MD-102 Managing Identity and Access 2

Question 1

An administrator wants to require devices to be Azure AD joined before granting access to a SharePoint site. Which policy type should be used?

Accepted Answer

Azure AD Conditional Access policy

Answer

An Azure AD Conditional Access policy can require a device to be Azure AD joined as a condition before granting access to specific cloud apps like SharePoint.

Question 2

A user has left the organization. Which action should an administrator take in Azure AD to immediately prevent the user from signing in?

Accepted Answer

Disable the user account

Answer

Disabling the user account in Azure AD immediately prevents sign-in while preserving the account, licenses, and data for potential recovery.

Question 3

Which Azure AD feature can automatically detect risky sign-in events and prompt for MFA or block access based on a risk score?

Accepted Answer

Identity Protection

Answer

Azure AD Identity Protection evaluates sign-in risk using machine learning and can automatically enforce MFA or block access based on the detected risk level.

Question 4

An organization uses Hybrid Azure AD Join. What tool is used to synchronize on-premises AD accounts to Azure AD?

Accepted Answer

Azure AD Connect

Answer

Azure AD Connect is the Microsoft tool that synchronizes on-premises Active Directory identities, including device objects, to Azure AD.

Question 5

Which license is required to use Azure AD Privileged Identity Management (PIM)?

Accepted Answer

Azure AD Premium P2

Answer

Azure AD Privileged Identity Management requires Azure AD Premium P2 licenses to provide just-in-time privileged access management.

MD-102 - Endpoint Administrator Exam Practice Test

MD-102 - Endpoint Administrator Exam Practice Test

MD-102 Managing Identity and Access 2