Let’s learn about the Intune Exam MD 102 Study Guide Starter Kit—Microsoft Intune Certification. We will cover the Study guide for Exam MD-102: Endpoint Administrator Associate, as shared in a YouTube Video. Microsoft recently increased exam prices to help maintain the quality and value of our Certification program.
What are the changes coming to Microsoft Intune Certification or exams? Let’s look into the latest changes in Intune exams or Intune certification. We will also look into the learning path change from the technology to the job profile. We will also cover the cost of Intune Certification.
In this post, we cover the study guide created to assist you in preparing for your upcoming Exam. It provides an overview of the topics likely to be covered on the Exam and directs you toward additional resources to aid your preparation. The Latest Intune training is carefully designed for self-study – Intune Training Course 2023.
By utilizing the information and materials provided in this post, you can focus your studies and increase your chances of success on the Exam. Let’s discuss the Intune Certification or Exams. This post will cover the retirement of Intune Exams, the renaming of exam certifications, costs for new exams, and the syllabus.
Table of Contents
New Updates to the Exam MD 102 2024
Microsoft periodically updates its certification exams to reflect the evolving skills needed for specific roles. Here’s a breakdown of how the updates work.
- The exam is first updated in English.
- For exams available in other languages, these localized versions are updated approximately eight weeks after the English version. However, delays can occur, and localized versions may not always follow this schedule strictly.
- To see which languages the exam is offered in, check the “Schedule Exam” section on the specific exam’s details page.
- If the exam is not available in your preferred language, you can request an additional 30 minutes to complete it.
Audience Profile – Primary Responsibilities of a Candidate
As a candidate for this exam, you should possess deep expertise in managing devices and client applications within a Microsoft 365 environment, utilizing Microsoft Intune. Your primary responsibilities will involve the following.
- Designing and implementing solutions
- It enables the efficient deployment and management of endpoints across multiple operating systems, platforms, and device types.
- Managing endpoints at scale through tools such as Microsoft Intune, Microsoft Intune Suite, Windows Autopilot, Microsoft Copilot for Security, Microsoft Defender for Endpoint, Microsoft Entra ID, Azure Virtual Desktop, and Windows 365.
- Configuring and enforcing identity, security, access, policies, updates, and applications to maintain seamless operations and ensure secure access to corporate resources
- As an endpoint administrator, your role involves the following.
- Collaborating with various teams
- You work with architects, Microsoft 365 administrators, security administrators, and other workload administrators to develop and implement a modern workplace strategy.
- To manage devices effectively, you need experience with Microsoft Entra ID and Microsoft 365 technologies, especially Intune.
- You must be proficient in deploying, configuring, and maintaining Windows and non-Windows devices.
Skill Areas and Task – Skills Measured as of 17th September 2024
The following table shows various skill areas, detailing specific tasks that exemplify proficiency and competence within each domain. By identifying and categorizing these skills, individuals and organizations can better assess their capabilities, set targeted development goals, and create actionable improvement plans.
This approach enhances individual performance and contributes to overall organizational success.
Skill Area | Tasks |
---|---|
Prepare the infrastructure for devices | (25–30%) |
Add devices to Microsoft Entra ID | > Choose an appropriate device join type >Join devices to Microsoft Entra ID >Register devices to Microsoft Entra ID >Plan and implement groups for devices in Microsoft Entra ID |
Enroll devices to Microsoft Intune | > Configure enrollment settings > Configure automatic enrollment for Windows and > bulk enrollment for iOS and Android > Configure enrollment profiles for Android devices, > including fully managed, dedicated, corporate owned, and work profile |
Implement identity and compliance | > Manage roles in Intune > Implement compliance policies for all supported device platforms by using Intune > Implement Conditional Access policies that require a compliance status > Configure Windows Hello for Business > Implement and manage Local Administrative Passwords Solution (LAPS) for Microsoft Entra ID > Manage the membership of local groups on Windows devices by using Intune |
Manage and maintain devices | (30–35%) |
Deploy and upgrade Windows clients by using cloud-based tools | > Choose between Windows Autopilot and provisioning packages > Choose a Windows Autopilot deployment mode Apply a device name template > Implement Windows client deployment by using Windows Autopilot > Create an Enrollment Status Page (ESP) > Plan and implement provisioning packages > Plan and implement device upgrades for Windows 11 > Implement a Windows 365 cloud PC deployment |
Plan and implement device configuration profiles | > Create device configuration profiles for Windows devices, including importing ADMX files > Create device configuration profiles for Android devices > Create device configuration profiles for iOS devices > Create device configuration profiles for Mac OS devices > Create device configuration profiles for Enterprise multi-session devices > Target a profile by using filters |
Implement Intune Suite add-on capabilities | > Configure Endpoint Privilege Management > Manage applications by using the Enterprise App Catalog > Implement Microsoft Intune Advanced Analytics > Configure Microsoft Intune Remote Help > Identify use cases for Cloud PKI > Implement Microsoft Tunnel for MAM |
Perform remote actions on devices | > Sync, restart, retire, or wipe devices > Perform bulk remote actions > Update Windows Defender security intelligence > Rotate BitLocker recovery keys > Run a device query by using KQL |
Manage Applications | (15–20%) |
Deploy and update apps | > Prepare applications for deployment by using Intune > Deploy apps by using Intune > Deploy Microsoft 365 Apps by using Intune Configure policies for Office apps > Deploy Microsoft 365 Apps as part of a Windows Autopilot deployment by using the Microsoft Office Deployment Tool (ODT) or Office Customization Tool (OCT) > Manage Microsoft 365 Apps by using the Microsoft 365 Apps admin center > Deploy apps from platform-specific app stores by using Intune |
Plan and implement app protection and app configuration policies | > Plan and implement app protection policies > Implement Conditional Access policies for app protection policies > Plan and implement app configuration policies for managed apps and managed devices |
Protect devices | (15–20%) |
Configure endpoint security | > Create antivirus policies > Create disk encryption policies > Create firewall policies > Configure Attack surface reduction policies > Plan and implement security baselines > Integrate Intune with Microsoft Defender for Endpoint > Onboard devices into Microsoft Defender for Endpoint |
Manage device updates by using Intune | > Plan for device updates > Create and manage update rings by using Intune > Create and manage update policies by using Intune, including iOS and Mac OS > Manage Android updates by using configuration profiles or firmware-over-the-air (FOTA) deployments > Configure Windows client delivery optimization by using Intune > Monitor updates |
Audience Profile for Endpoint Administrator Candidates
As a candidate for this exam, you are skilled in deploying, configuring, securing, managing, and monitoring devices and client applications in a Microsoft 365 environment. Your role involves handling identity management, security measures, access control, policy enforcement, updates, and application management for various endpoints.
You design and implement solutions to optimize the deployment and management of devices across different operating systems, platforms, and device types.
Skill Areas and Task – Skills measured before 17th September 2024
Free Intune LAB Setup
If you want to set up Intune LAB for free, this section can help. This lab setup will also help you prepare for Intune Exam MD-102. HTMD Community shared a post and video on the lab setup topic.
More Details – Free Intune Trial Tenant Forever | Renewable Intune Tenant with 25 Microsoft E5 Licenses for Free (Microsoft stopped offering this free lab because of security reasons – unconfirmed update)
The following video tutorial will help you set up Microsoft Intune free LAB Forever. There are some tips and tricks to keep the Intune LAB forever. As part of this setup, you will get 25 Microdsoft E5 licenses. You can easily access Intune, Azure AD, Exchange Online, etc. You can easily do Intune end-to-end testing.
Intune Exam MD 102 Study Guide Starter Kit – Microsoft Intune Certification
Previously, the certification paths were based on each Microsoft Technical product, such as Intune, ConfigMgr, System Center, etc. With the new changes, the certification path is evolved to the next level.
Now, the certification path is changed based on Job roles, which will help IT Admins. Job role-based Certification makes more sense in the cloud, where ever-changing technologies will evolve further and migrate to modern cloud-native solutions.
Note! Microsoft is updating its Microsoft 365 certification portfolio. It is Consolidating, announcing New beta Exams, and getting more Aligned with modern workplace scenarios. Consolidation, Retirement, New Beta Exams, and Tight Alignment are the main four pillars of New certification portfolio updates.
Intune Certification Changes
Let’s get into the details of Microsoft’s latest certification announcements. MD 100 and MD 101 are the latest certifications. MD 100 is the Windows Client certification, which is the basic Certification. MD 101 is the Managing Modern Desktop Certification, an advanced kind of Certification.
- Microsoft is combining these 2 certifications and creating a New certificate called MD 102.
- The previous MD Exams are retiring, and MD 100 and MD 101 are retiring by July 2023.
- Microsoft is changing the name of the Certification. It was Modern Desktop Administrator Associates, but it is now Microsoft 365 Certified: Endpoint Administrator Associate.
- The Retirement date for the old certifications is July 2023. Per the latest Microsoft announcements, the Beta Exams will be available for MD-102 by May 2023.
Certification Name Changes | New/Old | Exam Code | Retirement Date | Beta Exam |
---|---|---|---|---|
Microsoft 365 Certified: Modern Desktop Administrator Associate | Old | MD 100 & MD 101 | July 2023 | |
Microsoft 365 Certified: Endpoint Administrator Associate. | New | MD 102 | NA | May 2023 |
Intune Certification Fees
The window below shows 3 examples of fees for Intune Certification. The Beta exam fee for the United States is 165 USD; for the United Kingdom, it is 113 GBP; and for India, it is 4800 INR.
Syllabus – How the Skills are Measured for the New MD 102 Exam
Let’s discuss the syllabus of the Endpoint Administrator Associate, i.e., MD 102, and how the skills are measured for the New MD 102 Exam Intune Administrators or Modern Endpoint Administrators. Audience profiles, as per Microsoft, have a lot of details.
Candidates taking this Exam are expected to possess a high level of proficiency in various aspects of Microsoft 365 environments, including the deployment, configuration, management, protection, and monitoring of devices and client applications.
- This exam will cover Microsoft Intune, Windows 365, Windows Autopilot, Microsoft Defender for Endpoint, and Azure Active Directory. You will expect questions related to these technologies.
- Candidates for this Exam have experience with Azure AD and Microsoft 365 technologies, including Intune. They must have solid skills and knowledge in deploying, configuring, and maintaining Windows clients and non-Windows devices.
- Deploy Windows client (25–30%)
- Manage identity and compliance (15–20%)
- Manage, maintain, and protect devices (40–45%)
- Manage applications (10–15%)
Note! – The New Intune Certification supports Windows and non-Windows, which is the main reason for changing the name to Microsoft 365 Certified: Endpoint Administrator Associate. The New Intune Certification includes not only desktops but also all the other platforms.
If you are interested in learning about Windows clients and non-Windows devices, read the post Intune Design Decisions Free Training | Version 1 Starter Kit | Basic. It includes a set of Intune Design Decisions videos.
Percentage-wise Syllabus for Intune Exam MD 102
Manage, maintain, and protect devices that will give you (40–45%) coverage. This is the vast and important area that you need to concentrate on. Deploy Windows client coverage for 25-30%, Manage identity and compliance for 15-20%, and finally, Manage applications for 10-15%.
- The table below shows the priority-wise syllabus
Priority | Syllabus |
---|---|
1st Priority | Manage, maintain, and protect devices (40–45%) |
2nd Priority | Deploy Windows client (25–30%) |
3rd Priority | Manage identity and compliance (15–20%) |
4th Priority | Manage applications (10–15%) |
Study Guide for Intune Exam MD-102
Microsoft provided a study guide for Exam MD-102: Endpoint Administrator, which is available online. The guide explains how to earn the Certification, the certification renewal process, Your Microsoft Learn profile, Passing score, Exam sandbox, Requesting accommodations, etc.
- A score of 700 or greater is required to pass the Exam. Exam sandbox helps you to practice for the Exam.
1st Priority – Manage, Maintain, and Protect Devices (40–45%)
Manage the device lifecycle in Intune, which includes Configuring enrollment settings, configuring automatic and bulk enrollment, including Windows, Apple, and Android, Configuring policy sets, and Restarting, retiring, or wiping devices.
In this section, let’s discuss the following topics. Manage the device lifecycle in Intune.
- Configure enrollment settings
- Configure automatic and bulk enrollment, including Windows, Apple, and Android
Configure policy sets – Policy sets – Microsoft Intune | Microsoft Learn
Intune Device Life Cycle Management details are given below.
- Restart, retire, or wipe devices – Overview of the Microsoft Intune MDM lifecycle | Microsoft Learn
Let’s look into managing device configuration for all supported device platforms using Intune topics for the MD-102 Intune exam.
You can have a quick look at the video linked below to get an idea about the options for creating Intune Configuration Profiles and the different types of Configuration profiles.
The video below, with troubleshooting steps, explains how to implement Intune configuration profiles, including renaming the Guest account name.
- The video below explains how to configure and troubleshoot the Intune configuration profiles.
Latest Intune Troubleshooting Strategies | Fix Intune Policy Conflicts | Methods IT Admins -Helpdesk.
Intune Filter rules are the best option for effectively assigning configuration policies. Intune Assignment Filters Decoded | Associated Assignments | AAD Groups Vs Filters—Part 1.
- Configure and implement profiles on Android devices, including fully managed, dedicated, corporate-owned, and work profile
- iOS/PadOS – Custom Settings
- macOS – Custom Settings
- Plan and implement Microsoft Tunnel for Intune
Intune Monitoring and Reporting Strategic Options | Types of Reports | Custom Reports | Workbooks are explained in the below section and video. Microsoft Intune reports – Microsoft Intune | Microsoft Learn.
- Monitor devices
- Use audit logs to track and monitor events in Microsoft Intune.
- Monitor devices by using Azure Monitor – Send log data to storage, event hubs, or log analytics in Intune.
- Analyze and respond to issues identified in Endpoint Analytics and Adoption Score.
- Collect Intune Logs from Intune Diagnostic Data
- Intune Logs Event IDs IME Logs Details for Windows Client Side Troubleshooting
- Intune Audit Logs Track Who Created Updated Device Compliance Policy
Let’s learn how to Manage device updates for all supported device platforms using Intune.
- Plan for device updates
Let’s review the documentation and video below for more details on Windows, iOS, and Android update options. Intune Patch Management Methods for Windows iOS iPadOS macOS.
- Create and manage update policies by using Intune
- Manage Android updates by using configuration profiles
- Manage iOS/iPadOS software update policies in Intune
Let’s learn about the Intune Automatic Patching mechanism for Windows devices: Autopatch. Video tutorial for Windows Autopatch Decoded | Azure AD Groups – Configuration Policies created and managed by Service.
- Windows Autopatch
Let’s now check how to monitor the updates using Windows Update for Business reports and other monitoring options in Intune. WUfB Reports Service Full Overview | Intune Patching Report | WUfB Deployment Service #msintune.
- Monitor updates
- Windows Update for Business Reports
- Troubleshoot updates in Intune
- Configure Windows client delivery optimization by using Intune
- Create and manage update rings by using Intune
Let’s learn the MD-102 Intune exam to Implement endpoint protection for all supported device platforms. Intune Security Baseline Decoded: This is the easiest option for setting up security policies for your organization.
- Implement and manage security baselines in Intune
Create and manage configuration policies for Endpoint security, including antivirus, encryption, firewall, endpoint detection and response (EDR), and attack surface reduction (ASR)
- Intune Endpoint Security Policies
- Manage endpoint security in Microsoft Intune
- Antivirus Policy and How to Configure macOS Antivirus Policy Using Intune
- Disk encryption policy
- Firewall policy
Let’s learn how to Onboard devices to Defender for Endpoint for Intune Exam MD-102.
- Use Microsoft Defender for Endpoint
- Deploy Microsoft Defender for macOS using Intune
- Turn on Cloud Protection for Windows 11 Microsoft Defender Using Intune
- Configure Microsoft Defender SmartScreen Using Intune
- Intune Security Baseline Microsoft Defender Policy Troubleshooting Tips for Cloud PCs
Implement automated response capabilities in Defender for Endpoint. Review and respond to device issues identified in the Microsoft Defender Vulnerability Management dashboard.
2nd Priority – Deploy Windows client (25–30%)
Preparing for a Windows client deployment includes Selecting a deployment tool based on requirements, Choosing between migration and rebuild, Choosing an imaging and/or provisioning strategy, Selecting a Windows edition based on requirements, and Implementing subscription-based activation.
- Select a deployment tool based on requirements
- Choose between migrate and rebuild
- Choose an imaging and/or provisioning strategy
- Select a Windows edition based on requirements
- Policy CSP – Windows Client Management (CSPs don’t support Home Edition – mostly)
- Supported Operating Systems and Editions
- Official Comparison Windows 11 Editions
- Implement subscription-based activation
Let’s learn to Plan and implement a Windows client deployment using Windows Autopilot for Intune exam MD-102. Let’s have a quick Overview of Windows Autopilot. Also, learn to make a Decision-Making Tree Decide Windows Autopilot Profile Types.
