Explore the Enterprise Desktop

This module covers modern endpoint management and enterprise desktop lifecycle concepts. It teaches the stages of the lifecycle (planning, deployment, maintenance) and provides a foundation for future learning.

• Examine benefits of modern management
• Examine the enterprise desktop life-cycle model
• Examine planning and purchasing
• Examine desktop deployment
• Plan an application deployment
• Plan for upgrades and retirement

Explore Windows Editions

This module covers Windows OS editions, features, and installation methods. Learners gain a deeper understanding of the available editions and corresponding installation processes.

• Examine Windows client editions and capabilities
• Select client edition
• Examine hardware requirements

Understand Microsoft Entra ID

This module explains Microsoft Entra ID. You'll compare Microsoft Entra ID to Active Directory DS, learn about Microsoft Entra ID P1 and P2, and explore Microsoft Entra Domain Services for managing domain-joined devices and apps in the cloud.

• Examine Microsoft Entra ID
• Compare Microsoft Entra ID and Active Directory Domain Services
• Examine Microsoft Entra ID as a directory service for cloud apps
• Compare Microsoft Entra ID P1 and P2 plans
• Examine Microsoft Entra Domain Services

Manage Microsoft Entra identities

This module teaches how to use Microsoft Entra ID effectively. You'll learn about RBAC, user roles, creating and managing users and groups, using PowerShell cmdlets, and synchronizing objects from AD DS to Microsoft Entra ID.

• Examine RBAC and user roles in Microsoft Entra ID
• Create and manage users in Microsoft Entra ID
• Create and manage groups in Microsoft Entra ID
• Manage Microsoft Entra objects with Microsoft Graph PowerShell
• Synchronize objects from AD DS to Microsoft Entra ID

Manage device authentication

In this module, you learn about device authentication and management in Microsoft Entra ID.

• Describe Microsoft Entra join
• Examine Microsoft Entra join prerequisites limitations and benefits
• Join devices to Microsoft Entra ID
• Manage devices joined to Microsoft Entra ID

Enroll devices using Microsoft Configuration Manager

This module introduces students to client deployment options and some of the high-level management and monitoring options that are available using Configuration Manager.

• Deploy the Microsoft Configuration Manager client
• Monitor the Microsoft Configuration Manager client
• Manage the Microsoft Configuration Manager client

Enroll devices using Microsoft Intune

Students will learn how to configure and setup Intune to more easily manage Windows, Android, and iOS devices.

• Manage mobile devices with Intune
• Enable mobile device management
• Explain considerations for device enrollment
• Manage corporate enrollment policy
• Enroll Windows devices in Intune
• Enroll Android devices in Intune
• Enroll iOS devices in Intune
• Explore device enrollment manager
• Monitor device enrollment
• Manage devices remotely

Execute device profiles

Students learn about the various types of device profiles, and how to create and manage them.

• Explore Intune device profiles
• Create device profiles
• Create a custom device profile

Oversee device profiles

This module introduces students to monitoring profiles to ensure correct assignments and resolving conflicts when multiple profiles are applied.

• Monitor device profiles in Intune
• Manage device sync in Intune
• Manage devices in Intune using scripts

Maintain user profiles

Students learn about the benefits of various Windows user profiles, how to manage them, and how to facilitate profile data synchronization across multiple devices.

• Examine user profile
• Explore user profile types
• Examine options for minimizing user profile size
• Deploy and configure folder redirection
• Sync user state with Enterprise State Roaming
• Configure Enterprise State Roaming in Azure

Execute mobile application management

This module introduces Mobile Application Management (MAM). Students will learn about considerations for implementing MAM and will be introduced to the management of MAM using Intune and Configuration Manager.

• Examine mobile application management
• Examine considerations for mobile application management
• Prepare line-of-business apps for app protection policies
• Implement mobile application management policies in Intune
• Manage mobile application management policies in Intune

Deploy and update applications

In this module, you'll master deploying applications using Intune, Configuration Manager, Group Policy, and Microsoft Store Apps. These powerful tools and techniques will equip you to manage and maintain diverse applications across your organization effectively.

• Deploy applications with Intune
• Add apps to Intune
• Manage Win32 apps with Intune
• Deploy applications with Configuration Manager
• Deploying applications with Group Policy
• Assign and publish software
• Explore Microsoft Store for Business
• Implement Microsoft Store Apps
• Update Microsoft Store Apps with Intune
• Assign apps to company employees

Administer endpoint applications

In this module, you're introduced to managing apps on Intune managed devices. The module will then conclude with an overview of how to use IE Mode with Microsoft Edge.

• Manage apps with Intune
• Manage Apps on non-enrolled devices
• Deploy Microsoft 365 Apps with Intune
• Additional Microsoft 365 Apps Deployment Tools
• Configure Microsoft Edge Internet Explorer mode
• App Inventory Review

Protect identities in Microsoft Entra ID

This module introduces students to the various authentication methods used to protect identities.

• Explore Windows Hello for Business
• Deploy Windows Hello
• Manage Windows Hello for Business
• Explore Microsoft Entra ID Protection
• Manage self-service password reset in Microsoft Entra ID
• Implement multi-factor authentication

Enable organizational access

This module describes how clients can be configured to access organizational resources using a virtual private network (VPN).

• Enable access to organization resources
• Explore VPN types and configuration
• Explore Always On VPN
• Deploy Always On VPN

Implement device compliance

This module describes how to use compliance and conditional access policies to help protect access to organizational resources.

• Protect access to resources using Intune
• Explore device compliance policy
• Deploy a device compliance policy
• Explore conditional access
• Create conditional access policies

Generate inventory and compliance reports

This module describes how to use Microsoft Endpoint Manager and Power BI to create compliance and custom reports.

• Report enrolled devices inventory in Intune
• Monitor and report device compliance
• Build custom Intune inventory reports
• Access Intune using Microsoft Graph API

Deploy device data protection

This module describes how you can use Intune to create and manage WIP policies that manage this protection. The module also covers implementing BitLocker and Encrypting File System.

• Explore Windows Information Protection
• Plan Windows Information Protection
• Implement and use Windows Information Protection
• Explore Encrypting File System in Windows client
• Explore BitLocker

Manage Microsoft Defender for Endpoint

This module explores using Microsoft Defender for Endpoint to provide additional protection and monitor devices against threats.

• Explore Microsoft Defender for Endpoint
• Examine key capabilities of Microsoft Defender for Endpoint
• Explore Windows Defender Application Control and Device Guard
• Explore Microsoft Defender Application Guard
• Examine Windows Defender Exploit Guard
• Explore Windows Defender System Guard

Manage Microsoft Defender in Windows client

This module explains the built-in security features of Windows clients and how to implement them using policies.

• Explore Windows Security Center
• Explore Windows Defender Credential Guard
• Manage Microsoft Defender Antivirus
• Manage Windows Defender Firewall
• Explore Windows Defender Firewall with Advanced Security

Manage Microsoft Defender for Cloud Apps

This module covers Microsoft Defender for Cloud Apps, focusing on securing sensitive data, its relevance in dynamic work settings, and effective utilization for improved security posture.

• Explore Microsoft Defender for Cloud Apps
• Planning Microsoft Defender for Cloud Apps
• Implement Microsoft Defender for Cloud Apps

Assess deployment readiness

Discusses some of the tools that you can use to perform detailed assessments of existing deployments, and describes some of the challenges that you may face.

• Examine deployment guidelines
• Explore readiness tools
• Assess application compatibility
• Explore tools for application compatibility mitigation
• Prepare network and directory for deployment
• Plan a pilot

Deploy using the Microsoft Deployment Toolkit

Discusses the shifts from traditional to modern management and where on-premises solutions best fit in today’s enterprise.

• Evaluate traditional deployment methods
• Set up the Microsoft Deployment Toolkit for client deployment
• Manage and deploy images using the Microsoft Deployment Toolkit

Deploy using Microsoft Configuration Manager

This module explains the common day to day tasks that Administrators would use Configuration Manager to perform.

• Explore client deployment using Configuration Manager
• Examine deployment components of Configuration Manager
• Manage client deployment using Configuration Manager
• Plan in-place upgrades using Configuration Manager

Deploy Devices using Windows Autopilot

Use Autopilot to deploy new hardware or refreshing an existing hardware with the organization’s desired configuration, without using the traditional imaging process.

• Use Autopilot for modern deployment
• Examine requirements for Windows Autopilot
• Prepare device IDs for Autopilot
• Implement device registration and out-of-the-box customization
• Examine Autopilot scenarios
• Troubleshoot Windows Autopilot

Implement dynamic deployment methods

Use dynamic provisioning methods such as Subscription Activation, Provisioning packages, and Microsoft Entra join to reconfigure an existing operating system.

• Examine subscription activation
• Deploy using provisioning packages
• Use Windows Configuration Designer
• Use Microsoft Entra join with automatic MDM enrollment

Plan a transition to modern endpoint management

Explore considerations and review the planning of transitioning to modern management, focusing on migration and newly provisioned devices.

• Explore using co-management to transition to modern endpoint management
• Examine prerequisites for co-management
• Evaluate modern management considerations
• Evaluate upgrades and migrations in modern transitioning
• Migrate data when modern transitioning
• Migrate workloads when modern transitioning

Manage Windows 365

This module teaches managing Microsoft's cloud-based PC management solution, Windows 365, offering personalized, secure Windows 11 experience from any device. Learn features, setup, management, security, deployment options, and licensing to optimize your environment.

• Explore Windows 365
• Configure Windows 365
• Administer Windows 365

Manage Azure Virtual Desktop

Learn to manage Azure Virtual Desktop, a cloud-based VDI solution providing personalized, secure Windows 11 experiences. Understand key features, management, security, and deployment options for optimizing your environment.

• Examine Azure Virtual Desktop
• Explore Azure Virtual Desktop
• Configure Azure Virtual Desktop
• Administer Azure Virtual Desktop

Explore Microsoft Intune Suite

This module explores the Microsoft Intune Suite, highlighting its advanced device management and security capabilities, components, usage, and integration with the broader Microsoft security ecosystem.

• Discover essentials of Microsoft Intune Suite
• Applying Zero Trust security using the Microsoft Intune Suite
• Implement Endpoint Privilege Management
• Understand enterprise app management
• Explore Advanced Analytics
• Provide Remote Help
• Deploy Microsoft Tunnel for mobile applications