Microsoft 365 Endpoint Administrator (MD-102T00)
This comprehensive course is designed to equip students with the skills and knowledge required to effectively manage and secure modern desktop environments. Students will dive into a variety of subjects including the deployment, configuration, and maintenance of Windows and non-Windows devices within an enterprise setting. The curriculum emphasizes the importance of modern management techniques, leveraging Microsoft's suite of tools such as Microsoft Intune, Microsoft Entra ID, Azure Virtual Desktop, and Windows 365 to streamline and enhance the management of devices and applications. By exploring the integration of cloud technologies with traditional on-premises management approaches, students will learn to implement robust security measures, manage identities and access, and ensure compliance across all devices. The course covers critical topics such as device enrollment, application management, data protection, and the deployment of security solutions like Microsoft Defender for Endpoint to safeguard against advanced threats. With a focus on practical, real-world applications, this course prepares students to meet the challenges of modern endpoint management in a dynamic and evolving IT landscape.
Audience Profile
This course is specifically tailored for IT professionals aiming to become proficient in the management and security of modern enterprise environments. Ideal for those in roles such as IT Systems Administrators, Microsoft 365 Endpoint Administrators, and Security Managers, it caters to individuals responsible for overseeing device management, security, and compliance within their organizations. Participants are expected to have a foundational understanding of Microsoft 365 workloads and should possess skills in deploying, managing, and configuring devices and applications. This course is particularly beneficial for professionals looking to enhance their expertise in modern management strategies, cloud-based solutions, and security best practices, enabling them to effectively implement and manage a secure, compliant, and efficient digital workspace. The emphasis is on empowering administrators to leverage cloud technologies and modern management practices to deliver a seamless and secure user experience across all devices.
- Gain a comprehensive understanding of modern management principles and the enterprise desktop lifecycle.
- Learn to differentiate between various Windows editions and select the most suitable devices based on requirements and hardware compatibility.
- Acquire knowledge on Microsoft Entra ID, comparing it with traditional Active Directory services, and its application in cloud environments.
- Master the management of Microsoft Entra identities, including role-based access control, user and group management, and synchronization with AD DS.
- Understand device authentication mechanisms, specifically Azure AD join processes, including their prerequisites, limitations, and benefits.
- Get hands-on experience with Microsoft Configuration Manager and Microsoft Intune for device enrollment and management, understanding the advantages and deployment strategies of each.
- Develop skills in creating and managing device and user profiles in Intune, including mobile application management and deployment of applications across platforms.
- Learn about device data protection, including Windows Information Protection, BitLocker, and the Encrypting File System.
- Enhance security knowledge with modules on Microsoft Defender for Endpoint, Microsoft Defender in Windows, and Microsoft Defender for Cloud Apps, covering deployment, management, and key capabilities.
- Understand the deployment readiness, including assessment tools and techniques, application compatibility, and planning phased rollouts.
- Explore dynamic deployment methods such as Windows Autopilot and Provisioning Packages, learning the benefits and scenarios for their use.
- Prepare for a career in IT management by learning about modern endpoint management strategies, including transitioning to modern management with Intune and managing Windows 365 and Azure Virtual Desktop environments.
- Gain the ability to generate inventory and compliance reports, create device compliance policies, and understand conditional access to enhance organizational security and compliance.
Webucator is a Microsoft Certified Partner for Learning Solutions (CPLS). This class uses official Microsoft courseware and will be delivered by a Microsoft Certified Trainer (MCT).
Module 1: Explore the Enterprise Desktop
In this module, students will delve into the world of Modern Management, discovering its advantages and understanding the lifecycle of an enterprise desktop. They will learn strategic approaches to hardware planning and delve into the nuances of post-deployment and retirement phases, ensuring a comprehensive grasp of enterprise desktop management.
Module 2: Explore Windows Editions
Students will navigate through the various Windows editions, gaining insights on how to judiciously select the optimal Windows device for specific needs. Furthermore, they will explore the minimum hardware requirements necessary for Windows 11, preparing them for informed decision-making in technological environments.
Module 3: Understand Microsoft Entra ID
This module introduces students to Microsoft Entra ID, elucidating its differentiation from AD DS and its pivotal role as a directory for cloud applications. Additionally, learners will examine the particulars of Microsoft Entra ID P1 and P2, along with the functionality of Domain Services.
Module 4: Manage Microsoft Entra identities
Learners will master the intricacies of RBAC, understand the pivotal user roles within Microsoft Entra ID, and dive into the management of users and groups. They will also harness the power of Windows PowerShell cmdlets for Entra ID management and explore the synchronization of AD DS objects, equipping them with essential identity management skills.
Module 5: Manage device authentication
Focusing on Azure AD join, this module covers its prerequisites, limitations, and benefits, guiding students through the process of managing devices connected to Azure AD. This knowledge lays the groundwork for secure and efficient device management practices.
Module 6: Enroll devices using Microsoft Configuration Manager
Through discussions on Microsoft Endpoint Manager and the use of Configuration Manager, students will learn about managing clients, deploying, and monitoring the Configuration Manager client. This module empowers them with the skills to effectively manage devices within an enterprise.
Module 7: Enroll devices using Microsoft Intune
Preparing students for device enrollment with Microsoft Intune, this module covers configuration for automatic enrollment and delves into the enrollment processes for Windows, Android, and iOS devices. It also explores the usage of Intune Enrollment Manager and the monitoring and management of enrolled devices.
