top of page

Microsoft 365 Endpoint Administrator

Duration

Course Code

5 days

MD-102T00

About the Course

In this course, students will learn to plan and execute an endpoint deployment strategy using contemporary deployment techniques and implementing update strategies. The course introduces essential elements of modern management and Microsoft Intune integration. It covers app deployment, management of browser-based applications, and key security concepts such as authentication, identities, access, and compliance policies. Technologies like Microsoft Entra, Windows Autopilot, Microsoft Intune Suite and Microsoft Defender for Endpoint are explored to protect devices and data.


Target Audience

The Microsoft 365 Endpoint Administrator is responsible for deploying, configuring, securing, managing, and monitoring devices and client applications in a corporate setting. Their duties include managing identity, access, policies, updates, and apps. They work alongside the M365 Enterprise Administrator to develop and execute a device strategy that aligns with the requirements of a modern organization. Microsoft 365 Endpoint Administrators should be well-versed in M365 workloads and possess extensive skills and experience in deploying, configuring, and maintaining Windows 11 and later, as well as non-Windows devices. Their role emphasizes cloud services over on-premises management technologies.


Course Pre-requisites

The Modern Desktop Administrator must be familiar with M365 workloads and must have strong skills and experience of deploying, configuring, and maintaining Windows 11 and later, and non-Windows devices.


