For some reason I'm struggling to get my head around Intune scopes. I've been Intune admin for quite a while with a large Intune environment, but now I've been tasked with enrolling a large number of devices from another site which another team will manage. Is this correct:

• I will create two scopes, Scope A and Scope B.
• I will create a dynamic group that contains all of my devices (Scope A), and a dynamic group that contains all of their devices (Scope B).
• My admin role will have the Scope (Groups) set to the Scope A dynamic group, the role for the other team will be set for Scope B dynamic group.

If they were to create a config profile with Scope B tag and accidentally assigned it to "All Devices" (or another group that contained some of my Scope A devices), would my Scope A devices still get the profile?

I spoke to Intune support about this and it sounded like Scope B admins could still impact my Scope A devices.