M55399B - Implement and Manage Microsoft Intune


3 Days


200 - Intermediate


Microsoft, Intune

Legacy MOC Code



This three-day instructor-led course is aimed at modern device management professionals looking to manage their enterprise devices using Microsoft Intune. This course will cover Enrolment, Application Management, Endpoint Security and Windows Autopilot as well as Microsoft Entra Conditional Access and Identity Protection. The delegates will learn how to enrol devices, deploy applications and manage them to maximise user productivity and device security.

This course has been updated to reflect the change form Azure Active Directory to Microsoft Entra.


The primary audience for this course is people who are involved with managing Windows, Mac, Android and IoS devices in an enterprise environment.


Module 1: Introduction to Microsoft Intune

This module introduces the Microsoft Intune product family and associated Microsoft Entra features.


  • Mobile Device Management
  • Microsoft Intune
  • Microsoft Entra ID
  • Microsoft Entra Identity Protection
  • Microsoft Entra Conditional Access

Lab: Environment Setup and Conditional Access

  • Signup for M365 E5 Trial
  • Create Users and Groups
  • Create Identity Protection Policies

Module 2: Microsoft Intune Device Management

This module describes the features and implementation of Mobile Device Management using Microsoft Intune, including enrollment, compliance, configuration and Operating System updates.


  • Enrolling Devices
  • Device Compliance
  • Device Profiles
  • Device Updates

Lab: Enrolling Windows Devices

  • Prepare for Enrollment
  • Enroll a Windows Device
  • Enroll an IOS Device (optional)
  • Enroll an Android Device (optional)
  • Create and deploy compliance and conditional access policies
  • Create and deploy configuration profiles

Module 3: Microsoft Intune Application Management

This module describes deployment and management of applications using Microsoft Intune on enrolled and unenrolled devices.


  • Application Management
  • Deploying Applications
  • Application Configuration
  • Managing Applications
  • Policy Sets and Guided Scenarios

Lab: Deploying Apps

  • Deploy Remote Desktop and M365 Apps for Enterprise to managed client machines
  • Deploy Notepad++ (Optional)
  • Deploy Apps to IOS (optional)
  • Deploy Apps to Android (optional)

Module 4: Microsoft Intune Endpoint Security

This module describes the centralized Endpoint Security features and policies within Microsoft Intune.


  • Security Baselines and tasks
  • Antivirus
  • Disk Encryption
  • Firewall
  • Attack Surface reduction
  • Endpoint detection and response
  • Account Protection

Lab: Manage Endpoint Security in Microsoft Intune

  • Implement Windows Security Baseline
  • Implement Microsoft Edge Security Baseline
  • Implement Attack Surface reduction policies

Module 5: Deploying Windows with Windows Autopilot

This module describes the Windows Autopilot suite of products and how to deploy Windows operating systems using Windows Autopilot.

  • Windows Autopilot overview
  • Preparing for windows autopilot deployment
  • Deploying Windows 11 using Windows Autopilot

Lab: Deploying Windows 11 using Windows Autopilot

  • Prepare Microsoft Entra for Windows Autopilot
  • Prepare a windows client for windows autopilot
  • Deploy Windows 11 using Windows Autopilot

Module 6:
Microsoft Intune Additional and Premium Features

This module introduces some current and upcoming additional and premium features of Microsoft Intune.

  • Remote Help
  • Tunnel for Mobile Application Management
  • Endpoint Privilege Management
  • Advanced Endpoint Analytics