1. Home
  2. MS-102 Free Questions
Free Demo Questions

Test Online Free Microsoft MS-102 Exam Questions and Answers

Practice a live sample before buying full access. This page keeps the free MS-102 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.

Updated Jan 07, 2026 100 Questions 7 Pages
Get MS-102 Full Access
Page 6 of 7
Previous Page
Next Page
Question 76 Selectable Answer
You have a Microsoft 365 E5 tenant.
You plan to deploy 1.000 new iOS devices to users. The devices will be shipped directly from the supplier to the users.
You need to recommend a Microsoft Intune enrollment option that meets the following requirements:
• Minimizes user interaction
• Minimizes administrative effort
• Automatically installs corporate apps
What should you recommend?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/mem/intune/enrollment/ios-enroll
Question 77 Selectable Answer
You need to protect the U.S. PII data to meet the technical requirements.
What should you create?

Answer:
Question 78 Written Answer
HOTSPOT
You have a Microsoft 365 E5 tenant that contains the users shown in the following table.



Users are assigned Microsoft Store for Business roles as shown in the following table.



Which users can add apps to the private store in Microsoft Store for Business, and which users can install apps from the private store? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-store/acquire-apps-microsoft-store-for-business
https://docs.microsoft.com/en-us/microsoft-store/distribute-apps-from-your-private-store
Question 79 Written Answer
HOTSPOT
You need to configure the information governance settings to meet the technical requirements.
Which type of policy should you configure, and how many policies should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:

Question 80 Selectable Answer
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Office 365 Advanced Threat Protection (ATP) settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Azure Active Directory admin center, you assign SecAdmin1 the Teams Service Administrator role.
Does this meet the goal?

Answer:
Explanation:
You need to assign the Security Administrator role.
Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide
Question 81 Written Answer
DRAG DROP
Your company has a Microsoft 365 E5 tenant.
Users access resources in the tenant by using both personal and company-owned Android devices.
Company policies requires that the devices have a threat level of medium or lower to access
Microsoft Exchange Online mailboxes.
You need to recommend a solution to identify the threat level of the devices and to control access of the devices to the resources.
What should you include in the solution for each device type? To answer, drag the appropriate components to the correct devices. Each component may be used once, more than once, or not at
all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.


Answer:

Question 82 Selectable Answer
Which report should the New York office auditors view?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
This report also shows policy matches over time, like the policy matches report. However, the policy matches report shows matches at a rule level; for example, if an email matched three different rules, the policy matches report shows three different line items. By contrast, the incidents report shows matches at an item level; for example, if an email matched three different rules, the incidents report shows a single line item for that piece of content. Because the report counts are aggregated differently, the policy matches report is better for identifying matches with specific rules and fine tuning DLP policies. The incidents report is better for identifying specific pieces of content that are problematic for your DLP policies.
Question 83 Selectable Answer
You have a Microsoft 365 subscription.
Your company has a customer ID associated to each customer. The customer IDs contain 10 numbers followed by 10 characters. The following is a sample customer ID: 12-456-7890-abc-de-fghij.
You plan to create a data loss prevention (DLP) policy that will detect messages containing customer IDs.
What should you create to ensure that the DLP policy can detect the customer IDs?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/custom-sensitive-info-types?view=o365-worldwide
Question 84 Written Answer
HOTSPOT
You have a Microsoft 365 subscription that links to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
A user named User1 stores documents in Microsoft OneDrive.
You need to place the contents of User1’s OneDrive account on an eDiscovery hold.
Which URL should you use for the eDiscovery hold? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/create-ediscovery-holds
Question 85 Written Answer
DRAG DROP
You need to meet the requirement for the legal department.
Which three actions should you perform in sequence from the Security & Compliance admin center? To answer, move the appropriate actions from the list of actions to the answer area and arrange
them in the correct order.


