MCA Microsoft 365 Modern Desktop w/MCE Enterprise Administrator Certification Camp

Designing, configuring, and managing your Microsoft 365 tenant
Office 365 product functionality
Configuring Office 365
Managing Office 365 ProPlus deployments
Planning and implementing identity synchronization
Implementing application and external access

Microsoft 365 Security Metrics
Microsoft 365 Security Services
Microsoft 365 Threat Intelligence
Data Governance in Microsoft 365
Archiving and Retention in Office 365
Data Governance in Microsoft 365 Intelligence
Search and Investigations
Device Management
Windows 10 Deployment Strategies
Mobile Device Management

Install and customize Windows 10
Configure Updates for Windows.
Configure devices and drivers for Windows.
Configure storage for Windows.
Configure network and remote management settings in Windows.
Configure and manage browsers and applications in Windows.
Configure account access and authentication.
Configure file and folder permissions.
Describe methods for securing Windows 10, common threats and methods for mitigating against them.
Troubleshoot Windows and application installations.
Troubleshoot hardware and driver issues.
Troubleshoot file issues and perform recoveries.

Plan, develop, and implement an Operating System deployment, upgrade, and update strategy.
Understand the benefits and methods of co-management strategies.
Plan and implement device enrollment and configuration.
Manage and deploy applications and plan a mobile application management strategy.
Manage users and authentication using Azure AD and Active Directory DS.
Describe and implement methods used to protect devices and data.

Topics Covered in this Official Boot Camp:

Installing Windows

This module covers installing the Windows 10 OS. Students will learn the different editions of Windows 10, requirements, and new features introduced. This module covers how to install the OS, as well as methods for migrations and upgrading. Students will also learn about common tools used in the deployment process.

Lessons

Introducing Windows 10
Windows 10 Editions and Requirements
Deployment Options
Upgrading to Windows 10
Deployment Tools
Lab : In-place upgrade of Win7 to Win 10

Lab : Migrating User Settings using USMT

After completing this module, students will be able to:

Understanding the different editions and features of Windows 10.
Understand the Windows 10 client installation options.
Practice installing Windows 10.
Migrate content using the User State Migration Tool.

Post-installation Configuration and Personalization

This module covers common post-installation tasks in Windows 10. Students will learn how to customize the user interface, as well as using the control panel and settings app to configure common OS settings. This course will also introduce students to Windows PowerShell. This module will cover how device drivers work and how they work. Students will also be introduced to managing and configuring hardware peripherals such as printers.

Lessons

Configure and Customize the Windows Start Menu
Common Configuration Options
Advanced Configuration Methods
Managing Drivers and Devices
Lab : Using Settings App & Control Panel

Lab : Using Group Policy Objects

Lab : Using PowerShell to Configure Windows

Lab : Managing local and network printers

After completing this module, students will be able to:

Customize the Windows 10 UI
Configure device specific settings such as power plans and mobile device options.
Use the Windows control panel and setting app to configure settings.
Perform tasks using Windows PowerShell.
Describe concepts related to drivers.
Describe printer management concepts.
Configure client-side printing and managing print server properties.

Updating Windows in Windows 10

In this module, Students will learn about keeping Windows 10 up-to-date. Students will be introduced to the new Windows servicing model and how it applies to various scenarios. Students will learn the various different methods for updating Windows and applications, as well as managing updates using tools like group policy and Windows Update for Business.

Lessons

Windows Servicing Model
Updating Windows
Lab : Updating Windows 10

After completing this module, students will be able to:

Describe the Windows servicing model.
Configure Windows update settings.
Describe updating Windows using WSUS.
Describe updating Windows using Windows Update for Business.
Configure Windows update using group policy.

Configuring Networking

In this module, Students will learn about networking concepts. This module will introduce to IPv4 and IPv6, and concepts like DNS. Students will learn how to configure network settings in Windows, as well as learn about wireless network technologies. The module will conclude with methods of managing Windows remotely.

Lessons

Configure IP Network Connectivity
Implement Name Resolution
Implement Wireless Network Connectivity
Remote Access Overview
Remote Management
Lab : Configuring Network Connectivity

Lab : Configuring and Testing Name Resolution

Lab : Remote Management

After completing this module, students will be able to:

Configure IP network connectivity.
Describe how name resolution works.
Describe remote access technologies like VPNs.
Configure Windows for remote management and access.

Configuring Storage

This module covers storage configuration and management in Windows 10. Students will be introduced to local, cloud and virtual storage options. This course will also cover configuring storage on client devices and introduce storage spaces.

Lessons

Overview of storage options
Managing Local Storage
Maintaining Disks and Volumes
Managing Storage Spaces
Lab : Managing Storage

Lab : Compressing Folders

Lab : Enabling Disk Quotas

Lab : Creating a Storage Space

Lab : Synchronizing files with OneDrive

Describe the options and benefits of local, cloud, and virtual storage.
Configure OneDrive.
Configure local disk partitions and volumes.
Describe the capabilities and benefits of Storage spaces.

Managing Apps in Windows 10

In this module, Students will be introduced to App management in Windows 10. This module will cover the different types of apps and supported installation methods. Students will learn how to install apps using manual and automated methods, as well as manage app delivery using the Windows Store. Finally, this module will cover the differences between Internet Explorer and Microsoft Edge.

Lessons

Providing Apps to Users
Managing Universal Windows Apps
Web Browsers in Windows 10
Lab : Sideloading an App

Lab : Installing and Updating Microsoft Store Apps

Lab : Configuring Internet Explorer Enterprise Mode

After completing this module, students will be able to:

Describe the different types of applications.
Install applications manually and using automated methods.
Manage application deployment using the Windows Store.
Learn about web browser features in Windows 10.

Configuring Authorization & Authentication

This module introduces the tools and features of Windows 10 for authorizing access to Windows 10 clients. Students will learn about methods for how users sign-in to Windows 10. This module also covers restricting what users can or cannot do on a device through methods like UAC and account types.

Lessons

Authentication
Configuring User Account Control
Implementing Device Registration
Lab : Joining a Domain

Lab : Creating Security Policies

Lab : Configuring UAC

After completing this module, students will be able to:

Describe the different methods for securing data and the Windows 10 OS.
Describe the different types of user and service accounts.
Configure Windows Hello.
Configure user account control.

Configuring Data Access and Usage

In this module, Students will learn about permissions. This module will cover considerations for different files systems. Students will learn how to configure file and folder permissions as well as shared folders. The module will conclude with configuring settings through methods such as local and group policy.

Lessons

Overview of File Systems
Configuring and Managing File Access
Configuring and Managing Shared Folders
Lab : Creating, Managing, and Sharing a Folder

Lab : Using Conditions to Control Access and Effective Permissions

After completing this module, students will be able to:

Describe the differences and benefits of supported file systems.
Configure file and folder permissions.
Configure shared folders.
Secure Windows through local policy settings.

Configuring Threat Protection and Advanced Security

This module introduces students to protecting devices from external threats. Students will learn about the different types of common threats. This module will teach students about using encryption, firewalls, and IPSec to help protect against threats. The module will conclude with how to configure and use Windows Defender and AppLocker.

Lessons

Malware and Threat Protection
Windows Defender
Connection Security Rules
Advanced Protection Methods
Lab : Configuring Windows Defender

Lab : Creating Firewall Rules

Lab : Creating Connection Security Rules

Lab : Using EFS

Lab : Using Bitlocker

Lab : Configuring AppLocker

After completing this module, students will be able to:

Identify common security threats .
Describe the methods by which you can mitigate these common security threats.
Describe the different methods of encryption.
Describe how Windows firewall can secure the device.
Describe the benefits of using IPSec.
Describe the different features of Windows Defender.
Describe the benefits of using AppLocker.

Supporting the Windows 10 Environment

This module will cover the Windows 10 architecture and common environments. Students will be introduced to the various tools used in maintaining Windows. This module will also discuss methodologies for effectively troubleshooting issues and how to proactively manage and optimize Windows 10.

Lessons

Windows Architecture
Support and Diagnostic Tools
Monitoring and Troubleshooting Computer Performance
Lab : Monitoring Events

Lab : Monitoring Reliability and Performance

After completing this module, students will be able to:

Describe the Windows architecture.
Describe key stages in troubleshooting.
Describe the purpose and benefits of the various tools in Windows.
Use monitoring tools to establish a performance baseline
Optimize performance on Windows 10 clients.

Troubleshooting Files & Applications

This module helps students plan for file backup and recovery. Students will learn how to plan and configure data protection strategies and how to perform various file and system recovery methods. This module also includes common methods for troubleshooting application installation issues, compatibility issues, and resolving browser issues.

Lessons

File Recovery in Windows 10
Application Troubleshooting
Lab : Using File History to Recover Files

Lab : Troubleshooting Desktop Apps

Lab : Troubleshooting Application Compatibility Issues

Lab : Troubleshooting Microsoft Edge Issues

After completing this module, students will be able to:

Describe the different methods of file recovery.
Configure Windows 10 to support individual file and system recovery.
Recover a device using the Reset This PC function.
Solve application compatibility issues with the Application Compatibility Toolkit.
Troubleshoot common browser issues.

Troubleshooting the OS

In this module, Students will learn how to troubleshoot startup and service issues related to the operating system. This module will teach the different startup and recovery options, and how to troubleshoot different Windows services.

Lessons

Troubleshooting Windows Startup
Troubleshooting Operating System Service Issues
Lab : Recovering using Reset This PC

Lab : Recovering using a Restore Point

After completing this module, students will be able to:

Describe the various methods identifying and recovering from startup issues.
Describe when to use the various advanced startup options.
Identify and disable a failed service.
Identify and mitigate common locked account scenarios.

Troubleshooting Hardware and Drivers

This module introduces hardware troubleshooting. Students will learn about driver management and how to troubleshoot devices. Students will also learn steps for troubleshooting system hardware and external peripherals such as USB drives and printers, including diagnostic methods and remediation.

Lessons

Troubleshooting Device Driver Failures
Overview of Hardware Troubleshooting
Troubleshooting Physical Failures
Lab : Recovering using Driver RollbackAfter completing this module, students will be able to:

Troubleshoot and remediate driver issues.
Troubleshoot Peripherals
Diagnose and replace hardware.

Planning an Operating System Deployment Strategy

This module explains how to plan and implement a deployment strategy. Students will learn about the concepts of supporting the desktop through it’s entire lifecycle. This module also covers assessing an existing environment and the tools used to prepare a deployment strategy. Finally, students will be introduced to the tools and strategies used for desktop deployment.

