Microsoft · MD-102
Validates expertise in managing devices and client applications in a Microsoft 365 tenant using Microsoft Intune, implementing endpoint deployment and management solutions across various platforms.
Questions
723
Duration
100 minutes
Passing Score
700/1000
Difficulty
AssociateLast Updated
Jan 2026
Use this MD-102 practice exam to prepare for Microsoft 365 Certified: Endpoint Administrator Associate (MD-102) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 723 questions for Microsoft MD-102, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as Microsoft Intune, Windows Autopilot, Microsoft Defender for Endpoint, Microsoft Entra ID, and Azure Virtual Desktop. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The Microsoft 365 Certified: Endpoint Administrator Associate (MD-102) validates expertise in deploying, configuring, and managing devices and client applications within a Microsoft 365 tenant. Certified professionals demonstrate proficiency with Microsoft Intune, Microsoft Intune Suite, Windows Autopilot, Microsoft Defender for Endpoint, Microsoft Entra ID, Azure Virtual Desktop, Windows 365, and Microsoft Copilot for Security. The exam was last updated on January 23, 2026, consolidating endpoint management into four core domains covering infrastructure preparation, device management, application management, and device protection.
The certification reflects the modern enterprise reality of managing distributed, heterogeneous fleets of endpoints—Windows, iOS, Android, and macOS—across hybrid and remote work environments. It validates the ability to implement Zero Trust-aligned security postures through compliance policies, Conditional Access, security baselines, and Microsoft Defender for Endpoint integration, all managed at scale through cloud-native tooling. Candidates are expected to understand both cloud-native and co-managed endpoint strategies and to collaborate cross-functionally with Microsoft 365 administrators, security teams, and enterprise architects.
This certification is designed for IT professionals working as Endpoint Administrators, Modern Desktop Administrators, Intune Administrators, or Device Management Specialists in organizations running Microsoft 365. Ideal candidates have hands-on experience deploying and managing Windows client devices at scale, administering Microsoft Intune policies, and implementing endpoint security controls. Professionals targeting roles such as Systems Administrator, Cloud Infrastructure Engineer, or IT Security Administrator who work primarily with Microsoft 365 environments will also benefit.
Candidates typically have 1–3 years of experience managing enterprise endpoints and are familiar with Windows client operating systems, device enrollment workflows, application lifecycle management, and identity platforms such as Microsoft Entra ID. Those working in hybrid environments or organizations undergoing digital transformation to cloud-first endpoint management are the primary target for this associate-level credential.
Microsoft does not enforce formal prerequisites for MD-102, but recommends that candidates have working experience with Microsoft Entra ID and Microsoft 365 technologies—particularly Microsoft Intune—before attempting the exam. A solid foundation in deploying, configuring, and maintaining Windows client environments is strongly advised, along with familiarity with non-Windows platforms (iOS, Android, macOS) managed through Intune. Understanding of networking fundamentals, Active Directory, and Group Policy is helpful given the exam's co-management and hybrid identity scenarios.
Practical, hands-on experience is the most critical prerequisite. Candidates with at least six months of direct experience administering endpoints through Microsoft Intune, configuring Conditional Access policies in Microsoft Entra ID, and deploying devices via Windows Autopilot are well positioned for success. Microsoft recommends completing the official instructor-led course MD-102T00-A: Microsoft 365 Endpoint Administrator or equivalent self-paced learning paths on Microsoft Learn prior to sitting the exam.
MD-102 is a proctored exam with a 100-minute time limit, delivered through Pearson VUE either at an authorized testing center or via online proctoring. The exam may include interactive lab-style components in addition to standard question formats such as multiple choice, multiple select, drag-and-drop, and scenario-based case studies. The exact number of questions is not published by Microsoft and varies per exam session. A scaled score of 700 or greater on a scale of 100–1000 is required to pass.
The exam is available in English, Chinese (Simplified), German, Spanish, French, Japanese, and Portuguese (Brazil). Candidates who take the exam in a non-English language may request an additional 30 minutes if their language version lags behind the English update cycle. The certification earned upon passing expires after 12 months and must be renewed annually at no cost through a free online renewal assessment on Microsoft Learn. The exam costs $165 USD, though pricing varies by country and region.
The MD-102 certification positions holders for roles including Endpoint Administrator, Modern Desktop Administrator, Intune Administrator, Systems Administrator, and Cloud Infrastructure Engineer in Microsoft 365 environments. With over 45,000 active job openings in the US market as of early 2026 and 78% of enterprises running Microsoft 365, demand for credentialed endpoint management professionals is strong and growing. According to salary aggregators, certified Endpoint Administrators in the US earn between $85,000 and $145,000 annually depending on experience, geography, and scope of responsibility, with mid-level professionals averaging approximately $95,000–$110,000.
Compared to the MS-102 Microsoft 365 Administrator credential, MD-102 is more narrowly focused on device and endpoint management, making it the preferred credential for professionals specializing in Intune, Autopilot, and endpoint security rather than broader Microsoft 365 administration. The certification's annual renewal requirement ensures that certified professionals stay current with the rapidly evolving Microsoft endpoint management stack. Organizations implementing Zero Trust security architectures and hybrid work strategies place high value on MD-102-certified staff who can manage and secure distributed device fleets across Windows, iOS, Android, and macOS platforms.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 723 questions.
Preview — answers shown1. Alpine Ski House wants to assign an Autopilot deployment profile to devices. What should they do in the profile settings?
Explanation
Setting device name template is part of profile creation. Option A is for exclusions. Option C is white glove. Option D is mode.
2. Litware, an IT consulting firm, needs to manage endpoint privileges for Windows 10 devices to reduce malware risks while allowing users to perform necessary tasks. Which feature in the Microsoft Intune Suite allows granting temporary administrator privileges based on predefined policies?
Explanation
Endpoint Privilege Management in the Microsoft Intune Suite enables controlled granting of temporary administrator privileges for specific tasks, minimizing security risks. Microsoft Tunnel secures access to on-premises resources from mobile devices without full enrollment. Advanced Analytics provides insights into device and app performance but does not manage privileges. App Protection Policies secure data within apps on unmanaged devices but do not handle privilege elevation.
3. Humongous Insurance is setting up MDM and needs to connect their Intune tenant to managed Google Play for Android Enterprise. What must they do first?
Explanation
Binding to managed Google Play connects Intune to Google for Android Enterprise apps. Apple MDM push certificate is for iOS. CNAME records simplify Windows enrollment. Auto-enrollment is for Windows devices.
4. Fabrikam Inc. is troubleshooting an Autopilot deployment and sees error code 80180018 during MDM enrollment. What does this error typically indicate?
Explanation
Error 80180018 indicates a failed MDM enrollment, often due to licensing or configuration issues. Network issues would show differently. Warranty is unrelated. Hardware hash errors appear during import.
5. Tailspin Toys wants to add background images to their MDT boot images for branding. Which component allows this customization?
Explanation
Deployment Workbench enables adding custom backgrounds to boot images. Task sequences automate steps. Windows ADK creates images. Configuration Manager integrates for larger setups.
Microsoft Dynamics 365 Supply Chain Management Functional Consultant Expert (MB-335)
MB-335 · 2039 questions
Microsoft Dynamics 365 Business Central Functional Consultant (MB-800)
MB-800 · 1899 questions
Microsoft Certified: Azure AI Engineer Associate (AI-102)
AI-102 · 1392 questions
Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-801)
AZ-801 · 1376 questions
Microsoft Dynamics 365 Finance Functional Consultant (MB-310)
MB-310 · 1299 questions
Microsoft 365 Certified: Fundamentals (MS-900)
MS-900 · 1201 questions
$17.99
One-time access to this exam