In this course, students will learn to plan and execute an endpoint deployment strategy using contemporary deployment techniques and implementing update strategies. The course introduces essential elements of modern management, co-management approaches, and Microsoft Intune integration. It covers app deployment, management of browser-based applications, and key security concepts such as authentication, identities, access, and compliance policies. Technologies like Microsoft Entra ID, Azure Information Protection, and Microsoft Defender for Endpoint are explored to protect devices and data. The Microsoft 365 Endpoint Administrator is responsible for deploying, configuring, securing, managing, and monitoring devices and client applications in a corporate setting. They should be well-versed in M365 workloads and possess extensive skills and experience in deploying, configuring, and maintaining Windows 11 and later, as well as non-Windows devices. Their role emphasizes cloud services over on-premises management technologies
MD-102 – Microsoft 365 Endpoint Administrator
Who should attend this course?
The Microsoft 365 Security administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and to ensures that the solutions comply with the policies and regulations of the organization. This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance. The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and hybrid environments. This role has strong skills and experience with identity protection, information protection, threat protection, security management and data governance.
Prerequisites
Learners should start this course already having the following skills:
Basic conceptual understanding of Microsoft Azure.
Experience with Windows 10 devices.
Experience with Office 365.
Basic understanding of authorization and authentication.
Basic understanding of computer networks.
Working knowledge of managing mobile devices.
Manage Azure Active Directory identities
This module enables you to handle Azure AD tasks, including RBAC, user/group management, PowerShell cmdlets, and AD
DS object synchronization. You’ll effectively utilize and manage Azure AD in your organization after completing this
module.
- Examine RBAC and user roles in Azure AD
- Create and manage users in Azure AD
- Create and manage groups in Azure AD
- Manage Azure AD objects with PowerShell
- Synchronize objects from AD DS to Azure AD
Manage device authentication
In this module, you learn about device authentication and management in Azure Active Directory. MD-102
- Describe Azure AD join
- Examine Azure AD join prerequisites limitations and benefits
- Join devices to Azure AD
- Manage devices joined to Azure AD
Enroll devices using Microsoft Intune
Students will learn how to configure and setup Intune to more easily manage Windows, Android, and iOS devices.
- Manage mobile devices with Intune
- Enable mobile device management
- Explain considerations for device enrollment
- Manage corporate enrollment policy
- Enroll Windows devices in Intune
- Enroll Android devices in Intune
- Enroll iOS devices in Intune
- Explore device enrollment manager
- Monitor device enrollment
- Manage devices remotely
Execute device profiles
Students learn about the various types of device profiles, and how to create and manage them.
- Explore Intune device profiles
- Create device profiles
- Create a custom device profile
Oversee device profiles
This module introduces students to monitoring profiles to ensure correct assignments and resolving conflicts when
multiple profiles are applied.
- Monitor device profiles in Intune
- Manage device sync in Intune
- Manage devices in Intune using scripts
Execute mobile application management
This module introduces Mobile Application Management (MAM). Students will learn about considerations for implementing
MAM and will be introduced to the management of MAM using Intune and Configuration Manager.
- Examine mobile application management
- Examine considerations for mobile application management
- Prepare line-of-business apps for app protection policies
- Implement mobile application management policies in Intune
- Manage mobile application management policies in Intune
Deploy and update applications
In this module, you’ll master deploying applications using Intune, Configuration Manager, Group Policy, and Microsoft
Store Apps. These powerful tools and techniques will equip you to manage and maintain diverse applications across
your organization effectively.
- Deploy applications with Intune
- Add apps to Intune
- Manage Win32 apps with Intune
- Assign and publish software
- Explore Microsoft Store for Business
- Implement Microsoft Store Apps
- Update Microsoft Store Apps with Intune
- Assign apps to company employees
Administer endpoint applications
In this module, you’re introduced to managing apps on Intune managed devices. The module will then conclude with an
overview of how to use IE Mode with Microsoft Edge.
- Manage apps with Intune
- Manage Apps on non-enrolled devices
- Deploy Microsoft 365 Apps with Intune
- Additional Microsoft 365 Apps Deployment Tools
- Configure Microsoft Edge Internet Explorer mode
- App Inventory Review
Protect identities in Azure Active Directory
This module introduces students to the various authentication methods used to protect identities.
- Explore Windows Hello for Business
- Deploy Windows Hello
- Manage Windows Hello for Business
- Explore Azure AD identity protection
- Manage self-service password reset in Azure AD
- Implement multi-factor authentication
Implement device compliance
This module describes how to use compliance and conditional access policies to help protect access to organizational
resources.
- Protect access to resources using Intune
- Explore device compliance policy
- Deploy a device compliance policy
- Explore conditional access
- Create conditional access policies
Generate inventory and compliance reports
This module describes how to use Microsoft Endpoint Manager and Power BI to create compliance and custom reports.
- Report enrolled devices inventory in Intune
- Monitor and report device compliance
- Build custom Intune inventory reports
- Access Intune using Microsoft Graph API
Deploy device data protection
This module describes how you can use Intune to create and manage WIP policies that manage this protection. The
module also covers implementing BitLocker and Encrypting File System.
- Explore Windows Information Protection
- Plan Windows Information Protection
- Implement and use Windows Information Protection
- Explore Encrypting File System in Windows client
- Explore BitLocker
Manage Microsoft Defender for Endpoint
This module explores using Microsoft Defender for Endpoint to provide additional protection and monitor devices
against threats.
- Explore Microsoft Defender for Endpoint
- Examine key capabilities of Microsoft Defender for Endpoint
- Explore Windows Defender Application Control and Device Guard
- Explore Microsoft Defender Application Guard
- Examine Windows Defender Exploit Guard
- Explore Windows Defender System Guard
Deploy Devices using Windows Autopilot
Use Autopilot to deploy new hardware or refreshing an existing hardware with the organization’s desired
configuration, without using the traditional imaging process.
- Use Autopilot for modern deployment
- Examine requirements for Windows Autopilot
- Prepare device IDs for Autopilot
- Implement device registration and out-of-the-box customization
- Examine Autopilot scenarios
- Troubleshoot Windows Autopilot
Practical information
Duration
Languages
Price
Location
Schedule
Book your training
Enter your information to confirm your booking.