Answer is correct . User 1 and User 2 only. First the only user who can join Azure AD devices is User 1 . since User1 is admin on machine. So, the machine can be added. Second, the ones that can be local admins on Windows 10 are managed under "Additional local administrators" , since this is not mentioned, so we can assume default. By default, the ones are global administrator and device owners (device administrators). This lead us to User1 and User2 only

ans : D, https://docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin When you connect a Windows device with Azure AD using an Azure AD join, Azure AD adds the following security principals to the local administrators group on the device: The Azure AD global administrator role The Azure AD device administrator role The user performing the Azure AD join

C is right

User 1 = user performing the join User 2 = Global Admin There is no "Microsoft Entra Joined Device Local Administrator role" mentioned. "At the time of Microsoft Entra join, we add the following security principals to the local administrators group on the device: The Microsoft Entra Global Administrator role The Microsoft Entra Joined Device Local Administrator role The user performing the Microsoft Entra join" https://learn.microsoft.com/en-us/entra/identity/devices/assign-local-admin

Is it sufficient to practice only free dumps as 270 questions only or need to have all to pass the exam ?

https://learn.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin

Is it sufficient if I only go through free questions available and not the paid one ? Please suggest.

It should be user 1 & User 2 only. Azure AD Cloud Device Administrator role itself does not automatically grant local administrative privileges on Azure AD Joined devices. You need to use additional configuration steps, such as policies or group membership settings, to grant administrative access to users or groups on the local device. So user can't be the part of local administrator group

User 1 & 2 only

This question feels very badly worded

User1 and User2 only

Global Admin, Azure AD joined device local administrator role, User joining the device. The additional local administrators box is for any addition local admins you want to manually add, but default is set to none

C) " User1 and User2 only " User1 because he joined the Device to the tenant so he must be Admin on the device. By default, Local administrators on joined devices, are the device owners and Global Administrators, so User2 is also. Reference: https://docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin#how-it-works

Correct Answer: C 🗳️ Users may join devices to Azure AD - This setting enables you to select the users who can register their devices as Azure AD joined devices. The default is All. Additional local administrators on Azure AD joined devices - You can select the users that are granted local administrator rights on a device. Users added here are added to the Device Administrators role in Azure AD. Global administrators, here User2, in Azure AD and device owners are granted local administrator rights by default. Reference: https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal

C is correct When you connect a Windows device with Azure AD using an Azure AD join, Azure AD adds the following security principals to the local administrators group on the device: *The Azure AD global administrator role *The Azure AD device administrator role *The user performing the Azure AD join *Users may join devices to Azure AD - This setting enables you to select the users who can register their devices as Azure AD joined devices. The default is All. *Azure AD Join enables users to join their devices to Active Directory from anywhere as long as they have connectivity with the Internet *The Users may join devices to Azure AD setting enables you to select the users who can join devices to Azure AD. Options are All, Selected and None. The default is All **remember AZ AD device admin is NOT same as Cloud device admin, MS misleading here*

C. User1 and User2 only

Ans. C Tested this in lab Azure Joined device with User1. Was presented with a box stating domain joining and User1 would be Administrator of device. Added User2 to Cloud Device Administrator Role. Signed into the device and tried to run cmd as administrator. Result...UAC screen requesting administrative credentials. Entered User1 credentials and administrative cmd opened.