Execute Device Enrolment

Question 1

True or False: Windows Home edition supports joining a domain

Answer 1

False

Question 2

True or False: Devices can only be joined to one AD-DS domain

Answer 2

True

Question 3

What does being registered in Entra ID mean for a device?

Answer 3

It can access cloud and Azure-based resources using SSO

Question 4

What user types would an Eduational Institution have in Entra ID?

Answer 4

Faculty and Student

Question 5

Describe Entra ID joining

Answer 5

A device joined only to Microsoft Entra ID requiring organizational account to sign in to the device

Question 6

Describe Entra ID registering

Answer 6

A device registered to Microsoft Entra ID without requiring organizational account to sign in to the device - for BYOD

Question 7

What is the difference between Entra ID joined and Entra ID registered?

Answer 7

Entra ID Registered devices don’t need an organisational login to access the device itself
Entra ID joined devices require an organisational login before the device can be logged on

Question 8

Should a BYOD device be Entra ID joined or registered?

Answer 8

Entra ID Registered

Question 9

True or False: an Entra ID registered device using a personal account requires Entra ID credentials to access cloud resources

Answer 9

True

Question 10

Why would an Educational Facility create Student accounts in Entra ID?

Answer 10

-Short-term org members
-More Students than Faculty members = burden of the directory can be stored in cloud rather than on prem

Question 11

True or false: Entra ID allows device joining by default

Answer 11

False - it must be enabled first

Question 12

Which Windows OS numbered versions support Entra hybrid join?

Answer 12

Windows 11, Windows 10, Windows 8.1
(but not Home Edition)

Question 13

Which Windows Server versions support Entra hybrid join?

Answer 13

-Windows Server 2008/R2
-Windows Server 2012/R2
-Windows Server 2016
-Windows Server 2019
-Windows Server 2022

Question 14

What is a down-level device?

Answer 14

A device with an older OS (e.g. Windows 7)

Question 15

What must be installed to use Entra Hybrid Join for devices older than Windows 10?

Answer 15

Microsoft Workplace Join for non-Windows 10 computers

Question 16

True or false: you can’t use Entra Hybrid Join if your environment consists of a single forest that syncs identity data to more than one Entra tenant

Answer 16

True

Question 17

What does WS-Fed stand for and what does it do?

Answer 17

Web Services Federation

An identity protocol that allows users to sign in to multiple resources and services with SSO

Question 18

What does WS-Trust stand for and what does it do?

Answer 18

Web Services Trust

A standard that enables the exchange of security tokens between web applications, APIs, and devices

Question 19

As a prerequisite for Entra Join, what are the minimum versions for WS-Trust?

Answer 19

1.3 OR 2005

Question 20

True or false: Entra-joined devices can access SSO even when disconnected from the domain network

Answer 20

True

Question 21

What does STS stand for and what does it mean?

Answer 21

Secure Token Service

Issues, validates, renews, and cancels security tokens for users, resources, and systems that request access to a federation

Question 22

What is Microsoft’s on-prem STS server?

Answer 22

AD-FS

Question 23

True or false: Using Entra Domain Services, Group Policy can manage smartphones and tablets

Answer 23

False

Question 24

True or false: Entra Domain Services is not enabled by default

Answer 24

True - it must be configured manually

Question 25

What does Entra DS do?

Answer 25

Extends on-prem AD to the cloud