Module 8: Execute device profiles
Students will discover the various Intune device profiles, understanding the differences between built-in and custom profiles, and learning how to manage these profiles effectively, ensuring devices are configured to meet organizational policies and standards.
Module 9: Oversee device profiles
This module focuses on monitoring the assignment of profiles, the synchronization of profiles, and the execution of scripts on devices using PowerShell. It prepares students to maintain control over device configurations in a dynamic enterprise environment.
Module 10: Maintain user profiles
Exploring the types of Windows user profiles, their functioning, and strategies for conserving space, this module also covers the deployment and configuration of Folder Redirection and Enterprise State Roaming for Azure AD devices, enhancing the management of user data and settings across devices.
Module 11: Execute mobile application management
Delving into Mobile Application Management (MAM), students will learn about application considerations within MAM and how to utilize Configuration Manager and Intune for effective app management, including the implementation and management of MAM policies.
Module 12: Deploy and update applications
This module offers guidance on deploying applications through Intune, Configuration Manager, Group Policy, and Microsoft Store Apps, providing students with a comprehensive understanding of app deployment and configuration in a modern enterprise environment.
Module 13: Administer endpoint applications
Students will learn to manage applications in Intune, handle apps on non-enrolled devices, deploy Microsoft 365 Apps using Intune, and manage IE mode in Microsoft Edge, equipping them with the skills to oversee applications across a range of devices.
Module 14: Protect identities in Microsoft Entra ID
Covering Windows Hello for Business, Microsoft Entra ID Protection, self-service password reset, and multi-factor authentication, this module equips students with the knowledge to enhance security through identity protection strategies.
Module 15: Enable organizational access
Students will learn about accessing corporate resources through VPNs, including types, configuration, Always On VPN, and its setup, ensuring secure and reliable access to enterprise resources from remote locations.
Module 16: Implement device compliance
This module covers the creation and deployment of device compliance policies, conditional access, and the creation of conditional access policies, preparing students to maintain security and compliance within a digital workspace.
Module 17: Generate inventory and compliance reports
Students will learn to generate inventory and compliance reports using Microsoft Intune, monitor device compliance, create custom reports with the Intune Data Warehouse, and build custom reports using the Microsoft Graph API, essential for managing and securing enterprise environments.
Module 18: Deploy device data protection
Focusing on Windows Information Protection, EFS, and BitLocker, this module prepares students to implement strategies for protecting data on devices, ensuring the integrity and security of enterprise information.
Module 19: Manage Microsoft Defender for Endpoint
Introducing Microsoft Defender for Endpoint, its key capabilities, Application Guard, Exploit Guard, and System Guard, this module equips students with comprehensive knowledge on endpoint security solutions.
Module 20: Manage Microsoft Defender in Windows client
Students will explore Windows Security capabilities, Credential Guard, Microsoft Defender Antivirus, and Windows Defender Firewall with Advanced Security, gaining the skills to secure Windows clients against various threats.
Module 21: Manage Microsoft Defender for Cloud Apps
This module provides an overview of Microsoft Defender for Cloud Apps, planning for its use, and implementation, offering students insights into securing cloud applications effectively.
Module 22: Assess deployment readiness
Students will learn about guidelines for effective enterprise desktop deployment, assess the current environment, identify tools for assessment, and plan for a phased rollout, ensuring a smooth deployment process.
Module 23: Deploy using the Microsoft Deployment Toolkit
Exploring the use of images in deployment, the benefits and limitations of the Microsoft Deployment Toolkit, and user interaction experiences, this module prepares students for deploying Windows using MDT and Configuration Manager.
Module 24: Deploy using Microsoft Configuration Manager
Delving into the capabilities and key components of Configuration Manager and troubleshooting deployments, this module equips students with the skills to manage complex deployments effectively.
Module 25: Deploy Devices using Windows Autopilot
Students will learn the benefits of modern deployment, prepare and register devices for Autopilot, explore Autopilot deployment methods and scenarios, and troubleshoot common issues, mastering the deployment of new devices efficiently.
Module 26: Implement dynamic deployment methods
Exploring Subscription Activation, the creation of Provisioning Packages with Windows Configuration Designer, and the benefits of MDM enrollment with Azure AD join, this module offers students flexible and dynamic deployment strategies.
Module 27: Plan a transition to modern endpoint management
This module prepares students to identify Azure AD join scenarios, transition workloads to Intune, understand co-management prerequisites, and plan transitions to modern management using existing technologies and Microsoft Intune.
Module 28: Manage Windows 365
Offering insights into the key features, management experience, security model, deployment options, and licensing model of Windows 365, this module equips students with the knowledge to manage cloud-based Windows environments.
Module 29: Manage Azure Virtual Desktop
Students will explore the key features, management experience, security model, and deployment options of Azure Virtual Desktop, preparing them to manage virtual desktop environments effectively.
Each student will receive a comprehensive set of materials, including course notes and all the class examples.
Experience in the following is required for this Microsoft 365 Administration class:
- Basic understanding of networking fundamentals.
- Familiarity with Windows operating systems and their functionality.
- Understanding of Active Directory Domain Services (AD DS) principles.
- Basic knowledge of management tools and technologies like PowerShell.
Experience in the following would be useful for this Microsoft 365 Administration class:
- Experience with Windows 10 or Windows 11 deployment and management.
- Prior exposure to Microsoft Azure services.
- Knowledge of mobile device management (MDM) principles.
- Understanding of cloud-based identity and authentication services.
Request a Private Class
- Private Class for your Team
- Online or On-location
- Customizable
- Expert Instructors