Lessons

The Enterprise Desktop
Assessing Deployment Readiness
Deployment Tools & Strategies
Lab : Practice Lab – Planning Windows 10 deployment

After completing this module, students will be able to:

Describe the enterprise desktop lifecycle.
Describe how to assess an existing environment.
Describe methods for mitigating deployment blockers.
Describe the different tools and methods for deployment.

Implementing Windows 10

This module covers the modern methods of Windows deployment used in common scenarios such as upgrading and migrating to Windows 10, as well as deploying new devices and refreshing existing devices. Students will also learn about alternate methods of OS deployment as well as considerations when choosing methods of deployment.

Lessons

Upgrading Devices to Windows 10
Deploying New Devices and Refreshing
Migrating Devices to Windows 10
Alternate Deployment Methods
Imaging Considerations
Lab : Practice Lab – Implementing Windows 10

Creating and deploying provisioning package
Migrating user settings
Deploying Windows 10 with AutoPilot
After completing this course, learners should be able to:

Develop an Operating System deployment and upgrade strategy.
Understand the different methods of deployment.
Understand which scenarios on-premise and cloud-based solutions can be used for.
Deploy and migrate desktops to Windows 10.

Managing Updates for Windows 10

This module covers managing updates to Windows. This module introduces the servicing options for Windows 10. Students will learn the different methods for deploying updates and how to configure windows update policies. Finally, students will learn how to ensure and monitor update compliance using Windows Analytics.

Lessons

Updating Windows 10
Windows Update for Business
Introduction to Windows Analytics
Lab : Practice Lab – Managing Updates for Windows 10

Manually configuring Windows Update settings
Configuring Windows Update by using GPOs
After completing this module, students will be able to:

Describe the Windows 10 servicing channels.
Configure a Windows update policy using Group Policy settings.
Configure Windows Update for Business to deploy OS updates.
Use Windows Analytics to assess upgrade readiness and update compliance.

Device Enrollment

In this module, students will examine the benefits and prerequisites for co-management and learn how to plan for it. This module will also cover Azure AD join and will be introduced to Microsoft Intune, as well as learn how to configure policies for enrolling devices. The module will conclude with an overview of device inventory in Intune and reporting using the Intune console, Power BI and Microsoft Graph.

Lessons

Device management options
Microsoft Intune Overview
Manage Intune device enrollment and inventory
Managing devices with Intune
Lab : Practice Lab – Device Enrollment and Management

After completing this module, students will be able to:

Describe benefits and methods for migrating to co-management.
Deploy an MDM with Microsoft Intune.
Configure device enrollment.
Enroll desktop and mobile devices in Windows Intune.
Configure and downloads inventory reports.

Configuring Profiles

This module dives deeper into Intune device profiles including the types of device profiles and the difference between built-in and custom profiles. The student will learn about assigning profiles to Azure AD groups and monitoring devices and profiles in Intune. The module will conclude with an overview of using Windows Analytics for health and compliance reporting.

Lessons

Configuring device profiles
Managing user profiles
Monitoring devices
Lab : Practice Lab – Managing profiles

After completing this module, students will be able to:

Describe the types of device profiles.
Create and assign device profiles.
Configure user profile and folder redirection.
Monitor and report on devices using Intune and Windows Analytics.

Application Management

In this module, students learn about application management on-premise and cloud-based solutions. This module will cover how to manage Office 365 ProPlus deployments in Intune as well as how to manage apps on non-enrolled devices. The module will conclude with an overview of Enterprise Mode with Internet Explorer and Microsoft Edge and tracking your installed applications, licenses, and assigned apps using Intune.

Lessons

Implement Mobile Application Management (MAM)
Deploying and updating applications
Administering applications
Lab : Practice Lab – Managing Applications

After completing this module, students will be able to:

Describe the methods for application management.
Deploy applications using Intune and Group Policy.
Configure Microsoft Store for Business.
Deploy Office365 ProPlus using Intune.
Manage and report application inventory and licenses.

Managing Authentication in Azure AD

In this module, students well be introduced to the concept of directory in the cloud with Azure AD. Students will learn the similarities and differences between Azure AD and Active Directory DS and how to synchronize between the two. Students will explore identity management in Azure AD and learn about identity protection using Windows Hello for Business, as well as Azure AD Identity Protection and multi-factor authentication.

Lessons

Azure AD Overview
Managing identities in Azure AD
Protecting identities in Azure AD
Managing device authentication
Lab : Practice Lab – Managing objects and authentication in Azure AD

After completing this module, students will be able to:

Describe the capabilities of Azure AD.
Manage users using Azure AD with Active Directory DS.
Implement Windows Hello for Business.
Join devices to Azure AD.

Managing Device Access and Compliance

In this module, students will be introduced to managing device security. The module will cover securely accessing corporate resources and introduce concepts such as Always On VPN and remote connectivity in Windows 10. Students will learn how to create and deploy compliance policies and use compliance policies for conditional access. The module concludes with monitoring devices enrolled in Intune.

Lessons

Microsoft Intune Overview
Implement device compliance policies
Lab : Practice Lab – Managing Access and Compliance

After completing this module, students will be able to:

Describe methods of enabling access from external networks.
Deploy compliance and conditional access policies.
Use Intune to monitor device compliance.

Managing Security

In this module, students will learn about data protection. Topics will include Windows & Azure Information Protection, and various encryption technologies supported in Windows 10. This module also covers key capabilities of Windows Defender Advanced Threat Protection and how to implement these capabilities on devices in your organization. The module concludes using Windows Defender and using functionalities such as antivirus, firewall and Credential Guard.

Lessons

Implement device data protection
Managing Windows Defender ATP
Managing Windows Defender in Windows 10
Lab : Practice Lab – Managing Security in Windows 10After completing this module, students will be able to:

Describe the methods protecting device data.
Describe the capabilities and benefits of Windows ATP.
Deploy and manage settings for Windows Defender clients.

Designing Your Microsoft 365 Tenant

This module focuses on planning your Microsoft 365 experience. This includes planning for the proper Microsoft 365 subscription, planning for Microsoft 365 in your on-premises infrastructure, planning which identity and authentication solution best fits your organizational requirements, planning your service setup, planning for hybrid environments, and planning your migration to Microsoft 365.

Lessons

Planning your Microsoft 365 Experience
Planning Microsoft 365 in your On-premises Infrastructure
Planning Your Identity and Authentication Solution
Planning Your Service Setup
Planning Your Hybrid Environment
Planning Your Migration to Office 365
Lab : Transition to Microsoft 365

Transition to Microsoft 365
After completing this module, students will be able to:

Determine which Microsoft 365 subscription offering best suits your organization’s requirements
Understand how to best use Microsoft 365 component services to meet your organizational needs
Plan your Microsoft 365 subscription
Identify the steps necessary to successfully migrate existing data to Microsoft 365
Prepare your organization for Microsoft 365
Estimate your network’s bandwidth
Test your existing network using the tools provided by Microsoft
Describe the best practices for integrating to Microsoft 365
Identify the different deployment strategies for implementing Microsoft 365 services
Describe authentication behavior when connecting with or without modern authentication
Explain multi-factor authentication in Microsoft 365 deployments
Create a plan for directory synchronization and Azure AD Connect Pass-through authentication
Describe the issues, benefits, and best practices when implementing ADFS
Plan for Azure AD Seamless Single Sign-On
Plan your Email migration to Office 365
Plan your file storage and collaboration requirements
Plan your Microsoft Teams environment
Plan for user and group synchronization using Azure AD Connect
Plan for hybrid Exchange, SharePoint, and Skype for Business environments
Plan your deployment using the Deployment Planning Checklist
Analyze your Active Directory and plan any necessary clean-up using the ID Fix tool
Determine which migration strategy to use to move your mail, calendar, and contact information
Describe the performance and network issues to consider when planning your migration strategy

Configuring Your Microsoft 365 Tenant

While Module 1 focuses on planning your Microsoft 365 tenant, this modules transitions to configuring your tenant. This includes configuring your Microsoft 365 experience, including your organization profile, your tenant subscription, your services and add-ins, and your tenant configuration. You will then learn how to manage Microsoft 365 user accounts and licenses, security groups, and domain services. You will conclude by examining how to leverage FastTrack and partner services.,

Lessons

Configuring Your Microsoft 365 Experience
Managing User Accounts and Licenses in Microsoft 365
Managing Security Groups in Microsoft 365
Implementing Your Domain Services
Leveraging FastTrack and Partner Services
Lab : Configure your Microsoft 365 Tenant

Initialize your Microsoft 365 Tenant
Manage Users and Groups
Add a Custom Domain
After completing this module, students will be able to:

Complete your company’s organization profile
Maintain minimum subscription requirements for your company
Manage your services and add-ins
Describe the user identities in Microsoft 365
Create user accounts from both the Microsoft 365 admin center and in Windows PowerShell
Manage user accounts and licenses
Recover deleted user accounts
Describe the various types of groups available in Microsoft 365
Create and manage groups from Microsoft 365 admin center and using Windows PowerShell
Implement your domain services
Plan DNS for custom domains
Identify DNS record requirements for custom domains
Add a custom domain to Microsoft 365
Describe how FastTrack for Microsoft 365 helps customers deploy Microsoft 365
Request a partner to assist you with the FastTrack process

Managing Your Microsoft 365 Tenant

In the prior modules, you learned how to plan for and configure your Microsoft 365 tenant. In this module, you will take the next step in the deployment process by learning how to manage your tenant once it has been implemented. This includes configuring your Microsoft 365 administrator roles, managing tenant health and services, and managing user-driven and centralized deployments of Microsoft 365 Apps for enterprise (formerly Office 365 ProPlus).

Lessons

Configuring Microsoft 365 Admin Roles
Managing Tenant Health and Services
Managing User-Driven Client Installations
Managing Centralized Microsoft 365 Apps for enterprise Deployments
Lab : Manage Your Microsoft 365 Tenant

Manage Administration Delegation
Monitor and Troubleshoot Microsoft 365
Install Microsoft 365 Apps for enterprise
After completing this module, students will be able to:

Describe the key admin roles in Microsoft 365
Identify the key responsibilities of the primary admin roles
Configure tenant roles
Monitor your organization’s Microsoft 365 service health in the Microsoft 365 admin center
Develop an incident response plan to deal with incidents in your Microsoft 365 services
Request assistance from Microsoft to address technical, pre-sales, billing, and subscription support
Describe how Microsoft 365 Apps for enterprise click-to-run technology works
Describe the Microsoft 365 Apps for enterprise licensing and activation processes
Plan which update branch might be applicable for your organization
Plan which method to use for applying update branches to your users
Identify typical obstacles that prevent successful Microsoft 365 Apps for enterprise installations
Identify how to prevent users from installing Microsoft 365 Apps for enterprise
Install and configure Microsoft 365 Apps for enterprise with the Office Deployment Tool
Deploy Microsoft 365 Apps for enterprise using Group Policy
Describe how to manage Microsoft 365 Apps for enterprise updates

Office 365 Overview

This module examines the primary features and functionality of the key Microsoft 365 services, including Exchange Online, SharePoint Online, Teams, Power Apps, Power Automate, Power BI, and Power Virtual Agents. This module also introduces you additional Microsoft 365 resources and provides an introduction to device management using Microsoft Intune, security baselines, and conditional access.

Lessons

Exchange Online Overview
SharePoint Online Overview
Teams Overview
Power Platform Overview
Power Apps Overview
Power Automate Overview
Power BI Overview
Power Virtual Agents Overview
Additional Resources Overview
Device Management Overview
Lab : Reviewing Office 365 Functionality

Review Key Features of Exchange Online
Review Key Features of SharePoint Online
Create a Ticketing System in SharePoint
Review Key Features of Microsoft Teams
Explore the Power Platform Admin Center
Create a Power App from a SharePoint data source
Create a Power App from scratch
Create a flow using Power Automate
Create a DLP Policy using Power Automate
Build a Power BI report and dashboard
After completing this module, students will be able to:

Describe the most common recipient types are available in Exchange Online
Manage anti-malware and anti-spam policies in Exchange Online
Plan your organization’s disaster recovery needs related to company and user emails
Determine retention tags and policies that will help you manage your organization’s email lifecycle
Describe migration and coexistence strategies and understand the differences between them
Select the right mail migration strategy for your organization
Determine when you want to change the DNS MX record for a domain in an Office 365 migration
Describe the different ways to migrate mailboxes to Office 365 in a hybrid Exchange environment
Determine the permission levels that your organization should use in SharePoint Online
Describe the levels of encryption for data at rest and data in transit within SharePoint Online
Describe the SharePoint Online options for maintaining and recovering content in an intranet
Describe the different options that provide anti-malware protection in SharePoint Online
Describe basic Teams functionality and the infrastructure that supports its goals
Describe how Teams compares to the other collaboration apps in Office 365
Manage user licenses in the Office 365 Admin Center and PowerShell to provide Teams access
Describe the functionality provided by Guess access in Microsoft Teams
Describe audio conferencing functionality that is available in Microsoft Teams
Manage user settings for audio conferencing
Implement phone systems in Microsoft Teams
Identify the components that make up the Power Platform product family
Describe the basic features of the Power Platform Admin center
Describe what Power Apps are, including their business impact and primary components
Describe how Power Apps connect to data sources
Create a basic Power App
Test and monitor a Power App
Run a Power App
Describe the Power Apps security structure
Build and run a basic workflow using Power Automate
Administer Power Automate
Build and share a basic Power BI report and dashboard
Administer Power BI
Explain what Power Virtual Agents are and how they empower teams to easily create powerful bots
Describe key features of Power Virtual Agents
Describe how device management enables organizations to protect and secure their resources and data
Describe how organizations use Microsoft Intune to secure proprietary data
Manage security baselines to secure devices
Use conditional access to manage devices and apps

Configuring Microsoft 365 Clients

This module introduces you to the Microsoft 365 clients, including mobile clients and clients working offline. This module also examines how to configure Office client connectivity to Microsoft 365, including automatic client configuration, DNS records required for automatic client configuration, configuring Outlook clients, configuring MFA, and troubleshooting client connectivity.

Lessons

Microsoft 365 Client Overview
Configuring Office Client Connectivity to Microsoft 365
After completing this module, students will be able to:

Identify the client packages supported by Microsoft 365
Identify the mobile clients supported by Microsoft 365
Identify the Microsoft 365 features that are available for each mobile client platform
Compare Office Online, Microsoft 365 Apps for enterprise, and Office 2016 Professional Plus
Work with Office Online apps
Describe how Outlook utilizes Autodiscover to initially connect an Outlook client to Exchange Online
Identify the DNS records needed for Outlook to locate the services in Office 365 using Autodiscover
Describe the connectivity protocols that enable Outlook to connect to Office 365
Describe how MFA increases security by adding an extra layer of user verification

Capturing User-Driven Data

This module examines how to capture user-driven data using Office Telemetry and Workplace Analytics.

Lessons

Configuring Office Telemetry
Configuring Workplace Analytics
After completing this module, students will be able to:

Identify the five components of the Office Telemetry Dashboard
Describe the typical deployment requirements and issues that you might encounter when deployment Off
Describe the types of data collected by the Office Telemetry Agent
Install and configure Office Telemetry
Describe how Workplace Analytics can help organizations
Describe how organizations can use Workplace Analytics
Configure Workplace Analytics
Enroll devices in Workplace Analytics
Assess readiness using Workplace Analytics

Planning and Implementing Identity Synchronization

This module provides an in-depth examination of Microsoft 365 Identity synchronization, with a focus on Azure Active Directory Connect. You will learn how to plan for and implement Azure AD Connect and, how to manage synchronized identities, and how to implement password management in Microsoft 365 using multi-factor authentication and self-service password management.

