkit (MDT) deployment share named DS1. DS1 contains an Out-of-Box Drivers folder named Windows 11 x64 that has subfolders in the format of {make name}\{model name}.
You need to modify a deployment task sequence to ensure that all the drivers in the folder that match the make and model of the computers are installed without using PnP detection or selection profiles.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have the MDM Security Baseline profile shown in the MDM exhibit. (Click the MDM tab.)
You have the ASR Endpoint Security profile shown in the ASR exhibit. (Click the ASR tab.)
You plan to deploy both profiles to devices enrolled in Microsoft Intune. You need to identify how the following settings will be configured on the devices:
• Block Office applications from creating executable content
• Block Win32 API calls from Office macro
Currently, the settings are disabled locally on each device.
What are the effective settings on the devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription that contains a user named User1 and uses Microsoft Intune Suite.
You use Microsoft Intune to manage devices that run Windows 11.
User1 provides remote support for 75 devices in the marketing department.
You need to add User1 to the Remote Desktop Users group on each marketing department device.
What should you configure?
You have a Microsoft 365 E5 subscription and use Microsoft Intune Suite.
You plan to use Intune to run remediation script packages.
What should you do first in the Microsoft Intune admin center?
You have a Microsoft 365 subscription.
You have 10 computers that run Windows 10 and are enrolled in mobile device management (MDM).
You need to deploy the Microsoft 36S Apps for enterprise suite to all the computers.
What should you do?
You have a Microsoft 365 subscription. The subscription contains 500 computers that run Windows 11 and are enrolled in Microsoft Intune. You need to manage the deployment of monthly security updates. The solution must meet the following requirements:
• Updates must be deployed to a group of test computers for quality assurance.
• Updates must be deployed automatically 15 days after the quality assurance testing.
What should you create in the Microsoft Intune admin center?
