Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Microsoft Discussions

Exam AZ-140 topic 4 question 27 discussion

Actual exam question from Microsoft's AZ-140
Question #: 27
Topic #: 4
[All AZ-140 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have the following:
✑ A Microsoft 365 E5 tenant
✑ An on-premises Active Directory domain
✑ A hybrid Azure Active Directory (Azure AD) tenant
✑ An Azure Active Directory Domain Services (Azure AD DS) managed domain
✑ An Azure Virtual Desktop deployment
The Azure Virtual Desktop deployment contains personal desktops that are hybrid joined to the on-premises domain and enrolled in Microsoft Intune.
You need to configure the security settings for the Microsoft Edge browsers on the personal desktops.
Solution: You configure a Group Policy Object (GPO) in the Azure AD DS managed domain.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Reference:
https://www.compete366.com/blog-posts/eight-tips-on-how-to-manage-azure-virtual-desktop-avd/
by PhyMac at May 7, 2022, 6:34 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
SneakyBD
Highly Voted 1 year, 11 months ago
Selected Answer: B
B is correct as the machines are joined to on-prem. AAD DS is NOT an extension on an on-prem, but its OWN domain. Creating a GPO in AAD DS is not going to affect these machines
upvoted 21 times
...
PhyMac
Highly Voted 2 years, 2 months ago
I feel correct answer is A. Azure ADDS has a GPO function, so you can configure the policy and enforce it for the edge browser.
upvoted 11 times
HKEX388
2 years, 1 month ago
Agree. It has ADDS but not Azure AD. ADDS supports GPO
upvoted 5 times
...
mrcljnff
1 year, 7 months ago
when you read: "Intune enrolled", AADDS never is a option because AADDS Devices cant be intune enrolled. "If you're joining session hosts to Azure Active Directory Domain Services, you can't manage them using Intune."
upvoted 1 times
...
feeneymi
1 year, 7 months ago
Yes, Azure AD DS does have GPO functionality but the hosts are not joined to this domain, they are joined to the on premise domain. Both these domains are unique and operate there own set of GPOs so the correct answer is B (NO)
upvoted 4 times
...
...
Frankmmendoza
Most Recent 11 hours, 47 minutes ago
Selected Answer: B
Based on the scenario provided and best practices for managing devices enrolled in Intune, Solution B: No, configuring a GPO in the Azure AD DS managed domain does not meet the goal of configuring the security settings for Microsoft Edge browsers on the personal desktops in your AVD deployment. Instead, you should use Intune configuration profiles to define and enforce the desired security settings for Microsoft Edge on these devices. This approach ensures effective management and compliance with organizational security policies in a modern management environment.
upvoted 1 times
...
MarineCellenza
2 months ago
Selected Answer: B
B is correct because the machines are joined to the on-prem domain not to AAD DS.
upvoted 1 times
...
RDIO
9 months, 1 week ago
Selected Answer: B
No is the answer... The machines are joined to the "on-prem AD". Not to the Azure ADDS. When it says hybrid it refering to On-Prem+Azure AD. Azure AD and Azure ADDS are two different things. Azure ADDS is it's own and different domain.
upvoted 1 times
...
vipjason
9 months, 1 week ago
Selected Answer: B
This is a trick (and very unrealistic) question. The GPO is applied to the ADDS domain and not the on-prem domain. For the life of me, i can't imagine why anyone would have a hybrid azure AD depoyment between azure AD and on-prem and still have an AAD DS. Makes no sense. The folks who make up these questions are Morons.
upvoted 2 times
...
STDY
10 months, 2 weeks ago
Selected Answer: B
Correct Answer is B. The session hosts are hybrid joined to the "On-Premises" domain not to Azure AD DS. So configuring a GPO policy in Azure AD DS will not affect the Session Hosts. Hybrid Joined refers to being joined to an Active Directory Domain, and Azure AD (Entra ID). The Active Directory Domain could refer to either the On-Premises AD or the Azure AD DS Managed Domain. In this question it specifically states that they are joined to the "On-Premises" domain. The presence of the Azure AD DS Managed domain in the question was intentionally to cause doubt in the reader. It's a poorly written question designed to throw you off.
upvoted 1 times
...
Leocan
1 year, 1 month ago
Selected Answer: B
B is correct because the machines are joined to the on-prem domain rather than AAD DS.
upvoted 1 times
...
Sledgehammer
1 year, 6 months ago
No, devices are joined to local domain. Only GPO in local domain will apply. AADDS has GPO but will not apply.
upvoted 5 times
...
spool
1 year, 6 months ago
Selected Answer: B
B is correct, If you read the question again it says Personal Desktops that are controlled via intune, ADDS joined are workgroup machines and do not recieve GPO,
upvoted 2 times
...
MJFT
1 year, 6 months ago
Selected Answer: A
Azure AD DS replicates identity information from Azure AD, so it works with Azure AD tenants that are cloud-only, or synchronized with an on-premises AD DS environment https://learn.microsoft.com/en-us/azure/active-directory-domain-services/overview
upvoted 1 times
...
MJFT
1 year, 7 months ago
Selected Answer: A
Azure AD DS includes built-in GPOs for the AADDC Users and AADDC Computers containers. You can customize these built-in GPOs to configure Group Policy as needed for your environment. https://learn.microsoft.com/en-us/azure/active-directory-domain-services/manage-group-policy
upvoted 1 times
...
feeneymi
1 year, 7 months ago
Selected Answer: B
Azure AD DS does have GPO functionality but the hosts are not joined to this domain, they are joined to the on premise domain. Both these domains are unique and operate there own set of GPOs so the correct answer is B (NO)
upvoted 1 times
MJFT
1 year, 7 months ago
Azure AD DS includes built-in GPOs for the AADDC Users and AADDC Computers containers. You can customize these built-in GPOs to configure Group Policy as needed for your environment. https://learn.microsoft.com/en-us/azure/active-directory-domain-services/manage-group-policy
upvoted 1 times
...
...
Seijkoh
1 year, 9 months ago
Selected Answer: B
It's hybrid joined to the onprem domain and not to the Azure AD DS domain so this is not going to do anything.
upvoted 1 times
...
afbnfz
1 year, 9 months ago
Selected Answer: A
I'm saying Yes this does meet the goal. Because, according to MS, "In a hybrid environment, group policies configured in an on-premises AD DS environment aren't synchronized to Azure AD DS. To define configuration settings for users or computers in Azure AD DS, edit one of the default GPOs or create a custom GPO." - https://docs.microsoft.com/en-us/azure/active-directory-domain-services/manage-group-policy
upvoted 3 times
...
alfonsodisalvo
1 year, 10 months ago
Selected Answer: A
Answer is A
upvoted 2 times
...
benj180
1 year, 10 months ago
Selected Answer: A
Its A. Hybrid joined so GPOs will apply.
upvoted 2 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in

Claim Offer Now
286 people claimed it in the last 6 hours