
Microsoft 365 Certified: Enterprise Administrator Expert
This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security management, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats. You will be introduced to the Microsoft Secure Score, as well as to Azure Active Directory Identity Protection. You will then learn how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. Finally, you will be introduced to the various reports that monitor your security health. You will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches. With your Microsoft 365 security components now firmly in place, you will examine the key components of Microsoft 365 compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP). You will then delve deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center. Now that you understand the key aspects of data governance, you will examine how to implement them, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips. You will then focus on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection. You will conclude this section by learning how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery. The course concludes with an in-depth examination of Microsoft 365 device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management. At this point, you will transition from planning to implementing device management; specifically, your Windows 10 deployment strategy. This includes learning how to implement Windows Autopilot, Windows Analytics, and Mobile Device Management (MDM). When examining MDM, you will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.
Course Outline
Plan device management
plan device monitoring
plan Microsoft Endpoint Manager implementation and integration with Azure AD
plan co-management between Endpoint Configuration Manager and Intune
plan for configuration profiles
Manage device compliance
plan for device compliance
plan for attack surface reduction
configure security baselines
configure device compliance policy
plan and configure conditional access policies
Plan for apps
create and configure Microsoft Store for Business
plan app deployment
plan for mobile application management (MAM)
Plan Windows 10 deployment
plan for Windows as a Service (WaaS)
plan for managing Windows quality and feature updates
plan Windows 10 Enterprise deployment methods
analyze upgrade readiness for Windows 10 by using services such as Desktop Analytics
evaluate and deploy additional Windows 10 Enterprise security features
Enroll devices
plan for device join or device registration to Azure Active Directory (Azure AD)
plan for manual and automated device enrollment into Intune
enable device enrollment into Intune
Manage security reports and alerts
evaluate and manage Microsoft Office 365 tenant security by using Secure Score
manage incident investigation
review and manage Microsoft 365 security alerts
Plan and implement threat protection with Microsoft 365 Defender
plan Microsoft Defender for Endpoint
design Microsoft Defender for Office 365 policies
implement Microsoft Defender for Identity
Plan Microsoft Defender for Cloud Apps
plan information protection by using Microsoft Defender for Cloud Apps
Plan for compliance requirements
plan compliance solutions
assess compliance
plan for and implement privileged access management
plan for legislative and regional or industry requirements and drive implementation
Manage information governance
plan data classification
plan for classification labeling
plan for restoring deleted content
implement records management
design data retention labels and policies in Microsoft 365
Implement Information protection
plan an information protection solution
plan and implement sensitivity labels and policies
monitor label alerts and analytics
deploy Azure Information Protection unified labels clients
configure Information Rights Management (IRM) for workloads
plan for Windows information Protection (WIP) implementation
Plan and implement data loss prevention (DLP)
plan for DLP
configure DLP policies
monitor DLP
Manage search and investigation
plan and configure auditing
plan and configure eDiscovery
implement and manage insider risk management
design a Content Search solution