MCA Microsoft 365 Messaging Administrator w/ MCE Enterprise Administrator Training & Certification Boot Camp – 11 Days

Configuring Your Microsoft 365 Tenant

While Module 1 focuses on planning your Microsoft 365 tenant, this modules transitions to configuring your tenant. This includes configuring your Microsoft 365 experience, including your organization profile, your tenant subscription, your services and add-ins, and your tenant configuration. You will then learn how to manage Microsoft 365 user accounts and licenses, security groups, and domain services. You will conclude by examining how to leverage FastTrack and partner services.,

Lessons

• Configuring  Your Microsoft 365 Experience
• Managing User Accounts and Licenses in Microsoft 365
• Managing Security Groups in Microsoft 365
• Implementing Your Domain Services
• Leveraging FastTrack and Partner Services

Lab : Configure your Microsoft 365 Tenant

• Initialize your Microsoft 365 Tenant
• Manage Users and Groups
• Add a Custom Domain

After completing this module, students will be able to:

• Complete your company’s organization profile
• Maintain minimum subscription requirements for your company
• Manage your services and add-ins
• Describe the user identities in Microsoft 365
• Create user accounts from both the Microsoft 365 admin center and in Windows PowerShell
• Manage user accounts and licenses
• Recover deleted user accounts
• Describe the various types of groups available in Microsoft 365
• Create and manage groups from Microsoft 365 admin center and using Windows PowerShell
• Implement your domain services
• Plan DNS for custom domains
• Identify DNS record requirements for custom domains
• Add a custom domain to Microsoft 365
• Describe how FastTrack for Microsoft 365 helps customers deploy Microsoft 365
• Request a partner to assist you with the FastTrack process

Managing Your Microsoft 365 Tenant

In the prior modules, you learned how to plan for and configure your Microsoft 365 tenant. In this module, you will take the next step in the deployment process by learning how to manage your tenant once it has been implemented. This includes configuring your Microsoft 365 administrator roles, managing tenant health and services, and managing user-driven and centralized deployments of Microsoft 365 Apps for enterprise (formerly Office 365 ProPlus).

Lessons

• Configuring Microsoft 365 Admin Roles
• Managing Tenant Health and Services
• Managing User-Driven Client Installations
• Managing Centralized Microsoft 365 Apps for enterprise Deployments

Lab : Manage Your Microsoft 365 Tenant

• Manage Administration Delegation
• Monitor and Troubleshoot Microsoft 365
• Install Microsoft 365 Apps for enterprise

After completing this module, students will be able to:

• Describe the key admin roles in Microsoft 365
• Identify the key responsibilities of the primary admin roles
• Configure tenant roles
• Monitor your organization’s Microsoft 365 service health in the Microsoft 365 admin center
• Develop an incident response plan to deal with incidents in your Microsoft 365 services
• Request assistance from Microsoft to address technical, pre-sales, billing, and subscription support
• Describe how Microsoft 365 Apps for enterprise click-to-run technology works
• Describe the Microsoft 365 Apps for enterprise licensing and activation processes
• Plan which update branch might be applicable for your organization
• Plan which method to use for applying update branches to your users
• Identify typical obstacles that prevent successful Microsoft 365 Apps for enterprise installations
• Identify how to prevent users from installing Microsoft 365 Apps for enterprise
• Install and configure Microsoft 365 Apps for enterprise with the Office Deployment Tool
• Deploy Microsoft 365 Apps for enterprise using Group Policy
• Describe how to manage Microsoft 365 Apps for enterprise updates

Office 365 Overview

This module examines the primary features and functionality of the key Microsoft 365 services, including Exchange Online, SharePoint Online, Teams, Power Apps, Power Automate, Power BI, and Power Virtual Agents. This module also introduces you additional Microsoft 365 resources and provides an introduction to device management using Microsoft Intune, security baselines, and conditional access.

