Describe endpoint modernization, management concepts, and deployment options in Microsoft 365

Question 1

Microsoft Intune

Answer 1

a family of products and services that offer a cloud-based unified endpoint management solution

Question 2

the Intune family includes:

Answer 2

Microsoft Intune service, Configuration Manager, co-management, Endpoint Analytics, Windows Autopilot and Intune admin center

Question 3

endpoints

Answer 3

physical devices, such as mobile devices, desktop computers, virtual machines, embedded devices, and servers that connect to and exchange information with a computer network.

Question 4

zero trust

Answer 4

verify explicitly, use least privilege access, and assume breach

Question 5

Microsoft offers endpoint management solutions for

Answer 5

employees to collaborate with all different types of devices ( iOS, windows, PCs, mobile phones, etc)

Question 6

t or f

Microsoft Intune is a cloud-based endpoint management solution that manages user access to organizational resources and simplifies app and device management across your many devices, including mobile devices, desktop computers, and virtual endpoints.

Answer 6

true

Question 7

key features of Microsoft Intune

Answer 7

allows management of users and devices

streamlines app management, offering in built deployment, updates, and removal capabilities, integration with private app stores, Microsoft 365 app support, Win32 app deployment, and tools for app protection policies and data access control

automates policy deployment for apps security, device configuration, compliance, conditional access and more

company portal app provides self service features - PIN/ password resets, app install, more

real time threat response and automated redemption

endpoint management and data driven reporting, allowing admins to sign in from any device

Question 8

configuration manager

Answer 8

on premise management solution to manage desktops, Windows servers, and laptops that are on your network or internet based

Question 9

co management

Answer 9

one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud, enhancing conditional access

Question 10

t or f

Conditional access allows organizations to implement policies that control and restrict access to their resources based on certain conditions and criteria.

Answer 10

true

Question 11

Tenant- attach

Answer 11

allows your device records to be in the cloud, enabling you to act on these devices from a cloud console

also allows you to manage endpoint security for Windows Servers and client devices

Question 12

Windows Autopilot

Answer 12

cloud native service that sets up and pre configures new devices, getting them ready for use

Question 13

t or f

you can use Windows Autopilot to reset, repurpose, and recover devices

Answer 13

true

Question 14

t or f

Microsoft Entra ID (formally known as Azure Active Directory or Azure AD) is is a cloud-native service that is used by Intune to manage the identities of users, devices, and groups.

Answer 14

true

Question 15

Intune admin center

Answer 15

one-stop web site to add users and groups, create and manage policies, and monitor your policies using report data

Question 16

t or f

Windows 365 and Azure Virtual Desktop (AVD) are both virtual desktop solutions known as Desktop as a service ( DaaS )

Answer 16

true

Question 17

an enhancement from Windows 10 to Windows 11

Answer 17

Microsoft Copilot in Windows

Question 18

t or f

Windows 365 is a cloud-based service that automatically creates a new type of Windows virtual machine (VM), known as Cloud PCs, for your end users.

Answer 18

true

Question 19

what are the two editions that Windows 365 is available in?

Answer 19

Windows 365 Business
Windows 365 Enterprise

Question 20

Azure Virtual Desktop (AVD)

Answer 20

is a modern and secure desktop and app virtualization solution that runs on the cloud

Question 21

t or f

AVD allows users to connect to a Windows running desktop in the cloud

Answer 21

true

Question 22

t or f

AVD gives you the ability to access your desktop and applications from virtually anywhere

Answer 22

true

Question 23

t or f

Azure Virtual Desktop on Surface lets you run Virtual Desktop Infrastructure (VDI) on a Surface device

Answer 23

true

Question 24

Windows Client

Answer 24

a comprehensive desktop operating system that allows you to work efficiently and securely

Question 25

WaaS - Windows as a Service

Answer 25

new way to work with Windows desktop

simplifying the deployment and servicing of Windows client computers

maintains a consistent and current Windows experience for users

Question 26

Release types for Windows client

Answer 26

Feature updates

Quality updates

Question 27

Feature Updates for Windows Client

Answer 27

2X a year.
add new functionality
smaller updates - which means less time to adapt to smaller changes
less disruption and effort
workload and cost impact of updating is reduced
more productive with earlier access to new features

Question 28

Quality updates for Windows Client

Answer 28

issued once a month as non security releases or combined security + non security releases

provide security and reliability fixes

Question 29

Servicing channels

Answer 29

first way to separate users into deployment groups for feature and quality updates

Question 30

What are the servicing channels?

Answer 30

Windows Insider Program

General Availability Channel

Long term servicing channel

Question 31

Windows Insider Program

Answer 31

provides organizations with the opportunity to test and provide feedback on features that will be shipped in the next feature update

New features are delivered to the Windows Insider community during the development cycle through a process called flighting.

This process will allow organizations to see exactly what Microsoft is developing and start their testing as soon as possible.

Microsoft recommends that all organizations have at least a few devices enrolled in this program

Question 32

General Availability Channel

Answer 32

update releases annually

ideal for pilot deployments and testing of feature updates.

It’s also ideal for users such as developers who need to work with the latest features.

Question 33

Long-term servicing channel

Answer 33

is designed for specialist systems and devices that don’t run Office apps such as medical equipment or ATMs.

These devices typically perform a single task and don’t need frequent updates compared to other devices in the organization.

This channel receives new features every two or three years.

