Crucial Exams

Microsoft 365 Administrator Expert MS-102 Practice Question

Your company manages 5,000 hybrid Azure AD-joined Windows 10 devices by using Microsoft Intune, and every device is onboarded to Microsoft Defender for Endpoint. A recent incident revealed that several users, who had obtained local administrator rights, disabled Microsoft Defender Antivirus real-time protection through registry edits. You must block any local or remote attempts to modify Microsoft Defender Antivirus settings while ensuring that Intune can continue to configure those settings in the future. What should you do?

  • Enable Controlled Folder Access in an Endpoint security Attack surface reduction policy.

  • Deploy an Endpoint security Antivirus policy in Intune that sets Tamper Protection to Enable.

  • Create a Settings catalog device restriction that disables Windows Security Center notifications.

  • Deploy an Endpoint security Firewall policy that enables stateful inspection for all profiles.

Microsoft 365 Administrator Expert MS-102
Manage security and threats by using Microsoft Defender XDR
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot