MD-102 · topic practice

Prepare infrastructure for devices practice questions

Practise Microsoft 365 Endpoint Administrator MD-102 Prepare infrastructure for devices practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Prepare infrastructure for devices

What the exam tests

What to know about Prepare infrastructure for devices

Prepare infrastructure for devices questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Prepare infrastructure for devices exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Prepare infrastructure for devices questions

20 questions · select your answer, then reveal the explanation

Your organization has Windows 11 devices used by remote employees. You need to ensure that only devices compliant with your security policies can access corporate email via Microsoft Outlook for Windows. What should you configure?

You are deploying Windows 10 to 500 new devices using a task sequence in Microsoft Configuration Manager. The devices need to be joined to Microsoft Entra ID and enrolled in Intune automatically during OSD. Which method should you use?

Your company is deploying Windows 11 devices using Windows Autopilot. You need to ensure that during the first boot, the device automatically joins Microsoft Entra ID, enrolls in Intune, and installs required applications. What should you provide to the device?

You need to configure device compliance for devices that are not running Windows. The devices include iOS, iPadOS, Android, and macOS. Which compliance settings are common across all platforms?

Your organization uses Microsoft Intune to manage devices. You have a compliance policy that requires devices to have a password of at least 6 characters. Some users report that their devices are marked as non-compliant even though they have a password set. What is the most likely cause?

You need to deploy a line-of-business (LOB) app to 100 Windows 10 devices managed by Intune. The app is packaged as an .msi file. Which app type should you choose in Intune?

Your organization uses Microsoft Defender for Endpoint (part of Microsoft Defender XDR) on all Windows devices. You need to ensure that devices that are not actively reporting to Defender for Endpoint are flagged as non-compliant in Intune. What should you configure?

You are planning a Windows 11 deployment for 200 devices using Microsoft Configuration Manager (current branch). The devices are currently running Windows 10. You need to perform an in-place upgrade while preserving user data and settings. The devices are located in remote offices with limited bandwidth. Which deployment method should you use?

Your organization uses Microsoft Intune to manage devices. You need to ensure that all Windows 11 devices automatically install critical and security updates from Windows Update. Which policy should you configure?

Question 10mediummulti select
Read the full wireless explanation →

Your organization uses Microsoft Intune to manage iOS/iPadOS devices. You need to deploy a custom SSL certificate to all devices to authenticate to a corporate Wi-Fi network. Which TWO methods can you use to deploy the certificate?

Your organization uses Microsoft Intune to manage Windows 11 devices. You need to configure a policy that prevents users from installing apps from outside the Microsoft Store. Which TWO settings can you use?

Your organization uses Microsoft Intune to manage Android Enterprise devices. You need to configure a policy that restricts the device from taking screenshots. Which THREE settings can you use?

Refer to the exhibit. You are reviewing an Intune compliance policy JSON for Windows 10. A device reports as non-compliant, and the compliance status details indicate that the setting 'Secure Boot' is not compliant. The device is a virtual machine. What is the most likely reason?

Exhibit

{
  "@odata.type": "#microsoft.graph.windows10CompliancePolicy",
  "passwordRequired": true,
  "passwordMinimumLength": 6,
  "passwordRequiredType": "deviceDefault",
  "passwordMinutesOfInactivityBeforeLock": 5,
  "passwordExpirationDays": 90,
  "passwordPreviousPasswordCountToBlock": 5,
  "secureBootEnabled": true,
  "codeIntegrityEnabled": true,
  "earlyLaunchAntimalwareDriverProtectionEnabled": true,
  "bitLockerEnabled": true,
  "bitLockerRecoveryPasswordRotation": "disabled"
}

Refer to the exhibit. An administrator runs the PowerShell cmdlet shown on a new Windows 11 device. The cmdlet completes successfully, but the device does not appear in Intune under Windows Autopilot devices. What is the most likely cause?

Exhibit

Get-WindowsAutopilotInfo.ps1 -GroupTag "Marketing" -Online

Refer to the exhibit. You run the PowerShell command shown to create a compliance policy. However, when you check the compliance status of a Windows 11 device, it shows as compliant even though the device does not have BitLocker enabled. What is the most likely reason?

Exhibit

New-IntuneCompliancePolicy -DisplayName "Windows 11 Compliance" -Platform Windows10AndLater -PasswordRequired $true -PasswordMinimumLength 8 -PasswordRequiredType DeviceDefault -PasswordMinutesOfInactivityBeforeLock 15 -PasswordExpirationDays 90 -PasswordPreviousPasswordCountToBlock 5 -SecureBootEnabled $true -CodeIntegrityEnabled $true -EarlyLaunchAntimalwareDriverProtectionEnabled $true -BitLockerEnabled $true -BitLockerRecoveryPasswordRotation Disabled -TpmRequired $true

You manage devices with Microsoft Intune. Users report that enrollment fails on Android Enterprise personally-owned work profiles. After reviewing enrollment restrictions, you verify that Android Enterprise is allowed. What should you check next?

Your organization uses Microsoft Intune to manage Windows 11 devices. You need to deploy a custom Windows security baseline that includes specific BitLocker settings. What is the best approach to create and assign this configuration?

You need to ensure that only corporate-owned devices can access Microsoft 365 apps. You plan to use Conditional Access in Microsoft Entra ID. What should you configure as the grant control?

During Windows Autopilot deployment, devices fail to enroll in Intune with error code 0x80180014. You confirm the device is registered in Autopilot and has internet connectivity. What is the most likely cause?

You need to deploy Microsoft 365 Apps to Windows devices using Intune. Users should be able to install from Company Portal. What app type should you choose in Intune?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Prepare infrastructure for devices sessions

Start a Prepare infrastructure for devices only practice session

Every question in these sessions is drawn from the Prepare infrastructure for devices domain — nothing else.

Related practice questions

Related MD-102 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the MD-102 exam test about Prepare infrastructure for devices?
Prepare infrastructure for devices questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Prepare infrastructure for devices questions in a focused session?
Yes — the session launcher on this page draws every question from the Prepare infrastructure for devices domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other MD-102 topics?
Use the topic links above to move to related areas, or go back to the MD-102 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the MD-102 exam covers. They are not copied from any real exam or dump site.