• Cata
  • New member
  • Offline

Topic: AZ-140 topic 4 question 31

Your network contains an on-premises Active Directory domain named contoso.com that syncs to an Azure Active Directory (Azure AD) tenant.
You have an Azure Virtual Desktop host pool named Pool1 that has the following settings:
* Host pool name: Pool1
* Host pool type: Personal
* Number of VMs: 3
The session hosts have the following configurations:
* Image used to create the virtual machines: Windows 10 Enterprise8
* Virtual machines domain-joined to: On-premises contoso.com domain
You need to ensure that you can use Microsoft EndPoint Manager to manage security updates on the session hosts.
What should you do?

A.
Change Host pool type to Pooled and specify Load balancing algorithm as Depth-first.
B.
Change Host pool type to Pooled and specify Load balancing algorithm as Breadth-first.
C.
Create Windows 10 Enterprise multi-session images.
D.
Configure the session hosts as hybrid Azure AD-joined.

Re: AZ-140 topic 4 question 31

Answer D:
https://learn.microsoft.com/en-us/mem/intune/fundamentals/azure-virtual-desktop

Re: AZ-140 topic 4 question 31

Because the Host pool type is Personal.

Re: AZ-140 topic 4 question 31

https://learn.microsoft.com/en-us/mem/intune/fundamentals/azure-virtual-desktop

  • zre
  • New member
  • Offline

Re: AZ-140 topic 4 question 31

The current configuration of the host pool is set to personal, which means each user is assigned to their own dedicated VM. To manage security updates on these session hosts, we need to change the configuration to use Windows 10 Enterprise multi-session images instead.

Windows 10 Enterprise multi-session is a version of Windows 10 Enterprise that is optimized for multiple concurrent users. When using multi-session images, multiple users can share a single VM, which can reduce costs and simplify management. By using multi-session images, we can take advantage of Azure automation to manage security updates on the VMs.

Option A and B are incorrect because changing the host pool type to pooled and specifying load balancing algorithms will not allow you to manage the security updates using Microsoft Endpoint Manager.

Option D is not necessary to manage security updates. Hybrid Azure AD-join is used to allow on-premises devices to access cloud-based resources such as Azure AD and Intune.

Re: AZ-140 topic 4 question 31

This link supports answer C, you didn't provide any proof. https://learn.microsoft.com/en-us/mem/intune/fundamentals/azure-virtual-desktop

Re: AZ-140 topic 4 question 31

I think D is correct because VMs are domain-joined and Host Pool type = Personal
https://learn.microsoft.com/en-us/mem/intune/fundamentals/azure-virtual-desktop

"Currently, for single-session, Intune supports Azure Virtual Desktop VMs that are:
- Running Windows 10 Enterprise, version 1809 or later, or running Windows 11.
- Set up as personal remote desktops in Azure.
- Hybrid Azure AD-joined and enrolled in Intune in one of the following methods:
  > Configure Active Directory group policy to automatically enroll devices that are hybrid Azure AD joined.
  > Configuration Manager co-management.
  > User self-enrollment via Azure AD Join.
- Azure AD-joined and enrolled in Intune by enabling Enroll the VM with Intune in the Azure portal."

  • zdome
  • New member
  • Offline

Re: AZ-140 topic 4 question 31

It's D, read it here in the Prerequisites:

https://learn.microsoft.com/en-us/mem/intune/fundamentals/azure-virtual-desktop

Re: AZ-140 topic 4 question 31

It is not A or B as that is irrelevant. It is not D either as Microsoft EndPoint Manager supports both on-prem and hybrid DC (https://learn.microsoft.com/en-us/azure/virtual-desktop/management). Therefore, C must be correct

Re: AZ-140 topic 4 question 31

No, this does not make sense. Host pool type is 'Personal'. Therefore mulit-session images cannot be used for personal host pool. Correct answer is D