- Create, validate, and assign deployment profiles
- Set up the Enrollment Status Page (ESP)
- Deploy Windows devices by using Autopilot
- Troubleshoot an Autopilot deployment
- Configure device registration for Autopilot
Happy Autopiloting 🙂 Bonus tip: Windows 10/11 Autopilot deployment process PDF can be downloaded from the link. You can download the Windows Autopilot Deployment Flowchart prepared by Michael Niehaus.
Let’s learn to Plan and implement a Windows client deployment using the Microsoft Deployment Toolkit (MDT) for Intune Exam MD-102.
- Plan and implement an MDT deployment infrastructure
- Create, manage, and deploy images
- Monitor and troubleshoot a deployment
- Plan and configure user state migration
Let’s learn how to Configure remote management for Intune Exam MD-102. Intune offers different options for supporting device remote management.
- Configure Remote Help in Intune
- Configure Remote Desktop on a Windows client
- Configure the Windows Admin Center
- Configure PowerShell remoting and Windows Remote Management (WinRM)
3rd Priority – Manage identity and compliance (15–20%)
Manage identity includes implementing user authentication on Windows devices, including Windows Hello for Business, passwordless, and tokens, and Managing role-based access control (RBAC) for Intune.
- Implement user authentication on Windows devices, including Windows Hello for Business, passwordless, and tokens.
- Manage role-based access control (RBAC) for Intune.
This video will explain Intune RBAC Strategic Options | Role-Based Access Controls | Scope Groups | Intune Objects | Roles.
Let’s now learn about Managing identities for the Intune exam MD-102. Azure AD is the single point of identity for Microsoft Intune, and it’s integrated with Intune to deploy apps, policies, etc.
- Register devices to Azure AD
- Azure AD Registered devices –
Azure AD Registered for BYO (Personal)—Devices registered to Azure AD do not require an organizational account to sign into them. Users can log in with their Microsoft ID or local Windows 11 or Windows 10 devices.
- Azure AD Joined Devices
- Implement the Intune Connector for Active Directory
- Manage the membership of local groups on Windows devices
- Implement and manage Local Administrative Passwords Solution (LAPS) for Azure AD
- Azure AD LAPs – Cloud LAPs – Microsoft Cloud LAPS Password Management Solution.
- Get started with Windows LAPS and Azure Active Directory
This video explains the Azure AD Join Process and Intune Auto Enrollment for Windows 11 | Licensing Details | Manual Provisioning process! The example given uses the Windows 11 settings app.
Let’s learn about Implementing compliance policies for all supported device platforms using Intune for Intune Exam MD-102. Check the details of the device compliance settings for the different device platforms:
- Android device administrator
- Android Enterprise
- Android Open Source Project (AOSP)
- iOS
- Linux
- macOS
- Windows Holographic for Business
- Windows 8.1 and later
You can refer to Device compliance policies in Microsoft Intune for more details on this Intune Compliance policy topic.
- Specify compliance policies to meet requirements.
- Implement compliance policies
- Implement Conditional Access policies that require a compliance status
- Manage notifications for compliance policies
- Monitor device compliance
- Troubleshoot compliance policies
4th Priority – Manage applications (10–15%)
As part of the Intune Exam MD-102 syllabus, you must learn how to Deploy and update apps for all supported device platforms, including the Deploy apps by using Intune, Configure Microsoft 365 Apps deployment by the Microsoft Office Deployment Tool or Office Customization Tool, etc.
- Deploy apps by using Intune – Deploy Microsoft 365 Apps by using Intune.
- Configure Microsoft 365 Apps deployment by using the Microsoft Office Deployment Tool or Office Customization Tool (OCT)
- Manage Microsoft 365 Apps by using the Microsoft 365 Apps admin center
- Configure policies for Office apps by using Group Policy or Intune
- Deploy apps to platform-specific app stores by using Intune
In this video, you will get the details of the Supported Intune Application Types. This video also explains the Limitations of each app type and Important Considerations while making Intune Design Decisions.
In this section, we will learn about planning and implementing Intune app protection and app configuration policies for Intune Exam MD-102.
- Plan and implement app protection policies for iOS and Android
- Manage app protection policies
- Implement Conditional Access policies for app protection policies
- Plan and implement app configuration policies for managed apps and managed devices
- Manage app configuration policies
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
About the Author: Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing about Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.
Hello Vidya,
The content created here is top-notch. Thanks for that.
Do i need to have done any other exams or certifications ot enrol for this new md-102 exam?