MD-102T00: Microsoft 365 Endpoint Administrator
Данный курс заменит курсы MD-100: Windows Client и MD-101: Управление современными устройствами, которые устаревают и снимаются компанией Microsoft 31 июля 2023 года.
В этом курсе слушатели научатся планировать и реализовывать стратегию развертывания конечных устройств с использованием современных методов и реализации стратегий обновления. Курс знакомит с основными элементами современного управления, подходами к совместному управлению и интеграцией с Microsoft Intune. Он охватывает развертывание приложений, управление браузерными приложениями и ключевые концепции безопасности, такие как проверка подлинности, удостоверения, доступ и политики соответствия. Такие технологии, как Azure Active Directory, Azure Information Protection и Microsoft Defender for Endpoint, используются для защиты устройств и данных.
Целевая аудитория
Администраторы конечных станций Microsoft 365, отвечающие за развертывание, настройку, защиту, управление и мониторинг устройств и клиентских приложений в корпоративной среде. В их обязанности входит управление идентификацией, доступом, политиками, обновлениями и приложениями.
Совместно с администраторами M365 Enterprise они разрабатывают и реализуют стратегию устройств, соответствующую требованиям современной организации. Их роль делает упор на облачные службы, а не локальные технологии управления.
Предварительные требования
Администратор современного рабочего стола должен быть знаком с рабочими нагрузками M365 и иметь хорошие навыки и опыт развертывания, настройки и обслуживания Windows 11 и более поздних версий, а также устройств, отличных от Windows.
Программа курса
Explore the Enterprise Desktop
- Describe the benefits of Modern Management
- Explain the enterprise desktop life-cycle model
- Describe considerations for planning hardware strategies
- Describe considerations for post-deployment and retirement
Explore Windows Editions
- Explain the differences between the different editions of Windows
- Select the most suitable Windows device for your needs
- Describe the minimum recommended hardware requirements for installing Windows 11
Understand Azure Active Directory
- Describe Azure AD
- Compare Azure AD to Active Directory Domain Services (AD DS)
- Describe how Azure AD is used as a directory for cloud apps
- Describe Azure AD Premium P1 and P2
- Describe Azure AD Domain Services
Manage Azure Active Directory identities
- Describe RBAC and user roles in Azure AD
- Create and manage users in Azure AD
- Create and manage groups in Azure AD
- Use Windows PowerShell cmdlets to manage Azure AD
- Describe how you can synchronize objects from AD DS to Azure AD
Manage device authentication
- Describe Azure AD join
- Describe Azure AD join prerequisites, limitations and benefits
- Join device to Azure AD
- Manage devices joined to Azure AD
Enroll devices using Microsoft Configuration Manager
- Describe Microsoft Endpoint Manager
- Understand the advantages of managing a client with Configuration Manager
- Deploy the Configuration Manager client
- Monitor the Configuration Manager client
- Manage Configuration Manager devices
Enroll devices using Microsoft Intune
- Prepare Microsoft Intune for device enrollment
- Configure Microsoft Intune for automatic enrollment
- Explain how to enroll Windows, Android and iOS devices in Intune
- Explain when and how to use Intune Enrollment Manager
- Understand how to monitor and perform remote actions on enrolled devices
Execute device profiles
- Describe the various types of device profiles in Intune
- Explain the difference between built-in and custom profiles
- Create and manage profiles
Oversee device profiles
- Monitor the assignments of profiles
- Understand how profiles are synchronized and how to manually force synchronization
- Use PowerShell to execute and monitor scripts on devices
Maintain user profiles
- Explain the various user profile types that exist in Windows
- Describe how a user profile works
- Configure user profiles to conserve space
- Explain how to deploy and configure Folder Redirection
- Explain Enterprise State Roaming
- Configure Enterprise State Roaming for Azure AD devices
Execute mobile application management
- Explain Mobile Application Management
- Understand application considerations in MAM
- Explain how to use Configuration Manager for MAM
- Use Intune for MAM
- Implement and manage MAM policies
Deploy and update applications
- Explain how to deploy applications using Intune and Configuration Manager
- Learn how to deploy applications using Group Policy
- Understand Microsoft Store Apps
- Learn how to deploy apps using Microsoft Store Apps
- Learn how to configure Microsoft Store Apps
Administer endpoint applications
- Explain how to manage apps in Intune
- Understand how to manage apps on non-enrolled devices
- Understand how to deploy Microsoft 365 Apps using Intune
- Learn how to configure and manage IE mode in Microsoft Edge
- Learn about app inventory options in Intune
Protect identities in Active Directory Domain Services
- Describe Windows Hello for Business
- Describe Windows Hello deployment and management
- Describe Azure AD Identity Protection
- Describe and manage self-service password reset in Azure AD
- Describe and manage multi-factor authentication
Enable organizational access
- Describe how you can access corporate resources
- Describe VPN types and configuration
- Describe Always On VPN
- Describe how to configure Always On VPN
Implement device compliance
- Describe device compliance policy
- Deploy a device compliance policy
- Describe conditional access
- Create conditional access policies
Generate inventory and compliance reports
- Generate inventory reports and Compliance reports using Microsoft Intune
- Report and monitor device compliance
- Create custom reports using the Intune Data Warehouse
- Use the Microsoft Graph API for building custom reports
Deploy device data protection
- Describe Windows Information Protection
- Plan for Windows Information Protection usage
- Implement and use Windows Information Protection
- Describe the Encrypting File System (EFS)
- Describe BitLocker
Manage Microsoft Defender for Endpoint
- Describe Microsoft Defender for Endpoint
- Describe key capabilities of Microsoft Defender for Endpoint
- Describe Microsoft Defender Application Guard
- Describe Microsoft Defender Exploit Guard
- Describe Windows Defender System Guard
Manage Microsoft Defender in Windows client
- Describe Windows Security capabilities
- Describe Windows Defender Credential Guard
- Manage Microsoft Defender Antivirus
- Manage Windows Defender Firewall
- Manage Windows Defender Firewall with Advanced Security
Manage Microsoft Defender for Cloud Apps
- Describe Microsoft Defender for Cloud Apps
- Plan for Microsoft Defender for Cloud Apps usage
- Implement and use Microsoft Defender for Cloud Apps
Assess deployment readiness
- Describe the guidelines for an effective enterprise desktop deployment
- Explain how to assess the current environment
- Describe the tools that you can use to assess your current environment
- Describe the methods of identifying and mitigating application compatibility issues
- Explain considerations for planning a phased rollout
Deploy using the Microsoft Deployment Toolkit
- Describe the fundamentals of using images in traditional deployment methods
- Describe the key benefits, limitations, and decisions when planning a deployment of - Windows using the Microsoft Deployment Toolkit (MDT)
- Describe how Configuration Manager builds upon MDT and how both can work in harmony
- Explain the different options and considerations when choosing the user interaction experience during deployment and which methods and tools support these experiences
Deploy using Microsoft Configuration Manager
- Describe the capabilities of Configuration Manager
- Describe the key components of Configuration Manager
- Describe how to troubleshoot Configuration Manager deployments
Deploy Devices using Windows Autopilot
- Explain the benefits of modern deployment for new devices
- Describe the process of preparing for an Autopilot deployment
- Describe the process of registering devices in Autopilot
- Describe the different methods and scenarios of Autopilot deployments
- Describe how to troubleshoot common Autopilot issues
- Describe the process of deployment using traditional methods
Implement dynamic deployment methods
- Describe how Subscription Activation works
- Describe the benefits of Provisioning Packages
- Explain how Windows Configuration Designer creates Provisioning Packages
- Describe the benefits of using MDM enrollment with Azure AD join
Plan a transition to modern endpoint management
- Identify usage scenarios for Azure AD join
- Identify workloads that you can transition to Intune
- Identify prerequisites for co-management
- Identify considerations for transitioning to modern management
- Plan a transition to modern management using existing technologies
- Plan a transition to modern management using Microsoft Intune
Manage Windows 365
- Describe the key features of Windows 365
- Describe the Windows 365 management experience
- Describe the Windows 365 security model
- Describe the Windows 365 deployment options
- Describe the Windows 365 licensing model
Manage Azure virtual desktop
- Describe the key features of Azure Virtual Desktop
- Describe the Azure Virtual Desktop management experience
- Describe the Azure Virtual Desktop security model
- Describe the Azure Virtual Desktop deployment options
Документы об окончании курса
- Сертификат Microsoft об окончании авторизованного курса
- Cертификат Учебного центра Noventiq
- Cертификат об обучении установленного образца