Quiz covers these topics Microsoft Intune fundamentals, tenant configuration, and licensing requirements. Students will be challenged with questions on relationship between Microsoft 365, Entra ID (Azure AD), and Intune. User roles, permissions, device enrollment prerequisites, and the setup of security groups for policy targeting. It also covers integration points with Microsoft Graph, administrative best practices using least privilege access, and an overview of tenant data storage and identity synchronization.
Setup New Tenant
0/2
Windows Device Management
This lesson focuses on implementing security policies and baselines for Windows devices using Intune. It explains configuring Microsoft Defender Antivirus, Firewall, Attack Surface Reduction (ASR) rules, and BitLocker encryption policies. Learners understand the purpose of Windows LAPS for local admin management and how endpoint security profiles strengthen compliance posture. It also includes how to monitor and remediate threats through integration with Microsoft Defender for Endpoint.
0/1
Device Enrolment
This section explains the lifecycle of device enrollment and update management in Windows environments. Topics include Windows Autopilot provisioning, Enrollment Status Page (ESP), device naming conventions, and user-driven vs. pre-provisioned setups. Learners study Windows Update for Business (WUfB) policies, feature and quality update management, and Autopatch automation. The lesson concludes with troubleshooting enrollment errors and aligning update compliance reports with Intune’s monitoring dashboards.
0/1
Android Device Management
This lesson details Android Enterprise management through Intune. It outlines enrollment modes such as Work Profile, Fully Managed, and Corporate-Owned Dedicated devices. Learners gain insights into managed Google Play integration, app distribution via OEMConfig, Wi-Fi and VPN configuration profiles, and Android device restriction policies. Emphasis is placed on securing Android devices through App Protection Policies (MAM) and selective wipe operations for BYOD scenarios.
0/1
iOS Device Management
This section covers iOS and iPadOS management using Apple Business Manager and Intune. Learners understand the configuration of Apple Push Notification (APNs) certificates, Volume Purchase Program (VPP) tokens, and Device Enrollment Program (DEP) integrations. The lesson explains app deployment strategies, managed app configuration, and update management for iOS devices. It also discusses protecting data using App Protection Policies, VPN profiles, and supervised device settings.
0/1
MacOS Device Management
This lesson explores macOS management within Intune, including shell script deployments, configuration profiles, and FileVault encryption. Learners discover how to deploy PKG applications, enforce Gatekeeper security policies, and configure update profiles for macOS systems. Advanced coverage includes Apple Business Manager integration for automated enrollment, script result reporting, and best practices for notarization and signing of macOS applications.
0/1
Device Compliance Policy
This lesson provides an in-depth look into creating and assigning compliance policies for Windows, Android, iOS, and macOS. Learners explore configuration options to enforce password, encryption, and OS version compliance, and how to automate remediation actions. It also covers the integration between Intune compliance policies and Conditional Access through Entra ID. Real-world examples include enforcing device encryption, monitoring noncompliant devices, and notifying users automatically.
0/1
Device Management Monitoring & Reporting
Here, learners gain visibility into how Intune collects, analyzes, and reports device data. Topics include using built-in reports, Endpoint Analytics, and exporting diagnostic data to Azure Monitor or Power BI. The section introduces Intune Suite add-ons such as Remote Help, Endpoint Privilege Management (EPM), and Tunnel for secure access. Learners also learn to troubleshoot issues using Intune audit logs and Device Actions history for improved operational insights.
0/1
Application Packaging
This lesson focuses on packaging, deploying, and maintaining applications in Intune. Learners discover MSIX and Win32 app deployment methods, detection scripts, supersedence rules, and dependency configurations. It also explores Office deployment management and Microsoft Store integration for Business. Practical elements include troubleshooting failed installations, managing version upgrades, and ensuring compliance with enterprise deployment standards.
0/1
Device Management using PowerShell
The final lesson introduces automation and scripting techniques to enhance Intune administration. Learners use PowerShell and Microsoft Graph API to automate app assignments, policy management, and reporting tasks. The module highlights service principal authentication, least privilege scripting, and proactive remediation scripts for automated device management. Learners also explore Intune Data Warehouse integration for custom analytics in Power BI.
0/1
