MD-102 Question #527: Real Exam Question with Answer & Explanation

Question

Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem. After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen. You have a Microsoft 365 E5 subscription. The subscription contains devices that are Microsoft Entra joined and enrolled in Microsoft Intune. You create a user named User1. You need to ensure that User1 can rotate BitLocker recovery keys by using Intune. Solution: From the Microsoft Intune admin center, you assign the Endpoint Security Manager role to User1. Does this meet the goal?

Options

• AYes
• BNo

Explanation

To allow a user to rotate BitLocker recovery keys using Intune, they must be assigned an Intune role with the specific 'Rotate BitLocker keys' permission.

Common mistakes.

• A. Without the specific 'Rotate BitLocker keys' permission assigned through an Intune role, User1 cannot rotate BitLocker recovery keys from the Intune admin center.

Concept tested. Intune RBAC for BitLocker key rotation (negative case)

Reference. https://learn.microsoft.com/en-us/mem/intune/fundamentals/role-based-access-control#permissions-for-intune-roles

No community discussion yet for this question.