IT Training

MD-102 – Microsoft 365 Endpoint Administrator

In this course, students will learn to plan and execute an endpoint deployment strategy using contemporary deployment techniques and implementing update strategies. The course introduces essential elements of modern management, co-management approaches, and Microsoft Intune integration. It covers app deployment, management of browser-based applications, and key security concepts such as authentication, identities, access, and compliance policies. Technologies like Microsoft Entra ID, Azure Information Protection, and Microsoft Defender for Endpoint are explored to protect devices and data. The Microsoft 365 Endpoint Administrator is responsible for deploying, configuring, securing, managing, and monitoring devices and client applications in a corporate setting. They should be well-versed in M365 workloads and possess extensive skills and experience in deploying, configuring, and maintaining Windows 11 and later, as well as non-Windows devices. Their role emphasizes cloud services over on-premises management technologies

Who should attend this course?

The Microsoft 365 Security administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and to ensures that the solutions comply with the policies and regulations of the organization.     This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance.     The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and hybrid environments. This role has strong skills and experience with identity protection, information protection, threat protection, security management and data governance.

Prerequisites

Learners should start this course already having the following skills:

Basic conceptual understanding of Microsoft Azure.
Experience with Windows 10 devices.
Experience with Office 365.
Basic understanding of authorization and authentication.
Basic understanding of computer networks.
Working knowledge of managing mobile devices.

Manage Azure Active Directory identities

This module enables you to handle Azure AD tasks, including RBAC, user/group management, PowerShell cmdlets, and AD
DS object synchronization. You’ll effectively utilize and manage Azure AD in your organization after completing this
module.

  • Examine RBAC and user roles in Azure AD
  • Create and manage users in Azure AD
  • Create and manage groups in Azure AD
  • Manage Azure AD objects with PowerShell
  • Synchronize objects from AD DS to Azure AD

Manage device authentication

In this module, you learn about device authentication and management in Azure Active Directory. MD-102

  • Describe Azure AD join
  • Examine Azure AD join prerequisites limitations and benefits
  • Join devices to Azure AD
  • Manage devices joined to Azure AD

Enroll devices using Microsoft Intune

Students will learn how to configure and setup Intune to more easily manage Windows, Android, and iOS devices.

  • Manage mobile devices with Intune
  • Enable mobile device management
  • Explain considerations for device enrollment
  • Manage corporate enrollment policy
  • Enroll Windows devices in Intune
  • Enroll Android devices in Intune
  • Enroll iOS devices in Intune
  • Explore device enrollment manager
  • Monitor device enrollment
  • Manage devices remotely

Execute device profiles

Students learn about the various types of device profiles, and how to create and manage them.

  • Explore Intune device profiles
  • Create device profiles
  • Create a custom device profile

Oversee device profiles

This module introduces students to monitoring profiles to ensure correct assignments and resolving conflicts when
multiple profiles are applied.

  • Monitor device profiles in Intune
  • Manage device sync in Intune
  • Manage devices in Intune using scripts

Execute mobile application management

This module introduces Mobile Application Management (MAM). Students will learn about considerations for implementing
MAM and will be introduced to the management of MAM using Intune and Configuration Manager.

  • Examine mobile application management
  • Examine considerations for mobile application management
  • Prepare line-of-business apps for app protection policies
  • Implement mobile application management policies in Intune
  • Manage mobile application management policies in Intune

Deploy and update applications

In this module, you’ll master deploying applications using Intune, Configuration Manager, Group Policy, and Microsoft
Store Apps. These powerful tools and techniques will equip you to manage and maintain diverse applications across
your organization effectively.

  • Deploy applications with Intune
  • Add apps to Intune
  • Manage Win32 apps with Intune
  • Assign and publish software
  • Explore Microsoft Store for Business
  • Implement Microsoft Store Apps
  • Update Microsoft Store Apps with Intune
  • Assign apps to company employees

Administer endpoint applications

In this module, you’re introduced to managing apps on Intune managed devices. The module will then conclude with an
overview of how to use IE Mode with Microsoft Edge.

  • Manage apps with Intune
  • Manage Apps on non-enrolled devices
  • Deploy Microsoft 365 Apps with Intune
  • Additional Microsoft 365 Apps Deployment Tools
  • Configure Microsoft Edge Internet Explorer mode
  • App Inventory Review

Protect identities in Azure Active Directory

This module introduces students to the various authentication methods used to protect identities.

  • Explore Windows Hello for Business
  • Deploy Windows Hello
  • Manage Windows Hello for Business
  • Explore Azure AD identity protection
  • Manage self-service password reset in Azure AD
  • Implement multi-factor authentication

Implement device compliance

This module describes how to use compliance and conditional access policies to help protect access to organizational
resources.

  • Protect access to resources using Intune
  • Explore device compliance policy
  • Deploy a device compliance policy
  • Explore conditional access
  • Create conditional access policies

Generate inventory and compliance reports

This module describes how to use Microsoft Endpoint Manager and Power BI to create compliance and custom reports.

  • Report enrolled devices inventory in Intune
  • Monitor and report device compliance
  • Build custom Intune inventory reports
  • Access Intune using Microsoft Graph API

Deploy device data protection

This module describes how you can use Intune to create and manage WIP policies that manage this protection. The
module also covers implementing BitLocker and Encrypting File System.

  • Explore Windows Information Protection
  • Plan Windows Information Protection
  • Implement and use Windows Information Protection
  • Explore Encrypting File System in Windows client
  • Explore BitLocker

Manage Microsoft Defender for Endpoint

This module explores using Microsoft Defender for Endpoint to provide additional protection and monitor devices
against threats.

  • Explore Microsoft Defender for Endpoint
  • Examine key capabilities of Microsoft Defender for Endpoint
  • Explore Windows Defender Application Control and Device Guard
  • Explore Microsoft Defender Application Guard
  • Examine Windows Defender Exploit Guard
  • Explore Windows Defender System Guard

Deploy Devices using Windows Autopilot

Use Autopilot to deploy new hardware or refreshing an existing hardware with the organization’s desired
configuration, without using the traditional imaging process.

  • Use Autopilot for modern deployment
  • Examine requirements for Windows Autopilot
  • Prepare device IDs for Autopilot
  • Implement device registration and out-of-the-box customization
  • Examine Autopilot scenarios
  • Troubleshoot Windows Autopilot

Practical information

Duration

Publish

Languages

FR/NL

Price

€ 2 250 + 21% VAT

Location

Classroom Courses

Schedule

Guaranteed to run

Sessions in English
Contact us for more infoBook
Sessions in Dutch
27-31/01/2025Book
07-11/04/2025Book
06-10/10/2025Book
01-05/12/2025Book
Sessions in French
17-21/02/2025Book
12-16/05/2025Book
15-19/09/2025Book
24-28/11/2025Book

Share this course on

Book your training

Enter your information to confirm your booking.

    Prerequisite test

    Looking for a tailor made solution?