Microsoft MD-102 Endpoint Administrator Free Practice Test — 30 Questions

Question 1

A company has recently implemented a new endpoint security solution that includes advanced threat protection, data loss prevention, and endpoint detection and response (EDR) capabilities. During a routine security audit, the IT team discovers that several endpoints are still vulnerable due to outdated operating systems and unpatched software. What is the most effective strategy for the IT team to enhance endpoint security while ensuring compliance with industry regulations such as GDPR and HIPAA?

Accepted Answer

Implement a centralized patch management system to automate updates and ensure all endpoints are running the latest software versions.

Question 2

In a corporate environment, a company has implemented a new feedback mechanism to assess employee performance and satisfaction. The feedback is collected through a combination of surveys, one-on-one interviews, and performance metrics. After analyzing the data, the HR department identifies that the feedback mechanism has led to a 20% increase in employee engagement scores over the previous quarter. However, they also notice that while the overall satisfaction has improved, certain departments report a decline in morale. Which of the following best describes the potential underlying issue with the feedback mechanism in this scenario?

Accepted Answer

The feedback mechanism may not be adequately addressing the specific needs and concerns of all departments, leading to a disparity in morale despite overall engagement improvements.

Question 3

A company is utilizing Azure Monitor to track the performance of its web applications hosted on Azure App Service. They have set up various metrics and alerts to monitor the health of their applications. Recently, they noticed that the average response time of their applications has increased significantly. To diagnose the issue, they want to analyze the metrics collected over the past week. Which of the following approaches would best help them identify the root cause of the performance degradation?

Accepted Answer

Utilize Azure Monitor's Application Insights to analyze the performance metrics and identify slow dependencies or requests.

Question 4

A company is implementing compliance settings for its endpoint devices to ensure adherence to industry regulations. The IT administrator needs to configure a policy that enforces encryption on all devices accessing sensitive data. The policy must also include a requirement for regular audits to verify compliance. Which of the following configurations best aligns with the principles of compliance settings in this scenario?

Accepted Answer

Enforce BitLocker encryption on all Windows devices and schedule quarterly compliance audits to assess encryption status and data access logs.

Question 5

In a corporate environment, a company is implementing a new endpoint security solution that includes features such as encryption, multi-factor authentication (MFA), and endpoint detection and response (EDR). The IT security team is tasked with ensuring that sensitive data is protected while maintaining compliance with industry regulations. Given the need to secure data both at rest and in transit, which combination of security features would provide the most comprehensive protection against unauthorized access and data breaches?

Accepted Answer

Full disk encryption combined with MFA and EDR

Question 6

A company is experiencing a significant increase in support tickets related to a new software deployment. The IT team has implemented a user feedback mechanism that collects data on user satisfaction and common issues. After analyzing the feedback, they find that 70% of users report difficulties with the software\'s interface, while 30% mention performance issues. To improve user experience, the team decides to prioritize addressing interface problems. If the team resolves 80% of the interface-related issues, what percentage of the total user base will have their primary concern addressed?

Accepted Answer

0.56

Question 7

A company is planning to upgrade its operating system across all employee workstations. They want to ensure that user data, settings, and profiles are seamlessly migrated to the new system using the User State Migration Tool (USMT). The IT administrator needs to create a migration strategy that includes the use of the USMT command-line options. Given the following requirements: the migration must include user accounts, application settings, and files, and it should be performed in a way that minimizes downtime. Which command-line options should the administrator prioritize to achieve this?

Accepted Answer

/saveState and /migrate

Question 8

A company has recently migrated to OneDrive for Business and is implementing a policy for file sharing among its employees. The IT administrator wants to ensure that sensitive documents are shared securely while allowing collaboration. They decide to configure sharing settings to restrict access based on user roles and document sensitivity. Which of the following configurations would best achieve this goal?

Accepted Answer

Set sharing permissions to allow only specific users to access sensitive documents, while enabling link sharing for less sensitive files to anyone within the organization.

Question 9

In a corporate environment, a team is utilizing Microsoft Teams for project collaboration. The team consists of members from different departments, including marketing, development, and customer support. They need to set up a channel for sharing project updates and files, but they also want to ensure that sensitive information is only accessible to specific team members. Which approach should they take to effectively manage permissions and maintain security within the channel?

Accepted Answer

Create a private channel within the team and add only the relevant members who need access to sensitive information.

Question 10

A company has implemented a centralized log management system to monitor its network security. The system collects logs from various sources, including firewalls, servers, and applications. After analyzing the logs, the security team identifies a pattern of unauthorized access attempts occurring every night between 2 AM and 3 AM. To enhance security, the team decides to implement a new policy that requires all access logs to be retained for a minimum of 90 days. If the company generates an average of 500 log entries per hour, how many log entries will need to be retained for compliance with this new policy?

