Introduction xi Microsoft certifications xi Acknowledgments xii Free ebooks from Microsoft Press xii Microsoft Virtual Academy xii Errata, updates, & book support xiii We want to hear from you xiii Stay in touch xiii Preparing for the exam xv Chapter 1: Design for cloud/hybrid identity 1 Skill 1.1: Plan for Azure Active Directory identities 2 Design Azure AD identities 2 Active Directory integration 8 Azure Multi-Factor Authentication 10 User self-service from the Azure Access Panel 15 Azure AD reporting 17 Company branding 18 Design Azure AD Premium features 22 Summary 33 Skill 1.2: Design for Active Directory synchronization with Azure AD Connect 34 Design single sign-on, Active Directory Integration scenarios, and Active Directory synchronization tools 35 Plan for Azure AD Synchronization services 47 Design for Connect Health 47 Summary 50 Thought experiment 51 Thought experiment answer 52 Chapter 2: Design for device access and protection 53 Skill 2.1: Plan for device enrollment 53 Plan device inventory 54 Assign mobile device management authority 57 Meet device management prerequisites 59 Configure device enrollment profiles 63 Summary 72 Skill 2.2: Plan for the Company Portal 72 Customize the Company Portal and company terms and conditions 72 Intune design policies and policy conflicts 80 Summary 93 Skill 2.3: Plan protection for data on devices 94 Design for protection of data in email and Microsoft SharePoint 94 Design for protection of an application''s data by using encryption 96 Design for full and selective wipes 98 Summary 101 Thought experiment 101 Thought experiment answer 102 Chapter 3: Design for data access and protection 103 Skill 3.1: Plan shared resources 103 Design for file and disk encryption and BitLocker encryption 104 Design for the Network Unlock feature 109 Configure BitLocker policies 111 Design for the Encrypting File System (EFS) recovery agent 113 Manage EFS and BitLocker certificates including backup and restore 116 Summary 118 Skill 3.2: Plan advanced audit policies 118 Design for auditing by using Group Policy and AuditPol.

exe 118 Create expression-based audit policies 121 Design for removable device audit policies 122 Summary 124 Skill 3.3: Plan for file and folder access 124 Design for Windows Server Dynamic Access Control 125 Design for Web Application Proxy 131 Design for Azure Rights Management Service (Azure RMS) 134 Summary 151 Thought experiment 152 Thought experiment answer 153 Chapter 4: Design for remote access 155 Skill 4.1: Plan for remote connectivity 155 Design remote authentication 156 Configure Remote Desktop settings 168 Design VPN connections and authentication 175 Enable VPN reconnect 179 Configure broadband tethering 179 Summary 181 Skill 4.2: Plan for mobility options 181 Design for offline file policies 182 Design for power policies 192 Design for Windows to Go 198 Design for sync options 202 Design for Wi-Fi Direct 204 Summary 205 Thought experiment 206 Thought experiment answer 207 Chapter 5: Plan for apps 209 Skill 5.1: Manage RemoteApp 210 Design RemoteApp and Desktop Connections settings 210 Configure Group Policy Objects for signed packages 225 Subscribe to the Azure RemoteApp and Desktop Connections feeds 227 Export and import Azure RemoteApp configurations 231 Support iOS and Android 239 Configure Remote Desktop Web Access for Azure RemoteApp distribution 241 Summary 244 Skill 5.2: Plan app support and compatibility 244 Design for desktop app compatibility using Application Compatibility Toolkit 245 Design desktop application co-existence 249 Install and configure User Experience Virtualization (UE-V) 254 Plan for desktop apps using Microsoft Intune 257 Summary 265 Thought experiment 266 Thought experiment answer 267 Chapter 6: Plan updates and recovery 269 Skill 6.1: Plan for system recovery 269 Design for recovery drive 270 Design for System Restore 273 Design for refresh or recycle 277 Design for driver rollback 279 Design for restore points 281 Summary 283 Skill 6.2: Plan file recovery 283 Design File History 286 Recover files from OneDrive 288 Summary 293 Skill 6.

3: Plan device updates 293 Design update settings and Windows Update policies 294 Manage update history 305 Roll back updates 306 Design for Windows Store app updates 308 Summary 309 Thought experiment 310 Thought experiment answer 311 Index 315.