ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 314 discussion

Actual exam question from Microsoft's MD-102
Question #: 314
Topic #: 1
[All MD-102 Questions]

HOTSPOT
-

You have a Microsoft 365 E5 subscription that contains three Windows devices named Device1, Device2, and Device3.

Each device contains two apps named App1 and App2.

You manage the devices by using Microsoft Intune.

The subscription contains the groups shown in the following table.



You have an Endpoint Privilege Management (EPM) elevation settings policy named Policy1 that has the following settings:

• Endpoint Privilege Management: Enabled
• Default elevation response: Require user confirmation
• Validation: Windows authentication
• Assignments: Group1, Group2

You create an Endpoint Privilege Management elevation rules policy named RulesPolicy1 that has the following settings:

• Rule name: Rule1
• Elevation type: Automatic
• Child process behavior: Deny all
• File name: App1.exe
• Assignments: Group1

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by AleFCI1908 at Nov. 11, 2024, 12:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Moot2
5 months, 1 week ago
Looks to be correct https://learn.microsoft.com/en-us/mem/intune/protect/epm-policies#windows-elevation-settings-policy User confirmed: We recommend this option for most rules. When a file is run, the user receives a simple prompt to confirm their intent to run the file. The rule can also include other prompts that are available from the Validation drop down: Business justification: Require the user to enter a justification for running the file. There's no required format for the entry. The user input is saved and can be reviewed through logs if the Reporting scope includes collection of endpoint elevations. Windows authentication: This option requires the user to authenticate using their organization credentials. Automatic: This elevation type automatically runs the file in question with elevated permissions. Automatic elevation is transparent to the user, without prompting for confirmation or requiring justification or authentication by the user.
upvoted 3 times
...
AleFCI1908
5 months, 2 weeks ago
correct
upvoted 3 times
Meek_Learner
2 months, 3 weeks ago
A user on Device1 must provide credentials to run App2 with elevated access.Yes. Device1 is in Group1, which is assigned to Policy1. Policy1 sets the default elevation response to "Require user confirmation" and uses Windows authentication for validation. Since App2 is not covered by any specific rule in RulesPolicy1, it falls under the default elevation response, requiring user credentials for elevated access.
upvoted 1 times
Meek_Learner
2 months, 3 weeks ago
A user on Device2 can run App1 with elevated access without providing credentials: No. While Device2 is in Group2 and is assigned to Policy1, it is not assigned to RulesPolicy1, which contains the automatic elevation rule for App1. Therefore, App1 on Device2 will follow the default elevation response set in Policy1, which requires user confirmation and credentials.
upvoted 1 times
Meek_Learner
2 months, 3 weeks ago
A user on Device3 must provide credentials to run App1 with elevated credentials: No. Device3 is in Group1, which is assigned to both Policy1 and RulesPolicy1. RulesPolicy1 contains Rule1, which specifically targets App1.exe and sets the elevation type to "Automatic". This means that App1 on Device3 will be automatically elevated without requiring user credentials.
upvoted 1 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago