Overview
This course prepares students to manage devices and client applications in a Microsoft 365 tenant using Microsoft Intune. It covers solutions for efficient deployment, configuration, protection, management, and monitoring of devices and client applications across various operating systems, platforms, and device types.
Prerequisites
Important - This course has MFA Requirements. Please read this link and download the MFA app, prior to attending.
Technical Experience: Candidates should have experience with Microsoft Entra ID (formerly Azure AD), Microsoft 365 technologies, and Intune. Familiarity with managing Windows and non-Windows devices is essential.
Knowledge Areas:
- Device management and client networking.
- Policy-based management.
- Cloud-based solutions.
- Basic understanding of Active Directory, DNS, and PowerShell.
Target Audience
This course is designed for IT professionals who are responsible for managing, configuring, and securing devices in a Microsoft 365 environment. Typical roles include:
- Endpoint Administrators.
- Microsoft 365 Administrators.
- IT Managers and Support Technicians.
- Security and Identity Administrators.
Delegates will learn how to
Upon completion of this course, participants will be able to:
- Implement solutions for efficient deployment and management of endpoints on various operating systems, platforms, and device types.
- Implement and managing endpoints at scale by using Microsoft Intune, Microsoft Intune Suite, Windows Autopilot, Microsoft Copilot for Security, Microsoft Defender for Endpoint, Microsoft Entra ID, Azure Virtual Desktop, and Windows 365.
- Implement identity, security, access, policies, updates, and apps for endpoints.
Skills measured
- Prepare infrastructure for devices.
- Manage and maintain devices.
- Manage applications.
- Protect devices.
Outline
Course Introduction
- Overview of course objectives, student introductions, and key topics.
- Setting expectations and discussing the certification exam requirements.
Learning Path 1: Explore Modern Management
Module 1: Understanding Microsoft Entra ID
- Examine Microsoft Entra ID (formerly Azure AD).
- Compare Microsoft Entra ID and Active Directory Domain Services (AD DS).
- Examine Microsoft Entra ID as a directory service for cloud apps.
- Examine Microsoft Entra Domain Services.
Module 2: Managing Microsoft Entra ID Identities
- Create Role-Based Access Control (RBAC) and user roles in Microsoft Entra.
- Create and manage users in Microsoft Entra ID.
- Create and manage groups in Microsoft Entra ID.
- Manage Microsoft Entra ID objects with PowerShell.
- Synchronise objects from AD DS to Microsoft Entra ID.
Practice Labs: Explore Modern Management
- Manage Identities in Entra ID.
- Synchronising Identities by using Entra ID Connect.
Learning Path 2: Execute Device enrolment
Module 1: Manage device authentication
- Describe Microsoft Entra join.
- Examine Microsoft Entra join prerequisites.
- Join devices to Microsoft Entra.
- Manage devices joined to Microsoft Entra.
Module 2: Enrol devices using Microsoft Intune
- Manage mobile devices with Intune.
- Enable mobile device management.
- Explain considerations for device enrolment.
- Manage corporate enrolment policy.
- Enrol windows devices in Intune.
- Enrol Android devices in Intune.
- Explore device enrolment manager.
- Monitor device enrolment.
- Manage devices remotely.
Practice Lab: Execute Device enrolment
- Configure and manage Entra ID join.
- Manage Entra ID device registration.
- Manage device enrolment into Intune.
- Enrolling devices into Microsoft Intune
Learning Path 3: Configure profiles for users and devices
Module 1: Execute device profiles
- Explore Microsoft Intune profiles.
- Create device profiles.
- Create a custom device profile.
Module 2: Oversee device profiles
- Monitor devices profiles with Microsoft Intune.
- Manage device sync with Microsoft Intune.
- Manage device in Microsoft Intune using scripts.
Module 3: Maintain user profiles
- Examine user profiles.
- Explore user profile types.
- Examine options for minimising user profile types.
- Deploy and configure folder redirection.
- Sync user state with Enterprise State Roaming.
- Configure Enterprise State Roaming in Azure.
Practice Lab: Configure profiles for users and devices
- Create and deploy configuration profiles.
- Using profiles to configure Kiosk mode.
- Using configuration profiles to configure iOS and iPadOS Wi-Fi settings.
- Using group Policy Analytics to validate GPO support for Intune.
- Monitor device and user activity in Intune.
Learning Path 4: Examine application management
Module 1: Execute mobile application management
- Examine mobile application management.
- Examine considerations for mobile application management.
- Prepare line-of-business apps for app protection policies.
- Implement mobile application management policies in Intune.
- Manage mobile application management policies in Intune.
Module 2: Deploy and update applications
- Deploy applications with Intune.
- Add apps to Intune.
- Manage Win32 apps with Intune.
- Deploy applications with Microsoft Configuration Manager.
- Deploy applications with Group Policy.
- Assign and publish software.
- Explore Microsoft Store for Business.
- Implement Microsoft Store Apps.
- Update Microsoft Store Apps with Intune.
- Assign apps to company employees.
Module 3: Administer endpoint applications
- Manage apps with Intune.
- Manage apps on non-enrolled devices.
- Deploy Microsoft 365 Apps with Intune.