Answer:


Explanation:
Reference: https://www.sherweb.com/blog/ediscovery-office-365/
Question 86 Selectable Answer
Your company has offices in five cities.
The company has a Microsoft 365 tenant.
Each office is managed by a local administrator.
You plan to deploy Microsoft Intune.
You need to recommend a solution to manage resources in intune that meets the following requirements:
Local administrators must be able to manage only the resources in their respective office.
Local administrators must be prevented from managing resources in other offices.
Administrative effort must be minimized.
What should you include in the recommendation?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/mem/intune/fundamentals/scope-tags
Question 87 Written Answer
HOTSPOT
As of March, how long will the computers in each office remain supported by Microsoft? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
https://support.microsoft.com/en-gb/help/13853/windows-lifecycle-fact-sheet March Feature Updates: Serviced for 18 months from release date September Feature Updates: Serviced for 30 months from release date
Reference: https://www.windowscentral.com/whats-difference-between-quality-updates-and-feature-updates-windows-10
Question 88 Written Answer
1. Topic 1, Contoso, Ltd

Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The company has the employees and devices shown in the following table.



Contoso recently purchased a Microsoft 365 ES subscription.

Existing Environment
Requirement
The network contains an on-premises Active Directory forest named contoso.com.
The forest contains the servers shown in the following table.




All servers run Windows Server 2016. All desktops and laptops are Windows 10 Enterprise and are joined to the domain.
The mobile devices of the users in the Montreal and Seattle offices run Android. The mobile devices of the users in the New York office run iOS.

The domain is synced to Azure Active Directory (Azure AD) and includes the users shown in the following table.



The domain also includes a group named Group1.

Planned Changes
Contoso plans to implement the following changes:
• Implement Microsoft 365.
• Manage devices by using Microsoft Intune.
• Implement Azure Advanced Threat Protection (ATP).
• Every September, apply the latest feature updates to all Windows computers. Every March, apply the latest feature updates to the computers in the New York office only.
Technical Requirements
Contoso identifies the following technical requirements:
• When a Windows 10 device is joined to Azure AD, the device must enroll in Intune automaticity.
• Dedicated support technicians must enroll all the Montreal office mobile devices in Intune.
• User1 must be able to enroll all the New York office mobile devices in Intune.
• Azure ATP sensors must be installed and must NOT use port mirroring.
• Whenever possible, the principle of least privilege must be used.
• A Microsoft Store for Business must be created.

Compliance Requirements
Contoso identifies the following compliance requirements:
• Ensure that the users in Group1 can only access Microsoft Exchange Online from devices that are enrolled in Intune and configured in accordance with the corporate policy.
• Configure Windows Information Protection (W1P) for the Windows 10 devices.

HOTSPOT
You need to configure a conditional access policy to meet the compliance requirements.
You add Exchange Online as a cloud app.
Which two additional settings should you configure in Policy1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Reference: https://docs.microsoft.com/en-us/intune/create-conditional-access-intune
Question 89 Written Answer
DRAG DROP
You have a Microsoft 365 E5 subscription.
Several users have iOS devices.
You plan to enroll the iOS devices in Microsoft Endpoint Manager.
You need to ensure that you can create an iOS/iPadOS enrollment profile in Microsoft Endpoint
Manager.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Answer:


Explanation:
Reference: https://docs.microsoft.com/en-us/mem/intune/enrollment/apple-mdm-push-certificate-get
Question 90 Selectable Answer
You have a Microsoft 365 E5 subscription.
Users have the devices shown in the following table.



On which devices can you manage apps by using app configuration policies in Microsoft Endpoint Manager?

Answer:
Explanation:
You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps on devices that are and are not enrolled in Microsoft Endpoint Manager.
Reference: https://docs.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview
Showing page 6 of 7
Previous Page
Next Page

All copyrights reserved 2026 PassQuestion NETWORK CO.,LIMITED. All Rights Reserved.

Passquestion doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All Passquestion content is sourced from the Internet.