Microsoft Endpoint Administrator (MD-102) Practice Exam

Microsoft Endpoint Administrator (MD-102) Practice Exam

The Microsoft Endpoint Administrator (MD-102) certification equips you with the skills and knowledge to manage and secure devices and applications within the modern workplace, leveraging the power of Microsoft Endpoint Manager. 

Who should take this Exam

• IT professionals seeking career advancement: Enhance your expertise and marketability in endpoint management.
• First-line and helpdesk support: Gain the skills to manage and troubleshoot endpoint devices effectively.
• System administrators transitioning to cloud: Learn how cloud-based tools like Endpoint Manager are changing the game.
• Individuals seeking validation: Prove your competency in managing Microsoft Endpoint environments.

Responsibilities

This globally recognized credential demonstrates your ability to:

• Deploy and manage Windows client devices: Implement efficient deployment strategies using tools like Autopilot and Intune.
• Secure identities and access: Utilize Azure Active Directory and Microsoft Entra for user authentication, authorization, and enforcing security policies.
• Maintain device health and compliance: Configure security policies, implement endpoint protection, and ensure compliance with regulations.
• Manage applications: Deploy and update Windows apps, line-of-business apps, and Microsoft 365 apps.
• Collaborate with IT teams: Work effectively with other IT professionals to achieve optimal endpoint management.

Exam Details:

• Format: 60 multiple-choice questions
• Time Limit: 90 minutes
• Languages: English, Japanese, Korean (others offered periodically)
• Passing Score:700

Course Outline

Domain 1 - Understand Deploying Windows client (25–30%)

1.1 Learning preparing for a Windows client deployment

• Describing selecting a deployment tool based on requirements
• Describing choosing between migrate and rebuild
• Describing choosing an imaging and/or provisioning strategy
• Describing selecting a Windows edition based on requirements
• Describing implementing subscription-based activation

1.2 Learning planning and implement a Windows client deployment by using Windows Autopilot

• Describing configuring device registration for Autopilot
• Describing creating, validating, and assigning deployment profiles
• Describing setting up the Enrollment Status Page (ESP)
• Describing deploying Windows devices by using Autopilot
• Describing troubleshooting an Autopilot deployment

1.3 Learn planning and implementing a Windows client deployment by using the Microsoft Deployment Toolkit (MDT)

• Describing planning and implementing an MDT deployment infrastructure
• Describing creating, managing, and deploying images
• Describing monitoring and troubleshooting a deployment
• Describing planning and configuring user state migration

1.4 Learn configuring remote management

• Describing configuring Remote Help in Intune
• Describing configuring Remote Desktop on a Windows client
• Describing configuring the Windows Admin Center
• Describing configuring PowerShell remoting and Windows Remote Management (WinRM)

Domain 2 - Understand managing identity and compliance (15–20%)

2.1 Learn managing identity

• Describing implementing user authentication on Windows devices, including Windows Hello for Business, passwordless, and tokens
• Describing managing role-based access control (RBAC) for Intune
• Describing registering devices in and join devices to Microsoft Entra ID
• Describing implementing the Intune Connector for Active Directory
• Describing managing the membership of local groups on Windows devices
• Describing implementing and managing Local Administrative Passwords Solution (LAPS) for Microsoft Entra ID

2.3 Learn implementing and managing Local Administrative Passwords Solution (LAPS) for Azure AD

• Describing implementing compliance policies for all supported device platforms by using Intune
• Describing specifying compliance policies to meet requirements
• Describing implementing compliance policies
• Describing implementing Conditional Access policies that require a compliance status
• Describing managing notifications for compliance policies
• Describing monitoring device compliance
• Describing troubleshooting compliance policies

Domain 3 - Understand managing, maintaining, and protecting devices (40–45%)

3.1 Learn managing the device lifecycle in Intune

• Describing configuring enrollment settings
• Describing configuring automatic and bulk enrollment, including Windows, Apple, and Android
• Describing configuring policy sets
• Describing Restarting, retiring, or wiping devices

3.2 Learn managing device configuration for all supported device platforms by using Intune

• Describing specifying configuration profiles to meet requirements
• Describing implementing configuration profiles
• Describing monitoring and troubleshooting configuration profiles
• Describing configuring and implementing Windows kiosk mode
• Describing configuring and implementing profiles on Android devices, including fully managed, dedicated, corporate owned, and work profile
• Describing planning and implementing Microsoft Tunnel for Intune

3.3 Learn monitoring devices

• Describing monitoring devices by using Intune
• Describing monitoring devices by using Azure Monitor
• Describing analyzing and responding to issues identified in Endpoint analytics and Adoption Score

3.4 Learn managing device updates for all supported device platforms by using Intune

• Describing planning for device updates
• Describing creating and managing update policies by using Intune
• Describing managing Android updates by using configuration profiles
• Describing monitoring updates
• Describing troubleshooting updates in Intune
• Describing configuring Windows client delivery optimization by using Intune
• Describing creating and manage update rings by using Intune

3.5 Learn implementing endpoint protection for all supported device platforms

• Describing implementing and managing security baselines in Intune
• Describing creating and managing configuration policies for Endpoint security including antivirus, encryption, firewall, endpoint detection and response (EDR), and attack surface reduction (ASR)
• Describing Onboarding devices to Microsoft Defender for Endpoint
• Describing implementing automated response capabilities in Microsoft Defender for Endpoint
• Describing reviewing and responding to device issues identified in the Microsoft Defender Vulnerability Management dashboard

Domain 4 - Understand managing applications (10–15%)

4.1 Learn deploying and updating apps for all supported device platforms

• Describing deploying apps by using Intune
• Describing configuring Microsoft 365 Apps deployment by using the Microsoft Office Deployment Tool or Office Customization Tool (OCT)
• Describing managing Microsoft 365 Apps by using the Microsoft 365 Apps admin center
• Describing deploying Microsoft 365 Apps by using Intune
• Describing configuring policies for Office apps by using Group Policy or Intune
• Describing deploying apps to platform-specific app stores by using Intune

4.2 Learn planning and implementing app protection and app configuration policies

• Describing planning and implementing app protection policies for iOS and Android
• Describing managing app protection policies
• Describing implementing Conditional Access policies for app protection policies
• Describing planning and implementing app configuration policies for managed apps and managed devices
• Describing managing app configuration policies