MD-101 Study Guide – Part 4

So, it’s Part 4 of my MD-101 quest, and we are going to look at Managing Apps & Data! Whoop whoop, I can hear you all say 🙂

Microsoft seem to be adding lots of ‘Case Study’ type questions (and with ADHD) these can present a bit of a challenge for those like me, who cannot remember the case study information and the ‘bloomin’ question. But I digress, on to the learning bit!

Anyways, I think that if you study the following ideas or scenarios for MD-101, you should be good to go on the day (no guarantees mind!)

Device management requirements – Azure AD. An example of this would be; ‘What do I need to stop a department sending confidential bank information to an external partner?’ – That could be an Azure Information Protection policy

If I wanted to stop data transferring from one application to another – that might be an ‘App Protection Policy.’

If I wanted to use an application from the Microsoft Store for Business, what would I have to do, what steps would I follow? – I would start by obtaining the software, after all, if I don’t have the app, how can I deploy to my users?

I would ‘get’ the app. It’s pretty simple if you think about it logically.

  • If I wanted to deploy software to my users and I had ConfigMgr in my Domain (remember that Modern Management is all about using the correct tool for the job in hand), and I am only deploying to offices with high-speed connectivity, why use the cloud for that? – I would stick with what I have got, use Config Mgr and local Distribution Points and create an application deployment for my vital piece of software.
  • If the company I worked for developed Universal Windows Apps, how would I deploy it to my test computers? What do I need? How do I install it? – I would have to enable the developer mode in settings, and then I would have to install the appx package, making sure I have a certificate (from a trusted authority ) for the application, and then use PowerShell to install the app.https://docs.microsoft.com/en-us/windows/application-management/sideload-apps-in-windows-10

Now I hear you ask, how do I do that with Intune?

I am glad you asked that question, this is Modern Management after all, and we all know Microsoft wants us to use the ‘Cloud’, when it’s the right tool, and to save us all the hard work, let’s use MVP Anoop’s blog post on exactly that! (Thank You Anoop! )

Now, how do we do that if we only have M365 licensing at our company, and want to deploy applications to our iOS users who are enrolled with Intune and belong to the IT department?

What do we have to do first? – Of course, we add the application to Intune, and then follow the link for the rest of the steps.

Well, that is super easy, it’s Intune!

I think we are nearing the end of Part 4, it’s been a long day, and there’s only enough study in a day, so let us begin the final sprint.

Windows Information Protection Policies, what are they, and what do they do?

Well, read this first:https://docs.microsoft.com/en-gb/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure

First, you will have to add apps, how you add them depends on MDM or MAM (what??? Read the link, trust me, it will explain everything you need to know, and I am not typing all that out)

All I would say is that you should ensure you know about protection policies and notifications and actions!

App Protection Policies – Read the link!

https://docs.microsoft.com/en-us/intune/app-protection-policies

And finally, we get to One Drive, hooray!

https://docs.microsoft.com/en-us/onedrive/plan-onedrive-enterprise

I would learn the last three pages quite well to get through the exam.

And ‘Shout Out’ to Anoop, hope you don’t mind me using the info in our blog, all credited to you of course!