MD-102 · topic practice

Manage and maintain devices practice questions

Practise Microsoft 365 Endpoint Administrator MD-102 Manage and maintain devices practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Manage and maintain devices

What the exam tests

What to know about Manage and maintain devices

Manage and maintain devices questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Manage and maintain devices exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Manage and maintain devices questions

20 questions · select your answer, then reveal the explanation

Your organization manages Windows 10 and 11 devices using Microsoft Intune. Users report that after a recent update, the Microsoft Store for Business app 'Company Portal' fails to launch. You verify that the app is assigned as required to all devices. What should you do first to resolve the issue?

You are designing a Windows 365 Cloud PC provisioning policy. The requirement is that when a user is assigned a Cloud PC, it must automatically have Microsoft Defender for Endpoint configured with real-time protection enabled and a custom firewall rule allowing only specific IPs. Which approach should you use?

A user's iOS device is enrolled in Microsoft Intune and is compliant. However, the user cannot access corporate email in the Outlook mobile app. The app displays an error that the device is not compliant. What is the most likely cause?

Your organization uses Microsoft Intune to manage Windows devices. You need to deploy a custom Line-of-Business (LOB) app that is signed with a certificate not trusted by the devices. The app must be available to users in the Company Portal. What should you do?

You need to ensure that Windows 10 devices in your organization receive the latest quality updates within 7 days of release. You configure a Windows Update for Business policy in Intune with a deferral period of 7 days. After two weeks, some devices have not installed the updates. What is the most likely reason?

Question 6easymultiple choice
Read the full wireless explanation →

You are troubleshooting a Windows 11 device that cannot connect to the corporate Wi-Fi network. The device is enrolled in Intune and has a Wi-Fi profile assigned. The profile uses SCEP certificate authentication. The user can connect to other Wi-Fi networks. What is the most likely cause?

Your organization uses Microsoft Intune to manage macOS devices. You need to deploy a configuration profile that enforces FileVault encryption. The profile must allow recovery key escrow to Intune. After deploying the profile, you notice that some devices are not encrypted. What should you check first?

You need to implement a solution that automatically wipes a company-owned Windows 10 device when it has not connected to Intune for 30 days. Which Intune feature should you configure?

A user reports that after resetting their Windows 10 device, they cannot re-enroll it in Intune. The device appears as 'Pending' in the admin center. What is the most likely reason?

Which TWO actions can you take to improve the performance of Microsoft Intune management for Windows devices that are geographically distributed and have limited bandwidth?

Which THREE conditions must be met for a Windows 10 device to be able to use Windows Autopilot self-deploying mode?

Which TWO methods can you use to deploy Microsoft 365 Apps to Windows 10 devices managed by Intune?

Refer to the exhibit. You deploy this compliance policy to a Windows 11 device running OS version 10.0.22621.100. The device has a password set, firewall active, and Defender enabled. However, the device is marked as non-compliant. What is the most likely reason?

Exhibit

{
  "@odata.type": "#microsoft.graph.windows10CompliancePolicy",
  "description": "Device compliance policy for Windows 10 devices",
  "displayName": "Windows 10 Compliance Policy v2",
  "passwordRequired": true,
  "passwordMinimumLength": 8,
  "passwordRequiredType": "deviceDefault",
  "passwordMinutesOfInactivityBeforeLock": 15,
  "storageRequireEncryption": true,
  "activeFirewallRequired": true,
  "defenderEnabled": true,
  "defenderVersion": "4.18.2207.7",
  "osMinimumVersion": "10.0.19042.0",
  "osMaximumVersion": "10.0.22621.0"
}

Refer to the exhibit. You run this PowerShell command to retrieve Windows devices. The output shows several devices with lastSyncDateTime older than 30 days and complianceState as 'noncompliant'. What is the most likely cause for these devices to be noncompliant?

Exhibit

Get-IntuneManagedDevice -Filter "operatingSystem eq 'Windows'" | Select-Object id, deviceName, lastSyncDateTime, complianceState

Refer to the exhibit. You apply this device configuration profile to a group of Windows 10 devices. Users report that they receive update notifications outside of active hours. Which setting should you modify to suppress notifications during active hours?

Exhibit

{
  "@odata.type": "#microsoft.graph.windows10GeneralConfiguration",
  "displayName": "Windows 10 Security Baselines",
  "privacy": {
    "advertisingId": "disabled",
    "enableEnhancedSafeguards": true
  },
  "defender": {
    "detectionFrequency": 2,
    "realTimeProtection": true,
    "cloudBlockLevel": "high"
  },
  "windowsUpdate": {
    "activeHoursStart": "08:00",
    "activeHoursEnd": "17:00",
    "updateNotificationLevel": "defaultNotifications"
  }
}

Your organization uses Microsoft Intune to manage Windows 10 devices. Users report that after a recent update, some devices are no longer receiving compliance policies. You verify that the devices are enrolled and show as active in Intune. What should you check first?

A company uses Microsoft Intune to manage iOS devices. They need to ensure that corporate data on these devices is protected if a device is lost or stolen. The solution must allow users to continue using personal apps and data after a selective wipe. What should they configure?

You are managing Windows 10 devices with Intune. You need to deploy a PowerShell script that runs under the system context during device enrollment. Which approach should you use?

Your organization uses Microsoft Defender for Endpoint (Microsoft Defender XDR). You need to ensure that all Windows 10 devices report their security health to Microsoft Defender for Endpoint. Some devices are showing as inactive. What is the most likely cause?

A company uses Microsoft Intune to manage Windows 10 devices with a hybrid Azure AD join configuration. Users report that they are unable to access corporate resources on their devices. You verify that the devices are enrolled and that compliance policies are applied. What should you check next?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Manage and maintain devices sessions

Start a Manage and maintain devices only practice session

Every question in these sessions is drawn from the Manage and maintain devices domain — nothing else.

Related practice questions

Related MD-102 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the MD-102 exam test about Manage and maintain devices?
Manage and maintain devices questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Manage and maintain devices questions in a focused session?
Yes — the session launcher on this page draws every question from the Manage and maintain devices domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other MD-102 topics?
Use the topic links above to move to related areas, or go back to the MD-102 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the MD-102 exam covers. They are not copied from any real exam or dump site.