Learning Path 1: Explore Modern Management

This learning path is designed to provide a comprehensive understanding of enterprise desktops, Windows editions, and Azure Active Directory. It includes exploring various Windows editions, including their features and installation methods. It delves into Azure Active Directory, highlighting its similarities and differences with AD DS and how to synchronize the two. Furthermore, learners will better understand managing Azure Active Directory identities. Overall, this learning path equips learners with the necessary knowledge and skills to effectively support enterprise desktops and manage Azure Active Directory identities.

• The Enterprise Desktop
• Azure AD Overview
• Managing Identities in Azure AD
• Manage Azure Active Directory identities

Learning Path 2: Execute Device Enrollment

This learning path will cover Azure AD join and will introduce Microsoft Endpoint Manager. We'll also discuss how to configure policies for enrolling devices to Configuration Manager and Microsoft Intune.

• Manage Device Authentication
• Enroll device using Microsoft Endpoint Configuration Manager
• Enroll device using Microsoft Intune

Learning Path 3: Configuring Profiles for User and Devices

This learning path explores Intune device profiles, the benefits of user profiles and how to synchronize profile data across multiple devices.

• Execute Device Profiles
• Oversee Device Profiles
• Maintain User Profiles

Learning Path 4: Examine Application Management

In this Learning Path, Learners will examine application management methods using on-premises and cloud-based solutions.

• Execute Mobile Application Management (MAM)
• Deploying and updating applications
• Administering endpoint applications

Learning Path 5: Managing Authentication and Compliance

This learning path covers the various solutions for managing authentication. Students will also learn about the different types of VPNs, as well as compliance and conditional access policies.

• Protecting Identities in Azure AD
• Enabling Organization Access
• Implement Device Compliance Policies
• Generate inventory and compliance reports

Learning Path 6: Managing Endpoint Security

In this learning path, students will learn about data protection and protecting endpoints against threats. This path will also cover the key capabilities of Microsoft Defender solutions.

• Deploy device data protection
• Manage Microsoft Defender to Endpoint
• Managing Windows Defender for client
• Managing Windows Defender for cloud apps

Learning Path 7: Deployment using on-premise based tools

Students are introduced to deployment using the Microsoft Deployment Toolkit and Configuration Manager.

• Assess Deployment Readiness
• Deploy using the Microsoft Deployment Toolkit (MDT)
• Deploy using Microsoft Configuration Manager

Learning Path 8: Deploy using cloud-based tools

This Learning Path Students will learn about using Windows Autopilot and deployment using Microsoft Intune. Students will also learn how co-management can be used to transition to modern management.

• Deploy Devices using Windows Autopilot
• Implement dynamic deployment methods
• Plan a transition to modern endpoint management
• Manage Windows 365
• Manage Azure virtual desktop

Lab Outline:

Labs are designed to assure learners a whole practical experience, through the following practical activities:

• Managing identities in Azure AD
• Using Azure AD Connect to connect Active Directories
• Configuring and managing Azure AD join
• Manage Azure AD device registration
• Manage Device Enrollment into Intune
• Enrolling Devices into Intune
• Creating and Deploying Configuration Profiles
• Using a Configuring Profile to configure Kiosk mode
• Using a Configuring Profile to configure iOS and iPadOS Wi-Fi settings
• Using Group Policy Analytics to validate GPO support in Intune
• Monitor device and user activity in Intune
• Deploying Cloud Apps using Intune
• Configure App Protection Policies for Mobile Devices
• Deploy Apps using Endpoint Configuration Manager
• Deploy Apps using Microsoft Store for Business
• Deploy Apps using Microsoft Store for Business
• Configuring Multi-Factor Authentication
• Configuring Self-Service password reset
• Configuring and validating Device Compliance
• Creating device inventory reports
• Configure and Deploy Windows Information Protection Policies by using Intune
• Configuring Endpoint security using Intune
• Configuring Disk Encryption using Intune
• Describe the methods protecting device data.
• Deploying Windows 10 using Microsoft Deployment Toolkit
• Deploying Windows 10 using Endpoint Configuration Manager
• Deploying Windows 10 with Autopilot
• Refreshing Windows with Autopilot Reset and Self-Deploying mode
• Configuring Cloud Attach and Co-Management Using Configuration Manager

The Microsoft 365 Endpoint Administrator is responsible for deploying, configuring, securing, managing, and monitoring devices and client applications in a corporate setting. Their duties include managing identity, access, policies, updates, and apps. They work alongside the M365 Enterprise Administrator to develop and execute a device strategy that aligns with the requirements of a modern organization. Microsoft 365 Endpoint Administrators should be well-versed in M365 workloads and possess extensive skills and experience in deploying, configuring, and maintaining Windows 11 and later, as well as non-Windows devices. Their role emphasizes cloud services over on-premises management technologies.