Crucial Exams

Microsoft 365 Endpoint Administrator Associate MD-102 Practice Question

You are creating an Endpoint security > Disk encryption policy in Microsoft Intune to enforce BitLocker on Windows 11 Enterprise laptops that are already Azure AD-joined. The security team insists that, if a user forgets the BitLocker PIN while the device is offline, administrators must be able to retrieve the recovery password from Azure AD only. Which setting in the BitLocker profile meets this requirement?

  • Allow data recovery agent

  • Hide recovery options from the BitLocker setup wizard

  • Require immediate TPM key change

  • Backup recovery passwords to Azure AD

Microsoft 365 Endpoint Administrator Associate MD-102
Protect devices
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot