Microsoft MCE: Microsoft 365 Enterprise Administrator Expert (MS-100 and MS-101)

Microsoft MCE: Microsoft 365 Enterprise Administrator Expert Training Description

Duration: 6 days

About the Course

Take your career to the next level and confidently move into senior positions within your organization by becoming a Microsoft 365 Enterprise Administrator. Learn how to evaluate, plan, migrate, deploy, and manage Microsoft 365 services. Students will demonstrate the ability to perform Microsoft 365 tenant management tasks for an enterprise, including its identities, security, compliance, and supporting technologies.

Audience Profile

This is an expert-level training designed for systems administrators who are looking to validate their current skills or new IT professionals with at least 1 year of Microsoft infrastructure experience.

Learning Objectives

  • Design and implement Microsoft 365 services
  • Manage user identity and roles
  • Manage access and authentication
  • Plan Office 365 workloads and applications
  • Implement modern device services
  • Implement Microsoft 365 security and threat management
  • Manage Microsoft 365 governance and compliance

Certification Exam

This course will prepare you for the MS-100: Microsoft 365 Identity and Services Exam and the MS-101: Microsoft 365 Mobility and Security Exam

Prerequisites

To become a Microsoft 365 Certified Enterprise Administrator Expert, you must earn one of these Microsoft 365 workload administrator certifications:

  • Microsoft 365 Certified: Modern Desktop Administrator Associate
  • Microsoft 365 Certified: Teams Administrator Associate
  • Microsoft 365 Certified: Security Administrator Associate
  • Microsoft 365 Certified: Messaging Administrator Associate
  • Microsoft Certified: Identity and Access Administrator Associate

What’s included?

  • Authorized Courseware
  • Intensive Hands on Skills Development with an Experienced Subject Matter Expert
  • Hands-on practice on real Servers and extended lab support 1.800.482.3172
  • Examination Vouchers & Onsite Certification Testing- (excluding Adobe and PMP Boot Camps)
  • Academy Code of Honor: Test Pass Guarantee
  • Optional: Package for Hotel Accommodations, Lunch and Transportation

With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.

Methods

  • Instructor-Led (the best training format we offer)
  • Live Online Classroom – Online Instructor-Led
  • Self-Paced Video

Speak to an Admissions Representative for complete details

StartFinishPublic PricePublic EnrollPrivate PricePrivate Enroll
12/20/202112/25/2021
01/10/202201/15/2022
02/21/202202/26/2022
03/14/202203/19/2022
04/04/202204/09/2022
04/25/202204/30/2022
05/16/202205/21/2022
06/06/202206/11/2022
06/27/202207/02/2022
07/18/202207/23/2022
08/08/202208/13/2022
08/29/202209/03/2022
09/19/202209/24/2022
10/10/202210/15/2022
10/31/202211/05/2022
11/21/202211/26/2022
12/12/202212/17/2022

Curriculum

MS-100T00: Microsoft 365 Identity and Services

Module 1: Design your Microsoft 365 tenant

This learning path focuses on planning your Microsoft 365 experience. This includes planning for the proper Microsoft 365 subscription, planning for Microsoft 365 in your on-premises infrastructure, planning which identity and authentication solution best fits your organizational requirements, planning your service setup, planning for hybrid environments, and planning your migration to Microsoft 365.

Lessons

  • Plan your tenant in Microsoft 365
  • Plan your on-premises infrastructure for Microsoft 365
  • Plan your identity and authentication solution for Microsoft 365
  • Plan your supporting infrastructure for Microsoft 365
  • Plan your hybrid requirements for your Microsoft 365 deployment
  • Plan your migration to Microsoft 365

Lab : Transition to Microsoft 365

  • Transition to Microsoft 365

After completing this module, students will be able to:

  • Determine which Microsoft 365 subscription offering best suits your organization’s requirements
  • Understand how to best use Microsoft 365 component services to meet your organizational needs
  • Plan your Microsoft 365 subscription
  • Describe authentication behavior when connecting with or without modern authentication
  • Explain multifactor authentication in Microsoft 365 deployments
  • Create a plan for directory synchronization and Azure AD Connect Pass-through authentication
  • Describe the issues, benefits, and best practices when implementing ADFS
  • Plan for Azure AD Seamless Single Sign-On
  • Plan your Email migration to Microsoft 365
  • Plan your file storage and collaboration requirements
  • Plan your Microsoft Teams environment
  • Plan for user and group synchronization using Azure AD Connect
  • Plan for hybrid Exchange, SharePoint, and Skype for Business environments
  • Plan your deployment using the Deployment Planning Checklist
  • Analyze your Active Directory and plan any necessary clean-up using the ID Fix tool
  • Determine which migration strategy to use to move your mail, calendar, and contact information
  • Describe the performance and network issues to consider when planning your migration strategy

Module 2: Configure your Microsoft 365 tenant

While the prior learning path focused on planning your Microsoft 365 tenant, this learning path transitions to configuring your tenant. This includes configuring your Microsoft 365 experience, including your organization profile, your tenant subscription, your services and add-ins, and your tenant configuration. You will then learn how to manage Microsoft 365 user accounts and licenses, security groups, and domain services. You’ll also learn how to configure client connectivity. The module concludes by examining how to leverage FastTrack and partner services.,

Lessons

  • Configure your Microsoft 365 experience
  • Manage user accounts and licenses in Microsoft 365
  • Manage groups in Microsoft 365
  • Add a custom domain in Microsoft 365
  • Configure client connectivity to Microsoft 365
  • Use FastTrack and Partner Services to support Microsoft 365

Lab : Configure your Microsoft 365 Tenant

  • Initialize your Microsoft 365 Tenant
  • Manage Users and Groups
  • Add a Custom Domain

After completing this module, students will be able to:

  • Complete your company’s organization profile
  • Maintain minimum subscription requirements for your company
  • Manage your services and add-ins
  • Describe the user identities in Microsoft 365
  • Create user accounts from both the Microsoft 365 admin center and in Windows PowerShell
  • Manage user accounts and licenses
  • Recover deleted user accounts
  • Describe the various types of groups available in Microsoft 365
  • Create and manage groups from Microsoft 365 admin center and using Windows PowerShell
  • Implement your domain services
  • Plan DNS for custom domains
  • Identify DNS record requirements for custom domains
  • Add a custom domain to Microsoft 365
  • Describe how FastTrack for Microsoft 365 helps customers deploy Microsoft 365
  • Request a partner to assist you with the FastTrack process
  • Describe how automatic client configuration works
  • Describe the DNS records required for client configuration
  • Configure Outlook clients
  • Configure Azure Active Directory multifactor authentication
  • Troubleshoot client connectivity

Module 3: Manage your Microsoft 365 tenant

In the prior learning paths, you learned how to plan for and configure your Microsoft 365 tenant. In this learning path, you will take the next step in the deployment process by learning how to manage your tenant once it has been implemented. This includes configuring your Microsoft 365 administrator roles, managing tenant health and services, managing user-driven deployments of Microsoft 365 Apps for enterprise (formerly Office 365 ProPlus), managing Office Telemetry,

Lessons

  • Configure administrative roles in Microsoft 365
  • Manage tenant health and services in Microsoft 365
  • Manage user-driven Microsoft 365 Apps for Enterprise deployments
  • Implement Office Telemetry
  • Implement Workplace Analytics

Lab : Manage Your Microsoft 365 Tenant

  • Manage Administration Delegation
  • Monitor and Troubleshoot Microsoft 365
  • Install Microsoft 365 Apps for enterprise

After completing this module, students will be able to:

  • Describe the key admin roles in Microsoft 365
  • Identify the key responsibilities of the primary admin roles
  • Configure tenant roles
  • Monitor your organization’s Microsoft 365 service health in the Microsoft 365 admin center
  • Develop an incident response plan to deal with incidents in your Microsoft 365 services
  • Request assistance from Microsoft to address technical, pre-sales, billing, and subscription support
  • Describe how Microsoft 365 Apps for enterprise click-to-run technology works
  • Describe the Microsoft 365 Apps for enterprise licensing and activation processes
  • Plan which update branch might be applicable for your organization
  • Plan which method to use for applying update branches to your users
  • Identify typical obstacles that prevent successful Microsoft 365 Apps for enterprise installations
  • Identify how to prevent users from installing Microsoft 365 Apps for enterprise
  • Install and configure Microsoft 365 Apps for enterprise with the Office Deployment Tool
  • Plan an Office Telemetry installation
  • Install and configure Office Telemetry
  • Describe data protection and data privacy in Workplace Analytics
  • Configure Workplace Analytics

Module 4: Explore the Microsoft 365 platform services

This learning path examines the primary features and functionality of the key Microsoft 365 services, including Exchange Online, SharePoint Online, Microsoft Teams, and the Microsoft Power Platform, including Power Apps, Power Automate, Power BI, and Power Virtual Agents.

Lessons

  • Explore Exchange Online as a Microsoft 365 Enterprise Administrator
  • Explore SharePoint Online as a Microsoft 365 Enterprise Administrator
  • Explore Microsoft Teams as a Microsoft 365 Enterprise Administrator
  • Explore Microsoft Power Platform as a Microsoft 365 Enterprise Administrator
  • Create apps as a Microsoft 365 Enterprise Administrator with Power Apps
  • Create flows as a Microsoft 365 Enterprise Administrator with Power Automate
  • Create reports and dashboards as a Microsoft 365 Enterprise Administrator with Power BI
  • Create chatbots as a Microsoft 365 Enterprise Administrator with Power Virtual Agents

Lab : Reviewing Office 365 Functionality

  • Review Exchange Online
  • Review SharePoint Online
  • Implement a Ticketing System in SharePoint Online
  • Review Microsoft Teams
  • Explore the Power Platform Admin Center
  • Create a Power App from a SharePoint data source
  • Create a Power App from scratch
  • Create and share a flow using Power Automate
  • Implement a DLP Policy using Power Automate
  • Build a Power BI report and dashboard

After completing this module, students will be able to:

  • Describe the most common recipient types are available in Exchange Online
  • Manage anti-malware and anti-spam policies in Exchange Online
  • Plan your organization’s disaster recovery needs related to company and user emails
  • Determine retention tags and policies that will help you manage your organization’s email lifecycle
  • Describe migration and coexistence strategies and understand the differences between them
  • Select the right mail migration strategy for your organization
  • Determine when you want to change the DNS MX record for a domain in a Microsoft 365 migration
  • Describe the different ways to migrate mailboxes to Microsoft 365 in a hybrid Exchange environment
  • Determine the permission levels that your organization should use in SharePoint Online
  • Describe the levels of encryption for data at rest and data in transit within SharePoint Online
  • Describe the SharePoint Online options for maintaining and recovering content in an intranet
  • Describe the different options that provide anti-malware protection in SharePoint Online
  • Describe basic Teams functionality and the infrastructure that supports its goals
  • Describe how Teams compares to the other collaboration apps in Microsoft 365
  • Manage user licenses in the Microsoft 365 Admin Center and PowerShell to provide Teams access
  • Describe the functionality provided by Guess access in Microsoft Teams
  • Describe audio conferencing functionality that is available in Microsoft Teams
  • Manage user settings for audio conferencing
  • Implement phone systems in Microsoft Teams
  • Identify the components that make up the Microsoft Power Platform product family
  • Describe the basic features of the Microsoft Power Platform Admin center
  • Describe what Power Apps are, including their business impact and primary components
  • Describe how Power Apps connect to data sources
  • Create a basic Power App
  • Test and monitor a Power App
  • Run a Power App
  • Describe the Power Apps security structure
  • Build and run a basic workflow using Power Automate
  • Administer Power Automate
  • Build and share a basic Power BI report and dashboard
  • Administer Power BI
  • Explain what Power Virtual Agents are and how they empower teams to easily create powerful bots
  • Describe key features of Power Virtual Agents
  • Describe how to create a chatbot using Power Virtual Agents

Module 5: Plan and implement identity synchronization

This learning path provides an in-depth examination of Microsoft 365 Identity synchronization, with a focus on Azure Active Directory Connect. You will learn how to plan for and implement Azure AD Connect and, how to manage synchronized identities, and how to implement password management in Microsoft 365 using multi-factor authentication and self-service password management.

Lessons

  • Explore identity synchronization
  • Plan for Azure AD Connect implementation
  • Implement Azure AD Connect
  • Manage synchronized identities
  • Explore password management in Microsoft 365

Lab : Manage Identities

  • Prepare for Identity Synchronization
  • Implement Identity Synchronization
  • Implement Password Management

After completing this module, students will be able to:

  • Describe the Microsoft 365 authentication options
  • Explain directory synchronization
  • Provide an overview of Azure AD Connect
  • Plan directory synchronization to synchronize your on-premises Active Directory objects to Azure AD
  • Plan an Azure AD Connect implementation
  • Plan for Azure AD Connect in a multi-forest scenario
  • Configure Azure AD Connect Prerequisites
  • Set up Azure AD Connect
  • Describe Azure AD Connect Health
  • Perform tasks to ensure users synchronize efficiently and successfully deploy Azure AD Connect
  • Manage groups with directory synchronization
  • Use Azure AD Connect Sync Security Groups to delegate control in Azure AD Connect to other users
  • Troubleshoot directory synchronization using a variety of troubleshooting tasks and tools
  • Describe the available password management features in Microsoft 365

Module 6: Implement applications and external access in Azure AD

This learning path provides a comprehensive look at implementing application and external access. You will learn how to add and manage applications in Azure Active Directory, including how to configure multi-tenant applications. You will then examine how to configure Azure AD Application Proxy, including how to install and register a connector and how to publish an on-premises app for remote access. Finally, you will examine how to design and manage solutions for external access. This includes licensing guidance for Azure AD B2B collaboration, creating a collaborative user, and troubleshooting a B2B collaboration.

Lessons

  • Implement applications in Azure AD
  • Configure Azure AD Application Proxy
  • Explore solutions for external access

After completing this module, students will be able to:

  • Register an application or service within your Azure AD tenant
  • Update an application within the Azure AD consent framework
  • Modify the configuration of a single-tenant application to make it a multi-tenant application
  • Remove an application’s registration from your Azure AD tenant
  • Describe the benefits of Azure AD Application Proxy and how it works
  • Identify Azure AD application proxy prerequisites
  • Install and register a connector and verify that it installed correctly
  • Publish an on-premises app for remote access and test the published app to verify that it functions
  • Manage External Access with Azure AD B2B collaboration.
  • Explain the difference between Microsoft 365 external access and Azure AD B2B collaboration
  • Explain the attributes of a collaborative User.
  • Demonstrate Azure B2B Collaboration
  • Manage external access and guest access using Microsoft Team
  • Manage customer lockbox requests

MS-101T00: Microsoft 365 Mobility and Security

Course outline

Module 1: Explore security metrics in Microsoft 365

In this learning path, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Identity Protection and Microsoft Defender for Office 365.

Lessons

  • Examine threat vectors and data breaches
  • Explore the Zero Trust security model
  • Explore security solutions in Microsoft 365
  • Examine Microsoft Secure Score
  • Examine Privileged Identity Management
  • Examine Azure Identity Protection

Lab : Tenant Setup and Privileged Identity Management

  • Initialize your Microsoft 365 Tenant
  • PIM Resource Workflows

After completing this module, students will be able to:

  • Describe several techniques hackers use to compromise user accounts through email
  • Describe techniques hackers use to gain control over resources
  • Describe techniques hackers use to compromise data
  • Describe the Zero Trust approach to security in Microsoft 365.
  • Describe the components of Zero Trust security.
  • Describe and five steps to implementing a Zero Trust model in your organization.
  • Explain Zero Trust networking
  • List the types of threats that can be avoided by using EOP and Microsoft Defender for Office 365
  • Describe how Microsoft 365 Threat Intelligence can be benefit your organization
  • Monitor your organization through auditing and alerts
  • Describe how ASM enhances visibility and control over your tenant through three core areas
  • Describe the benefits of Secure Score and what kind of services can be analyzed
  • Describe how to collect data using the Secure Score API
  • Know where to identify actions that will increase your security by mitigating risks
  • Explain how to determine the threats each action will mitigate and the impact it has on use
  • Explain Privileged Identity Management (PIM) in Azure administration
  • Configure PIM for use in your organization
  • Audit PIM roles
  • Explain Microsoft Identity Manager
  • Explain Privileged Access Management in Microsoft 365
  • Describe Azure Identity Protection and what kind of identities can be protected
  • Understand how to enable Azure Identity Protection
  • Know how to identify vulnerabilities and risk events
  • Plan your investigation in protecting cloud-based identities
  • Plan how to protect your Azure Active Directory environment from security breaches

Module 2: Manage your Microsoft 365 security services

This learning path examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Microsoft Defender for Office 365, Safe Attachments, and Safe Links. You will also be introduced to the various reports that help an organization monitor its security health.

Lessons

  • Examine Exchange Online Protection
  • Examine Microsoft Defender for Office 365
  • Manage Safe Attachments
  • Manage Safe Links
  • Explore reporting in the Microsoft 365 security services

Lab : Manage Microsoft 365 Security Services

  • Implement a Safe Attachments policy
  • Implement a Safe Links policy

After completing this module, students will be able to:

  • Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
  • List several mechanisms used to filter spam and malware
  • Describe additional solutions to protect against phishing and spoofing
  • Describe the benefits of the Spoof Intelligence feature
  • Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
  • Describe how Safe Links protect users from malicious URLs embedded in email and documents
  • Create and modify a Safe Attachments policy in the Security & Compliance Center
  • Create a Safe Attachments policy by using Windows PowerShell
  • Configure a Safe Attachments policy to take certain actions
  • Understand how a transport rule can be used to disable the Safe Attachments functionality
  • Describe the end-user experience when an email attachment is scanned and found to be malicious
  • Create and modify a Safe Links policy in the Security & Compliance Center
  • Create a Safe Links policy by using Windows PowerShell
  • Understand how a transport rule can be used to disable the Safe Links functionality
  • Describe the end-user experience when Safe Links identifies a link to a malicious website or file
  • Describe how the Microsoft 365 security reports show how your organization is being protected
  • Understand where to access reports generated by EOP and Microsoft Defender for Office 365
  • Understand how to access detailed information from the generated reports generated

Module 3: Implement threat intelligence in Microsoft 365

In this learning path, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard, Microsoft Defender for Identity, and Microsoft Cloud Application Security to stay ahead of potential security breaches.

Lessons

  • Explore threat intelligence in Microsoft 365
  • Explore the Security Dashboard
  • Implement Microsoft Defender for Identity
  • Implement Microsoft Cloud Application Security

Lab : Implement Threat Intelligence

  • Conduct a Spear Phishing attack using the Attack Simulator
  • Conduct Password attacks using the Attack Simulator
  • Prepare for Alert Policies
  • Implement a Mailbox Permission Alert
  • Implement a SharePoint Permission Alert
  • Test the Default eDiscovery Alert

After completing this module, students will be able to:

  • Understand how threat intelligence is powered by the Microsoft Intelligent Security Graph
  • Describe how the threat dashboard can benefit C-level security officers
  • Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
  • Describe how the Security Dashboard displays top risks, global trends, and protection quality
  • Describe what Microsoft Defender for Identity is and what requirements are needed to deploy it
  • Configure Microsoft Defender for Identity
  • Manage the Microsoft Defender for Identity services
  • Describe Cloud App Security
  • Explain how to deploy Cloud App Security
  • Control your Cloud Apps with Policies
  • Troubleshoot Cloud App Security

Module 4: Introduction to Data Governance in Microsoft 365

This learning path examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Office 365 message encryption, In-place Records Management in SharePoint, and data loss prevention (DLP).

Lessons

  • Explore archiving in Microsoft 365
  • Explore retention in Microsoft 365
  • Explore Information Rights Management
  • Explore Office 365 Message Encryption
  • Explore In-place Records Management in SharePoint
  • Explore Data Loss Prevention in Microsoft 365

Lab : Implement Data Governance

  • Configure Microsoft 365 Message Encryption
  • Validate Information Rights Management
  • Initialize Compliance
  • Configure Retention Tags and Policies

After completing this module, students will be able to:

  • Understand Data Governance in Microsoft 365
  • Describe the difference between In-Place Archive and Records Management
  • Explain how data is archived in Exchange
  • Recognize the benefits of In Place Records Management in SharePoint
  • Understand how Messaging Records Management works in Exchange
  • List the types of retention tags that can be applied to mailboxes
  • Know the different Microsoft 365 Encryption Options
  • Understand how Information Rights Management (IRM) can be used in Exchange
  • Configure IRM protection for Exchange mails
  • Explain how IRM can be used in SharePoint
  • Apply IRM protection to SharePoint documents
  • Tell the differences between IRM protection and AIP classification
  • Understand how message encryption works
  • Perform encryption on a message
  • Accomplish decryption of a message
  • Understand the co-operation of signing and encryption simultaneously
  • Explain what triple-wrapped messages are
  • Describe when you can use Office 365 Message Encryption
  • Explain how Office 365 Message Encryption works
  • Describe Data Loss Prevention (DLP)
  • Understand what sensitive information and search patterns are that DLP is using
  • Know what a DLP policy is and what it contains
  • Recognize how actions and conditions work together for DLP
  • Express how actions contain functions to send emails on matches
  • Show policy tips to the users if a DLP rule applies
  • Use policy templates to implement DLP policies for commonly used information
  • Explain document finger
  • Understand how to use DLP to protect documents in Windows Server FCI

Module 5: Implement data governance in Microsoft 365

This learning path examines how to implement the key aspects of data governance, including the building of information barriers in Microsoft 365 and ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.

Lessons

  • Evaluate your compliance readiness
  • Implement compliance solutions
  • Create information barriers in Microsoft 365
  • Create a DLP policy from a built-in template
  • Create a custom DLP policy
  • Create a DLP policy to protect documents
  • Implement policy tips for DLP policies

Lab : Implement DLP Policies

  • Manage DLP Policies
  • Test MRM and DLP Policies

After completing this module, students will be able to:

  • Describe the Microsoft 365 Compliance Center and how to access it
  • Describe the purpose and function of Compliance score
  • Explain the components of of how an organization’s Compliance score is determined
  • Explain how assessments are used to formulate compliance scores
  • Explain how Microsoft 365 helps address Global Data Protection Regulation
  • Describe insider risk management functionality in Microsoft 365
  • Configure insider risk management policies
  • Configure insider risk management policies
  • Explain the communication compliance capabilities in Microsoft 365
  • Describe what an ethical wall in Exchange is and how it works
  • Explain how to create information barriers in Microsoft 365
  • Identify best practices for building and working with ethical walls
  • Understand the different built-in templates for a DLP policies
  • Determine how to choose the correct locations for a DLP policy
  • Configure the correct rules for protecting content
  • Enable and review the DLP policy correctly
  • Describe how to modify existing rules of DLP policies
  • Explain how to add and modify custom conditions and action to a DLP rule
  • Describe how to change user notifications and policy tips
  • Configure the user override option to a DLP rule
  • Explain how incident reports are sent by a DLP rule violation
  • Describe how to work with managed properties for DLP policies
  • Explain how SharePoint Online creates crawled properties from documents
  • Describe how to create a managed property from a crawled property in SharePoint Online
  • Explain how to create a DLP policy with rules that apply to managed properties via PowerShell
  • Describe the user experience when a user creates an email or site containing sensitive information
  • Explain the behavior in Office apps when a user enters sensitive information

Module 6: Manage data governance in Microsoft 365

This learning path focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement sensitivity labels and Windows Information Protection.

Lessons

  • Manage retention in email
  • Troubleshoot data governance
  • Explore sensitivity labels
  • Implement sensitivity labels
  • Implement Data Governance

Lab : Implement Data Governance

  • Implement sensitivity labels
  • Implement Windows Information Protection

After completing this module, students will be able to:

  • Determine when and how to use retention tags in mailboxes
  • Assign retention policy to an email folder
  • Add optional retention policies to email messages and folders
  • Remove a retention policy from an email message
  • Explain how the retention age of elements is calculated
  • Repair retention policies that do not run as expected
  • Understand how to systematically troubleshoot when a retention policy appears to fail
  • Perform policy tests in test mode with policy tips
  • Describe how to monitor DLP policies through message tracking
  • Manage data protection using sensitivity labels
  • Describe the requirements to create a sensitivity label
  • Develop a data classification framework for your sensitivity labels
  • Create, publish, and remove sensitivity labels
  • Describe WIP and what it is used for
  • Plan a deployment of WIP policies
  • Implement WIP policies with Intune and SCCM
  • Implement WIP policies in Windows desktop apps

Module 7: Manage content search and investigations in Microsoft 365

This learning path conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.

Lessons

  • Search for content in the Microsoft 365 Compliance center
  • Conduct audit log investigations
  • Manage Advanced eDiscovery

Lab : Manage Search and Investigations

  • Conduct a data search
  • Investigate Your Microsoft 365 Data

After completing this module, students will be able to:

  • Describe how to use content search
  • Design your content search
  • Configure search permission filtering
  • Explain how to search for third-party data
  • Describe when to use scripts for advanced searches
  • Describe what the audit log is and the permissions required to search a Microsoft 365 audit
  • Configure Audit Policies
  • Enter criteria for searching the audit log
  • View, sort, and filter search results
  • Export search results to a CSV file
  • Search the unified audit log by using Windows PowerShell
  • Describe Advanced eDiscovery
  • Configure permissions for users in Advanced eDiscovery
  • Create Cases in Advanced eDiscovery
  • Search and prepare data for Advanced eDiscovery

Module 8: Prepare for device management in Microsoft 365

This learning path provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.

Lessons

  • Explore Co-management of Windows 10 device
  • Prepare your Windows 10 devices for Co-management
  • Transition from Configuration Manager to Intune
  • Examine the Microsoft Store for Business
  • Plan for application management

Lab : Implement the Microsoft Store for Business

  • Configure the Microsoft Store for Business
  • Manage the Microsoft Store for Business

After completing this module, students will be able to:

  • Describe the benefits of Co-management
  • Plan your organization’s Co-management Strategy
  • Describe the main features of Configuration Manager
  • Describe how Azure Active Directory enables co-management
  • Identify the prerequisites for using Co-management
  • Configure Configuration Manager for Co-management
  • Enroll Windows 10 Devices to Intune
  • Modify your co-management settings
  • Transfer workloads to Intune
  • Monitor your co-management solution
  • Check compliance for co-managed devices
  • Describe the feature and benefits of the Microsoft Store for Business
  • Configure the Microsoft Store for Business
  • Manage settings for the Microsoft Store for Business

Module 9: Plan your Windows 10 deployment strategy

This learning path focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Desktop Analytics, and planning your Windows 10 subscription activation service.

Lessons

  • Examine Windows 10 deployment scenarios
  • Explore Windows Autopilot deployment models
  • Plan your Windows 10 Subscription Activation strategy
  • Resolve Windows 10 upgrade errors
  • Analyze Windows 10 diagnostic data using Desktop Analytics

After completing this module, students will be able to:

  • Plan for Windows as a Service
  • Plan a Modern Deployment
  • Plan a Dynamic Deployment
  • Plan a Traditional Deployment
  • Describe Windows Autopilot requirements
  • Configure Autopilot
  • Describe Autopilot Self-deployments, Pre-provisioned deployments, and User-driven deployments
  • Deploy BitLocker Encryption for Autopiloted Devices
  • Understand Windows 10 Enterprise E3 in CSP
  • Configure VDA for Subscription Activation
  • Deploy Windows 10 Enterprise licenses
  • Describe common fixes for Windows 10 upgrade errors
  • Use SetupDiag
  • Troubleshooting upgrade errors
  • Describe Windows error reporting
  • Understand the upgrade error codes and resolution procedure
  • Describe Desktop Analytics
  • Describe Device Health
  • Describe Update Compliance
  • Determine Upgrade Readiness

Module 10: Implement Mobile Device Management in Microsoft 365

This learning path focuses on Mobile Device Management (MDM). You will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.

Lessons

  • Explore Mobile Device Management
  • Deploy Mobile Device Management
  • Enroll devices to Mobile Device Management
  • Manage device compliance

Lab : Manage devices with Intune

  • Enable device management
  • Configure Azure AD for Intune
  • Create Intune policies
  • Enroll a Windows 10 device
  • Manage and monitor a device in Intune

After completing this module, students will be able to:

  • Manage devices with MDM
  • Compare MDM for Microsoft 365 and Intune
  • Understand policy settings for mobile devices
  • Control Email and Document Access
  • Activate Mobile Device Management Services
  • Deploy Mobile Device Management
  • Configure Domains for MDM
  • Configure an APNs Certificate for iOS devices
  • Manage Device Security Policies
  • Define a Corporate Device Enrollment Policy
  • Enroll devices to MDM
  • Understand the Apple Device Enrollment Program
  • Understand Enrollment Rules
  • Configure a Device Enrollment Manager Role
  • Describe Multi-factor Authentication considerations
  • Plan for device compliance
  • Configure conditional users and groups
  • Create Conditional Access policies
  • Monitor enrolled devices