Tag Archives: mcse

Finally! New Windows 10 Exams in Beta!

Windows 10 has evolved (a lot) since those early releases. For example, the HomeGroup feature has bit the IT dust. Microsoft has responded (finally) by releasing two new certification exams in Beta in December 2018.

Windows 10 Certification

This means we will get new versions of the certification and the exams soon. Of course, I am also excited about the new, upcoming courses at CBT Nuggets. Once again, we will focus on Hands-On Labs to ensure that you get sandboxes for Windows 10 to experiment with all the new features and technologies. This time, we will also be offering checkpoint labs where you will be challenged to demonstrate your abilities with Windows 10 support.

Exam MD-100: Windows 10 (beta)

Deploy Windows (15-20%)

  • Deploy Windows 10
    • Configure language packs; migrate user data; perform a clean installation; perform an in-place upgrade (using tools such as MDT, WDS, ADK, etc.); select the appropriate Windows edition; troubleshoot activation issues
  • Perform post-installation configuration
    • Configure Edge and Internet Explorer; configure mobility settings; configure sign-in options; customize the Windows desktop

Manage Devices and Data (35-40%)

  • Manage local users, local groups, and devices
    • Manage devices in directories; manage local groups; manage local users
  • Configure data access and protection
    • Configure NTFS permissions; configure shared permissions
  • Configure devices by using local policies
    • Configure local registry; implement local policy; troubleshoot group policies on devices
  • Manage Windows security
    • Configure user account control (UAC); configure Windows Defender Firewall; implement encryption

Configure Connectivity (15-20%)

  • Configure networking
    • Configure client IP settings; configure mobile networking; configure VPN client; troubleshoot networking; configure Wi-Fi profiles
  • Configure remote connectivity
    • Configure remote management; enable PowerShell Remoting; configure remote desktop access

Maintain Windows (25-30%)

  • Configure system and data recovery
    • Perform file recovery (including OneDrive); recover Windows 10; troubleshoot startup/boot process
  • Manage updates
    • Check for updates; troubleshoot updates; validate and test updates; select the appropriate servicing channel; configure Windows update options
  • Monitor and manage Windows
    • Configure and analyze event logs; manage performance; manage Windows 10 environment

MD-101 Managing Modern Desktops (beta)

Deploy and Update Operating Systems (15-20%)

  • Plan and implement Windows 10 by using dynamic deployment
    • Evaluate and select appropriate deployment options; pilot deployment; manage and troubleshoot provisioning packages
  • Plan and implement Windows 10 by using Windows Autopilot
    • Evaluate and select appropriate deployment options; pilot deployment; create, validate, and assign deployment profile; extract device HW information to CSV file; import device HW information to cloud service; troubleshoot deployment
  • Upgrade devices to Windows 10
    • Identify upgrade and downgrade paths; manage in-place upgrades; configure a Windows analytics environment; perform Upgrade Readiness assessment; migrate user profiles
  • Manage updates
    • Configure Windows 10 delivery optimization; configure Windows Update for Business; deploy Windows updates; implement feature updates; monitor Windows 10 updates
  • Manage device authentication
    • Manage authentication policies; manage sign-on options; perform Azure AD join

Manage Policies and Profiles (35-40%)

  • Plan and implement co-management
    • Implement co-management precedence; migrate group policy to MDM policies; recommend a co-management strategy
  • Implement conditional access and compliance policies for devices
    • Implement conditional access policies; manage conditional access policies; plan conditional access policies; implement device compliance policies; manage device compliance policies; plan device compliance policies
  • Configure device profiles
    • Implement device profiles; manage device profiles; plan device profiles
  • Manage user profiles
    • Configure user profiles; configure Enterprise State Roaming in Azure AD; configure sync settings; implement Folder Redirection (including OneDrive)

Manage and Protect Devices (15-20%)

  • Manage Windows Defender
    • Implement and manage Windows Defender Application Guard; implement and manage Windows Defender Credential Guard; implement and manage Windows Defender Exploit Guard; implement Windows Defender Advanced Threat Protection; integrate Windows Defender Application Control; manage Windows Defender Antivirus
  • Manage Intune device enrollment and inventory
    • Configure enrollment settings; configure Intune automatic enrollment; enable device enrollment; enroll non-Windows devices; enroll Windows devices; generate custom device inventory reports; review device inventory
  • Monitor devices
    • Monitor device health (e.g., log analytics, Windows Analytics, or other cloud-based tools); monitor device security

Manage Apps and Data (25-30%)

  • Deploy and update applications
    • Assign apps to groups; Deploy apps by using Intune; deploy apps by using Microsoft Store for Business; deploy O365 ProPlus; enable sideloading of apps into images; gather Office readiness data; configure IE Enterprise mode; configure and implement assigned access or public devices
  • Implement Mobile Application Management (MAM)
    • Implement MAM policies; manage MAM policies; plan MAM; configure Windows Information Protection; implement Azure Information Protection templates; securing data by using Intune

70-742 Additional Notes – AD FS, WAP, and Preauthentication

When you are configuring AD FS and WAP you have two preauthentication methods and various types of preauthentication available. Here is a recap of when you would use the various methods and types:

  • AD FS preauthentication method
    • Type – Web and MSOFBA
      • WebApplication
      • Rich Office Client
      • SharePoint
      • Office Server
      • Custom WebApp
    • Type – HTTP Basic
      • Rich Client without HTTP Redirection
      • Exchange ActiveSync
      • Remote Desktop Gateway
    • Type – OAuth2
      • Application using OAuth2
      • Windows Store Apps
      • Custom Application
  • Pass-Through preauthentication method 
    • No authentication
    • Forward authentication
    • Anonymous website
    • Legacy application
    • Public website

70-742 Additional Notes – Restoring the Default GPOs

70-742

You may find yourself in a situation where you need to restore the default domain policy or the default domain controllers policy to their original configurations. Thankfully – there is a tool for this – it is the aptly named dcgpofix.exe command line tool. This tools offers the following options:

  • /ignoreschema- this permits the command to run regardless of the AD scheme version in use
  • /target – permits you to specify exactly what object you want to restore
  • /? – permits the display of help on the command