Manage & Protect

Question 1

What does Windows Defender ATP stand for?

Answer 1

Windows Defender Advanced Threat Protection

Question 2

Where are two places you can get Windows Defender ATP?

Answer 2

Windows 10 Enterprise/Education E5 Subsciption

Part of Microsoft Threat Protection

Question 3

Can you find the Security portal in Azure?

Answer 3

Yes

Question 4

Six features of Windows Defender ATP?

Answer 4

Threat Vulnerability
-Constantly looking at your system for vulnerabilities

Attack Surface Reduction
-Example by not running services Organisation does not need

Endpoint Detection

Automated Remediation
-Attack is detected and ATP takes steps to eradicate

Secure Score
-x/100. Represents how secure your Infrastructure is overall

APIs
-Makes it easy to implement in your existing security workflows

Question 5

What does Credential Guard do?

Answer 5

Virtualizes security of credentials, meaning the credential is separated from the OS

Question 6

Requirements of Credential Guard

Answer 6

Virtulization
-64 Bit Cpu

Secure Boot

TMP 1.2 or 2.0

UEFI Lock

Question 7

What are 3 ways you can configure Credential Guard?

Answer 7

Group Policy

Registry

Hardware Readiness Tool

Question 8

4 Components for Exploit Guard?

Answer 8

Exploit Protection

Attack Surface Reduction Rules

Network protection

Controlled folder access

Question 9

Do all 4 of the Exploit Guard rely on Windows Defender Antivirus? (Real Time protection)

Answer 9

Yes

Question 10

Where can you locate the Virus Real Time protection settings?

Answer 10

Settings -> Updates & Security -> Windows Security -> Virus & Threat Protection settings

Question 11

Can you use an Evaluation Tool for Exploit Guard to see if it is right for your environment?

Answer 11

Yes through scrips provided by Microsoft, an audit mode and a Windows defender Test Ground

Question 12

What does Application Control Limit?

Answer 12

Apps

Scripts including Powershell

MSIs

Question 13

Two ways to configure Windows Defender Application Control?

Answer 13

Group Policy

Intune

Question 14

What are the 2 components of the retired Windows Defender Device Guard?

Answer 14

Windows Defender Exploit Guard

Windows Defender Application Control

Question 15

What does the Windows Defender Application Guard protect within?

Answer 15

IE

Edge

Question 16

How do you turn on Windows Defender Application Guard?

Answer 16

Windows Feature on and Off

Question 17

If you upload On Prem AD to the cloud, does it become Azure AD?

Answer 17

No, when you upload On Prem AD it just stays in the cloud and acts as infrastructure as a service and receive the benefits of the cloud things.

Question 18

Does Hybrid AD join Azure AD?

Answer 18

Yes

Question 19

What is an Azure Tenant?

Answer 19

Your instance of Azure AD when you sign up for the Cloud

Question 20

What is a Single Tenant?

Answer 20

You only access resources in your oganization

Question 21

What is a Multi Tenant?

Answer 21

You access resources across organizations

Question 22

What is an Azure AD Acct?

Answer 22

Identity stored in Azure AD; Work or School account

Question 23

What is a Custom Domain?

Answer 23

Domain other than onmicrosoft.com

Question 24

What is an Acct Admin?

Answer 24

Billing owner of the subscription (classic)

Question 25

What is a Service Admin?

Answer 25

Manage all resources (classic)

Question 26

What is an Owner?

Answer 26

Manage all resources (RBAC)

Question 27

What is an Azure AD Global Admin?

Answer 27

Persons who created the Azure ad Tenant

Question 28

What is a MSA?

Answer 28

Microsoft Account

Question 29

What is a directory role?

Answer 29

A role within Azure such as admin roles and permissions

Question 30

What do you get as part of the Azure AD Free License?

Answer 30

User & Group Management

On Prem directory sync

Basic Reports

SS0 - Azure, O365, SaaS

Question 31

What do you get as part of the Azure AD Basic License?

Answer 31

All of Azure AD Free

Cloud-Centric app access

Azure AD Application Proxy

Question 32

What do you get as part of the Azure AD Premium P1?

Answer 32

Hybrid users for On-Prem and cloud resource access

Advanced administration

Question 33

What do you get as part of the Azure AD Premium P2?

Answer 33

Azure Directory Identity Protection

Privileged Identity Management (control what Admins can do)

Question 34

What do you get as part of the “Pay as you go”

Answer 34

Pay as you go…

Azure AD Business to client

Question 35

What is the goal of device management in Azure AD?

Answer 35

To support a BYOD infrastructure and have “anytime, anywhere” availability and to protect corporate data

Question 36

What devices do Azure AD accomodate?

Answer 36

Windows

iOS

Anroid

macOS

Question 37

What does “registering” mean withing the Azure AD?

Answer 37

Providing an identity for a device (to enable or disable device)

MDM for security and compliance (Intune)

Question 38

What does “joining” mean withing the Azure AD?

Answer 38

An extension of registering (changes local state)

User logon using identity: Autopilot, bulk, self service

Designed for cloud but works with hybrid

Windows 10 ONLY

Question 39

What are the benefits of “joining” the Azure AD?

Answer 39

SSO

Roaming

Windows Store for Business

Windows Hello

Restriction of access

Seamless on-prem access

Question 40

What are the some use cases of “joining” the Azure AD?

Answer 40

Transitioning
-From On-Prem to Azure AD

On-Prem AD not possible

Users really just need O365 or other MS SaaS

Seasonal Workers, Contractors

Question 41

What are the some use cases of “joining” a Hybrid Azure AD?

Answer 41

SCCM & GP

Win32 apps might rely on traditional AD

You love imaging

Have a bunch of W7 or W8.1

Question 42

How would (4 way) devices authenticate before joining Azure AD in a Federated Environment?

Answer 42

Authenticate through two required protocols:
WS-Fed (join) and WS-Trust (login)

SAML
-Authentication through a web interface

Smartcards with AD Federation Services

Windows Hello for Business (recommendation)

Question 43

What does the MDM Migration Analysis Tool (MMAT) do?

Answer 43

Tells you what would happen if you transfer your Group Policies to Intune

Question 44

What should you use to manage your devices?

Answer 44

EITHER:

MDM-only (strongly recommened by Microsoft)

Co-management (Intune + SCCM)

MDM Migration Analysis Tool (MMAT)

Question 45

Ways to get device joined to Azure AD?

Answer 45

Self Service

• User Interaction
• OOBE
• Default admin right when done this way
• 1511+

Autopilot

• User interaction
• OOBE
• CAN configure admin rights
• 1709+

Bulk Enrollment

• No user interaction
• OOBE
• No admin Rights
• 1703+

Question 46

What options should you consider during your planning of Azure AD Join?

Answer 46

How devices authenticate to join Azure AD (eg. Federated Environments)

What will you use to manage devices (Either Intune or SCCM or both)

How devices are joined to Azure AD (Self Services, Autopilot or Bulk Enrollment)

Question 47

Where do you add a custom domain name in Azure?

Answer 47

Azure Active Directory -> Custom Domain Names

Question 48

Where can you add Groups in Azure? and what group types can you choose from?

Answer 48

Azure Active Directory -> Groups

Security or office 365

Question 49

How do you add groups/users to Azure AD?

Answer 49

Azure Active Directory -> Devices -> Device Settings

Click “users may join devices to Azure AD” and choose SELECTED

Question 50

How would a user join Azure AD by themselves?

Answer 50

Settings -> Accounts -> Access work or school|

“Join Azure Active Directory”

Question 51

What is required to be setup when joining the Azure AD on behalf on the user?

Answer 51

Windows Hello and MFA

Question 52

How do you enroll devices in Intune?

Answer 52

Azure Active Directory -> Mobility (MDM and MAM) -> Intune -> Configure

Change scope to “Some” and add the groups

Configure the user profile making sure usage location is filled

Question 53

Do you have to assign a License to a user to use Intune?

Answer 53

Yes, choose one of the licences that has Intune eg E3

Question 54

What does the app Company portal do?

Answer 54

Deploy company apps and configurations to users

Question 55

Where can you find documentation within Intune?

Answer 55

Azure -> Intune -> Quick Start

Question 56

Where can you change the default Compliance policy settings and should you?

Answer 56

Intune -> Device Compliance -> Compliance policy Settings

Yes you definitely should as devices with no compliance settings are set to compliant…by default..

Question 57

How do you check the hardware specifications of a device?

Answer 57

Intune -> Devices - All devices -> Click into device

Click on hardware

Question 58

Which Windows Analytics solution uses Windows diagnostic data to provide notification of Windows Information Protection misconfigurations that send prompts to end users?

Answer 58

Device Health

Question 59

Which components of Windows Defender Exploit Guard protects the endpoint against web-based threats by blocking any outbound process on the device to untrusted hosts/IP through Windows Defender SmartScreen?

