Get the Newest CompTIA A+ 2025 Course for Only $12.99

Get Offer

Microsoft MD-102: Microsoft 365 Endpoint Administrator Associate

Course Level: Beginner
Duration: 13 Hrs 7 Min
Total Videos: 94 On-demand Videos

Unlock your potential as a Microsoft 365 Endpoint Administrator with the MD-102 course, designed for IT professionals eager to master endpoint management and security in a dynamic environment. Gain hands-on experience with essential tools and techniques to deploy applications, manage devices, and implement robust security measures, all while preparing for the valuable Microsoft Certified: Microsoft 365 Endpoint Administrator Associate certification. Elevate your career and become an asset in today's digital workspace!

Purchase Options

You can purchase this course individually on Udemy, or unlock every course we offer with the exclusive 365 Training Pass—one low price, unlimited access for a full year.

Buy This Single Course On Udemy
Buy An all access pass to over 3,000 hours of training

Learning Objectives

01

Prepare and configure Microsoft Entra ID (formerly Azure AD) for device registration, hybrid joins, and seamless integration with Microsoft 365 environments.

02

Set up and manage automatic enrollment for Windows, iOS, Android, and macOS devices using Intune for centralized endpoint management.

03

Deploy and configure Windows Autopilot to streamline device provisioning, enrollment, and lifecycle management across enterprise environments.

04

Create and apply device configuration profiles to enforce policies and settings for Windows, iOS, Android, macOS, and multi-session devices.

05

Implement compliance policies and conditional access to enforce security standards and ensure only trusted, compliant devices gain access to corporate resources

06

Manage Microsoft 365 Apps and third-party applications through Intune, including deployment, updates, application protection, and app configuration policies.

07

Strengthen endpoint security by configuring antivirus, disk encryption, firewalls, attack surface reduction rules, and Microsoft-recommended security baselines.

08

Plan and manage OS and application updates using Windows Update for Business, Intune update rings, and delivery optimization strategies.

Course Description

This course is for IT professionals who want to become proficient in managing and securing endpoint devices within a Microsoft 365 environment, with a core outcome of earning the MD-102 certification and becoming a trusted Microsoft 365 Endpoint Administrator Associate.

You’ll gain hands-on, job-ready skills for preparing infrastructure for devices, enrolling them into Entra ID, and configuring automatic enrollment for Windows. Build competence in Windows Autopilot and provisioning packages, create and maintain device configuration profiles, and implement robust application deployment and protection policies using Intune. Real-world scenarios ensure you can apply these capabilities from day one in your organization.

Security is woven through every module. Establish security baselines, manage antivirus, firewall, and encryption policies, and integrate Defender for Endpoint with Intune to enhance protection. You’ll plan and enforce updates and compliance policies so devices stay secure and compliant in a modern workplace.

What you’ll gain includes practical expertise in device enrollment, configuration profiles across operating systems, application management, and security policy implementation. You’ll learn to join devices to the right identities, configure enrollment settings, and maintain a secure, productive device fleet within a Microsoft 365 environment.

What you’ll be able to do after completing this course:

  • Enroll and manage devices using Microsoft Entra ID and Windows Autopilot
  • Configure enrollment and automatic enrollment settings for Windows
  • Deploy, manage, and protect applications with Microsoft Intune
  • Create and enforce device configuration profiles across operating systems
  • Establish security baselines and manage antivirus, firewall, and encryption policies
  • Integrate Microsoft Defender for Endpoint with Intune for enhanced protection
  • Plan and implement updates and compliance policies for devices

Who should enroll: IT professionals aiming to specialize in endpoint management within Microsoft 365 environments, including system administrators, IT support specialists, and anyone responsible for enterprise devices and applications. This program also supports those pursuing the Microsoft Certified: Microsoft 365 Endpoint Administrator Associate certification.

If you’re ready to advance your career with practical skills, certification-ready knowledge, and a clear path to becoming a trusted endpoint administrator in a Microsoft 365 world, enroll now and start building the capabilities hiring teams expect.

Who Benefits From This Course

  • IT Professionals seeking to enhance their skills in device management and security within Microsoft 365 environments.
  • System Administrators responsible for managing and maintaining organizational devices and applications.
  • Network Administrators aiming to gain expertise in deploying and configuring Microsoft Endpoint solutions.
  • Security Analysts interested in implementing compliance and security policies across endpoints.
  • Technical Support Specialists looking to improve their ability to assist users with device-related issues.
  • Project Managers overseeing IT projects that involve Microsoft 365 deployment and management.
  • Consultants providing advisory services on Microsoft 365 infrastructure and endpoint management.
  • Developers focused on integrating applications with Microsoft Intune for enhanced deployment strategies.

Frequently Asked Questions

What is the role of Microsoft Intune in endpoint management?

Microsoft Intune plays a critical role in endpoint management within a Microsoft 365 environment by providing a comprehensive solution for managing devices and applications. As a cloud-based service, Intune enables IT professionals to enforce security policies, deploy applications, and maintain compliance across a variety of devices, including Windows, macOS, Android, and iOS.

With Intune, organizations can create and manage device configuration profiles, facilitate application deployment, and protect sensitive data. This integration ensures that endpoint devices remain secure and compliant while allowing users to access corporate resources seamlessly. Understanding Microsoft Intune's functionalities is essential for any IT professional looking to excel in managing enterprise endpoints effectively.

How does Windows Autopilot simplify device provisioning?

Windows Autopilot simplifies device provisioning by automating the setup and configuration process for new Windows devices. This approach streamlines the deployment of corporate devices, allowing IT administrators to pre-configure settings, applications, and policies without the need for traditional imaging methods.

With Windows Autopilot, devices can be enrolled directly into Microsoft Entra ID during the initial boot, significantly reducing setup time. As a result, users can start using their devices immediately after unboxing. Understanding the benefits and functionalities of Windows Autopilot is vital for IT professionals aiming to enhance their endpoint management strategies in a Microsoft 365 landscape.

What are security baselines, and why are they important in endpoint management?

Security baselines are predefined security configurations designed to help organizations maintain a secure environment for their endpoints. These baselines include settings for antivirus, firewall policies, encryption, and other essential security measures that mitigate risks associated with device vulnerabilities.

In endpoint management, implementing security baselines is crucial for ensuring that all devices adhere to organizational security policies and regulatory compliance standards. By establishing these baselines, IT professionals can proactively manage security risks, simplify compliance audits, and enhance the overall security posture of the organization.

What is the significance of integrating Microsoft Defender for Endpoint with Intune?

Integrating Microsoft Defender for Endpoint with Intune enhances the security capabilities of an organization by providing a unified approach to threat detection and response. This integration allows IT administrators to manage and monitor endpoint security from a single console, making it easier to enforce security policies and respond to potential threats.

With this integration, organizations benefit from advanced threat protection, automated remediation, and comprehensive visibility into device security status. Understanding the significance of this integration is essential for IT professionals aiming to ensure robust endpoint protection while maintaining compliance with corporate security standards.

What are device configuration profiles, and how do they impact endpoint security?

Device configuration profiles are sets of predefined settings that dictate how devices within an organization should be configured. These profiles can include security settings, Wi-Fi configurations, VPN settings, and more, ensuring devices meet organizational compliance and security requirements.

Implementing device configuration profiles impacts endpoint security by standardizing configurations across all devices, reducing the risk of misconfiguration and potential vulnerabilities. By leveraging these profiles, IT professionals can maintain a secure environment, streamline device management, and facilitate consistent user experiences across the organization.

Included In This Course

Module 1 : Preparing Infrastructure for Devices

  •    0.0 Course Introduction
  •    1.0 Module Overview
  •    1.1 Choosing a Device Join Type
  •    1.2 Joining Devices to Microsoft Entra ID
  •    1.3 Registering Devices to Microsoft Entra ID
  •    1.4 Groups for Devices in Microsoft Entra ID
  •    1.5 Configuring Enrollment Settings
  •    1.6 Configuring Automatic Enrollment for Windows
  •    1.7 Configuring Bulk Enrollment for iOS and Android
  •    1.8 Configuring Enrollment Profiles for Android Devices
  •    1.9 Managing Roles in Intune
  •    1.10 Implementing Compliance Policies using Intune
  •    1.11 Implementing Conditional Access Policies
  •    1.12 Configuring Windows Hello for Business
  •    1.13 Implementing and Managing LAPS for Microsoft Entra ID
  •    1.14 Managing Windows Local Groups using Intune

Module 2 : Managing and Maintaining Devices

  •    2.0 Module Overview
  •    2.1 Choosing Between Windows Autopilot and Provisioning Packages
  •    2.2 Choosing a Windows Autopilot Deployment Mode
  •    2.3 Applying a Device Name Templates
  •    2.3.1 Demo - Device Name Templates
  •    2.4 Implementing Deployments by using Windows Autopilot
  •    2.5 Creating an Enrollment Status Page (ESP)
  •    2.5.1 Demo - Enrollment Status Page
  •    2.6 Planning and Implementing Provisioning Packages
  •    2.7 Planning and Implementing Device Upgrades for Windows 11
  •    2.8 Implementing a Windows 365 Cloud PC Deployment
  •    2.9 Creating Device Configuration Profiles for Windows Devices
  •    2.9.1 Demo - Device Configuration Profile for Windows
  •    2.10 Creating Device Configuration Profiles for Android Devices
  •    2.10.1 Demo - Device Configuration Profile for Android
  •    2.11 Creating Device Configuration Profiles for iOS devices
  •    2.11.1 Demo - Device Configuration Profile for iOS and iPadOS
  •    2.12 Creating Device Configuration Profiles for Mac OS devices
  •    2.12.1 Demo - Device Configuration Profiles for macOS
  •    2.13 Creating Device Configuration Profiles for Enterprise Multi-session Devices
  •    2.13.1 Demo - Device Configuration for Multisesson Devices
  •    2.14 Targeting a Profile using Filters
  •    2.14.1 Demo - Targeting Profiles using Filters
  •    2.15 Configuring Endpoint Privilege Management
  •    2.15.1 Demo - Endpoint Privilege Management
  •    2.16 Managing Applications by using the Enterprise App Catalog
  •    2.16.1 Demo - Enterprise App Catalog
  •    2.17 Implementing Microsoft Intune Advanced Analytics
  •    2.18 Configuring Microsoft Intune Remote Help
  •    2.19 Identifying Use Cases for Cloud PKI
  •    2.20 Examining Microsoft Tunnel for MAM
  •    2.21 Performing Remote Actions in Microsoft Intune
  •    2.22 Updating Windows Defender Security Intelligence
  •    2.23 Rotating BitLocker Recovery Keys
  •    2.24 Running a Device Query by Using KQL

Module 3 : Managing applications

  •    3.0 Module Overview
  •    3.1 Preparing Applications for Deployment by using Intune
  •    3.2 Deploying Apps by using Intune
  •    3.2.1 Demo - Deploying Apps in Intune
  •    3.3 Deploying Microsoft 365 Apps by using Intune
  •    3.3.1 Demo - Deploying Microsoft 365 Apps with Intune
  •    3.4 Configuring Policies for Office Apps
  •    3.4.1 Demo - Configuring Policies for Microsoft 365 Apps
  •    3.5 Deploying MS365 Apps using ODT and OCT
  •    3.5.1 - Demo - Using the ODT and OCT
  •    3.6 Managing MS365 Apps using the Microsoft 365 Apps Admin Center
  •    3.6.1 Demo - Examining the Microsoft 365 Apps Admin Center
  •    3.7 Deploying Apps from Platform-specific App Stores using Intune
  •    3.7.1 Demo - Deploying to Platform-specific App Stores
  •    3.8 Planning and Implementing App Protection Policies
  •    3.8.1 Demo - Implementing App Protection Policies
  •    3.9 Implementing Conditional Access Policies for App Protection Policies
  •    3.9.1 Demo - Conditional Access Policies for App Protection Policies
  •    3.10 Planning and Implementing App Configuration Policies
  •    3.10.1 Demo - Deploying App Configuration Policies

Module 4 : Protecting devices

  •    4.0 Module Overview
  •    4.1 Creating Antivirus Policies
  •    4.1.1 Demo – Creating Endpoint AV Policies
  •    4.2 Creating Disk Encryption Policies
  •    4.2.1 Demo – Creating Disk Encryption Policies
  •    4.3 Creating Firewall Policies
  •    4.3.1 Demo – Creating Endpoint Firewall Policies
  •    4.4 Configuring Attack Surface Reduction Policies
  •    4.4.1 Demo – Creating Attack Surface Reduction Policies
  •    4.5 Planning and Implementing Security Baselines
  •    4.5.1 Demo – Creating Security Baselines
  •    4.6 Integrating Intune with Microsoft Defender for Endpoint
  •    4.6.1 Demo - Integrating Intune with MDE
  •    4.7 Onboarding Devices into Microsoft Defender for Endpoint
  •    4.7.1 Demo - Onboarding Devices into MDE
  •    4.8 Planning for Device Updates
  •    4.9 Creating and Manage Update Rings Using Intune
  •    4.9.1 Demo - Creating Update Ring Policies
  •    4.10 Creating and Manage Update Policies by using Intune
  •    4.10.1 Demo - Creating Update Policies in Intune
  •    4.11 Managing Android Updates using Configuration Profiles
  •    4.12 Configuring Windows Client Delivery Optimization using Intune
  •    4.13 Course Outro
Vision What’s Possible
Join today for over 50% off