Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsMD-102DomainsManage identity and compliance
MD-102Free — No Signup

Manage identity and compliance

Practice MD-102 Manage identity and compliance questions with full explanations on every answer.

29questions

Start practicing

Manage identity and compliance — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

MD-102 Domains

Prepare infrastructure for devicesManage and maintain devicesManage applicationsProtect devicesDeploy Windows clientManage identity and complianceManage, maintain, and protect devices

Practice Manage identity and compliance questions

10Q20Q30Q50Q

All MD-102 Manage identity and compliance questions (29)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A company with 500 users uses Microsoft 365 E3 licenses. They want to ensure that all users have multi-factor authentication (MFA) enforced. Currently, 80% of users have MFA enabled through the legacy per-user MFA setting. The security team wants to use Conditional Access policies instead. You need to migrate from per-user MFA to Conditional Access with no disruption to users. What should you do?

2

You are an endpoint administrator for a company that uses Microsoft Intune to manage devices. You need to ensure that only compliant devices can access Exchange Online. You have configured a Conditional Access policy that grants access to Exchange Online only if the device is marked as compliant. A user reports that they cannot access email from their iOS device, which is enrolled in Intune and shows as compliant. The user can access other Microsoft 365 services. What is the most likely cause?

3

A company is implementing Windows Hello for Business and wants to use certificate-based authentication. They have an on-premises Active Directory and are using Azure AD Connect for hybrid identity. Which prerequisites must be met to support certificate-based Windows Hello for Business?

4

You manage a Microsoft 365 tenant with 10,000 users. You are planning a Conditional Access policy to require MFA for all users. However, you need to ensure that users who have not yet registered for MFA are not blocked. What should you do to handle unregistered users?

5

A company uses Microsoft Intune to manage Windows 10 devices. They need to ensure that only devices that have a BitLocker encryption status of 'fully encrypted' are allowed to access corporate resources. They create a device compliance policy that requires BitLocker. However, some devices are still accessing resources even though they are not fully encrypted. What should you check?

6

Which TWO of the following are required to implement Azure AD Join for Windows 10 devices in a hybrid environment with on-premises Active Directory?

7

Which THREE of the following are valid methods for deploying Microsoft Intune compliance policies to devices?

8

Refer to the exhibit. The JSON snippet shows the Azure AD Identity Protection MFA registration policy configuration for the Contoso tenant. A new user, Jane, joins the company and is assigned a license. Jane attempts to access the Azure portal and is prompted to register for MFA. She registers successfully. However, the next day, she is again prompted to register for MFA. What is the most likely cause?

9

Refer to the exhibit. A Windows 10 device is showing as non-compliant. The compliance policy 'Require BitLocker' is assigned to all devices. The device does not have BitLocker enabled. However, the user is able to access corporate email on the device. What is the most likely reason for this?

10

A company uses Microsoft Entra ID P1 licenses. They want to enforce multi-factor authentication (MFA) for all users accessing the company's SaaS applications. However, they need to exclude a group of service accounts that use legacy authentication protocols. What is the recommended approach?

11

An organization has deployed Microsoft Entra Connect Sync to synchronize on-premises Active Directory to Microsoft Entra ID. Users report that some cloud-only user accounts cannot be assigned licenses. The admin checks the provisioning logs and finds that the cloud accounts have a source of authority of 'Microsoft Entra ID'. What is the most likely cause?

12

A company is planning to implement Microsoft Intune for mobile device management. They want to ensure that only compliant devices can access Exchange Online. Which technology should they use?

13

An administrator is configuring Microsoft Entra ID Protection. They want to create a policy that automatically blocks sign-ins when the risk level is high. However, they notice that the policy is not triggering for some users who have high risk. What is the most likely reason?

14

A company uses Microsoft 365 E3 licenses. They need to enforce that all users must use the Microsoft Authenticator app for MFA instead of SMS or phone call. What should the administrator configure?

15

A company uses Microsoft Intune to manage Windows 10 devices. They want to ensure that devices have BitLocker enabled and are compliant before accessing corporate resources. Which TWO actions should the administrator take? (Choose two.)

16

An organization is planning to implement a zero-trust security model. They need to evaluate the following capabilities in Microsoft 365. Which THREE are essential for a zero-trust architecture? (Choose three.)

17

Refer to the exhibit. A user attempts to sign in to Microsoft Graph PowerShell and receives the error shown. What is the most likely cause?

18

A company uses Microsoft 365 with hybrid identity. Users report that after changing their on-premises passwords, they cannot access SharePoint Online for up to 30 minutes, but Outlook on the web works immediately. You need to reduce the delay for SharePoint Online access. What should you do?

19

A multinational organization uses Microsoft 365 E5 licenses. The compliance officer wants to ensure that all documents containing credit card numbers are automatically classified and protected with a label that applies encryption. You configure auto-labeling policies in Microsoft Purview. After 24 hours, the compliance officer reports that no documents have been labeled. The policy scope is set to 'All locations' and the policy is enabled. What is the most likely cause of the issue?

20

You are configuring Microsoft Entra Conditional Access for a company that requires all employees to use multi-factor authentication (MFA) when accessing the Azure portal. The company also wants to block access from devices that are not compliant. You create a Conditional Access policy. Which two assignments must you configure to meet these requirements? (Choose two.)

21

You are an enterprise administrator for Contoso Ltd. You need to configure Microsoft 365 tenant-wide settings for external collaboration. Which TWO actions should you take to meet the following goals: (1) allow only specific external domains to collaborate with your organization, and (2) ensure that external users are required to sign in with multi-factor authentication (MFA) before accessing shared resources?

22

You are a Teams administrator. After running the PowerShell script shown in the exhibit, users report they cannot communicate with federated users from 'trusted.com'. What is the most likely cause?

23

You are the compliance administrator for a large organization using Microsoft 365 E5 licenses. The company has a hybrid identity configuration with Azure AD Connect syncing on-premises Active Directory to Azure AD. The security team requires that all mobile devices accessing corporate email and documents must be enrolled in Microsoft Intune and compliant with company device policies. Recently, several users reported that they cannot access Outlook on their iOS devices, receiving a message: 'Your organization requires this device to be managed by Intune. Please install the Company Portal app and enroll your device.' However, after installing Company Portal and completing enrollment, they still cannot access Outlook and see the same error. Upon investigation, you find that the devices are showing as 'Compliant' in the Microsoft Intune admin center. You also verify that the Conditional Access policy requiring device compliance is correctly configured and assigned to all users. What should you do to resolve the issue?

24

Order the steps for configuring a Windows 10 kiosk device using Assigned Access.

25

Order the steps to configure Windows Defender Antivirus exclusions via Group Policy.

26

Order the steps to migrate user profiles from Windows 10 to a new device using User State Migration Tool (USMT).

27

Match each MDM (Mobile Device Management) enrollment method to its typical scenario.

28

Match each Microsoft Entra ID (Azure AD) join type to its description.

29

Match each Microsoft 365 compliance feature to its description.

Practice all 29 Manage identity and compliance questions

Other MD-102 exam domains

Prepare infrastructure for devicesManage and maintain devicesManage applicationsProtect devicesDeploy Windows clientManage, maintain, and protect devices

Frequently asked questions

What does the Manage identity and compliance domain cover on the MD-102 exam?

The Manage identity and compliance domain covers the key concepts tested in this area of the MD-102 exam blueprint published by Microsoft. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all MD-102 domains — no account required.

How many Manage identity and compliance questions are in the MD-102 question bank?

The Courseiva MD-102 question bank contains 29 questions in the Manage identity and compliance domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Manage identity and compliance for MD-102?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Manage identity and compliance questions for MD-102?

Yes — the session launcher on this page draws questions exclusively from the Manage identity and compliance domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your MD-102 domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide