Note: This question is part of a series of questions that present the same scenario. Each question in the
series contains a unique solution that might meet the stated goals. Some question sets might have more
than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You need to ensure that feature and quality updates install automatically during a maintenance window.
Solution: From the Maintenance Scheduler settings, you configure Automatic Maintenance Random Delay.
Does this meet the goal?

• A.Yes
• B.No

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft Deployment Toolkit (MDT) server named MDT1.
When computers start from the LiteTouchPE_x64.lso image and connect to MDT1. the welcome screen
appears as shown In the following exhibit.

You need to prevent the welcome screen from appearing when the computers connect to MDT1.
Which three actions should you perform in sequence? To answer move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation

Box 1: Modify the Bootstrap.ini file.
Add this to your bootstrap.ini file and then update the deployment share and use the new boot media created in
that process:
SkipBDDWelcome=YES
Box 2: Modify the CustomSettings.ini file.
SkipBDDWelcome
Indicates whether the Welcome to Windows Deployment wizard page is skipped.
For this property to function properly it must be configured in both CustomSettings.ini and BootStrap.ini.
BootStrap.ini is processed before a deployment share (which contains CustomSettings.ini) has been selected.
Box 3: Update the deployment share.
Reference:
https://docs.microsoft.com/en-us/mem/configmgr/mdt/toolkit-reference#table-6-deployment-wizard-pages

Comment: *

Name: *

Email: *

Verification: *

You need to resolve the performance issues in the Los Angeles office.
How should you configure the update settings? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Reference:
https://docs.microsoft.com/en-us/windows/deployment/update/waas-delivery-optimization
https://2pintsoftware.com/delivery-optimization-dl-mode/

Comment: *

Name: *

Email: *

Verification: *

You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to create a Conditional Access policy to block users that have a high sign-in risk level.
You need to identify the required license, and what to use to identify the sign-in risk level. The solution must
minimize costs.
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation
Box 1: Azure AD Premium Plan 2
You will need an Azure AD Premium P1 license to get access to the Microsoft Office 365 conditional access
policy feature.
However, need Azure AD Premium Plan 2 to sign-in risk.
Box 2: Azure AD Identity Protection
A sign-in risk represents the probability that a given authentication request isn't authorized by the identity
owner. Organizations with Azure AD Premium P2 licenses can create Conditional Access policies
incorporating Azure AD Identity Protection sign-in risk detections.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-risk
https://blog.mydock365.com/what-is-conditional-access-in-microsoft-365

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users
shown in the following table.

You have a computer named Computer1 that runs Windows 10. Computer1 is in a workgroup and has the
local users shown in the following table.

UserA joins Computer1 to Azure AD by using [email protected].
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation
Box 1: No
Users may join devices to Azure AD: This setting enables you to select the users who can register their devices
as Azure AD joined devices. The default is All.
Box 2: Yes
[email protected] is an Azure AD security administrator
Security Administrator
Users with this role have permissions to manage security-related features in the Microsoft 365 Defender
portal, Azure Active Directory Identity Protection, Azure Active Directory Authentication, Azure Information
Protection, and Office 365 Security & Compliance Center.
This includes:
* Microsoft Defender for Endpoint
Assign roles
Manage machine groups
Configure endpoint threat detection and automated remediation
View, investigate, and respond to alerts
View machines/device inventory
Box 3: No
[email protected] is an Azure AD Cloud device administrator.
Cloud Device Administrator
Users in this role can enable, disable, and delete devices in Azure AD and read Windows 10 BitLocker keys (if
present) in the Azure portal. The role does not grant permissions to manage any other properties on the device.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal#configure-dev
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-administrator

Comment: *

Name: *

Email: *

Verification: *