20+ practice questions focused on Manage and maintain devices — one of the most tested topics on the Microsoft 365 Endpoint Administrator MD-102 exam. Each question includes a detailed explanation so you learn why the right answer is correct.
Start Manage and maintain devices PracticeYour organization manages Windows 10 and 11 devices using Microsoft Intune. Users report that after a recent update, the Microsoft Store for Business app 'Company Portal' fails to launch. You verify that the app is assigned as required to all devices. What should you do first to resolve the issue?
Explanation: The correct first step is to trigger a device sync from the Microsoft Intune admin center. This forces the affected devices to check in with Intune, which can push down any pending policy or app configuration updates that may have been missed after the recent Windows update. Since the Company Portal app is assigned as required, a sync ensures the device receives the latest app version or remediation actions without requiring a full reinstall.
You are designing a Windows 365 Cloud PC provisioning policy. The requirement is that when a user is assigned a Cloud PC, it must automatically have Microsoft Defender for Endpoint configured with real-time protection enabled and a custom firewall rule allowing only specific IPs. Which approach should you use?
Explanation: Option A is correct because Intune device configuration profiles using the Settings Catalog allow granular control over Microsoft Defender for Endpoint settings (e.g., real-time protection) and custom firewall rules. These profiles can be assigned to an Azure AD group containing Cloud PC users, ensuring the settings are applied automatically after provisioning via the Windows 365 service, which integrates with Intune for post-provisioning management.
A user's iOS device is enrolled in Microsoft Intune and is compliant. However, the user cannot access corporate email in the Outlook mobile app. The app displays an error that the device is not compliant. What is the most likely cause?
Explanation: Option C is correct because Intune compliance policies are evaluated in real time when a user attempts to access corporate resources. If an administrator updates a policy to require a newer iOS version or additional security settings (e.g., passcode complexity, encryption), the device may become non-compliant even if it was previously compliant. The Outlook app checks device compliance via the Intune SDK and will block access if the device no longer meets the policy requirements, displaying the 'device not compliant' error.
Your organization uses Microsoft Intune to manage Windows devices. You need to deploy a custom Line-of-Business (LOB) app that is signed with a certificate not trusted by the devices. The app must be available to users in the Company Portal. What should you do?
Explanation: Option C is correct because Intune natively supports deploying signed Line-of-Business (LOB) apps directly to managed Windows devices, even if the signing certificate is not trusted by the devices. Intune handles the app delivery through the Company Portal, and the app will install as long as the device is enrolled and the app is assigned to the target group. The certificate trust issue is irrelevant for LOB app deployment via Intune because Intune does not validate the certificate chain for LOB apps; it only requires the app to be signed.
You need to ensure that Windows 10 devices in your organization receive the latest quality updates within 7 days of release. You configure a Windows Update for Business policy in Intune with a deferral period of 7 days. After two weeks, some devices have not installed the updates. What is the most likely reason?
Explanation: Option D is correct because Windows Update for Business policies in Intune are not applied in real time; devices must check in with the Intune service to receive the updated policy. The default sync interval for Intune-managed Windows 10 devices is approximately 8 hours, and if a device has not synced since the policy was configured, it will not yet have the new deferral settings. This explains why some devices have not installed the updates even after two weeks, as they may have missed the sync window or have a longer check-in cycle.
+15 more Manage and maintain devices questions available
Practice all Manage and maintain devices questions1. Baseline your knowledge
Start with 10 questions to gauge your current understanding of Manage and maintain devices. This tells you whether you need a concept refresher or just practice.
2. Review every explanation
For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.
3. Focus on exam traps
Manage and maintain devices questions on the MD-102 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.
4. Reach 80% consistently
Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.
The exact number varies per candidate. Manage and maintain devices is tested as part of the Microsoft 365 Endpoint Administrator MD-102 blueprint. Practicing with targeted Manage and maintain devices questions ensures you can handle any format or difficulty that appears.
Yes. Courseiva provides free MD-102 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.
Difficulty is subjective, but Manage and maintain devices is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.
Launch a full Manage and maintain devices practice session with instant scoring and detailed explanations.
Start Manage and maintain devices Practice →