Question 34

Deployment rings

Answer 34

a deployment method used to separate devices into a deployment timeline.

Each “ring” comprises a group of users or devices that receive a particular update together.

Question 35

A common ring structure uses three deployment groups

Answer 35

Preview - planning and development
Limited - pilot and validation
Broad - wide deployment

Question 36

what is the purpose of the preview ring?

Answer 36

to evaluate the new features of the update

Question 37

what is the purpose of the limited ring?

Answer 37

to validate the update on representative devices across the network

Question 38

what is the purpose for Broad ring?

Answer 38

Once the devices in the limited ring have had a sufficient stabilization period, it’s time for broad deployment across the network.

Question 39

Deployment methods

Answer 39

Modern
Dynamic
Traditional

Question 40

Modern Deployment Methods

Answer 40

grasp both traditional on-premises and cloud services to deliver a streamlined, cost effective deployment experience.

• windows autopilot
• in place upgrade

Question 41

Windows Autopilot ( modern deployment methods)

Answer 41

allows IT professionals to customize the out-of-box experience (OOBE) for Windows PCs and provide end users with a fully configured new Windows device. Users can go through the deployment process independently, without the need to consult their IT administrator.

Question 42

In-place upgrade (modern deployment methods)

Answer 42

provides a simple, automated process that uses the Windows installation program to upgrade from an earlier version of Windows

automatically preserves all data, settings, drivers, and applications from the existing operating system version.

In-place upgrade requires the least IT effort, because there’s no need for any complex deployment infrastructure.

Question 43

Dynamic deployment methods

Answer 43

enable you to configure applications and settings for specific use cases without having to deploy a new custom organization image to the device.

Subscription activation
Azure Active Directory (Azure AD) joined with automatic mobile device management (MDM) enrollment
Provision package configuration

Question 44

Subscription activation ( Dynamic deployment methods )

Answer 44

uses a subscription to switch from one edition of Windows to another when a licensed user signs into a device.

For example, you can switch from Windows 10 Pro to Windows 10 Enterprise.

Question 45

Azure Active Directory (Azure AD) joined with automatic mobile device management (MDM) enrollment ( Dynamic deployment methods )

Answer 45

automatically joins the device to Azure AD and is configured by MDM.
The organization member just needs to provide their work or school user ID and password.

Question 46

Provisioning package configuration ( Dynamic deployment methods )

Answer 46

uses the Windows Imaging and Configuration Designer (ICD) tool. This tool is used to create provisioning packages that contain all the configuration, settings, and apps that can be applied to devices.

Question 47

Traditional deployment methods

Answer 47

use existing tools to deploy operating system images

New computer
Computer refresh
Computer replace

Question 48

New computer ( traditional deployment methods)

Answer 48

also called bare metal, is when you deploy a new device or wipe an existing device and deploy with a fresh image.

Question 49

Computer refresh (traditional deployment methods)

Answer 49

also called wipe-and-load, is when you redeploy a device by saving the user state, wiping the disk, then restoring the user state.

Question 50

Computer replace (traditional deployment methods)

Answer 50

when you replace an existing device with a new one. You save the user state on the old device and then restore it to the new device.

Question 51

t or f

Microsoft 365 Apps can be installed individually by users on their devices

Answer 51

true

Question 52

Methods available to deploy Microsoft 365 Apps

Answer 52

Deploy from a local source with Configuration Manager

Deploy from the cloud with the Office Deployment Tool (ODT)

Deploy from a local source with the Office Deployment Tool (ODT)

Self-install from the cloud

Question 53

t or f

You can control how often the users in your organization get these new features by specifying the update channel

Answer 53

true

Question 54

Microsoft also provides each update channel with two other types of updates that are released every month:

Answer 54

Security updates
Non security updates (quality updates)

Question 55

3 primary channels for Microsoft 365 Apps

Answer 55

Current channel
Monthly Enterprise Channel
Semi Annual Enterprise Channel

Question 56

t or f

not all users in your organization need to be on the same update channel

Answer 56

true

Question 57

t or f

Microsoft 365 Apps checks for updates regularly, and they’re downloaded and installed automatically

Answer 57

true

Question 58

Current channel

Answer 58

receives feature updates as soon as they’re ready, but there’s no set schedule.

receives security and non-security updates around two or three times a month

Microsoft recommends this channel because it provides users with the newest Office features as soon as they’re ready

Question 59

Monthly enterprise channel

Answer 59

1x a month on the second Tuesday of the month

can include feature, security, and non-security updates.

Microsoft recommends this channel if you want to provide your users with new Office features once a month on a predictable release schedule.

Question 60

Semi annual enterprise channel

Answer 60

receives feature updates every six months, in January and July on the second Tuesday of the month

can include feature, security, and non-security update

Microsoft recommends this channel only for those select devices in your organization where extensive testing is needed before rolling out new Office features.

Question 61

a cloud-based unified endpoint management solution that simplifies management across multiple operating systems, cloud, on-premises, mobile, desktop, and virtualized endpoints?

Answer 61

microsoft intune

Question 62

Windows 365 and Azure Virtual desktop are both what type of service?

Answer 62

desktop as a service

Question 63

What is Windows-as-a-Service?

Answer 63

windows with regular feature updates

Question 64

if your organization requires frequent feature updates for Microsoft 365 Apps on a predictable release schedule, which update channel is best?

Answer 64

Monthly enterprise channel