Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Protect devices using Microsoft Intune

Microsoft via Microsoft Learn

Go to class Write review
Financial Edge Ad

The Private Equity Associate Certification

Learn More → Simplilearn Ad

Pass the PMP® Exam on Your First Try — Expert-Led Training

Learn More →

Overview

Build a Learning Habit
Download Class Central's free printable study calendar
Download for Free
  • Onboard devices to Microsoft Defender with Microsoft Intune, configure security baselines and EDR policies, and investigate and triage incidents in the Microsoft Defender portal.

    By the end of this module, you'll be able to:

    • Describe how Microsoft Defender protects endpoints, including its architecture, components, and security capabilities
    • Onboard Windows, macOS, and mobile devices to Microsoft Defender using Microsoft Intune
    • Configure security baselines, antivirus, firewall, and attack surface reduction policies
    • Deploy and manage Endpoint Detection and Response (EDR) policies across supported platforms
    • Investigate and respond to endpoint threats from the Microsoft Defender portal
    • Monitor and triage security incidents in the Microsoft Defender portal
  • Deploy and manage BitLocker device encryption on Windows endpoints using Microsoft Intune, including policy configuration, recovery key management, and compliance monitoring.

    In this module, you'll learn how to:

    • Explain why device encryption is a regulatory requirement and a security best practice.
    • Configure BitLocker policies in Intune with appropriate protection levels.
    • Manage BitLocker recovery keys and enable user self-service recovery.
    • Monitor encryption compliance across your Windows devices.
    • Use audit tools in Microsoft Defender to verify endpoint encryption status.
  • Apply layered endpoint defenses by combining Microsoft Intune policy enforcement with Microsoft Defender for SaaS app discovery, Attack Surface Reduction rules, Zero Trust device access, and proactive remediation.

    By the end of this module, you'll be able to:

    • Describe layered threat protection strategies that align Microsoft Intune and Microsoft Defender capabilities
    • Discover and monitor cloud app usage with Microsoft Defender's SaaS app security
    • Configure Attack Surface Reduction (ASR) rules in Microsoft Intune to block risky behaviors
    • Apply Zero Trust principles by integrating device risk and compliance with Conditional Access
  • Design, assign, and monitor Microsoft Intune compliance policies, configure graduated noncompliance actions, and automate remediation for noncompliant devices.

    By the end of this module, you'll be able to:

    • Explain how compliance policies, configuration profiles, and risk-based evaluation work together to enforce Zero Trust
    • Create compliance policies for Windows, iOS/iPadOS, Android, and macOS that evaluate device health, OS versions, encryption, and threat levels
    • Assign and scope compliance policies using Microsoft Entra groups, dynamic groups, and assignment filters
    • Configure graduated actions for noncompliance, including notifications, grace periods, and automated retirement
    • Automate remediation using configuration profiles and Intune Remediations to enable self-healing devices
    • Monitor compliance status and generate reports for operational troubleshooting and audit readiness
  • Learn how to deploy and manage Microsoft Tunnel Gateway to securely extend access to on-premises resources for enrolled and unenrolled mobile devices.

    By the end of this module, you'll be able to:

    • Deploy Microsoft Tunnel Gateway infrastructure on Linux servers
    • Configure server settings, sites, and VPN profiles in Intune
    • Extend Tunnel support to unenrolled mobile devices through Mobile Application Management (MAM)
    • Monitor Tunnel server health and troubleshoot connectivity issues
  • Stand up a cloud-hosted certificate authority hierarchy in Microsoft Intune, automate SCEP issuance and renewal, and monitor certificate health across managed devices.

    By the end of this module, you'll be able to:

    • Describe how Microsoft Cloud PKI replaces on-premises certificate infrastructure
    • Create a root CA and issuing CA hierarchy in the Microsoft Intune admin center
    • Deploy trusted certificate profiles and SCEP certificate profiles in the correct order
    • Configure validity periods, renewal thresholds, key usage, and EKUs for SCEP profiles
    • Monitor certificate health, audit administrative actions, and remediate common issuance and renewal problems

Syllabus

  • Implement endpoint security with Microsoft Defender and Microsoft Intune
    • Introduction
    • Understand how Microsoft Defender protects endpoints
    • Onboard devices to Microsoft Defender using Intune
    • Configure Microsoft Defender endpoint security settings and baselines
    • Configure Endpoint Detection and Response policies
    • Investigate and respond to endpoint threats using Microsoft Defender
    • Monitor and triage incidents in the Microsoft Defender portal
    • Knowledge check
    • Summary
  • Implement device encryption and security policies using Microsoft Intune
    • Introduction
    • Understand the importance of device encryption for compliance and security
    • Configure BitLocker policies using Microsoft Intune
    • Manage BitLocker recovery keys and user self-service options
    • Monitor BitLocker compliance and encryption status in Microsoft Intune
    • Audit device encryption with Microsoft Defender
    • Knowledge check
    • Summary
  • Implement advanced threat protection using Microsoft Intune and Microsoft Defender
    • Introduction
    • Understand advanced threat protection strategies for endpoint environments
    • Discover and monitor cloud apps with Microsoft Defender
    • Configure Attack Surface Reduction rules using Microsoft Intune
    • Apply Zero Trust principles for endpoint protection
    • Knowledge check
    • Summary
  • Enforce compliance and remediate security issues by using Microsoft Intune
    • Introduction
    • Understand compliance policies and risk-based enforcement
    • Create compliance policies for supported platforms
    • Assign and scope compliance policies using groups and filters
    • Configure actions for noncompliant devices
    • Remediate device issues using compliance and configuration policies
    • Monitor and report on compliance results
    • Knowledge check
    • Summary
  • Secure mobile access using Microsoft Tunnel
    • Introduction
    • Configure Tunnel gateway
    • Extend support to MAM devices
    • Monitor and troubleshoot Tunnel connections
    • Knowledge check
    • Summary
  • Implement Microsoft Cloud PKI
    • Introduction
    • Set up cloud-based PKI
    • Automate certificate issuance and renewal
    • Monitor certificate health and compliance
    • Knowledge check
    • Summary

Tags

Reviews

Start your review of Protect devices using Microsoft Intune

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.