ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 281 discussion

Actual exam question from Microsoft's MD-102
Question #: 281
Topic #: 1
[All MD-102 Questions]

You have a Microsoft 365 E5 subscription.

All devices are enrolled in Microsoft Intune.

You create a Conditional Access policy named Policy1 that requires multifactor authentication (MFA).

You need to ensure that Policy1 only applies to devices marked as noncompliant.

Which settings of Policy1 should you configure?

  • A. Device platforms under Conditions
  • B. Filter for devices under Conditions
  • C. Target resources
  • D. Grant
  • E. Session
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by chafe at July 13, 2024, 9:58 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
chafe
Highly Voted 1 year ago
Selected Answer: B
Conditional Access -> Conditions -> Filter for devices -> Property: IsCompliant
upvoted 6 times
servL
1 year ago
the question isn't about where to configure MFA(which would be Grant). It's about device Assignment. ie, devices marked with a specific state.
upvoted 1 times
...
chafe
1 year ago
Grant is where you do require MFA
upvoted 2 times
...
...
Knight_Of_Peace
Most Recent 4 months, 3 weeks ago
Grant can't be used because the question is asking to apply the policy only on devices marked as Noncompliant. With "Grant" option you can select "Require device to be marked as compliant" (Device must be Intune compliant. If the device is non-compliant, the user will be prompted to bring the device under compliance.), which means if the devices is noncompliant, then the policy will not be applied on it. While with Filter for devices, you can select "Exclude filtered devices from policy" and choose "isCompliant" in the filter. This will apply the policy on all the devices apart from the filtered ones which is the Compliant devices.
upvoted 1 times
...
ronniefactor
5 months, 2 weeks ago
Selected Answer: D
D is the correct answer: I tested it on my tenant, Grant - require device to be marked as complaint option
upvoted 2 times
...
EliseM
11 months, 2 weeks ago
Selected Answer: B
Devices --> Conditional access --> Policies --> New policy --> Conditions --> Filter for devices.
upvoted 4 times
...
oopspruu
11 months, 2 weeks ago
Selected Answer: B
The objective is to ensure policy only applies to noncompliamt devices. It has nothing to do with mfa. B ensures it only applies to non compliant devices.
upvoted 2 times
...
ergacharsk
11 months, 3 weeks ago
Selected Answer: B
B seems correct
upvoted 2 times
...
RFULL
11 months, 3 weeks ago
Selected Answer: B
B: To apply the policy to only non-compliant devices would require a device filter rule. Grant would apply to compliant devices. But would also require MFA if the device was not compliant.
upvoted 3 times
...
jackyss
1 year ago
Selected Answer: D
D is correct
upvoted 2 times
yhano
7 months, 3 weeks ago
Incorrect, the difference is you ensure that Policy 1 only applies to. In Grant, its either you block or grant the access if it is not compliant.
upvoted 1 times
...
jackyss
1 year ago
Not D, it should be B. Grant is to control access enforcement to block or grant access. Devices --> Conditional access --> Policies --> New policy --> Conditions --> Filter for devices.
upvoted 1 times
...
...
jdr002
1 year ago
Selected Answer: D
Correct.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel