Windows 10 (MD-100) Interview Questions

  1. Home
  2. Windows 10 (MD-100) Interview Questions
MD-100 Interview Questions

In Windows 10 MD-100, managers who deploy, configure, secure, administer, and monitor devices and client applications in an enterprise setting are candidates for this test. Candidates are in charge of their own identification, access, policies, updates, and applications.

Candidates for the position of administrator usually work with the Microsoft 365 enterprise administrator to plan and implement a device strategy that fits the business demands of a modern corporation.

Candidates should be knowledgeable with Microsoft 365 workloads and have knowledge of how to deploy, configure, and support Windows Client and non-Windows devices and technologies.

1.) What are the steps involved in the deployment process?

The steps followed in the deployment process are as follows-

Step 1: Assess your device and app compatibility. To ensure a successful rollout, you must first inventory your devices and apps and check for compatibility using Microsoft tools.

Step 2: Examine the state of your directory and network. For identity and access management, you’ll need to set up Azure Active Directory, as well as prepare your network for the movement of system images, application packages, user files, and updates.

Step 3: Make Office and business apps available. Click-to-Run installation technology is used by Microsoft 365 Apps and Office 2019 clients, and you may want to make a variety of UWP or MSIX-based business apps available as well. Plan for Office and app delivery, whether your apps are Click-to-Run, MSIX, traditional MSI, or Universal Windows Platform (UWP) programs via the Microsoft Store.

Step 4: Migrate user data and preferences. In any PC replacement or refresh project, ensuring that users’ files, data, and settings migrate smoothly and are retained throughout the migration is crucial. Traditional solutions such as the User State Migration Tool and the Microsoft Deployment Toolkit are available, as well as more current options such as a OneDrive Known Folder Move.

Step 5: Make sure your security and compliance settings are up to date. Organizations can take advantage of security enhancements not available in previous Windows versions by upgrading to Windows 10 and Microsoft 365 Apps. Securing and protecting endpoints, identity, and data is vital, whether using Windows 10’s built-in capabilities with virtualization-based security or cloud services like Microsoft Defender for Endpoint.

Step 6: Install, upgrade, and migrate your operating system. Microsoft Endpoint Configuration Manager, for example, can aid in the automation and control of OS deployments. Microsoft suggests staged deployments, with a representative set of hardware and software first targeted and deployed to an early adopter group in your organization. You may then use the information from those devices and users to expand your deployment by targeting other PCs.

Step 7: Research different types of service models. You can manage Windows and Office as a service with Windows 10 and Microsoft 365 Apps, providing new capabilities, experiences, and protections to your end-users. In the fall and spring of each year, semi-annual feature upgrades bring new capabilities, while monthly cumulative quality updates contain security, reliability, and bug fixes.

Step 8: Instruct users on how to use new features. It’s vital to communicate with and train users about new features in Office, Windows, and other business programs and services if you want to see improvements in how people use them.

2.) What is Desktop Analysis?

Desktop Analytics is a comprehensive inventory solution that inventories machines, apps, and Office add-ins across your desktop estate without the use of agents. It’s our go-to tool for determining your company’s readiness. Once Upgrade Readiness is complete, you can enroll any Internet-connected Windows 7 SP1 or newer device to begin collecting diagnostic data using Group Policy settings. From prototype through production deployment, the tool’s visual workflow will help you. You can export data to software deployment tools like Configuration Manager to directly target PCs and build device collections as they become ready for deployment if you like.

3.) What is Readiness Toolkit for Office add-ins and Microsoft Visual Basic for Applications (VBA)?

The Readiness Toolkit can assist you in identifying compatibility issues with your Office VBA macros and add-ins. The Readiness Report Creator is part of the Readiness Toolkit, and it provides an Excel report with VBA macro compatibility and add-in readiness data. For Office versions as far back as Office 2003, the Readiness Report Creator can scan for VBA macros in Word, Excel, PowerPoint, Outlook, Access, Project, Visio, and Publisher files. It can also look for specific types of Office add-ins. It does not, however, include web add-ons.

The Microsoft Download Center offers the Readiness Toolkit for Office for free. After installing the MSI file, you can execute the Readiness Report Creator on a device by completing a UI wizard. There is also a standalone executable for organizational use that can be run from the command line or used with scripts.

4.) What are the steps involved in implementing the device and app readiness process?

To prepare for device and application readiness, follow these four steps:

  • Take an inventory
  • Prioritize apps and hardware
  • Test updates for compatibility
  • Remediate issues

5.) What is the Desktop App Assure program, and how does it work?

The Desktop App Assure program offers free consultation and remediation services to help you move your applications to Windows 10. When purchasing any of the Windows 10 or Microsoft 365 qualified services, the program is available through the FastTrack Center. If a valid application issue arises during the deployment of Windows 10 or Microsoft 365 Apps, a FastTrack specialist will work with you to provide advice on how to resolve the incompatibility.

App inventory and testing are not supported by the Desktop App Assure program. As part of your device and app preparedness, this should be done. Creating an app catalog and verifying those apps on Windows 10 and Microsoft 365 Apps is the responsibility of organizations. FastTrack also does not offer aid in determining compatibility or support statements for third-party ISV apps. FastTrack, on the other hand, will offer Desktop App Assure and support for compatibility blockers that target a supported version of Windows 10 and Microsoft 365 Apps.

6.) Introduce to directory and network readiness?

The readiness of your directory and network is a critical step in the deployment of your operating system and desktops. Your network must be capable of simultaneously sending huge files to hundreds or thousands of PCs. It’s critical to ensure that users can access file shares, that files and settings are accessible, and that your network isn’t overburdened, as with any automated deployment.

You’ll set up cloud-based identification with Azure Active Directory as part of your migration to Windows 10 and Microsoft 365 Apps (Azure AD). This is required for the activation of Microsoft 365 Apps as well as the use of contemporary provisioning technologies such as Windows Autopilot. We’ll look at the tools and alternatives for getting your directory services and network ready for deployment in this module.

7.) What is Add Azure Active Directory?

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management solution, allowing end-users to access both internal and external resources. By mandating multi-factor authentication for internal assets and protecting user identities and credentials, Azure AD manages access to your apps and app resources. Users may sign in and activate their apps using Azure AD, and you can use Microsoft Intune or Windows Autopilot to automate the deployment of apps and policies.

You’re already utilizing Azure AD if your company employs services like Exchange Online or SharePoint Online, Microsoft Intune, or other Microsoft online services. If you don’t have Azure AD yet but do have on-premises directories, you can use the Azure AD Connect tool to connect Azure AD to your on-premises directories. This allows your users to access both on-premises and cloud resources with a single identity.

8.) What do you understand by network readiness components?

When it comes to preparing your network for a deployment, you must take into account all of the components that affect bandwidth. The following are the most crucial considerations:

Imaging and software installation on the computer
Updates to software
Individualization of the user
Imaging and app installation on a computer. Plan for 4 GB per PC for Windows images with no customization; customized images with programs will require 6 GB or more. You may also need to think about driver packages, which might be anything from a few hundred megabytes to 1 GB per PC.

Other factors that can affect your network capacity include the initial installation of Office apps and any language support for multilingual deployments (of Office or Windows).

Updates to the software. Microsoft 365 Apps and Windows 10 use a new maintenance approach that delivers monthly and semi-annual upgrades.

The new servicing model comprises twice-yearly feature upgrades for Windows, semi-annual channel updates for Office, and monthly quality updates for Windows and Office.

Feature upgrades typically range from 2 to 4 GB in capacity, whereas Office semi-annual channel updates are 300 to 400 MB in size. Monthly quality updates can be anywhere from a few hundred megabytes to over a gigabyte in size, as they are cumulative and grow in size over the course of each Windows 10 version’s service lifetime. Microsoft provides methods to help limit the amount of data that must be transmitted over the network in order to install updates.

Personalization of the user experience. As part of the PC refresh or replacement process, plan network bandwidth to allow recovering user files, settings, and programs. These products often total more than 20 GB per PC, and for certain people, they may total more than 100 GB.

If you have users who will access corporate resources from a distance, you’ll want to think about the bandwidth requirements for remote access now and in the future. Depending on your company’s policies, the amount of bandwidth required varies. Always-on VPN and Remote Desktop Services are two types of remote access.

Always On VPN for Remote Access – Always On VPN is a single, unified solution for remote access. Devices that are domain-joined, non-domain-joined (workgroup), or Azure AD–joined, as well as personally-owned devices, are supported.

Remote Desktop Services – Virtualized applications, secure mobile, and remote desktop access, and cloud-based apps and desktops are all supported by Remote Desktop Services. Depending on your RDS arrangement, all of them use bandwidth.

9.) Give an introduction to Office and business app delivery.

Windows 10 comes with a variety of apps, ranging from system apps that help the operating system to provisioned apps that are loaded the first time your customers boot up Windows.

Windows 10 supports the following categories of applications:

  • Apps for Windows. There are two types of Windows applications:
  • Apps for the operating system. Installed applications in the C: Windows directory. These programs are necessary for the operation of the operating system.
  • Other applications. Installed applications in C: Program Files WindowsApps. These other apps are divided into two categories:
  • Provisioned: The first time a user checks in, it is installed in a new user account.
  • Installed: As part of the operating system.
  • Apps for the Universal Windows Platform (UWP). These programs are built to run on a variety of platforms, including the Windows client, Windows Phone, and Xbox. Not all Windows apps are UWP apps, and not all UWP apps are Windows apps.
  • Apps that are “Win32” in nature. These apps are standard Windows programs.
  • While some apps are only accessible in 32-bit or 64-bit compiled versions, others, such as Microsoft 365 Apps, provide natively compiled code in both 32-bit and 64-bit. As long as you don’t have 32-bit dependencies, utilize the 64-bit version to take advantage of extra computing power and RAM on new devices (discovered during the device and app readiness step). All 64-bit versions of programs, including Microsoft Office, run best and are the most future-proof option.

10.) How to install or upgrade Microsoft 365 Apps?

Microsoft 365 Apps can be deployed in a variety of ways:

Use Click-to-Run technology to deploy Office.

  • Click-to-Run, which replaces MSI-based packaging in earlier Office deployments, is used to install both Microsoft 365 Apps and Office 2019. In comparison to prior techniques, click-to-run allows for speedier installation, faster and more efficient upgrading, and cleaner uninstalling. Click-to-Run programs are installed in a virtual application environment on your computer. They cohabit peacefully with other apps. They also take up half the space on your hard drive as an MSI-based bundle.

Use the Office Deployment Tool to set up Office.

  • The Office Deployment Tool (also known as the Office Customization Tool) is the Office setup engine that downloads, configures, and customizes your Office apps. You can use this tool to customize the applications and languages that will be installed, as well as the method for upgrading them, application preferences, and the installation experience.

Microsoft Endpoint Configuration Manager is used to deploy Office.

  • Configuration Manager may be used to deploy Microsoft 365 Apps to a large number of users. Native support for the new Office Customization Tool, package customization for Click-to-Run at install time, and native support for software update management after installation are all available in Configuration Manager.

Use Intune to deploy Office.

  • You can assign Microsoft 365 Apps applications to Windows 10 devices if your company utilizes Microsoft Intune. Microsoft 365 Apps are supported by Intune in both 32-bit and 64-bit versions.

11.) What are the methods of delivering business apps?

There are several options for delivering business apps.

MSI-based application bundles

Windows 10 uses MSI-based packages for business apps and installs them as part of an OS deployment task sequence. MSI-packaged apps can also be delivered using software deployment tools like Microsoft Endpoint Configuration Manager (MCEM) and Microsoft Intune. After your apps have been validated on Windows 10, you may use MECM to deliver them. Microsoft Intune’s enterprise site can expand the list of IT-approved apps available to include the most recent apps, and you can self-select what you require.

PC Imaging 

PC imaging is another popular form of program delivery, in which apps are either deployed through a task sequence or manually on a test PC. After that, you take a system image with all of the necessary apps installed. When provisioning new PCs, the imaging approach to construct and capture might save time, but keep in mind that OS systems and software within the image can quickly become stale. The cumulative update model in Windows 10 and Microsoft 365 Apps helps, but it doesn’t totally solve the problem. That’s why Microsoft advises using a thin image strategy, in which your programs are installed at deployment time from outside the image. If you wish to incorporate Microsoft 365 Apps in your picture, keep in mind that Office is activated by users and cannot be re-activated by the system administrator.

Sideloading Business apps

You deploy a signed app bundle to a device when you sideload an app. You’re in charge of app signing, hosting, and deployment. Although sideloading was accessible in previous Windows versions, the process with Windows 10 is a little different:

  • An enterprise policy or Settings can be used to unlock a device for sideloading.
  • It is not necessary to have a license key.
  • Devices do not need to be part of a domain.
  • Apps that run in the browser
  • If you’re using browser-based apps, double-check that they continue to function properly following the upgrade. As you learned in the previous section, Examine your device and app preparedness; if you have certain websites or apps that aren’t compatible with Microsoft Edge, you may add them to the Enterprise Mode Site List Manager. This will ensure that websites will open in Internet Explorer 11 automatically.

12.) How to package your business app for the Microsoft Store?

Store apps can be created as Universal Windows Platform (UWP) apps, or you can repackage old programs for the store and add current Windows 10 experiences. Your apps will continue to run in full-trust user mode with no changes.

MSIX, which uses containerization technology in Windows, is a new alternative for program packaging utilized by the Microsoft Store. Containerization entails a complete package uninstall and removal. It also implies that users simply need ordinary user credentials to install apps – MSIX containers do not require administrator privileges.

Before you submit your desktop app to the store, make sure to go over all of the app’s criteria and address any difficulties that arise.

13.) Explain What are the primary, secondary, and stub zones in a Windows DNS server?

The DNS (Domain Name System) Server is a system that automates the name resolving process in DNS. DNS servers are made up of files called zone files that let them resolve names to IP addresses and vice versa.

  • Primary Zone: A file will be saved as a normal text file with the extension “.dns” in this zone.
  • Secondary Zone: It keeps and maintains a read-only copy of the zone database data in another supported DNS server in this zone. It also serves as a backup server for the primary server, with fault tolerance and load balancing capabilities.
  • Stub Zone: A copy of all name servers and SOA records is stored in this zone, which is used to minimise DNS search orders.

14.) What is Active Directory, and what does it do?

Active Directory (AD) is a directory developed by Microsoft that is used to store objects (for example, user information, computer, printer, and network information). Active Directory also provides to manage computer networks effectively with multiple Domain Controllers in different locations with Active Directory databases that are able to manage/change AD from any Domain Controller and those will be replicated to all other DC’s, centralized Administration with multiple Domain Controllers in different locations with Active Directory databases that are able to manage/change AD from any Domain Controller and those will.

15.) What is the SYSVOL folder?

It is a collection of files and folders that are replicated by the FRS and stored on the local hard disc of each domain controller in the domain ( File Replication Service). These files include information on group or user policies.

16.) Describe the distinction between a thread and a computer process.

A computer process is an instance of a computer program that is performed sequentially by a computer system that can run many computer programs at the same time.

A thread is a collection of executable programs that work as a single process. For example, one thread may convey an error message to the user, while another handles error signals, and a third thread performs the original action.

17.) Describe the location of the AD database.

AD database is saved in %systemroot%/ntds. Files that control the AD structure are

  • ntds.dit
  • edb.log
  • res1.log
  • res2.log
  • edn.chk

18.) What are the benefits and drawbacks of using DHCP?

The benefit is that the DHCP server automatically configures all IP addresses; however, the disadvantage is that when you obtain a new IP address, the machine name remains the same due to its association with the IP address. It’s not a major issue, but it becomes one when someone tries to access the machine by its name.

19.) Do you have any experience with monitoring?

Yes, a system administrator’s primary responsibility is to monitor; he or she handles all access privileges and server space, with the security of user accounts being one of the most critical considerations. An administrator must also ensure that the user’s actions do not compromise the server’s integrity in any way.

20.) What is the meaning of group policy?

All users in the network have expedited access thanks to group policies. It can be used to set security and networking settings for a user. You can preserve control over some functions by using group policy, such as not allowing users to shut down the system, access the control panel, or run commands. Active Directory containers such as OU, site, and domain are all affected by group policy.

21.) How do you distinguish between permission, rights, and policy?

On active directories, such as the site, domain, and OU, “policy” is allocated. Users and groups are given “Rights,” whereas network resources such as files, folders, and printers are given “Permission.”

22.) What are the meanings of DC and ADC?

The Domain Controller is abbreviated as DC, and the Additional Domain Controller is abbreviated as ADC. The domain controller’s backup is the ADC.

23.) Communicate the new features and benefits of Microsoft 365.

You can communicate the benefits of the new features to users if you’re adopting Microsoft 365 Apps for the first time. For example, you may explain how OneDrive or SharePoint will make it easier for them to share files, eliminating file branching and enabling real-time co-authoring. You may give instructions and training on new in-app features, such as connecting OneDrive linked files to Outlook or using PowerPoint’s new Morph slide transitions and Designer features. You may show your users new features in Windows 10, such as Windows Hello biometric login, start menu customization, and Timeline to quickly return to what they were working on.

End users can also be educated on some of the more apparent security and compliance procedures. If you utilize Enterprise Mobility + Security and enable multifactor authentication, for example, you’ll need to train your users on how to set it up and what the sign-in experience would be like. Users may easily classify and label documents using Azure Information Protection, but they’ll require training on how to apply the categories effectively.

These are only a few of the elements that consumers will experience, and if you haven’t prepared them, they may be caught off guard. These surprises can result in additional calls and issues for you or your helpdesk, especially if they disrupt your users’ typical routines.

24.) How will you plan a proactive measured rollout?

You might also explore employing deployment rings to restrict the velocity of release within your business, in addition to delivering proactive end-user messages. With phased deployment and deployment rings, you start by deploying to small groups and gradually expand the deployment. Form deployment rings and integrates them in your communication and training plan as you create it. As you open the deployment valve or pause activities as needed, for example, if you receive more helpdesk calls than intended, you may decrease potential risk and validate your method.

It’s best to work with business divisions and managers to construct deployment rings. Stakeholder buy-in might make it easier to get people on board and comfortable with any changes that are coming.

Phase 1: Early adopters and the IT staff

You can use these “insiders” to test communications, change impacts, and the success of your training. During this phase, IT runs small pilots to build troubleshooting and automation procedures that will be used in later phases of the rollout.

In this early phase, it’s critical to have engaged members who are documenting their findings and offering feedback to the deployment team. It’s also a good idea to engage champions from outside the IT team to help disseminate word-of-mouth communications about new capabilities; they’ll often be the first point of contact for users in later phases who require assistance. Business unit champions are excellent early adopters because they can help test new features, provide feedback on messaging and training, and push adoption across their whole organization.

Phase 2: Pilot 

It’s especially crucial at this point to convey changes and assist consumers in making use of new capabilities. Users frequently de-prioritize or disregard email or other IT communications; you may wish to meet with management to enlist their assistance in conveying the changes and promoting acceptance. To minimize user interruption, you’ll also want to determine time frames to avoid (based on end-user feedback). For example, at the end of the fiscal quarter, the finance team may be very busy, resulting in a decreased tolerance for change.

Phase 3: Deployment of large-scale production

Processes, communications, training, and self-service tools should all be in place by the time you begin a large-scale deployment. Long after all of your organization’s users have installed Windows 10 and Microsoft 365 Apps, new technology acceptance and adoption continue. End users will not necessarily modify their working habits if the company does not make the effort to instruct them on new features. Communication is a continual process with new servicing models giving new capabilities semi-annually for Windows and potentially monthly for Office.

25.) Review the Windows and Microsoft servicing models

New servicing options, support models, and update timetables are all part of Windows 10 and Microsoft 365 Apps. These modifications make it easier to stay up to date on the latest features. New configuration options provide you with flexible servicing plans in addition to these updates.

Microsoft has shifted away from its previous practice of releasing large waves of change every three years in favor of smaller, more frequent feature and security/quality updates. Due to the rapid evolution of technology trends and security concerns, this update frequency ensures that users’ experiences and protections remain current.

26.) Explain the servicing models for Windows 10 and Microsoft 365 Apps.

There are two types of Windows maintenance updates: feature updates and quality and security updates, which provide cumulative security, reliability, and bug fixes.

The following features are available in both Windows 10 and Microsoft 365 Apps:

  • A semi-annual feature upgrade that introduces new functionality twice a year.
  • A monthly report on quality and security.
  • Additionally, Microsoft offers a fully supported monthly channel option for Office apps, with monthly updates containing both new features and quality updates.

27.) Examine the best servicing procedures.

Microsoft employs servicing channels to enable you to select how frequently your specific devices are updated, which aligns with the new manner of providing the feature and quality upgrades in Windows 10. You can have test devices that the IT department updates as quickly as possible with new features, as well as specialty devices that require a longer feature update cycle to assure continuity.

28.) Expand your validation of security updates.

Builds for Office and Windows are released through the Insider Programs before they are sent out to the general public. The Insider Program gives you early access to update releases so you can test them on your own system before distributing them to the rest of your company. Microsoft also uses Insider Programs to collect diagnostic data and comments before rolling out updates to the general public. This helps to keep update incompatibilities to a minimum.

29.) Simplify feature updates with Windows Update for Business.

Windows Update for Business is a free service that connects Windows 10 devices directly to the Windows Update service, allowing you to keep your devices up to date. Group Policy or MDM solutions, such as Microsoft Intune, can be used to configure Windows Update for Business. To validate fresh releases, you can use Windows Update for Business to set up deployment rings. Windows Server Update Services (WSUS), Configuration Manager (current branch), and Microsoft Intune are among the management tools that have been integrated. Peer-to-peer delivery is also supported by Windows Update for Business, which can aid with bandwidth efficiency and network congestion.

30.) Employ Express Updates for bandwidth management.

When you use a technology like Windows Express Updates, you can dramatically minimize download size. The update engines compare the PC’s present state and only locate the delta required to update it using this method. Express updates have long been supported by Windows Update for Business and Windows Server Update Services, and Configuration Manager has been updated to support them as well.