Lessons

• Exchange Online Overview
• SharePoint Online Overview
• Teams Overview
• Power Platform Overview
• Power Apps Overview
• Power Automate Overview
• Power BI Overview
• Power Virtual Agents Overview
• Additional Resources Overview
• Device Management Overview

Lab : Reviewing Office 365 Functionality

• Review Key Features of Exchange Online
• Review Key Features of SharePoint Online
• Create a Ticketing System in SharePoint
• Review Key Features of Microsoft Teams
• Explore the Power Platform Admin Center
• Create a Power App from a SharePoint data source
• Create a Power App from scratch
• Create a flow using Power Automate
• Create a DLP Policy using Power Automate
• Build a Power BI report and dashboard

After completing this module, students will be able to:

• Describe the most common recipient types are available in Exchange Online
• Manage anti-malware and anti-spam policies in Exchange Online
• Plan your organization’s disaster recovery needs related to company and user emails
• Determine retention tags and policies that will help you manage your organization’s email lifecycle
• Describe migration and coexistence strategies and understand the differences between them
• Select the right mail migration strategy for your organization
• Determine when you want to change the DNS MX record for a domain in an Office 365 migration
• Describe the different ways to migrate mailboxes to Office 365 in a hybrid Exchange environment
• Determine the permission levels that your organization should use in SharePoint Online
• Describe the levels of encryption for data at rest and data in transit within SharePoint Online
• Describe the SharePoint Online options for maintaining and recovering content in an intranet
• Describe the different options that provide anti-malware protection in SharePoint Online
• Describe basic Teams functionality and the infrastructure that supports its goals
• Describe how Teams compares to the other collaboration apps in Office 365
• Manage user licenses in the Office 365 Admin Center and PowerShell to provide Teams access
• Describe the functionality provided by Guess access in Microsoft Teams
• Describe audio conferencing functionality that is available in Microsoft Teams
• Manage user settings for audio conferencing
• Implement phone systems in Microsoft Teams
• Identify the components that make up the Power Platform product family
• Describe the basic features of the Power Platform Admin center
• Describe what Power Apps are, including their business impact and primary components
• Describe how Power Apps connect to data sources
• Create a basic Power App
• Test and monitor a Power App
• Run a Power App
• Describe the Power Apps security structure
• Build and run a basic workflow using Power Automate
• Administer Power Automate
• Build and share a basic Power BI report and dashboard
• Administer Power BI
• Explain what Power Virtual Agents are and how they empower teams to easily create powerful bots
• Describe key features of Power Virtual Agents
• Describe how device management enables organizations to protect and secure their resources and data
• Describe how organizations use Microsoft Intune to secure proprietary data
• Manage security baselines to secure devices
• Use conditional access to manage devices and apps

Configuring Microsoft 365 Clients

This module introduces you to the Microsoft 365 clients, including mobile clients and clients working offline. This module also examines how to configure Office client connectivity to Microsoft 365, including automatic client configuration, DNS records required for automatic client configuration, configuring Outlook clients, configuring MFA, and troubleshooting client connectivity.

Lessons

• Microsoft 365 Client Overview
• Configuring Office Client Connectivity to Microsoft 365

After completing this module, students will be able to:

• Identify the client packages supported by Microsoft 365
• Identify the mobile clients supported by Microsoft 365
• Identify the Microsoft 365 features that are available for each mobile client platform
• Compare Office Online, Microsoft 365 Apps for enterprise, and Office 2016 Professional Plus
• Work with Office Online apps
• Describe how Outlook utilizes Autodiscover to initially connect an Outlook client to Exchange Online
• Identify the DNS records needed for Outlook to locate the services in Office 365 using Autodiscover
• Describe the connectivity protocols that enable Outlook to connect to Office 365
• Describe how MFA increases security by adding an extra layer of user verification

Capturing User-Driven Data

This module examines how to capture user-driven data using Office Telemetry and Workplace Analytics.

Lessons

• Configuring Office Telemetry
• Configuring Workplace Analytics

After completing this module, students will be able to:

• Identify the five components of the Office Telemetry Dashboard
• Describe the typical deployment requirements and issues that you might encounter when deployment Off
• Describe the types of data collected by the Office Telemetry Agent
• Install and configure Office Telemetry
• Describe how Workplace Analytics can help organizations
• Describe how organizations can use Workplace Analytics
• Configure Workplace Analytics
• Enroll devices in Workplace Analytics
• Assess readiness using Workplace Analytics

Planning and Implementing Identity Synchronization

This module provides an in-depth examination of Microsoft 365 Identity synchronization, with a focus on Azure Active Directory Connect. You will learn how to plan for and implement Azure AD Connect and, how to manage synchronized identities, and how to implement password management in Microsoft 365 using multi-factor authentication and self-service password management.

