ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-101 All Questions

View all questions & answers for the MS-101 exam
Go to Exam

Exam MS-101 topic 3 question 110 discussion

Actual exam question from Microsoft's MS-101
Question #: 110
Topic #: 3
[All MS-101 Questions]

You have a Microsoft 365 tenant.
Company policy requires that all Windows 10 devices meet the following minimum requirements:
✑ Require complex passwords.
✑ Require the encryption of data storage devices.
Have Microsoft Defender Antivirus real-time protection enabled.

You need to prevent devices that do not meet the requirements from accessing resources in the tenant.
Which two components should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. a configuration policy
  • B. a compliance policy
  • C. a security baseline profile
  • D. a conditional access policy
  • E. a configuration profile
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by Rifie at April 28, 2022, 3:49 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Contactfornitish
Highly Voted 2 years, 9 months ago
Selected Answer: BD
It specifically says, *need to prevent*, if asked for *configure* then C was considered or even E but it talks about prevent means you need CAS and CAS would work on basis on compliance policy here
upvoted 7 times
...
RazielLycas
Most Recent 2 years, 9 months ago
Selected Answer: BD
You don't "need" E, you may set encryption, complex password and defender via GPO don't assume what is not told. Question is about keep device away if not complaint and thats require just compliance policy and conditional access
upvoted 4 times
...
ercluff
2 years, 11 months ago
Another sneeky Microsoft test question. Practically speaking, you would need B, D, and E. The compliance policy would fix a risk level for a connecting device so that the conditional access policy could determine whether or not to allow that device to access network resources. It would only make logical sense to have a device configuration profile to set the complex passwords, storage device encryption, and Defender anti-virus requirments into action, but Microsoft seems more interested in excluding non-compliant devices than in seeing that devices meet compliance. You judge.
upvoted 2 times
...
Davidchercm
2 years, 11 months ago
you can do complex password in compliance policy :https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-windows
upvoted 1 times
...
Davidchercm
2 years, 12 months ago
i would think it is more like B &D
upvoted 2 times
...
Rifie
3 years ago
I think its B&E in device restrictions you can manage complex password policy
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago