MD-102 Exam QuestionsBrowse all questions from this exam

MD-102 Exam - Question 21


You have an Azure AD tenant and 100 Windows 10 devices that are Azure AD joined and managed by using Microsoft Intune.

You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the devices. The solution must minimize administrative effort.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Answer
Correct Answer: DE

To configure Microsoft Defender Antivirus, you should create a device configuration profile and configure the Device restrictions settings. This allows you to set up various antivirus policies such as exclusions and scanning options. To configure Microsoft Defender Firewall, you should create a device configuration profile and configure the Endpoint protection settings, which lets you manage and apply firewall rules. Both methods facilitate centralized management via Microsoft Intune, minimizing administrative effort.

Discussion

17 comments
Sign in to comment
deinthOptions: DE
Aug 29, 2023

for firewall E: https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune for antiviurs D: https://learn.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10#microsoft-defender-antivirus

SalonaSahni
Sep 3, 2023

DE is the Answer D:Microsoft Defender Antivirus: Device config-Device Restrictions- It has 28-34 settings for Antivrus. E: Microsoft Defender Firewall- Device config- Endpoint Protection (Global settings, netwok settings, Firewall rules) I have cross checked the lab. THe Endpoint Protection does not have the option for MS Defender Antivirus.

Futfuyfyjfj
Sep 13, 2023

Checked this in Intune and DE is the only correct aswer!

minasamyOptions: BC
Aug 20, 2023

B and C are the correct answers : B. Creating a device configuration profile and configuring the Device restrictions settings allows you to manage the Microsoft Defender Firewall settings on your Azure AD joined Windows 10 devices through Microsoft Intune. This profile can help you configure and manage firewall rules and settings without the need for traditional Group Policy. C. Creating a device configuration profile and configuring the Endpoint protection settings allows you to manage Microsoft Defender Antivirus settings on your Azure AD joined Windows 10 devices through Microsoft Intune. This profile enables you to configure antivirus settings, exclusions, scanning options, and more, all while minimizing administrative effort.

Futfuyfyjfj
Sep 13, 2023

I just checked in the Intune portal, but there is no Defender firewall component in Device restrictions. However in device restrictions IS a Defender AV option. I consider your answer as wrong. I am still going for DE

MR_EliotOptions: CE
Feb 23, 2024

Answers are C & E. You can manage both with endpoint security configuration profile. I have confirmed this in my own tenant. Device Restriction is more about what length of password users should have etc.

b0gdan433Options: DE
Nov 24, 2023

Correct answer is DE, took the exam today and the 2 points for this.

iTomi
Nov 28, 2023

Good for you, but MS/Pearson does'n reveal right answers after test. Or did you get 900 points? Doubting that...

NoursBear
Nov 28, 2023

that's what I thought about this, you can only know which topics you did well on but no way can you tell based on a question

Tati_OliveiraOptions: CE
Nov 29, 2023

O Antivirus é configurado dentro de Device Restrictions e não dentro de Endpoint Protection. Dentro de Endpoint Protection é possível configurar: Application Guard Firewall Defender Smart Screen Windows Encryption Defender Exploit Guard Defender Application Control Defender Credential Guard Defender Security Center Local device security Options XBox Services

ThePrutserOptions: DE
Nov 30, 2023

Went through the intune admin center: - Firewall config is done via Endpoint Protection - Antivirus config is done via Device restrictions

proservicesOptions: DE
Jan 8, 2024

D & E - Just checked in the Lab

KrayzrOptions: DE
Jan 31, 2024

AGREE WITH DE

Anonymouse1312Options: CE
Feb 19, 2024

Dumb question. C is also correct it seems: "Antivirus policies include the same settings as found endpoint protection or device restriction templates for device configuration policy. However, those policy types include additional categories of settings that are unrelated to Antivirus. ----->>>>> The additional settings can complicate the task of configuring Antivirus workload" https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-antivirus-policy correct me if im wrong, but fail to see how

SssssgOptions: DE
Mar 5, 2024

Answer is DE

Dave808Options: BC
Mar 25, 2024

To configure Microsoft Defender Firewall and Microsoft Defender Antivirus on your Azure AD-joined Windows 10 devices while minimizing administrative effort, you should perform the following actions: B. To configure Microsoft Defender Firewall: Create a device configuration profile in Microsoft Intune. Configure the Device restrictions settings within the profile. Specify the desired firewall rules and settings for your devices. C. To configure Microsoft Defender Antivirus: Create another device configuration profile in Microsoft Intune. Configure the Endpoint protection settings within the profile. This allows you to manage antivirus settings, exclusions, and other related configurations. By following these steps, you can effectively set up both Microsoft Defender Firewall and Microsoft Defender Antivirus without the need for additional Group Policy Objects (GPOs) or manual administrative tasks.

BhuruOptions: BC
Apr 30, 2024

BC is the answer Microsoft defender firewall is managed in device restrictions and AV in endpoint protection...the way you guys get lost is disturbing

keshav80Options: DE
May 11, 2024

DE is 100% right. I have verified. Be relaxed.

nicholaswildernOptions: CE
Jun 25, 2024

Perplexity AI To configure Microsoft Defender Firewall and Microsoft Defender Antivirus on your Azure AD-joined Windows 10 devices managed by Microsoft Intune, and to minimize administrative effort, you should perform the following actions: To configure Microsoft Defender Antivirus: Create a device configuration profile and configure the Endpoint protection settings. This allows you to manage antivirus policies directly through Intune, which is streamlined for managing multiple devices in an enterprise environment. To configure Microsoft Defender Firewall: Create a device configuration profile and configure the Endpoint protection settings. This approach also leverages Intune's capabilities to manage firewall settings across all devices efficiently. Therefore, the correct answers are: C. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Endpoint protection settings. E. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Endpoint protection settings.

kiik32Options: CE
Jul 15, 2024

C and E you can configure both from the endpoint protection template

kiik32
Jul 15, 2024

actually from enpoint protection you enable the antivirus rather than configuring, so for that you will need a device restrictions template.

oopspruuOptions: DE
Jul 19, 2024

D&E are correct options. Tested in lab 2024/07

veliyathOptions: DE
Jul 22, 2024

D. To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Device restrictions settings. Configure Microsoft Defender Antivirus using Device restrictions in Intune E. To configure Microsoft Defender Firewall, create a device configuration profile and configure the Endpoint protection settings. Configure Microsoft Defender Firewall rules using Endpoint protection in Intune These selections ensure that the configurations for both Microsoft Defender Antivirus and Microsoft Defender Firewall are managed through Intune, aligning with the goal of minimizing administrative effort.