Lessons

Introduction to Identity Synchronization
Planning for Azure AD Connect
Implementing Azure AD Connect
Managing Synchronized Identities
Password Management in Microsoft 365
Lab : Manage Identities

Prepare for Identity Synchronization
Implement Identity Synchronization
Implement Password Management
After completing this module, students will be able to:

Describe the Microsoft 365 authentication options
Explain directory synchronization
Provide an overview of Azure AD Connect
Plan directory synchronization to synchronize your on-premises Active Directory objects to Azure AD
Plan an Azure AD Connect implementation
Plan for Azure AD Connect in a multi-forest scenario
Configure Azure AD Connect Prerequisites
Set up Azure AD Connect
Describe Azure AD Connect Health
Perform tasks to ensure users synchronize efficiently and successfully deploy Azure AD Connect
Manage groups with directory synchronization
Use Azure AD Connect Sync Security Groups to delegate control in Azure AD Connect to other users
Troubleshoot directory synchronization using a variety of troubleshooting tasks and tools
Describe the available password management features in Microsoft 365

Implementing Application and External Access

This modules provides a comprehensive look at implementing application and external access. You will learn how to add and manage applications in Azure Active Directory, including how to configure multi-tenant applications. You will then examine how to configure Azure AD Application Proxy, including how to install and register a connector and how to publish an on-premises app for remote access. Finally, you will examine how to design and manage solutions for external access. This includes licensing guidance for Azure AD B2B collaboration, creating a collaborative user, and troubleshooting a B2B collaboration.

Lessons

Implementing Applications in Azure AD
Configuring Azure AD App Proxy
Solutions for External Access
After completing this module, students will be able to:

Register an application or service within your Azure AD tenant
Update an application within the Azure AD consent framework
Modify the configuration of a single-tenant application to make it a multi-tenant application
Remove an application’s registration from your Azure AD tenant
Describe the benefits of Azure AD Application Proxy and how it works
Identify Azure AD application proxy prerequisites
Install and register a connector and verify that it installed correctly
Publish an on-premises app for remote access and test the published app to verify that it functions
Manage External Access with Azure AD B2B collaboration.
Explain the difference between Microsoft 365 external access and Azure AD B2B collaboration
Explain the attributes of a collaborative User.
Demonstrate Azure B2B Collaboration
Manage external access and guest access using Microsoft Teams
Manage customer lockbox requests

Introduction to Microsoft 365 Security Metrics

In this module, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Active Directory Identity Protection.

Lessons

Threat Vectors and Data Breaches
The Zero Trust Model
Security Solutions in Microsoft 365
Introduction to Microsoft Secure Score
Privileged Identity Management
Introduction to Azure Active Directory Identity Protection
Lab : Tenant Setup and PIM

Initialize your Microsoft 365 Tenant
PIM Resource Workflows
After completing this module, students will be able to:

Describe several techniques hackers use to compromise user accounts through email
Describe techniques hackers use to gain control over resources
Describe techniques hackers use to compromise data
Describe the Zero Trust approach to security in Microsoft 365.
Describe the components of Zero Trust security.
Describe and five steps to implementing a Zero Trust model in your organization.
Explain Zero Trust networking
List the types of threats that can be avoided by using EOP and Office 365 ATP
Describe how Microsoft 365 Threat Intelligence can be benefit your organization
Monitor your organization through auditing and alerts
Describe how ASM enhances visibility and control over your tenant through three core areas
Describe the benefits of Secure Score and what kind of services can be analyzed
Describe how to collect data using the Secure Score API
Know where to identify actions that will increase your security by mitigating risks
Explain how to determine the threats each action will mitigate and the impact it has on use
Explain Privileged Identity Management (PIM) in Azure administration
Configure PIM for use in your organization
Audit PIM roles
Explain Microsoft Identity Manager
Explain Privileged Access Management in Microsoft 365
Describe Azure Identity Protection and what kind of identities can be protected
Understand how to enable Azure Identity Protection
Know how to identify vulnerabilities and risk events
Plan your investigation in protecting cloud-based identities
Plan how to protect your Azure Active Directory environment from security breaches

Managing Your Microsoft 365 Security Services

This module examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. You will be introduced to the various reports that monitor your security health.

Lessons

Introduction to Exchange Online Protection
Introduction to Advanced Threat Protection
Managing Safe Attachments
Managing Safe Links
Monitoring and Reports
Lab : Manage Microsoft 365 Security Services

Implement a Safe Attachments policy
Implement a Safe Links policy
After completing this module, students will be able to:

Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
List several mechanisms used to filter spam and malware
Describe additional solutions to protect against phishing and spoofing
Describe the benefits of the Spoof Intelligence feature
Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
Describe how Safe Links protect users from malicious URLs embedded in email and documents
Create and modify a Safe Attachments policy in the Security & Compliance Center
Create a Safe Attachments policy by using Windows PowerShell
Configure a Safe Attachments policy to take certain actions
Understand how a transport rule can be used to disable the Safe Attachments functionality
Describe the end-user experience when an email attachment is scanned and found to be malicious
Create and modify a Safe Links policy in the Security & Compliance Center
Create a Safe Links policy by using Windows PowerShell
Understand how a transport rule can be used to disable the Safe Links functionality
Describe the end-user experience when Safe Links identifies a link to a malicious website or file
Describe how reports provide visibility into how EOP and ATP is protecting your organization
Understand where to access reports generated by EOP and ATP
Understand how to access detailed information from reports generated by EOP and ATP

Microsoft 365 Threat Intelligence

In this module, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches.

Lessons

Overview of Microsoft 365 Threat Intelligence
Using the Security Dashboard
Configuring Advanced Threat Analytics
Implementing Your Cloud Application Security
Lab : Implement Threat Intelligence

Conduct a Spear Phishing attack using the Attack Simulator
Conduct Password attacks using the Attack Simulator
Prepare for Alert Policies
Implement a Mailbox Permission Alert
Implement a SharePoint Permission Alert
Test the Default eDiscovery Alert
After completing this module, students will be able to:

Understand how threat intelligence is powered by the Microsoft Intelligent Security Graph
Describe how the threat dashboard can benefit C-level security officers
Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
Describe how the Security Dashboard displays top risks, global trends, and protection quality
Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it
Configure Advanced Threat Analytics
Manage the ATA services
Describe Cloud App Security
Explain how to deploy Cloud App Security
Control your Cloud Apps with Policies
Troubleshoot Cloud App Security

Introduction to Data Governance in Microsoft 365

This module examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP).

Lessons

Introduction to Archiving in Microsoft 365
Introduction to Retention in Microsoft 365
Introduction to Information Rights Management
Introduction to Secure Multipurpose Internet Mail Extension
Introduction to Office 365 Message Encryption
Introduction to Data Loss Prevention
Lab : Implement Message Encryption and IRM

Configure Microsoft 365 Message Encryption
Validate Information Rights Management
After completing this module, students will be able to:

Understand Data Governance in Microsoft 365
Describe the difference between In-Place Archive and Records Management
Explain how data is archived in Exchange
Recognize the benefits of In Place Records Management in SharePoint
Explain the difference between Message Records Management (MRM) in Exchange and Retention in SCC.
Understand how MRM works in Exchange
List the types of retention tags that can be applied to mailboxes
Know the different Microsoft 365 Encryption Options
Understand how IRM can be used in Exchange
Configure IRM protection for Exchange mails
Explain how IRM can be used in SharePoint
Apply IRM protection to SharePoint documents
Tell the differences between IRM protection and AIP classification
Describe the use of S/MIME
Explain what digital signatures are
Apply a digital signature to a message
Understand how message encryption works
Perform encryption on a message
Accomplish decryption of a message
Understand the co-operation of signing and encryption simultaneously
Tell what triple-wrapped messages are
Describe when you can use Office 365 Message Encryption
Explain how Office 365 Message Encryption works
Describe Data Loss Prevention (DLP)
Understand what sensitive information and search patterns are that DLP is using
Know what a DLP policy is and what it contains
Recognize how actions and conditions work together for DLP
Express how actions contain functions to send emails on matches
Show policy tips to the users if a DLP rule applies
Use policy templates to implement DLP policies for commonly used information
Explain document finger
Understand how to use DLP to protect documents in Windows Server FCI

Archiving and Retention in Microsoft 365

This module delves deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center.

Lessons

In-Place Records Management in SharePoint
Archiving and Retention in Exchange
Retention Policies in the SCC
Lab : Implement Archiving and Retention

Initialize Compliance
Configure Retention Tags and Policies
After completing this module, students will be able to:

Understand the process of records management
Create a file plan for your organization
Describe two methods for converting active docs to records
Describe the benefits of In-Place Records Management
Configure of In-Place Records Management for your organization
Enable and disable In-Place Archiving
Create useful retention tags
Create retention policies to group retention tags
Assign retention policies to mailboxes
Allocate permissions and scripts to export and import retention tags
Export all retention policies and tags from an organization
Import all retention policies and tags to an organization
Explain how a retention policy works
Create a retention policy
Manage retention policy settings

Implementing Data Governance in Microsoft 365 Intelligence

This module examines how to implement the key aspects of data governance, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.

Lessons

Evaluating Your Compliance Readiness
Implementing Compliance Center Solutions
Building Ethical Walls in Exchange Online
Creating a Simple DLP Policy from a Built-in Template
Creating a Custom DLP Policy
Creating a DLP Policy to Protect Documents
Working with Policy Tips
Lab : Implement DLP Policies

Manage DLP Policies
Test MRM and DLP Policies
After completing this module, students will be able to:

Describe the Microsoft 365 Compliance Center and how to access it
Describe the purpose and function of Compliance score
Explain the components of of how an organization’s Compliance score is determined
Explain how assessments are used to formulate compliance scores
Explain how Microsoft 365 helps address Global Data Protection Regulation
Describe insider risk management functionality in Microsoft 365
Configure insider risk management policies
Configure insider risk management policies
Explain the communication compliance capabilities in Microsoft 365
Describe what an ethical wall in Exchange is and how it works
Explain how to create an ethical wall in Exchange
Identify best practices for building and working with ethical walls in Exchange
Understand the different built-in templates for a DLP policies
Determine how to choose the correct locations for a DLP policy
Configure the correct rules for protecting content
Enable and review the DLP policy correctly
Describe how to modify existing rules of DLP policies
Explain how to add and modify custom conditions and action to a DLP rule
Describe how to change user notifications and policy tips
Configure the user override option to a DLP rule
Explain how incident reports are sent by a DLP rule violation
Describe how to work with managed properties for DLP policies
Explain how SharePoint Online creates crawled properties from documents
Describe how to create a managed property from a crawled property in SharePoint Online
Explain how to create a DLP policy with rules that apply to managed properties via PowerShell
Describe the user experience when a user creates an email or site containing sensitive information
Explain the behavior in Office apps when a user enters sensitive information

Managing Data Governance in Microsoft 365

This module focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection.

Lessons

Managing Retention in Email
Troubleshooting Data Governance
Implementing Azure Information Protection
Implementing Advanced Features of AIP
Implementing Windows Information Protection
Lab : Implement AIP and WIP

Implement Azure Information Protection
Implement Windows Information Protection
After completing this module, students will be able to:

Determine when and how to use retention tags in mailboxes
Assign retention policy to an email folder
Add optional retention policies to email messages and folders
Remove a retention policy from an email message
Explain how the retention age of elements is calculated
Repair retention policies that do not run as expected
Understand how to systematically troubleshoot when a retention policy appears to fail
Perform policy tests in test mode with policy tips
Describe how to monitor DLP policies through message tracking
Describe the required planning steps to use AIP in your company
Configure and customize labels
Create policies to publish labels
Plan a Deployment of the Azure Information Protection client
Configure the advance AIP service settings for Rights Management Services (RMS) templates
Implement automatic and recommended labeling
Activate the Super User feature for administrative tasks
Create your tenant key for encryption
Deploy the AIP scanner for on-premises labeling
Plan RMS connector deployment to connect on-premises servers
Describe WIP and what it is used for
Plan a deployment of WIP policies
Implement WIP policies with Intune and SCCM
Implement WIP policies in Windows desktop apps

Managing Search and Investigations

This module conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.

Lessons

Searching for Content in the Security and Compliance Center
Auditing Log Investigations
Managing Advanced eDiscovery
Lab : Manage Search and Investigations

Implement a Data Subject Request
Investigate Your Microsoft 365 Data
After completing this module, students will be able to:

Describe how to use content search
Design your content search
Configure search permission filtering
Explain how to search for third-party data
Describe when to use scripts for advanced searches
Describe what the audit log is and the permissions that are necessary to search the Office 365 audit
Configure Audit Policies
Enter criteria for searching the audit log
View, sort, and filter search results
Export search results to a CSV file
Search the unified audit log by using Windows PowerShell
Describe Advanced eDiscovery
Configure permissions for users in Advanced eDiscovery
Create Cases in Advanced eDiscovery
Search and prepare data for Advanced eDiscovery

Planning for Device Management

This module provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.

Lessons

Introduction to Co-management
Preparing Your Windows 10 Devices for Co-management
Transitioning from Configuration Manager to Intune
Introduction to Microsoft Store for Business
Planning for Mobile Application Management
Lab : Implement the Microsoft Store for Business

Configure the Microsoft Store for Business
Manage the Microsoft Store for Business
After completing this module, students will be able to:

Describe the benefits of Co-management
Plan your organization’s Co-management Strategy
Describe the main features of Configuration Manager
Describe how Azure Active Directory enables co-management
Identify the prerequisites for using Co-management
Configure Configuration Manager for Co-management
Enroll Windows 10 Devices to Intune
Modify your co-management settings
Transfer workloads to Intune
Monitor your co-management solution
Check compliance for co-managed devices
Describe the feature and benefits of the Microsoft Store for Business
Configure the Microsoft Store for Business
Manage settings for the Microsoft Store for Business

Planning Your Windows 10 Deployment Strategy

This module focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Windows Analytics, and planning your Windows 10 subscription activation service.,

Lessons

Windows 10 Deployment Scenarios
Implementing and Managing Windows Autopilot
Planning Your Windows 10 Subscription Activation Strategy
Resolving Windows 10 Upgrade Errors
Introduction to Windows Analytics
After completing this module, students will be able to:

Plan for Windows as a Service
Plan a Modern Deployment
Plan a Dynamic Deployment
Plan a Traditional Deployment
Describe Windows Autopilot requirements
Configure Autopilot
Create and Assign an Autopilot profile
Deploy and validate Autopilot
Describe Autopilot Self-deployments, White Glove deployments, and User-drive deployments
Deploy BitLocker Encryption for Autopiloted Devices
Understand Windows 10 Enterprise E3 in CSP
Configure VDA for Subscription Activation
Deploy Windows 10 Enterprise licenses
Describe common fixes for Windows 10 upgrade errors
Use SetupDiag
Troubleshooting upgrade errors
Describe Windows error reporting
Understand the upgrade error codes and resolution procedure
Describe Windows Analytics
Describe Device Health
Describe Update Compliance
Determine Upgrade Readiness

Implementing Mobile Device Management

This module focuses on Mobile Device Management (MDM). You will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.

Lessons

Planning Mobile Device Management
Deploying Mobile Device Management
Enrolling Devices to MDM
Managing Device Compliance
Lab : Manage Devices with Intune

Enable Device Management
Configure Azure AD for Intune
Create Intune Policies
Enroll a Windows 10 Device
Manage and Monitor a Device in Intune
After completing this module, students will be able to:

Manage devices with MDM
Compare MDM for Office 365 and Intune
Understand policy settings for mobile devices
Control Email and Document Access
Activate Mobile Device Management Services
Deploy Mobile Device Management
Configure Domains for MDM
Configure an APNs Certificate for iOS devices
Manage Device Security Policies
Define a Corporate Device Enrollment Policy
Enroll devices to MDM
Understand the Apple Device Enrollment Program
Understand Enrollment Rules
Configure a Device Enrollment Manager Role
Describe Multi-factor Authentication considerations
Plan for device compliance
Configure conditional users and groups
Create Conditional Access policies
Monitor enrolled devices