課程名稱:Microsoft 365 Certified Endpoint Administrator Associate (1科終端設備管理) 國際認可證書課程
- 簡稱:Microsoft Endpoint Administrator Training Course |
MD-102 Microsoft 365 Administrator (30 hrs)
1. Exploring Enterprise Desktop
1.1 Introduction to Enterprise Desktop Environment
1.2 Examine benefits of modern management
1.3 Examine the enterprise desktop life-cycle model
1.4 Examine planning and purchasing
1.5 Examine desktop deployment
1.5.1 Building
1.5.2 Deployment
1.5.3 Enrollment
1.5.4 Data Migration
1.6 Plan an application deployment
1.6.1 Application inventory and compatibility
1.6.2 Application packaging
1.6.3 Application life-cycle support
1.6.4 Application Delivery
1.6.5 Microsoft Intune
1.6.6 Virtual Application Delivery
1.7 Plan for upgrades and retirement
1.7.1 Retirement
1.7.2 BYOD and Unenrollment
2. Exploring Windows Editions
2.1 Examine Windows client editions and capabilities
2.2 Windows edition details
2.2.1 Home
2.2.2 Pro
2.2.3 Pro for Workstations
2.2.4 Enterprise
2.2.5 Enterprise LTSC
2.2.6 Pro Education and Education
2.2.7 IoT Core/Enterprise
2.3 Select client edition
2.3.1 Form factors
2.3.2 32-bit and 64-bit editions
2.3.3 Scenarios
2.4 Examine hardware requirements
2.4.1 OS requirements
2.4.2 Feature-specific requirements
2.4.3 Device drivers
2.4.4 Check for Hyper-V compatibility
3. Understand Microsoft Entra ID
3.1 Introduction to Microsoft Entra ID
3.1.1 Microsoft Entra tenants
3.1.2 Microsoft Entra schema
3.2 Compare Microsoft Entra ID and Active Directory Domain Services
3.2.1 Characteristics of AD DS
3.2.2 Characteristics of Microsoft Entra ID
3.3 Examine Microsoft Entra ID as a directory service for cloud apps
3.4 Compare Microsoft Entra ID P1 and P2 plans
3.5 Introduction to Microsoft Entra Domain Services
4. Manage Microsoft Entra Identities
4.1 Examine RBAC and user roles in Microsoft Entra ID
4.1.1 Azure delegation model and role-based access control
4.1.2 User roles in Microsoft Entra ID
4.2 Create and manage users in Microsoft Entra ID
4.2.1 If you don’t wish to add users now
4.2.2 If you don’t want to license user now
4.3 Create and manage groups in Microsoft Entra ID
4.3.1 Manage a Microsoft 365 group
4.3.2 Strategies for Microsoft 365 Groups creation
4.3.3 Microsoft 365 Groups naming policy
4.3.4 Prefix-suffix naming policy
4.3.5 Custom blocked words
4.3.6 Configure Microsoft 365 groups naming policy using Microsoft Entra admin center
4.3.7 User experiences with naming policy
4.3.8 Configure Access with Entra ID Security Groups
4.3.9 Creating a Basic Group and add members
4.4 Manage Microsoft Entra objects with Microsoft Graph PowerShell
4.4.1 Connecting to Microsoft Entra with Microsoft Graph PowerShell SDK
4.4.2 Create users by using bulk import
4.5 Synchronize objects from AD DS to Microsoft Entra ID
4.6 Authentication options for the hybrid identity model
4.6.1 Password hash synchronization (PHS)
4.6.2 Pass-through authentication (PTA)
4.6.3 Federated authentication
4.7 Explore directory synchronization
4.8 Prepare for directory synchronization
4.8.1 Source of authority
4.8.2 Active Directory cleanup
4.8.3 UPN suffixes
4.8.4 Microsoft 365 IdFix tool
4.9 Comparing Directory Synchronization tools
4.9.1 Microsoft Entra Connect Sync
4.9.2 Microsoft Entra ID Tenant requirement
4.9.3 Microsoft Entra Connect Sync server
4.9.4 SQL Server used by Microsoft Entra Connect Sync
4.9.5 Accounts
4.9.6 Connectivity
4.9.7 Outbound proxy server requirements
4.9.8 Hardware requirements for Microsoft Entra Connect Sync
4.10 Configuring Microsoft Entra Connect Sync with Express Setup
4.11 Monitoring AD Connect Synchronization Health
4.11.1 Microsoft Entra Connect Sync Insight
4.11.2 Sync Latency
4.11.3 Sync Object Changes
5. Managing Device Authentication
5.1 Introduction to Microsoft Entra join
5.1.1 Usage Scenarios for Microsoft Entra join
5.1.2 Microsoft Entra hybrid join
5.2 Microsoft Entra join prerequisites limitations and benefits
5.3 Join devices to Microsoft Entra ID
5.4 Manage devices joined to Microsoft Entra ID
6. Enroll devices using Microsoft Configuration Manager
6.1 Deploy the Microsoft Configuration Manager client
6.1.1 Benefits of the Configuration Manager client
6.1.2 Client Deployment Options
6.2 Monitor the Microsoft Configuration Manager client
6.3 Manage the Microsoft Configuration Manager client
6.3.1 What is a Collection?
7. Enroll devices using Microsoft Intune
7.1 Manage mobile devices with Intune
7.1.1 Intune Company Portal
7.1.2 Device Management Lifecycle
7.2 Enable mobile device management
7.2.1 Activate MDM Services
7.2.2 Configure Intune for Apple Device Support
7.3 Considerations for device enrollment
7.3.1 To enable Windows Automatic Enrollment
7.3.2 Supported Devices
7.3.3 Define Allowed Devices
7.3.4 Ensure Users Enroll Their Devices
7.4 Manage corporate enrollment policy
7.4.1 To add and verify your custom domain
7.4.2 Configure automatic MDM enrollment
7.4.3 Simplify Manual Enrollment (Optional)
7.5 Enroll Windows devices in Intune
7.5.1 Enrolling Windows devices
7.6 Enroll Android devices in Intune
7.7 Android Enterprise
7.7.1 Android Enterprise work profile
7.7.2 Connect your Intune account to your managed Google Play account
7.8 Enroll iOS devices in Intune
7.8.1 Company-owned iOS devices
7.8.2 To setup the above Automated Device Enrollment for iOS in Intune (無須進行,理解便可)
7.8.3 Get an Apple automated device enrollment token
7.8.4 Create an Apple enrollment profile
7.8.5 Sync managed devices
7.8.6 Assign an enrollment profile to devices
7.8.7 Assign a default profile
7.8.8 Distribute devices
7.8.9 Re-enroll a device
7.8.10 Renew an Automated Device Enrollment token
7.8.11 Delete an Automated Device Enrollment token from Intune
7.9 Explore device enrollment manager
7.9.1 Example of a device enrollment manager scenario
7.9.2 What can a device enrollment manager do?
7.9.3 Limitations of devices that are enrolled with a DEM account
7.9.4 Add a device enrollment manager
7.9.5 Permissions for DEM
7.10 Monitor device enrollment
7.10.1 Monitoring enrolled devices
7.10.2 Monitoring Microsoft Entra joined devices
7.11 Manage devices remotely
8. Execute device profiles
8.1 Intune device profiles
8.1.1 Types of device profiles
8.2 Create device profiles
8.3 Create a custom device profile
8.3.1 Create a custom profile for Windows 10 and later devices
8.3.2 OMA-URIs
8.3.3 Create a custom profile for Android devices
8.3.4 Create a custom profile for Apple devices
9. Monitoring Device Profiles
9.1 Monitor device profiles in Intune
9.1.1 View existing profiles
9.1.2 View details on a profile
9.1.3 View conflicts
9.2 Manage device sync in Intune
9.2.1 Manage settings and features on your devices with Intune policies
9.3 Manage devices in Intune using scripts
9.3.1 Create a PowerShell script policy for Windows
9.3.2 Create a shell script policy for macOS
10. Managing User Profile
10.1 Windows user profile
10.2 User Profile Types
10.2.1 Local user profiles
10.2.2 Roaming user profiles
10.2.3 Mandatory user profiles
10.2.4 Temporary User Profiles
10.2.5 Profile extension for each Windows version
10.3 Options for minimizing user profile size
10.3.1 Use quotas
10.3.2 Redirect folders out of user profiles
10.3.3 Use Group Policy to limit user profile sizes
10.3.4 Deploy and configure folder redirection
10.4 Sync user state with Enterprise State Roaming
10.4.1 Sync user data
10.4.2 ESR and Microsoft Edge (Chromium based)
10.4.3 About Legacy User Experience Virtualization
10.5 Configure Enterprise State Roaming in Entra ID
10.5.1 What data roams?
10.5.2 Data storage
10.5.3 Data retention
10.5.4 Explicit deletion
10.5.5 Stale data deletion
10.5.6 Deleted data recovery
11. Mobile Application Management (MAM)
11.1 Two Scenarios of MAM
11.2 Considerations for Mobile Application Management
11.3 Prepare line-of-business apps for app protection policies
11.3.1 Intune App Wrapping Tool
11.3.2 Intune App SDK
11.3.3 Apps without app protection policies
11.3.4 Data protection with app protection policies
11.3.5 Data protection with app protection policies on devices managed by a Mobile Device Management solution
11.3.6 Data protection with app protection policies for devices without enrollment
11.4 Implement mobile application management policies in Intune
11.4.1 Understand app data protection
11.4.2 Data Transfer for iOS/iPadOS/Android app protection policy
11.4.3 Encryption
11.4.4 Functionality for iOS/iPadOS and Android app protection policy
11.4.5 App Protection Policy Access Requirements
11.4.6 App Protection Policy Conditional Launch
11.4.7 App Protection Policy Health Checks
11.5 Verify and Monitor App Protection
11.5.1 Intune diagnostics
12. Deploy and Update applications
12.1 Deploy applications with Intune
12.1.1 Microsoft Intune app lifecycle
12.2 Adding apps to Intune
12.3 Prepare and Manage Win32 apps with Intune
12.4 Deploy applications with Configuration Manager
12.4.1 Application deployment in Configuration Manager
12.4.2 Create an application in Configuration Manager
12.4.3 Choosing a solution for deploying an application
12.5 Deploying applications with Group Policy
12.5.1 Use Group Policy to manage the software lifecycle
12.5.2 How Windows Installer enhances software distribution
12.5.3 Manage software upgrades by using Group Policy
12.5.4 Publishing Software to Users
12.5.5 Assigning Software to Users
12.5.6 Assigning Software to Computers
12.6 Microsoft Store for Business
12.6.1 Add an app from the Microsoft Store
12.7 Update Microsoft Store Apps with Intune
12.7.1 App update
12.7.2 Microsoft Store Win32 apps
12.7.3 Intune management of Microsoft Store Win32 apps
12.8 Assign apps to company employees
12.9 Additional Microsoft 365 Apps Deployment Tools
12.9.1 Configuration Manager
12.9.2 Use the Office Deployment Tool
12.9.3 Use the Office Customization Tool
12.9.4 End-user installation
12.10 Configure Microsoft Edge Internet Explorer mode
12.10.1 Microsoft Edge with IE mode
12.10.2 Configure IE Mode Sites
12.11 App Inventory Review
12.11.1 Apps > Overview page
12.11.2 Apps > Monitor > App licenses page
12.11.3 Apps > Monitor > Discovered apps page
12.11.4 Apps > Monitor > App install status page
13. Device Compliance
13.1 Protect access to resources using Intune
13.2 Explore device compliance policy
13.2.1 Device Compliance policy basics:
13.2.2 Use Microsoft Entra device groups for policies
13.3 Deploy a device compliance policy
13.4 Entra Conditional Access with Intune
13.5 Entra Conditional Access and Exchange ActiveSync protocol
14. Windows Autopilot
14.1 Autopilot for modern deployment
14.1.1 New devices
14.1.2 Refresh existing devices
14.1.3 Autopilot compared to traditional methods
14.2 Requirements for Windows Autopilot
14.3 Prepare Device IDs for Autopilot
14.3.1 Manage Windows Autopilot in Intune
14.3.2 Prepare a Microsoft Autopilot deployment
14.3.3 Get the CSV file from your OEM partner
14.3.4 Generate your own CSV file
14.3.5 Upload the device-specific CSV file
14.3.6 Import a device hash directly into Intune
14.3.7 Enroll Windows devices in Intune by using the Windows Autopilot
14.3.8 Assigning a user to a specific Autopilot Device
14.4 Troubleshooting Windows Autopilot
14.4.1 Troubleshoot Autopilot OOBE issues
14.4.2 Windows Autopilot Diagnostics
14.4.3 Troubleshoot Entra ID join issues
14.4.4 Troubleshoot Intune enrollment issues
14.4.5 Troubleshoot Device Import
15. Windows Information Protection
15.1 Explore Windows Information Protection
15.1.1 Data loss prevention
15.1.2 Information Rights Management
15.2 Plan Windows Information Protection
15.3 Implement and use Windows Information Protection
15.3.1 Create a WIP policy in Intune
15.4 About BitLocker
16. Manage Microsoft Defender for Endpoint
16.1 Explore Microsoft Defender for Endpoint
16.2 Key Capabilities of Microsoft Defender for Endpoint
16.2.1 Attack surface reduction
16.2.2 Next generation protection
16.2.3 Endpoint detection and response
16.2.4 Auto investigation and remediation
16.2.5 Secure score
16.2.6 Advanced hunting
16.2.7 Management and APIs
16.3 Windows Defender Application Control and Device Guard
16.3.1 Windows Defender Application Control
16.3.2 Windows Defender Device Guard
16.4 Microsoft Defender Application Guard
16.4.1 Types of devices that should use Application Guard
16.5 Microsoft Defender Exploit Guard features
|
繳付學費,過程簡便!
