Crucial Exams

Microsoft 365 Endpoint Administrator Associate MD-102 Practice Question

You create an Endpoint security Attack surface reduction policy in Intune that configures the rule "Block credential stealing from the Windows local security authority subsystem (lsass.exe)" with an enforcement action of Block. The policy is assigned to a group of Windows 10 21H2 devices enrolled in Intune. In the Microsoft 365 Defender portal, the targeted devices report an error state with code 50 and the rule is not applied. Which condition is the most likely cause of this behavior?

  • The devices are Azure AD joined instead of hybrid Azure AD joined.

  • Cloud-delivered protection is disabled on the devices.

  • Microsoft Defender Antivirus is running in passive mode because another antivirus product is registered as the primary antivirus.

  • The devices are managed only by Intune and are not co-managed with Configuration Manager.

Microsoft 365 Endpoint Administrator Associate MD-102
Protect devices
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot