AZ-104 Certification Notes
Chapter 3.2 - AD Registered Devices
Azure AD Registered Devices
- Definition
- Registered to Azure AD without requiring organizational account to sign in to the device
- Primary audience
- Bring your own device (BYOD), Mobile devices
- Device ownership
- User or Organization
- Operating Systems
- Windows 10/11, iOS, Android, and macOS
- Provisioning
- Windows 10 or newer – Settings
- iOS/Android – Company Portal or Microsoft Authenticator app
- MacOS – Company Portal
- Linux - Intune Agent
- Device sign in options
- End-user local credentials, Password, Windows Hello, PIN
- Biometrics or Pattern for other devices
- Device management
- Mobile Device Management (example: Microsoft Intune)
- Mobile Application Management
- Key capabilities
- SSO to cloud resources
- Conditional Access when Enrolled into Intune
- Conditional Access via App protection policy
- Enables Phone sign in with Microsoft Authentication app
Practice Quiz
-
What is the primary audience of Azure AD Registered Devices? (Choose 2)
- Cloud only organizations
- Hybrid organizations
- Bring your own device (BYOD)
- Mobile devices
-
What is the provisioning for Azure AD Registered Devices? (Choose 3)
- MacOS
- Windows 7, 8.1
- iOS/Android
- Windows 10
- Linux
-
What is NOT a key capability of Azure AD Registered Devices?
- Conditional Access when Enrolled into Intune
- SSO to cloud resources
- More control over the physical securities of the work environment
- Enables Phone sign in with Microsoft Authenticator app
-
What are Azure AD Registered Devices?
- Registered to Azure AD without requiring an organizational account to sign in to the device.
-
What is SSO?
- Single sign-on means a user doesn’t have to sign in to every application they use. The user logs in once and that credential is used for other apps too.