HOTSPOT -
You have 100 Windows 10 devices that are managed by using Microsoft Endpoint Manager.
You plan to sideload an app to the devices.
You need to configure Microsoft Endpoint Manager to enable sideloading.
Which device profile type and setting should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: Device restrictions -
In a Windows 10/11 device restrictions profile, most configurable settings are deployed at the device level using device groups. Policies deployed to user groups apply to targeted users. The policies also apply to users who have an Intune license, and users that sign in to that device.
Box 2: Trusted app installation -
Trusted app installation: Choose if non-Microsoft Store apps can be installed, also known as sideloading. Sideloading is installing, and then running or testing an app that isn't certified by the Microsoft Store. For example, an app that is internal to your company only.
Reference:
https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10
Answer is correct Under Device Restrictions > Trusted app installation Description: "Specifies whether apps from Appx packages signed with a trusted certificate can be sideloaded" https://docs.microsoft.com/en-us/mem/intune/apps/app-sideload-windows
It is moved under Device Restrictions --> Appstore --> Trusted app installation
thank you
While signing an app isn't particularly difficult, the question doesn't actually specify this. If an unsigned app is needed, the answer is Developer Unlock (allow) rather than Trusted App Installation (allow). In the scenario where an app is being deployed to 100 devices, we can assume this is not a development scenario where an unsigned app is required for early testing. So the given answer is correct in context.