MD-102 Manage identity and compliance • Complete Question Bank
Complete MD-102 Manage identity and compliance question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
```json
{
"identityProtection": {
"mfaRegistrationPolicy": {
"state": "enabled",
"excludeUsers": ["admin@contoso.com"],
"includeUsers": ["allUsers"],
"policySettings": {
"blockOnUnregister": false,
"remindRegistrationInDays": 14
}
}
}
}```Refer to the exhibit. ``` Device ID: 12345 Compliance Status: Non-compliant Last Check-in: 2024-03-15 14:32:00 Policy assignments: - Compliance Policy: 'Require BitLocker' (assigned to all devices) - Configuration Profile: 'Device Restrictions' (assigned to group 'Sales') Device details: - OS: Windows 10 Pro 22H2 - BitLocker: Not enabled - User: user@contoso.com - Group membership: 'Sales' group ```
Exhibit: The following is a snippet from a Microsoft Entra ID audit log for a user sign-in event:
{
"id": "12345678-1234-1234-1234-123456789012",
"createdDateTime": "2025-03-01T14:30:00Z",
"userPrincipalName": "user@contoso.com",
"appDisplayName": "Microsoft Graph PowerShell",
"status": {
"errorCode": 50058,
"failureReason": "The user does not have an eligible license for this application."
},
"conditionalAccessStatus": "notApplied",
"riskLevel": "none",
"deviceDetail": {
"deviceId": "00000000-0000-0000-0000-000000000000",
"operatingSystem": "Windows 10",
"browser": "Other"
}
}Refer to the exhibit.
```
$session = New-CsOnlineSession -Verbose
Import-PSSession $session
Set-CsTenantFederationConfiguration -Identity Global -AllowFederatedUsers $true
Set-CsTenantFederationConfiguration -Identity Global -AllowPublicUsers $false
Set-CsTenantFederationConfiguration -Identity Global -BlockedDomains @{Add="suspicious.com"}
Set-CsTenantFederationConfiguration -Identity Global -AllowedDomains @{Add="trusted.com"}
Remove-CsOnlineSession $session
```Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
User-owned devices enrolled with user affinity
Company-owned devices assigned to a specific user
Shared or kiosk devices not tied to a user
Zero-touch deployment for new Windows devices
Enroll multiple devices using a shared account
Drag a concept onto its matching description — or click a concept then click the description.
Personal devices with work account access
Devices owned by organization, cloud-only
Devices joined to on-premises AD and Azure AD
Hybrid join with automatic device enrollment
Hybrid join using federation services
Drag a concept onto its matching description — or click a concept then click the description.
Prevent sensitive data from being shared inappropriately
Classify and protect documents and emails with labels
Manage retention and disposal of records
Search and export content for legal investigations
Log and investigate user and admin activities