Exam MS-100 topic 2 question 35 discussion

Box 1: To onboard down-level Windows client endpoints to Microsoft Defender ATP, you'll need to: Configure and update System Center Endpoint Protection clients. Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender ATP Box 2: For Windows 10 clients, the following deployment tools and methods are supported: Group Policy System Center Configuration Manager Mobile Device Management (including Microsoft Intune) Local script. Box 3: Windows Server 2016 can be onboarded by using Azure Security Centre. When you add servers in the Security Centre, the Microsoft Monitoring Agent is installed on the servers.

This cannot be an MS-100 exam question.

1- Microsoft Monitoring Agent 2- Local Script 3- Local Script https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/onboard-windows-client?view=o365-worldwide

i agree

1-MMA 2-Local Script 3-Local Script https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/onboard-downlevel?view=o365-worldwide https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-worldwide#prerequisites-for-windows-server-2016

Box 1 - MMA Box 2 &3 Local script to comply with the requirement "avoid installing software when possible"

The "avoid installing software when possible", combined with local script available from 2012 R2-newer means local script for Win10 and 2016, and install MMA for Win8. The real question though is which version of the test do we get and which answer does the test actually accept as correct? Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-worldwide

I'm not sure I agree with this as from personal experience you do not need to install the Microsoft Monitoring Agent to onboard Server 2012 R2, Server 2016, Server 2019 or Server 2022 systems. In the past to onboard server systems we have used the same method as onboarding AD joined Windows systems which is creating a GPO that runs the onboarding script which would be an answer which meets the requirement of not installing any software. This is backed up by the documentation here: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-worldwide Note it says: The previous implementation of onboarding Windows Server 2012 R2 and Windows Server 2016 required the use of Microsoft Monitoring Agent (MMA). The new unified solution package makes it easier to onboard servers by removing dependencies and installation steps. Because of this I would say that Windows 8.1 needs the MMA however Server 2016 and Windows 10 do not from my experience

What's right? https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-worldwide#endpoint-onboarding-tools

I don't agree with the answer or those suggesting using MMA more than once. https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-worldwide The above link clearly has Local Scripts for Server & 10 situations, and MMA for 8.1. In order to "avoid installing software" where possible, this would be the best solution for me.

Now its possible to onboard win 2016 and 2012r2 with installation package and after that onboard package

in ms-100 exam last friday.

In exam last friday.

Windows 10 deployment supported tools and methods: • Group Policy • Microsoft Endpoint Configuration Manager • Mobile Device Management (including Microsoft Intune) • Local script https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-worldwide Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender for Endpoint • Windows 7 SP1 Enterprise • Windows 7 SP1 Pro • Windows 8.1 Pro • Windows 8.1 Enterprise Windows Defender ATP on legacy operating system requires installation of an agent https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/protecting-windows-server-with-windows-defender-atp/ba-p/267114 Windows 2016 Windows Defender Antivirus is built-in Windows Defender ATP on legacy operating system requires installation of an agent https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/protecting-windows-server-with-windows-defender-atp/ba-p/267114

I saw this question on MS-101.

This seems like a question for the MS 500 not the MS 100.

Seems not a right question and any explainations either. Ques looks outdated