You have a Microsoft 365 E5 subscription. The subscription contains devices that are Microsoft Entra joined and enrolled in Microsoft Intune.
You create a user named User1.
You need to ensure that User1 can rotate Bitlocker recovery keys by using Intune.
Solution: From the Microsoft Intune admin center, you assign the Endpoint Security Manager role to User1.
Does this meet the goal?
Your company has a Microsoft 365 subscription.
All the users in the finance department own personal devices that run iOS or Android. All the devices are enrolled in Microsoft Intune.
The finance department adds new users each month.
The company develops a mobile application named App1 for the finance department users.
You need to ensure that only the finance department users can download Appl.
What should you do first?
You plan to deploy Windows 11 Pro to 200 new computers by using the Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).
The company has a Volume Licensing Agreement and uses a product key to activate Windows 11.
You need to ensure that the new computers will be configured to have the correct product key during the installation.
What should you configure?
You have a Microsoft 365 subscription that includes Microsoft Intune.
You plan to use Windows Autopilot to deploy Windows 11 devices.
You need to meet the following requirements during Autopilot provisioning:
* Display the app and profile configuration progress.
* Block users from using the devices until all apps and profiles are installed
What should you configure?
You have a Microsoft 365 tenant that contains the devices shown in the following table.
The devices are managed by using Microsoft Intune.
You create a compliance policy named Policy1 and assign Policy1 to Group1. Policy1 is configured to mark a device as Compliant only if the device security settings match the settings specified in the policy.
You discover that devices that are not members of Group1 are shown as Compliant.
You need to ensure that only devices that are assigned a compliance policy can be shown as Compliant. All other devices must be shown as Not compliant.
What should you do from the Microsoft Intune admin center?