- Additional Microsoft 365 Apps deployment tools.
- Configure Microsoft Edge Internet Explorer mode.
- App inventory review.
Practice Lab: Examine application management
- Deploy cloud apps using Intune.
- Configure App Protection Policies for mobile devices.
Learning Path 5: Managing Authentication and Compliance
Module 1: Protect identities in Microsoft Entra
- Explore Windows Hello for Business.
- Deploy Windows Hello.
- Manage Windows Hello for Business.
- Explore Microsoft Entra identity Protection.
- Manage Self-Service Password Reset in Entra.
- Implement Multifactor Authentication.
Module 2: Enable Organisation access
- Enable access to organisation resources.
- Explore VPN types and configuration.
- Explore Always On VPN.
- Deploy Always On VPN.
Module 3: Implement device compliance
- Protect access to resources using Intune.
- Explore device compliance policy.
- Deploy a device compliance policy.
- Explore conditional access.
- Create conditional access polices.
Module 4: Create inventory and compliance reports
- Report enrolled devices inventory in Intune.
- Monitor and report device compliance.
- Build custom Intune inventory reports.
- Access Intune using Microsoft Graph API
Practice Lab: Managing Authentication and Compliance
- Configure Multifactor Authentication.
- Configure Self-Service Password Reset for user accounts in Microsoft Entra.
- Configuring and validating device compliance.
- Creating device inventory reports.
Learning Path 6: Manage endpoint security
Module 1: Deploy device data protection
- Explore Windows Information Protection.
- Plan Windows Information Protection.
- Implement and use Windows Information Protection.
- Explore Encrypting File System in Windows client.
- Explore BitLocker.
Module 2: Manage Microsoft Defender for Endpoint
- Explore Microsoft Defender for Endpoint.
- Examine key capabilities of Microsoft Defender for Endpoint.
- Explore Microsoft Defender Application Control and Device Guard.
- Explore Microsoft Defender Application Guard.
- Explore Microsoft Defender Exploit Guard.
- Explore Microsoft Defender System Guard.
Module 3: Manage Microsoft Defender for Windows client
- Explore Windows Security Center.
- Explore Windows Defender Credentials Guard.
- Manage Microsoft Defender Antivirus.
- Manage Windows Defender Firewall.
- Explore Windows Defender Firewall with Advance Security.
Module 4: Manage Microsoft Defender for Cloud Apps
- Explore Microsoft Defender for Cloud Apps.
- Planning Microsoft Defender for Cloud Apps.
- Implementing Microsoft Defender for Cloud Apps.
Practice Lab: Manage endpoint security
- Configure and deploy Windows Information Protection policies by using Intune.
- Configure endpoint security using Intune.
- Configuring disk encryption using Intune.
Learning Path 7: Deploying using on-premises based tools
Module 1: Assess deployment readiness
- Examine deployment guidelines.
- Explore readiness tools.
- Assess application compatibility.
- Explore tools for application compatibility mitigation.
- Prepare network and directory for deployment.
- Plan a pilot.
Module 2: Deploy using the Microsoft Deployment Toolkit
- Evaluate traditional deployment methods.
- Set up the Microsoft Deployment Toolkit for client deployment.
- Manage and deploy images using the Microsoft Deployment Toolkit.
Practice Labs: Deploying using on-premises based tools
- Deploying Windows 11 using Microsoft Deployment Toolkit.
Learning Path 8: Deploying using cloud-based tools
Module 1: Deploying devices using Windows Autopilot
- Use Autopilot for modern deployment.
- Examine requirements for Windows Autopilot.
- Prepare device IDs for Autopilot.
- Implement device registration and Out-Of-The-Box customisation.
- Examine Autopilot scenarios.
- Troubleshoot Windows Autopilot.
Module 2: Implementing dynamic deployment methods
- Examine subscription activation.
- Deploy using provisioning packages.
- Use windows Configuration Designer.
- Use Microsoft Entra join with automatic MDM enrollment
Module 3: Plan a transition to modern endpoint management
- Explore using co-management to transition to modern management.
- Examine prerequisites for co-management.
- Evaluate modern management considerations.
- Evaluate upgrades and migrations in modern transitioning.
- Migrate data when modern transitioning.
- Migrate workloads when modern transitioning.
Module 4: Manage Windows 365
- Explore Windows 365.
- Configure Windows 365.
- Administer Windows 365.
Module 5: Manage Azure Virtual Desktop
- Examine Azure Virtual Desktop.
- Explore Azure Virtual Desktop.
- Configure Azure Virtual Desktop.
- Administer Azure Virtual Desktop.
Module 6: Explore Microsoft Intune Suite
- Discover essentials of Microsoft Intune Suite.
- Applying Zero Trust Security using Microsoft Intune Suite.
- Implement Endpoint Privilege Management.
- Understanding enterprise app management.
- Explore advance analytics.
- Provide Remote Help.
- Deploy Microsoft Tunnel for Mobile applications.
Practice Labs: Deploying using cloud-based tools
- Deploying Windows 11 with Autopilot.
- Refreshing Windows with Autopilot Reset and Self-Deploying mode
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.