Accepted Answer

36,000 entries

Question 11

A company is planning to upgrade its existing Windows 10 devices to Windows 11. They have two options: performing an in-place upgrade on their current systems or opting for a clean installation on new hardware. The IT team is tasked with evaluating the implications of both strategies. Which deployment strategy would be most beneficial if the company aims to minimize downtime and ensure that all user settings and applications are retained during the transition?

Accepted Answer

In-place upgrade

Question 12

A company is implementing a data retention policy to comply with industry regulations and internal governance. They need to determine how long to retain different types of data based on their sensitivity and legal requirements. The company categorizes data into three types: Type A (highly sensitive), Type B (moderately sensitive), and Type C (low sensitivity). According to the policy, Type A data must be retained for a minimum of 7 years, Type B for 5 years, and Type C for 2 years. If the company has 1,000 records of Type A, 2,000 records of Type B, and 5,000 records of Type C, what is the total minimum retention period in years for all records combined, assuming that the retention periods do not overlap?

Accepted Answer

14 years

Question 13

A company is implementing security baselines for its Windows 10 endpoints to comply with industry standards and enhance its security posture. The IT security team has identified several critical areas to address, including user account control, firewall settings, and software updates. They need to determine the most effective approach to establish a security baseline that minimizes vulnerabilities while ensuring compliance with the National Institute of Standards and Technology (NIST) guidelines. Which of the following strategies should the team prioritize to achieve a robust security baseline?

Accepted Answer

Implementing a comprehensive Group Policy Object (GPO) that enforces strict user account control settings, enables the Windows Firewall, and mandates regular software updates across all endpoints.

Question 14

A company is planning to deploy Windows 11 across its organization using Windows Deployment Services (WDS). The IT team needs to ensure that the deployment is efficient and minimizes downtime for users. They decide to implement a multicast deployment strategy to allow multiple clients to receive the image simultaneously. However, they must also consider the network bandwidth and the number of clients that can be supported during the deployment. If the total bandwidth available is 1 Gbps and each client requires 10 Mbps for the deployment, what is the maximum number of clients that can be deployed simultaneously without exceeding the available bandwidth?

Accepted Answer

100 clients

Question 15

A company is implementing a new mobile device management (MDM) solution to manage its fleet of devices. The IT administrator needs to create a configuration profile that enforces specific security settings on all devices, including password complexity, encryption requirements, and restrictions on app installations. The administrator is considering the following settings for the configuration profile: a minimum password length of 8 characters, requiring at least one uppercase letter, one lowercase letter, one number, and one special character. Additionally, the devices must have encryption enabled and should restrict the installation of apps from unknown sources. Which of the following best describes the implications of these settings on the overall security posture of the organization?

Accepted Answer

The configuration profile significantly enhances the security posture by enforcing strong password policies and encryption, thereby reducing the risk of unauthorized access and data breaches.

Question 16

A company is analyzing the performance of its fleet of devices using a device performance report. The report indicates that the average CPU utilization across all devices is 75%, with a standard deviation of 10%. If the company wants to identify devices that are performing significantly below average, they decide to focus on devices with CPU utilization below one standard deviation from the mean. What is the threshold CPU utilization percentage that the company should use to identify these underperforming devices?

Accepted Answer

0.65

Question 17

In a corporate environment, a user is attempting to navigate through the Windows 11 interface to access a specific application that is pinned to the taskbar. However, they are also required to adjust their display settings to accommodate a new external monitor that has been connected. Which sequence of actions should the user take to efficiently access the application and modify the display settings?

Accepted Answer

Click on the application icon in the taskbar, then right-click on the desktop and select "Display settings."

Question 18

A company is implementing compliance policies to ensure that all endpoints adhere to security standards and regulatory requirements. The IT administrator is tasked with creating a compliance policy that checks for specific configurations on devices, such as encryption status, antivirus software presence, and operating system updates. If a device fails to meet these criteria, it should be automatically flagged for remediation. Which of the following best describes the primary purpose of this compliance policy in the context of endpoint management?

Accepted Answer

To ensure that all endpoints are configured according to organizational security standards and regulatory requirements.

Question 19

A system administrator is troubleshooting a recurring application failure on a Windows server. They decide to use the Event Viewer to analyze the logs. Upon reviewing the Application log, they notice several entries related to a specific application error. The administrator identifies that the error code is consistently logged as 0x80070005. What does this error code typically indicate, and how should the administrator proceed to resolve the issue?

Accepted Answer

The error indicates an "Access Denied" issue, suggesting that the application lacks the necessary permissions to execute certain operations. The administrator should check the application's permissions and ensure it has the appropriate rights to access the required resources.

Question 20

A company is implementing an Attack Surface Reduction (ASR) strategy to minimize the risk of malware and other threats on its endpoints. The IT security team is considering various ASR rules to apply. They need to decide which combination of rules will provide the most effective reduction in attack surface while maintaining user productivity. Which combination of ASR rules should they prioritize to achieve a balance between security and usability?

Accepted Answer

Block credential stealing and use application control to restrict untrusted applications

Question 21

A healthcare organization is implementing a new electronic health record (EHR) system and is concerned about compliance with the Health Insurance Portability and Accountability Act (HIPAA). The organization needs to ensure that all electronic protected health information (ePHI) is adequately safeguarded against unauthorized access. Which of the following strategies would best ensure compliance with HIPAA\'s Security Rule while also addressing potential risks associated with data breaches?

Accepted Answer

Conducting a comprehensive risk analysis to identify vulnerabilities and implementing appropriate administrative, physical, and technical safeguards based on the findings.

Question 22

A company has implemented Windows Update for Business (WUfB) to manage updates across its fleet of devices. The IT administrator has configured the deployment settings to defer feature updates for 365 days and quality updates for 30 days. After a recent security vulnerability was discovered, the administrator needs to ensure that all devices receive the critical quality update immediately, while still adhering to the deferral policies for feature updates. What is the best approach for the administrator to take in this scenario to balance immediate security needs with the existing update policies?

Accepted Answer

Use the "Pause Updates" feature to temporarily halt all updates, then manually deploy the critical quality update to all devices.

Question 23

A company is implementing a device health monitoring solution to ensure that all endpoints are compliant with security policies. They have set a threshold for device health scores, where a score below 70 indicates a potential security risk. After monitoring, the scores for their devices are as follows: Device A: 85, Device B: 65, Device C: 72, Device D: 90. If the company decides to implement a remediation strategy for devices scoring below the threshold, what percentage of devices will require remediation?

Accepted Answer

0.25

Question 24

A company has implemented BitLocker Drive Encryption on all its Windows 10 devices to secure sensitive data. An IT administrator is tasked with configuring BitLocker to use a Trusted Platform Module (TPM) for enhanced security. The administrator must also ensure that the recovery key is stored securely and can be accessed in case of a system failure. Which of the following configurations best meets these requirements while adhering to best practices for data protection and recovery?

Accepted Answer

Enable BitLocker with TPM and configure the recovery key to be stored in Active Directory Domain Services (AD DS).

Question 25

In a corporate environment, an organization is implementing a new Identity and Access Management (IAM) system to enhance security and streamline user access. The system will utilize role-based access control (RBAC) to assign permissions based on user roles. If the organization has 5 distinct roles and each role can have up to 10 different permissions, how many unique combinations of roles and permissions can be created if each role must have at least one permission assigned?

Accepted Answer

1024

Question 26

A company has recently experienced a data breach that compromised sensitive customer information. In response, the incident response team is tasked with developing an incident response policy that aligns with industry best practices and regulatory requirements. Which of the following components should be prioritized in the policy to ensure a comprehensive approach to incident management?

Accepted Answer

Establishing a clear communication plan that includes internal and external stakeholders, detailing how information will be shared during and after an incident.

Question 27

A company has implemented a data retention policy that specifies different retention periods for various types of data. Sensitive customer data must be retained for 7 years, while general operational data is retained for 3 years. After the retention period, data must be securely deleted. If the company has 10,000 records of sensitive customer data and 25,000 records of general operational data, how many records will need to be securely deleted after the retention periods expire, assuming no new records are added during this time?

Accepted Answer

35,000 records

Question 28

A company is migrating its on-premises Active Directory (AD) to Azure Active Directory (AAD) to enhance its identity management capabilities. During the migration, the IT administrator needs to ensure that users can seamlessly access both cloud and on-premises applications. Which of the following strategies should the administrator implement to achieve a hybrid identity solution that allows for single sign-on (SSO) across both environments?

Accepted Answer

Implement Azure AD Connect with password hash synchronization and enable seamless SSO using the Azure AD Application Proxy.

Question 29

A technology company collects personal data from its users, including names, email addresses, and browsing history. Under the California Consumer Privacy Act (CCPA), the company is required to provide users with specific rights regarding their personal information. If a user requests to know what personal information has been collected about them, which of the following actions must the company take to comply with the CCPA?

Accepted Answer

Provide the user with a copy of the personal information collected, including the categories of data and the purposes for which it is used.

Question 30

A company is utilizing Azure Monitor to track the performance of its applications and infrastructure. They have set up several metrics and logs to monitor their resources. The IT team wants to create an alert that triggers when the average CPU usage of their virtual machines exceeds 80% over a 5-minute period. Which of the following configurations would best achieve this requirement?

Accepted Answer

Create a metric alert based on the "Percentage CPU" metric, set the condition to "Greater than" 80, and specify the aggregation type as "Average" over a 5-minute period.

Microsoft MD-102 Endpoint Administrator Free Practice Test — 30 Questions

A lot more is already mapped out

About the Microsoft MD-102 Endpoint Administrator Certification