+Enrolling User Owned Devices Flashcards
If your organization supports user-owned devices, you can use one of several methods to enroll these devices into your MDM solution. User Enrollment is recommended. Navigate to Settings in iPhone or iPad devices or System Settings on a Mac computer and enter a Managed Apple ID to start User Enrollment.
User Enrollment
What are the four stages of User Enrollment
Service discovery — The device identifies itself to the MDM solution.
User enrollment — The user provides credentials to an identity provider for authorization to enroll in the MDM solution.
Session token — A session token is issued to the device to allow ongoing authentication.
MDM enrollment — The device receives an enrollment profile with payloads that the MDM administrator configures.
User Enrollment
User Enrollement, How
User Enrollment
What is Per-App Networking
That means only network traffic that managed apps initiate is passed through the DNS proxy, the web content filter, or both. A user’s personal traffic stays separated, and an organization doesn’t filter or proxy it.
User Enrollment
What is Per-App Networking
A) DNS proxy
B) Web content filter
C) Both
D) All traffic
C) Both
That means only network traffic that managed apps initiate is passed through the DNS proxy, the web content filter, or both. A user’s personal traffic stays separated, and an organization doesn’t filter or proxy it.
User Enrollment
How do setup and use Federation for Google Workspace or Entra ID?
- Configure Google Workspace or Entra ID
- Sign up your organization in Apple Business Manager, Apple Business Essentials, or Apple School Manager
- Set up federated authentication in Apple Business Manager, Apple Business Essentials, or Apple School Manager
- Configure an MDM solution and link it to Apple Business Manager, Apple Business Essentials, or Apple School Manager, or use the device management in Apple Business Essentials
User Enrollment - Account Driven
How to enroll an iPhone or iPad
A) Settings > General > VPN & Device Management, then tapping the Sign in to Work or School Account button.
B) System Settings > Privacy & Security > Work or School Account - Sign in
A) Settings > General > VPN & Device Management, then tapping the Sign in to Work or School Account button.
User Enrollment - Account Driven
How to enroll an MacOS - User Enrollement
A) Settings > General > VPN & Device Management, then tapping the Sign in to Work or School Account button.
B) System Settings > Privacy & Security > Work or School Account - Sign in
B) Settings > Privacy & Security > Work or School Account - Sign in
User Enrollment - Profile Based
How does profile-based User Enrollment work
- Users receive an enrollment profile through a customized URL, through an email message, or by other means.
- After users download the enrollment profile and any additional configuration profiles
- User Enrollment screen appears and users click Enroll My [iPhone, iPad, Mac], then do one of the following:
- With federated authentication — Enter their user names and passwords from the identity management provider or Without federated authentication — Enter their Managed Apple ID user names and passwords
User Enrollment - Profile Based
What must a user do after downloading a profile from a website or email?
When users download configuration profiles — including profiles to enroll in MDM — from a website or an email message, they must use the Settings app to install those profiles.
User Enrollment - Profile Based
What can and administrator of a user-enrolled device do?
A) Configure accounts
B) Access inventory of personal apps
C) Turn on Lost Mode
D) Require a complex passcode or password
A) Configure accounts
User Enrollment - Profile Based
What can and administrator of a user-enrolled device do?
A) Manage Activation Lock
B) Remove any personal data
C) Require a passcode
D) Require a complex passcode or password
C ) Require a passcode
What can and administrator of a user-enrolled device do?
A) Access inventory of personal apps
B) Access device location
C) Access roaming status
D) Access inventory of managed apps
D) Access inventory of managed apps
User Enrollment - Updated Profiles
What is the update process when updating MDM profiles
- MDM notifies an enrolled device through Apple Push Notification service (APNs) that it needs to contact the server.
- The next time that the device connects to the network, MDM installs the configuration profiles assigned to the user and device.
- APNs notifies devices that have the profile installed, including devices in groups, to contact MDM to obtain the update.
- If the MDM administrator deletes a profile from MDM, then the profile is deleted from all affected devices.
User Enrollment - Updated Profiles
When you send an update configuration profile command, a new configuration profile installs on the device rather than a delta update of the configuration profile.
True or False
User Enrollment - iCloud
True or False
After enrollment, users can still access files in their personal iCloud Drive.
