MD-101試験をパスするなら弊社のMicrosoft Windows 10 Release 1809 and later試験パッケージを今すぐゲットして合格せよ
完全版最新の2023年最新のMD-101試験問題集テストガイド、専門トレーニングGoShiken
Microsoft MD-101(最新のデスクトップの管理)認定試験は、Windows 10環境で最新のデスクトップとデバイスの管理と維持を担当するIT専門家のスキルと知識をテストするように設計されています。この試験では、Windows 10の展開と管理、接続の構成、更新の管理、デバイスセキュリティの確保など、さまざまなトピックをカバーしています。
MD-101認証試験では、Windows 10デバイスと更新の管理、ポリシーとプロファイルの管理、アプリとデータの管理、セキュリティの管理など、いくつかのトピックをカバーしています。候補者は、Windows 10を展開および管理し、ポリシーを構成および管理し、デバイスとアプリケーションを監視およびトラブルシューティングする機能についてテストされます。また、最新のデスクトップ管理に関連するセキュリティの概念と実践に関する知識を実証する必要があります。
Microsoft MD-101 認定試験は、Microsoft 365 Certified: Modern Desktop Administrator Associate 認定に含まれる試験です。この認定は、Windows 10 および Microsoft 365 テクノロジに関する経験を持ち、エンタープライズ環境での現代デスクトップとデバイスの管理および展開の専門知識を証明したい IT プロフェッショナル向けに設計されています。この認定により、IT プロフェッショナルは現代デスクトップ管理におけるスキルと知識を検証することで、キャリアを進めることができます。また、この認定は、現代デスクトップとデバイスを効果的に管理して展開できる資格を有する IT プロフェッショナルを特定することで、職場における生産性、効率、セキュリティの向上につながります。
質問 # 56
You are replacing 100 company-owned Windows devices.
You need to use the Microsoft Deployment Toolkit (MDT) to securely wipe and decommission the devices. The solution must meet the following requirements:
Back up the user state.
Minimize administrative effort.
Which task sequence template should you use?
- A. Standard Client Replace Task Sequence
- B. Standard Client Task Sequence
- C. Litetouch OEM Task Sequence
- D. Sysprep and Capture
正解:A
解説:
Reference:
https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/get-started-with-the-microsoftdeployment-toolkit
質問 # 57
Your network contains an Active Directory domain. The domain contains the users shown in the following
table.
You have a server named Server that runs Windows Server 2019 and has the Windows Deployment Services
role installed. Server1 contains an x86 boot image and three Windows 10 install images. The install images are
shown in the following table.
You purchase a computer named Computer1 that is compatible with the 64-bit version of Windows 10.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Box 1: No
User1 is a member of Group1. User1 does not have any permission to Image1.
Box 2: Yes
User1 has read permissions to Image2 through Group1.
Box 3: Yes
User2 has read permissions to Image3 through Group2.
質問 # 58
You have a Microsoft 365 subscription.
Users have iOS devices that are not enrolled in Microsoft 365 Device Management.
You create an app protection policy for the Microsoft Outlook app as shown in the exhibit. (Click the Exhibit tab.)
You need to configure the policy to meet the following requirements:
* Prevent the users from using the Outlook app if the operating system version is less than 12.0.0.
* Require the users to use an alphanumeric passcode to access the Outlook app.
What should you configure in an app protection policy for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
References:
https://docs.microsoft.com/en-us/intune/app-protection-policy-settings-ios
質問 # 59
You have a hybrid Microsoft Azure Active Directory (Azure AD) tenant.
You configure a Windows Autopilot deployment profile as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
References:
https://docs.microsoft.com/en-us/intune/enrollment-autopilot
質問 # 60
Your network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD). The domain contains computers that run Windows 10. The computers are enrolled in Microsoft Intune and Windows Analytics.
Your company protects documents by using Windows Information Protection (WIP).
You need to identify non-approved apps that attempt to open corporate documents.
What should you use?
- A. the Device Health solution in Windows Analytics
- B. Intune Data Warehouse
- C. the App protection status report in Intune
- D. Microsoft Cloud App Security
正解:C
解説:
Explanation
References:
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/wip-
質問 # 61
Your network contains an Active Directory domain. The domain contains computers that are managed by using Microsoft Endpoint Configuration Manager.
You plan to integrate Configuration Manager and Azure as part of a Desktop Analytics implementation.
You create a new organizational unit (OU) and place several test computers that run Windows 10 into the OU.
You need to collect diagnostic data from the test computers to Desktop Analytics.
* App usage and insights data
* Health monitoring data
* Deployment status data
The solution must minimize the data collected.
Which two Group Policy settings should you configure? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Graphical user interface, application, table Description automatically generated with medium confidence
Reference:
https://docs.microsoft.com/en-us/enterprise-threat-detection/collector/collector-client-configuration-windows-10
https://docs.microsoft.com/en-us/mem/configmgr/desktop-analytics/enable-data-sharing
質問 # 62
Your network contains an Active Directory domain. The domain contains the computers shown in the following table.
Microsoft Defender Application Guard is installed on the computers.
Application Guard Group Policy settings are applied to the computers as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard
質問 # 63
Your network contains an Active Directory domain named contoso.com. The domain contains 200 computers that run Windows 10.
Folder Redirection for the Desktop folder is configured as shown in the following exhibit.
The target is set to Server1.
You plan to use known folder redirection in Microsoft OneDrive for Business.
You need to ensure that the desktop content of users remains on their desktop when you implement known folder redirection.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- A. Change the Policy Removal setting.
- B. Clear the Grant the user exclusive rights to Desktop check box.
- C. Clear the Move the contents of Desktop to the new location check box.
- D. Disable Folder Redirection.
正解:A、B
解説:
References:
https://docs.microsoft.com/en-us/onedrive/redirect-known-folders
質問 # 64
You need to meet the technical requirements for Windows AutoPilot.
Which two settings should you configure from the Azure Active Directory blade? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
References:
https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot-reset
質問 # 65
You have a Microsoft Deployment Toolkit (MDT) server named MDT1.
When computers start from the LiteTouchPE_x64.lso image and connect to MDT1. the welcome screen
appears as shown In the following exhibit.
You need to prevent the welcome screen from appearing when the computers connect to MDT1.
Which three actions should you perform in sequence? To answer move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order.
正解:
解説:
Explanation
Box 1: Modify the Bootstrap.ini file.
Add this to your bootstrap.ini file and then update the deployment share and use the new boot media created in
that process:
SkipBDDWelcome=YES
Box 2: Modify the CustomSettings.ini file.
SkipBDDWelcome
Indicates whether the Welcome to Windows Deployment wizard page is skipped.
For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini.
BootStrap.ini is processed before a deployment share (which contains CustomSettings.ini) has been selected.
Box 3: Update the deployment share.
Reference:
https://docs.microsoft.com/en-us/mem/configmgr/mdt/toolkit-reference#table-6-deployment-wizard-pages
質問 # 66
What should you upgrade before you can configure the environment to support co-management?
- A. Windows Server Update Services (WSUS)
- B. the domain controllers
- C. Configuration Manager
- D. the domain functional level
正解:C
解説:
References:
https://docs.microsoft.com/en-us/sccm/comanage/tutorial-co-manage-clients
Topic 2, Contoso Ltd
Contoso Ltd
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.
Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
Contoso has the users and computers shown in the following table.
The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments.
Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.
Existing Environment
The network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).
All member servers run Windows Server 2016. All laptops and desktop computers run Windows 10 Enterprise.
The computers are managed by using Microsoft System Center Configuration Manager. The mobile devices are managed by using Microsoft Intune.
The naming convention for the computers is the department acronym, followed by a hyphen, and then four numbers, for example, FIN-6785. All the computers are joined to the on-premises Active Directory domain.
Each department has an organization unit (OU) that contains a child OU named Computers. Each computer account is in the Computers OU of its respective department.
Intune Configuration
Requirements
Planned Changes
Contoso plans to implement the following changes:
* Provide new computers to the Phoenix office users. The new computers have Windows 10 Pro preinstalled and were purchased already.
* Start using a free Microsoft Store for Business app named App1.
* Implement co-management for the computers.
Technical Requirements:
Contoso must meet the following technical requirements:
* Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
* Deploy Windows 10 Enterprise to the computers of the Phoenix office users by using Windows Autopilot.
* Monitor the computers in the LEG department by using Windows Analytics.
* Create a provisioning package for new computers in the HR department.
* Block iOS devices from sending diagnostic and usage telemetry data.
* Use the principle of least privilege whenever possible.
* Enable the users in the MKG department to use App1.
* Pilot co-management for the IT department.
質問 # 67
You have a Microsoft 365 E5 subscription that contains a user named User1 and the devices shown in the
following table.
User1 can access her Microsoft Exchange Online mailbox from both Device 1 and Device2.
You plan to create a Conditional Access policy named CAPolicy1 that will have the following settings:
* Assignments
* Users or workload identities: User1
* Cloud apps or actions: Office 365 Exchange Online
* Access controls
* Grant: Block access
You need to configure CAPolicy1 to allow mailbox access from Device 1 but block mailbox access from
Device2.
Solution: You add a condition that specifies device platforms.
Does this meet the goal?
- A. Yes
- B. No
正解:B
解説:
Explanation
Instead use solution: You add a condition to filter for devices.
Note: Conditional Access: Filter for devices
When creating Conditional Access policies, administrators have asked for the ability to target or exclude
specific devices in their environment. The condition filter for devices gives administrators this capability. Now
you can target specific devices using supported operators and properties for device filters and the other
available assignment conditions in your Conditional Access policies.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-condition-filters-for-devices
質問 # 68
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a computer named Computer1 that runs Windows 10.
You save a provisioning package named Package1 to a folder named C:\Folder1.
You need to apply Package1 to Computer1.
Solution: From the Settings app, you select , and then you select Add or remove a provisioning package.
Does this meet the goal?
- A. No
- B. Yes
正解:B
解説:
Explanation
To install a provisioning package, navigate to Settings > Accounts > Access work or school > Add or remove a provisioning package > Add a package, and select the package to install.
Reference:
https://docs.microsoft.com/en-us/windows/configuration/provisioning-packages/provisioning-apply-package
質問 # 69
You have a Microsoft 365 subscription.
You need to configure access to Microsoft Office 365 for unmanaged devices. The solution must meet the following requirements:
* Allow only the Microsoft Intune Managed Browser to access Office 365 web interfaces.
* Ensure that when users use the Intune Managed Browser to access Office 365 web interfaces, they can only copy data to applications that are managed by the company.
Which two settings should you configure from the Microsoft Intune blade? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
References:
https://docs.microsoft.com/en-us/intune/app-configuration-managed-browser#application-protection-policies-for
質問 # 70
You need a new conditional access policy that has an assignment for Office 365 Exchange Online.
You need to configure the policy to meet the technical requirements for Group4.
Which two settings should you configure in the policy? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
The policy needs to be applied to Group4 so we need to configure Users and Groups.
The Access controls are set to Block access
We therefore need to exclude compliant devices.
From the scenario:
Ensure that the users in a group named Group4 can only access Microsoft Exchange Online from devices that are enrolled in Intune.
Note: When a device enrolls in Intune, the device information is updated in Azure AD to include the device compliance status. This compliance status is used by conditional access policies to block or allow access to e-mail and other organization resources.
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/conditions
https://docs.microsoft.com/en-us/intune/device-compliance-get-started
質問 # 71
You have a Microsoft 365 E5 subscription and 25 Apple iPads.
You need to enroll the iPads in Microsoft Intune by using the Apple Configurator enrollment method.
What should you do first?
- A. Add your user account as a device enrollment manager (DEM).
- B. Modify the enrollment restrictions.
- C. Configure an Apple MDM push certificate.
- D. Upload a file that has the device identifiers for each iPad.
正解:C
解説:
An Apple MDM Push certificate is required for Intune to manage iOS/iPadOS and macOS devices. After you add the certificate to Intune, your users can enroll their devices.
Reference:
https://docs.microsoft.com/en-us/mem/intune/enrollment/apple-mdm-push-certificate-get
質問 # 72
Your network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD).