Lessons

• Introduction to Identity Synchronization
• Planning for Azure AD Connect
• Implementing Azure AD Connect
• Managing Synchronized Identities
• Password Management in Microsoft 365

Lab : Manage Identities

• Prepare for Identity Synchronization
• Implement Identity Synchronization
• Implement Password Management

After completing this module, students will be able to:

• Describe the Microsoft 365 authentication options
• Explain directory synchronization
• Provide an overview of Azure AD Connect
• Plan directory synchronization to synchronize your on-premises Active Directory objects to Azure AD
• Plan an Azure AD Connect implementation
• Plan for Azure AD Connect in a multi-forest scenario
• Configure Azure AD Connect Prerequisites
• Set up Azure AD Connect
• Describe Azure AD Connect Health
• Perform tasks to ensure users synchronize efficiently and successfully deploy Azure AD Connect
• Manage groups with directory synchronization
• Use Azure AD Connect Sync Security Groups to delegate control in Azure AD Connect to other users
• Troubleshoot directory synchronization using a variety of troubleshooting tasks and tools
• Describe the available password management features in Microsoft 365

Implementing Application and External Access

Introduction to Microsoft 365 Security Metrics

In this module, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Active Directory Identity Protection.

Lessons

• Threat Vectors and Data Breaches
• The Zero Trust Model
• Security Solutions in Microsoft 365
• Introduction to Microsoft Secure Score
• Privileged Identity Management
• Introduction to Azure Active Directory Identity Protection

Lab : Tenant Setup and PIM

• Initialize your Microsoft 365 Tenant
• PIM Resource Workflows

After completing this module, students will be able to:

• Describe several techniques hackers use to compromise user accounts through email
• Describe techniques hackers use to gain control over resources
• Describe techniques hackers use to compromise data
• Describe the Zero Trust approach to security in Microsoft 365.
• Describe the components of Zero Trust security.
• Describe and five steps to implementing a Zero Trust model in your organization.
• Explain Zero Trust networking
• List the types of threats that can be avoided by using EOP and Office 365 ATP
• Describe how Microsoft 365 Threat Intelligence can be benefit your organization
• Monitor your organization through auditing and alerts
• Describe how ASM enhances visibility and control over your tenant through three core areas
• Describe the benefits of Secure Score and what kind of services can be analyzed
• Describe how to collect data using the Secure Score API
• Know where to identify actions that will increase your security by mitigating risks
• Explain how to determine the threats each action will mitigate and the impact it has on use
• Explain Privileged Identity Management (PIM) in Azure administration
• Configure PIM for use in your organization
• Audit PIM roles
• Explain Microsoft Identity Manager
• Explain Privileged Access Management in Microsoft 365
• Describe Azure Identity Protection and what kind of identities can be protected
• Understand how to enable Azure Identity Protection
• Know how to identify vulnerabilities and risk events
• Plan your investigation in protecting cloud-based identities
• Plan how to protect your Azure Active Directory environment from security breaches

Managing Your Microsoft 365 Security Services

This module examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. You will be introduced to the various reports that monitor your security health.

Lessons

• Introduction to Exchange Online Protection
• Introduction to Advanced Threat Protection
• Managing Safe Attachments
• Managing Safe Links
• Monitoring and Reports

Lab : Manage Microsoft 365 Security Services

• Implement a Safe Attachments policy
• Implement a Safe Links policy

After completing this module, students will be able to:

• Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
• List several mechanisms used to filter spam and malware
• Describe additional solutions to protect against phishing and spoofing
• Describe the benefits of the Spoof Intelligence feature
• Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
• Describe how Safe Links protect users from malicious URLs embedded in email and documents
• Create and modify a Safe Attachments policy in the Security & Compliance Center
• Create a Safe Attachments policy by using Windows PowerShell
• Configure a Safe Attachments policy to take certain actions
• Understand how a transport rule can be used to disable the Safe Attachments functionality
• Describe the end-user experience when an email attachment is scanned and found to be malicious
• Create and modify a Safe Links policy in the Security & Compliance Center
• Create a Safe Links policy by using Windows PowerShell
• Understand how a transport rule can be used to disable the Safe Links functionality
• Describe the end-user experience when Safe Links identifies a link to a malicious website or file
• Describe how reports provide visibility into how EOP and ATP is protecting your organization
• Understand where to access reports generated by EOP and ATP
• Understand how to access detailed information from reports generated by EOP and ATP

Microsoft 365 Threat Intelligence

In this module, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches.