Course Outline


Module 1 - Explore the Enterprise Desktop

  • Examine benefits of modern management

  • Examine the enterprise desktop life-cycle model

  • Examine planning and purchasing

  • Examine desktop deployment

  • Plan an application deployment

  • Plan for upgrades and retirement


Module 2 - Explore Windows Editions

  • Examine Windows client editions and capabilities

  • Select client edition

  • Examine hardware requirements


Module 3 - Understand Microsoft Entra ID

  • Examine Microsoft Entra ID

  • Compare Microsoft Entra ID and Active Directory Domain Services

  • Examine Microsoft Entra ID as a directory service for cloud apps

  • Compare Microsoft Entra ID P1 and P2 plans

  • Examine Microsoft Entra Domain Services


Module 4 - Manage Microsoft Entra identities

  • Examine RBAC and user roles in Microsoft Entra ID

  • Create and manage users in Microsoft Entra ID

  • Create and manage groups in Microsoft Entra ID

  • Manage Microsoft Entra objects with Microsoft Graph PowerShell

  • Synchronize objects from AD DS to Microsoft Entra ID


Module 5 - Manage device authentication

  • Describe Microsoft Entra join

  • Examine Microsoft Entra join prerequisites limitations and benefits

  • Join devices to Microsoft Entra ID

  • Manage devices joined to Microsoft Entra ID


Module 6 - Enroll devices using Microsoft Configuration Manager

  • Deploy the Microsoft Configuration Manager client

  • Monitor the Microsoft Configuration Manager client

  • Manage the Microsoft Configuration Manager client


Module 7 - Enroll devices using Microsoft Intune

  • Manage mobile devices with Intune

  • Enable mobile device management

  • Explain considerations for device enrollment

  • Manage corporate enrollment policy

  • Enroll Windows devices in Intune

  • Enroll Android devices in Intune

  • Enroll iOS devices in Intune

  • Explore device enrollment manager

  • Monitor device enrollment

  • Manage devices remotely


Module 8 - Execute device profiles

  • Explore Intune device profiles

  • Create device profiles

  • Create a custom device profile


Module 9 - Oversee device profiles

  • Monitor device profiles in Intune

  • Manage device sync in Intune

  • Manage devices in Intune using scripts


Module 10 - Maintain user profiles

  • Examine user profile

  • Explore user profile types

  • Examine options for minimizing user profile size

  • Deploy and configure folder redirection

  • Sync user state with Enterprise State Roaming

  • Configure Enterprise State Roaming in Azure


Module 11 - Execute mobile application management

  • Examine mobile application management

  • Examine considerations for mobile application management

  • Prepare line-of-business apps for app protection policies

  • Implement mobile application management policies in Intune

  • Manage mobile application management policies in Intune


Module 12 - Deploy and update applications

  • Deploy applications with Intune

  • Add apps to Intune

  • Manage Win32 apps with Intune

  • Deploy applications with Configuration Manager

  • Deploying applications with Group Policy

  • Assign and publish software

  • Explore Microsoft Store for Business

  • Implement Microsoft Store Apps

  • Update Microsoft Store Apps with Intune

  • Assign apps to company employees


Module 13 - Administer endpoint applications

  • Manage apps with Intune

  • Manage Apps on non-enrolled devices

  • Deploy Microsoft 365 Apps with Intune

  • Additional Microsoft 365 Apps Deployment Tools

  • Configure Microsoft Edge Internet Explorer mode

  • App Inventory Review


Module 14 - Protect identities in Microsoft Entra ID

  • Explore Windows Hello for Business

  • Deploy Windows Hello

  • Manage Windows Hello for Business

  • Explore Microsoft Entra ID Protection

  • Manage self-service password reset in Microsoft Entra ID

  • Implement multi-factor authentication


Module 15 - Enable organizational access

  • Enable access to organization resources

  • Explore VPN types and configuration

  • Explore Always On VPN

  • Deploy Always On VPN


Module 16 - Implement device compliance

  • Protect access to resources using Intune

  • Explore device compliance policy

  • Deploy a device compliance policy

  • Explore conditional access

  • Create conditional access policies


Module 17 - Generate inventory and compliance reports

  • Report enrolled devices inventory in Intune

  • Monitor and report device compliance

  • Build custom Intune inventory reports

  • Access Intune using Microsoft Graph API


Module 18 - Deploy device data protection

  • Explore Windows Information Protection

  • Plan Windows Information Protection

  • Implement and use Windows Information Protection

  • Explore Encrypting File System in Windows client

  • Explore BitLocker


Module 19 - Manage Microsoft Defender for Endpoint

  • Explore Microsoft Defender for Endpoint

  • Examine key capabilities of Microsoft Defender for Endpoint

  • Explore Windows Defender Application Control and Device Guard

  • Explore Microsoft Defender Application Guard

  • Examine Windows Defender Exploit Guard

  • Explore Windows Defender System Guard


Module 20 - Manage Microsoft Defender in Windows client

  • Explore Windows Security Center

  • Explore Windows Defender Credential Guard

  • Manage Microsoft Defender Antivirus

  • Manage Windows Defender Firewall

  • Explore Windows Defender Firewall with Advanced Security


Module 21 - Manage Microsoft Defender for Cloud Apps

  • Explore Microsoft Defender for Cloud Apps

  • Planning Microsoft Defender for Cloud Apps

  • Implement Microsoft Defender for Cloud Apps


Module 22 - Assess deployment readiness

  • Examine deployment guidelines

  • Explore readiness tools

  • Assess application compatibility

  • Explore tools for application compatibility mitigation

  • Prepare network and directory for deployment

  • Plan a pilot


Module 23 - Deploy using the Microsoft Deployment Toolkit

  • Evaluate traditional deployment methods

  • Set up the Microsoft Deployment Toolkit for client deployment

  • Manage and deploy images using the Microsoft Deployment Toolkit


Module 24 - Deploy using Microsoft Configuration Manager

  • Explore client deployment using Configuration Manager

  • Examine deployment components of Configuration Manager

  • Manage client deployment using Configuration Manager

  • Plan in-place upgrades using Configuration Manager


Module 25 - Deploy Devices using Windows Autopilot

  • Use Autopilot for modern deployment

  • Examine requirements for Windows Autopilot

  • Prepare device IDs for Autopilot

  • Implement device registration and out-of-the-box customization

  • Examine Autopilot scenarios

  • Troubleshoot Windows Autopilot


Module 26 - Implement dynamic deployment methods

  • Examine subscription activation

  • Deploy using provisioning packages

  • Use Windows Configuration Designer

  • Use Microsoft Entra join with automatic MDM enrollment


Module 27 - Plan a transition to modern endpoint management

  • Explore using co-management to transition to modern endpoint management

  • Examine prerequisites for co-management

  • Evaluate modern management considerations

  • Evaluate upgrades and migrations in modern transitioning

  • Migrate data when modern transitioning

  • Migrate workloads when modern transitioning


Module 28 - Manage Windows 365

  • Explore Windows 365

  • Configure Windows 365

  • Administer Windows 365


Module 29 - Manage Azure Virtual Desktop

  • Examine Azure Virtual Desktop

  • Explore Azure Virtual Desktop

  • Configure Azure Virtual Desktop

  • Administer Azure Virtual Desktop


Module 30 - Explore Microsoft Intune Suite

  • Discover essentials of Microsoft Intune Suite

  • Applying Zero Trust security using the Microsoft Intune Suite

  • Implement Endpoint Privilege Management

  • Understand enterprise app management

  • Explore Advanced Analytics

  • Provide Remote Help

  • Deploy Microsoft Tunnel for mobile applications

bottom of page