MD-102 - Endpoint Administrator
Course Duration: 40 Hours
Delivery Methods: Classroom Training - Instructor Led or Online
COURSE OVERVIEW
In this course, students will learn to plan and execute an endpoint deployment strategy using contemporary deployment techniques and implementing update strategies. The course introduces essential elements of modern management, co-management approaches, and Microsoft Intune integration. It covers app deployment, management of browser-based applications, and key security concepts such as authentication, identities, access, and compliance policies. Technologies like Azure Active Directory, Azure Information Protection, and Microsoft Defender for Endpoint are explored to protect devices and data.
WHO SHOULD ATTEND?
The Microsoft 365 Endpoint Administrator is responsible for deploying, configuring, securing, managing, and monitoring devices and client applications in a corporate setting. Their duties include managing identity, access, policies, updates, and apps. They work alongside the M365 Enterprise Administrator to develop and execute a device strategy that aligns with the requirements of a modern organization. Microsoft 365 Endpoint Administrators should be well-versed in M365 workloads and possess extensive skills and experience in deploying, configuring, and maintaining Windows 11 and later, as well as non-Windows devices. Their role emphasizes cloud services over on-premises management technologies.
COURSE PREREQUISITES
- The Modern Desktop Administrator must be familiar with M365 workloads and must have strong skills and experience of deploying, configuring, and maintaining Windows 11 and later, and non-Windows devices.
Course Outline
- Examine benefits of modern management
- Examine the enterprise desktop life-cycle model
- Examine planning and purchasing
- Examine desktop deployment
- Plan an application deployment
- Plan for upgrades and retirement
- Examine Windows client editions and capabilities
- Select client edition
- Examine hardware requirements
- Examine RBAC and user roles in Azure AD
- Create and manage users in Azure AD
- Create and manage groups in Azure AD
- Manage Azure AD objects with PowerShell
- Synchronize objects from AD DS to Azure AD
- Describe Azure AD join
- Examine Azure AD join prerequisites limitations and benefits
- Join devices to Azure AD
- Manage devices joined to Azure AD
- Deploy the Microsoft Configuration Manager client
- Monitor the Microsoft Configuration Manager client
- Manage the Microsoft Configuration Manager client
- Manage mobile devices with Intune
- Enable mobile device management
- Explain considerations for device enrollment
- Manage corporate enrollment policy
- Enroll Windows devices in Intune
- Enroll Android devices in Intune
- Enroll iOS devices in Intune
- Explore device enrollment manager
- Monitor device enrollment
- Manage devices remotely
- Explore Intune device profiles
- Create device profiles
- Create a custom device profile
- Monitor device profiles in Intune
- Manage device sync in Intune
- Manage devices in Intune using scripts
- Examine user profile
- Explore user profile types
- Examine options for minimizing user profile size
- Deploy and configure folder redirection
- Sync user state with Enterprise State Roaming
- Configure Enterprise State Roaming in Azure
- Examine mobile application management
- Examine considerations for mobile application management
- Prepare line-of-business apps for app protection policies
- Implement mobile application management policies in Intune
- Manage mobile application management policies in Intune
- Deploy applications with Intune
- Add apps to Intune
- Manage Win32 apps with Intune
- Deploy applications with Configuration Manager
- Deploying applications with Group Policy
- Assign and publish software
- Explore Microsoft Store for Business
- Implement Microsoft Store Apps
- Update Microsoft Store Apps with Intune
- Assign apps to company employees
- Manage apps with Intune
- Manage Apps on non-enrolled devices
- Deploy Microsoft 365 Apps with Intune
- Additional Microsoft 365 Apps Deployment Tools
- Configure Microsoft Edge Internet Explorer mode
- App Inventory Review
- Explore Windows Hello for Business
- Deploy Windows Hello
- Manage Windows Hello for Business
- Explore Azure AD identity protection
- Manage self-service password reset in Azure AD
- Implement multi-factor authentication
- Enable access to organization resources
- Explore VPN types and configuration
- Explore Always On VPN
- Deploy Always On VPN
- Protect access to resources using Intune
- Explore device compliance policy
- Deploy a device compliance policy
- Explore conditional access
- Create conditional access policies
- Report enrolled devices inventory in Intune
- Monitor and report device compliance
- Build custom Intune inventory reports
- Access Intune using Microsoft Graph API
- Explore Windows Information Protection
- Plan Windows Information Protection
- Implement and use Windows Information Protection
- Explore Encrypting File System in Windows client
- Explore BitLocker
- Explore Microsoft Defender for Endpoint
- Examine key capabilities of Microsoft Defender for Endpoint
- Explore Windows Defender Application Control and Device Guard
- Explore Microsoft Defender Application Guard
- Examine Windows Defender Exploit Guard
- Explore Windows Defender System Guard
- Explore Windows Security Center
- Explore Windows Defender Credential Guard
- Manage Microsoft Defender Antivirus
- Manage Windows Defender Firewall
- Explore Windows Defender Firewall with Advanced Security
- Explore Microsoft Defender for Cloud Apps
- Planning Microsoft Defender for Cloud Apps
- Implement Microsoft Defender for Cloud Apps
- Examine deployment guidelines
- Explore readiness tools
- Assess application compatibility
- Explore tools for application compatibility mitigation
- Prepare network and directory for deployment
- Plan a pilot
- Evaluate traditional deployment methods
- Set up the Microsoft Deployment Toolkit for client deployment
- Manage and deploy images using the Microsoft Deployment Toolkit
- Explore client deployment using Configuration Manager
- Examine deployment components of Configuration Manager
- Manage client deployment using Configuration Manager
- Plan in-place upgrades using Configuration Manager
- Use Autopilot for modern deployment
- Examine requirements for Windows Autopilot
- Prepare device IDs for Autopilot
- Implement device registration and out-of-the-box customization
- Examine Autopilot scenarios
- Troubleshoot Windows Autopilot
- Examine subscription activation
- Deploy using provisioning packages
- Use Windows Configuration Designer
- Use Azure AD join with automatic MDM enrollment
- Explore using co-management to transition to modern endpoint management
- Examine prerequisites for co-management
- Evaluate modern management considerations
- Evaluate upgrades and migrations in modern transitioning
- Migrate data when modern transitioning
- Migrate workloads when modern transitioning
- Explore Windows 365
- Configure Windows 365
- Administer Windows 365
- Examine Azure Virtual Desktop
- Explore Azure Virtual Desktop
- Configure Azure Virtual Desktop
- Administer Azure Virtual Desktop
Dates & Times | |
---|---|
1 | December 09 08:00 - 15:45 |
2 | December 11 08:00 - 15:45 |
3 | December 13 08:00 - 15:45 |
4 | December 16 08:00 - 15:45 |
5 | December 18 08:00 - 15:45 |
6 | December 20 08:00 - 15:45 |
* Actual dates may vary.