N, you do it with Azure Active Directory Domain Services (Azure AD DS) Y, N, you can REGISTER Windows 10, iOS, Android, and MacOS devices, NOT JOIN them - https://docs.microsoft.com/en-us/azure/active-directory-domain-services/manage-group-policy - https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join - https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-register

Azure AD DS is a feature of Azure AD. You guys are splitting atoms here. Answers should be YYN

Correct answer is NYY Azure AD does not support GPs in a similar way as windows active directory, you need Azure AD DS which is a separate service from Azure AD, and requires additional configuration and setup. Also, AAD DS is not included with every Azure subscription, so you'll need to check if it's available in your subscription before you can use it. To join an Android device to Azure AD using Microsoft Intune or Azure AD Device Management, you must first set up a device enrollment profile and configure the necessary settings to enable Azure AD Join. Once the device is enrolled and joined to Azure AD, you can manage the device and apply policies and configurations to ensure secure access to your organization's resources.

Hot Take it Should Be. Y Y Y Greetings, Phil Spencer Head of Microsoft Gaming

Was on exam 03/02/23

YYN is the answer. https://learn.microsoft.com/en-us/training/modules/describe-azure-identity-access-security/2-directory-services Azure Active Directory Domain Services (Azure AD DS) is a service that provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication. Just like Azure AD lets you use directory services without having to maintain the infrastructure supporting it, with Azure AD DS, you get the benefit of domain services without the need to deploy, manage, and patch domain controllers (DCs) in the cloud. https://learn.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join Operating Systems - All Windows 11 and Windows 10 devices except Home editions - Windows Server 2019 and newer Virtual Machines running in Azure

You can create Group Policies in Azure Active Directory (Azure AD). - No, Azure Active Directory itself does not directly support creating Group Policies. This is done through Azure Active Directory Domain Services (Azure AD DS), which provides domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory. You can join Windows 10 devices to Azure Active Directory (Azure AD). - Yes, Windows 10 devices can be Azure AD joined to provide seamless SSO capabilities, access to cloud and on-premises resources, and easier device management. You can join Android devices to Azure Active Directory (Azure AD). - No, Android devices cannot be "joined" to Azure AD in the same way Windows devices can be. They can be registered in Azure AD, which provides identity as a service with support for Android, iOS, and other platforms for single sign-on, conditional access, and self-service capabilities across apps.

No Yes Yes Azure Active Directory (Azure AD) does not support the creation of Group Policies in the same way that on-premises Active Directory (AD) does. Group Policies, as they are traditionally understood, are used to manage and enforce settings on Windows-based devices within an on-premises AD environment.

No - Group policies are a feature of Active Directory on-premises, not Azure AD. However, Azure AD does support conditional access policies and other similar features. Yes - You can join Windows 10 devices to Azure AD. No - You cannot directly join Android devices to Azure AD like you can with Windows 10 devices. However, you can manage Android devices using Microsoft Intune, which integrates with Azure AD.

NYN MS definition of joined and registered is confusing. https://learn.microsoft.com/en-us/entra/identity/devices/concept-device-registration "Registered to Microsoft Entra ID without requiring organizational account to sign in to the device" this supports android https://learn.microsoft.com/en-us/entra/identity/devices/concept-directory-join "Joined only to Microsoft Entra ID requiring organizational account to sign in to the device" no android here.

No Yes Yes

the last question is YES. An Android device can be both registered and joined to Azure Active Directory (Azure AD), depending on the management and integration requirements of your organization

I'll go with NYN.

NYN The statements don't state AAD DS for group policy or Workplace Join for adding Android devices. It simply states AAD.

seems the answer here is YYY

Answer is NO YES NO 1- N Its AAD-DS 2-Y obviously 3- N you can register and Jon only through workplace join

was on test on december 2022