Gotchas Flashcards

Thanks to Vicky for these notes! Contact me to get in touch. These decks will be from her notes she shared. I'll likely add my own as well

1
Q

For your Apple devices to work with APNs, allow network traffic from the devices to the Apple network (17.0.0.0/8) directly or by network proxy. Apple devices must be able to specific ports on specific hosts:

A

TCP port 443 during device activation, and afterward for fallback if devices can’t reach APNs on port 5223

TCP port 5223 to communicate with APNs

TCP port 443 or 2197 to send notifications from MDM to APNs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Apple Remote Desktop and Classroom Ports

A

3283
TCP/UDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Apple Remote Desktop, Screen Sharing

A

5900
TCP - Remote Framebuffer - 6143 -rfb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Remote Framebuffer, Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP)

A

5900 - UDP - Apple Remote Desktop, Screen Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP)

A

5901–5902 -UDP - Apple Remote Desktop, Screen Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Network relays in iOS, iPadOS, macOS, and tvOS
relays can be applied to managed apps, domains, or the entire device.

A

entire device, and when accessing internal resources. Multiple network relays can be used in parallel including iCloud Private Relay, with no app required. For more information, see Use network relays.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 3 content caching selection options ?

macOS content caching

A
  • All Content
  • Only Shared content
  • Only iCloud Content
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

By default, content caching is limited to a specific subnet. However, you can set the caching server to provide content caching for these configurations:

A

● Subnets of the local network that share a common public IP address
● Subnets of publicly accessible IP addresses (with additional DNS changes being required)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Apple Business Manager and Apple School Manager accounts that CANNOT be federated:

A

● Administrator
● People Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Understand the Apple Business Manager roles:

A
  • Administrator
  • People Manager
  • Device Enrollment Manager
  • Content Manager
  • Staff
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Apple School Manager can sync with :

A

SIS
Student information system

Integrate Apple School Manager with your Student Information System (SIS)

Apple School Manager cannot sync with Apple Business Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Apple School Manger - More Information

A

You can also use Apple School Manager to securely integrate with your Student Information
System (SIS) or use the Secure File Transfer Protocol (SFTP) to upload all the CSV files from
your SIS to Apple School Manager. You may want to use SFTP if your SIS isn’t currently
supported by Apple School Manager or if you want to import the exact same information from a
different system you currently use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Terminal command for network quality:

A

networkQuality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How does a PAC file influence the way an Apple device communicates over a network?

A

The device follows the PAC file rules that define the proxy server’s location and traffic allowed to
connect directly. The proxy server’s location and rules for allowed direct traffic defined in the PAC file manage the way an Apple device communicates over a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you ensure that only trusted host computers can pair with your organization’s iPhone and iPad devices?

A

Distribute the correct supervision identities to users’ devices. When you deselect the “Pair with non-Apple Configurator hosts” restriction — and distribute the correct supervision identities to users’ devices — you ensure that only trusted computers holding a valid supervision host certificate are allowed to access iPhone or iPad over Thunderbolt or USB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which MDM payload contains the settings that specify how managed apps use cellular
data?

A

Network Usage Rules

17
Q

Which MDM payload contains the settings that enable QoS support on your managed
devices?

A

Wi-Fi