You have a Microsoft 365 subscription.
You create a conditional access policy for Microsoft Exchange Online.
You need to configure the policy to prevent access to Exchange Online unless is connecting from a device that is hybrid Azure AD-joined.
Which settings should you configure?
- A. Locations
- B. Device platforms
- C. Device state
- D. Sign-in risk
正解:C
解説:
Explanation/Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/conditions#device-state
質問 # 73
You have a computer named Computer5 that has Windows 10 installed.
You create a Windows PowerShell script named config.ps1.
You need to ensure that config.ps1 runs after feature updates are installed on Computer5.
Which file should you modify on Computer5?
- A. Unattend.xml
- B. SetupConfig.ini
- C. LiteTouch.wsf
- D. Unattend.bat
正解:B
解説:
References:
https://www.joseespitia.com/2017/06/01/how-to-run-a-post-script-after-a-windows-10-feature-upgrade/
質問 # 74
Your company has 200 computers that run Windows 10. The computers are managed by using Microsoft Intune.
Currently, Windows updates are downloaded without using Delivery Optimization.
You need to configure the computers to use Delivery Optimization.
What should you create in Intune?
- A. a device configuration profile
- B. a Windows 10 update ring
- C. a device compliance policy
- D. an app protection policy
正解:A
解説:
Explanation
References:
https://docs.microsoft.com/en-us/intune/delivery-optimization-windows
質問 # 75
Your company standardizes on Windows 10 Enterprise for all users.
Some users purchase their own computer from a retail store. The computers run Windows 10 Pro.
You need to recommend a solution to upgrade the computers to Windows 10 Enterprise, join the computers to Microsoft Azure Active Directory (Azure AD), and install several Microsoft Store apps. The solution must meet the following requirements:
* Ensure that any applications installed by the users are retained.
* Minimize user intervention.
What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal.
Select the BEST answer.
- A. Microsoft Deployment ToolKit (MDT)
- B. Windows AutoPilot
- C. a Windows Configuration Designer provisioning package
- D. Windows Deployment Services (WDS)
正解:C
解説:
Explanation
You use Windows Configuration Designer to create a provisioning package (.ppkg) that contains customization settings. You can apply the provisioning package to a device running Windows 10.
質問 # 76
You have a Microsoft Deployment Toolkit (MDT) deployment share that has a path of D:\MDTShare.
You need to add a feature pack to the boot image.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
解説:
1 - Modify the Windows PE properties of the deployment share.
2 - Copy the feature pack to D:\MDTShare\Tools\x86
3 - Update the deployment share.
Reference:
https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt
質問 # 77
Your company uses Microsoft System Center Configuration Manager (Current Branch) and purchases 365 subscription.
You need to set up Desktop Analytics for Configuration Manager.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/mem/configmgr/desktop-analytics/connect-configmgr
質問 # 78
You need to meet the device management requirements for the developers.
What should you implement?
- A. known folder redirection in Microsoft OneDrive
- B. Enterprise State Roaming
- C. home folders
- D. folder redirection
正解:B
解説:
Litware identifies the following device management requirements:
Ensure that Microsoft Edge Favorites are accessible from all computers to which the developers sign in.
Enterprise State Roaming allows for the synchronization of Microsoft Edge browser setting, including favorites and reading list, across devices.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/enterprise-state-roaming-windows-settings-reference
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.
Overview
Contoso, Ltd, is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
Contoso has the users and computers shown in the following table.
The company has IT, human resources (HR), legal (LEG), marketing (MKG) and finance (FIN) departments.
Contoso uses Microsoft Store for Business and recently purchased a Microsoft 365 subscription.
The company is opening a new branch office in Phoenix. Most of the users in the Phoenix office will work from home.
質問 # 79
......
2023年最新の問題Microsoft Windows 10 Release 1809 and later合格目指してMD-101リアル試験をマスターせよ!:https://www.goshiken.com/Microsoft/MD-101-mondaishu.html
練習問題MD-101には画期的なManaging Modern Desktops練習試験問題:https://drive.google.com/open?id=15vUcA0S6EEIqWHonJOlUbBpmw0sYRCaz