Answer 59

Network Protection

Question 60

What action does the Fresh Start reset feature in Intune perform on a PC running Windows 10, version 1703 or later?

Answer 60

Removes any apps that are installed

Question 61

Which component of Windows Intune creates a configuration profile that includes that best practices and recommendations on settings that impact security?

Answer 61

Security Baseline

Question 62

If an employee goes to an untrusted site through either Microsoft Edge or Internet Explorer, what allows Microsoft Edge to open the site in an Isolated Hyper-V-enabled container, which is separate from the host operating system?

Answer 62

Windows Defender Application Guard

Question 63

What are the two ways to get devices enrolled in Intune?

Answer 63

Users can self-enroll their devices

You can configure policies to force automatic enrollment without any user involvement

Question 64

What is the maximum number of devices can a single Intune user enroll with a single Intune license?

Answer 64

15

Question 65

What happens to Windows Defender Antivirus if you have another antivirus product running and up-to-date on your Windows 10 device?

Answer 65

Windows 10 will disable Windows Defender Antivirus

Question 66

Which service of Windows defender is designed to lock down the device against a wide variety of attack vectors and block behaviors commonly used in malware attacks, while enabling enterprises to balance their security risk and productivity requirements?

Answer 66

Exploit Guard

Question 67

Which actions can be performed on a device enrolled in Intune?

Answer 67

Retire

Wipe

Remote Lock

Synchronize Device

Reset Passcode

Question 68

How many mobile devices can the device enrollment manager (DEM) account enroll in Intune?

Answer 68

1000

Question 69

Which Windows Analytics solution provides for the identification of devices that crash frequently, and therefore might need to be rebuilt or replaced and identification of device drivers that are causing device crashes, with suggestions of alternative versions of those drivers that might reduce the number of crashes?

Answer 69

Device health

Question 70

What kind of non-Windows devices can you enroll with Company Portal?

Answer 70

Android

macOS

iOS

Question 71

How can you provide and up to the minute listing of devices enrolled in Intune?

Answer 71

Browse the list of enrolled devices in Intune:

then “Devices > All devices”

Question 72

Which port does the Linux and Windows Log Analytics agent communicate outbound to the Azure Monitor service?

Answer 72

TCP Port 443

Question 73

Yes or No:

Can Intune allow you to configure and enable MAM policies over managed applications, without implementing Intune MDM or any 3rd party MDM solution?

Answer 73

Yes

You will need to push a certificate for trust

Question 74

Which methods does Intune support for enrolling iOS company-owned devices?

Answer 74

Apple’s Device Enrollment Program (DEP)

Apple School Manager

Apple Configurator Setup Assistant enrollment

Apple Configurator direct enrollment

Question 75

For optimal performance, Microsoft recommends how much RAM for computers that have Application Guard enabled?

Answer 75

8GB

Question 76

What happens if you install .msi files from the Internet on a computer protected by Windows Defender Application Control?

Answer 76

It’s blocked

Question 77

Which components of Windows Defender Exploit Guard is a set of exploit mitigations that replaced the Enhanced Mitigation Experience Toolkit?

Answer 77

Exploit Protection

Question 78

Which components of Windows Defender Exploit Guard is a set of controls that enterprises can enable to prevent malware from getting on the machine by blocking Office, scripts and email-based threats?

Answer 78

Attack Surface Reduction

Question 79

Yes Or No

Is Windows Defender Application Guard supported on VMS and VDI environment?

Answer 79

No….but seen it tho…

Question 80

What is the difference in the recommendations for Windows security baselines for group policy vs Intune?

Answer 80

All settings are the same except some settings in group policy baseline that are specific to an on-premises domain controller

Question 81

What are the four components of Windows Defender Exploit Guard?

Answer 81

Exploit Protection

Attack surface reduction

Network Protection

Controlled folder access

Question 82

What happens when you check the “Retain enrollment state and user account” option when you perform a Wipe in Intune?

Answer 82

Keeps user accounts and data

Wipes all MDM Policies

Resets user settings back to default

Resets the operating system to its default state and settings

Question 83

Which component of Windows Defender Exploit Guard protects sensitive data from ransomware by blocking untrusted processes from accessing your protected folders?

Answer 83

Controlled Folder Access

Question 84

What is the difference between a “Wipe” and “Retire” in Intune?

Answer 84

Retire leaves the user’s personal data on the device while a Wipe does not retain user files, user-installed apps or non-default settings

Question 85

What version of Android operating system is required to enroll the device with the Microsoft Intune App?

Answer 85

Android 6.0+