Lessons

• Overview of Microsoft 365 Threat Intelligence
• Using the Security Dashboard
• Configuring Advanced Threat Analytics
• Implementing Your Cloud Application Security

Lab : Implement Threat Intelligence

• Conduct a Spear Phishing attack using the Attack Simulator
• Conduct Password attacks using the Attack Simulator
• Prepare for Alert Policies
• Implement a Mailbox Permission Alert
• Implement a SharePoint Permission Alert
• Test the Default eDiscovery Alert

After completing this module, students will be able to:

• Understand how threat intelligence is powered by the Microsoft Intelligent Security Graph
• Describe how the threat dashboard can benefit C-level security officers
• Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
• Describe how the Security Dashboard displays top risks, global trends, and protection quality
• Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it
• Configure Advanced Threat Analytics
• Manage the ATA services
• Describe Cloud App Security
• Explain how to deploy Cloud App Security
• Control your Cloud Apps with Policies
• Troubleshoot Cloud App Security

Introduction to Data Governance in Microsoft 365

This module examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP).

Lessons

• Introduction to Archiving in Microsoft 365
• Introduction to Retention in Microsoft 365
• Introduction to Information Rights Management
• Introduction to Secure Multipurpose Internet Mail Extension
• Introduction to Office 365 Message Encryption
• Introduction to Data Loss Prevention

Lab : Implement Message Encryption and IRM

• Configure Microsoft 365 Message Encryption
• Validate Information Rights Management

After completing this module, students will be able to:

• Understand Data Governance in Microsoft 365
• Describe the difference between In-Place Archive and Records Management
• Explain how data is archived in Exchange
• Recognize the benefits of In Place Records Management in SharePoint
• Explain the difference between Message Records Management (MRM) in Exchange and Retention in SCC.
• Understand how MRM works in Exchange
• List the types of retention tags that can be applied to mailboxes
• Know the different Microsoft 365 Encryption Options
• Understand how IRM can be used in Exchange
• Configure IRM protection for Exchange mails
• Explain how IRM can be used in SharePoint
• Apply IRM protection to SharePoint documents
• Tell the differences between IRM protection and AIP classification
• Describe the use of S/MIME
• Explain what digital signatures are
• Apply a digital signature to a message
• Understand how message encryption works
• Perform encryption on a message
• Accomplish decryption of a message
• Understand the co-operation of signing and encryption simultaneously
• Tell what triple-wrapped messages are
• Describe when you can use Office 365 Message Encryption
• Explain how Office 365 Message Encryption works
• Describe Data Loss Prevention (DLP)
• Understand what sensitive information and search patterns are that DLP is using
• Know what a DLP policy is and what it contains
• Recognize how actions and conditions work together for DLP
• Express how actions contain functions to send emails on matches
• Show policy tips to the users if a DLP rule applies
• Use policy templates to implement DLP policies for commonly used information
• Explain document finger
• Understand how to use DLP to protect documents in Windows Server FCI

Archiving and Retention in Microsoft 365

This module delves deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center.

Lessons

• In-Place Records Management in SharePoint
• Archiving and Retention in Exchange
• Retention Policies in the SCC

Lab : Implement Archiving and Retention

• Initialize Compliance
• Configure Retention Tags and Policies

After completing this module, students will be able to:

• Understand the process of records management
• Create a file plan for your organization
• Describe two methods for converting active docs to records
• Describe the benefits of In-Place Records Management
• Configure of In-Place Records Management for your organization
• Enable and disable In-Place Archiving
• Create useful retention tags
• Create retention policies to group retention tags
• Assign retention policies to mailboxes
• Allocate permissions and scripts to export and import retention tags
• Export all retention policies and tags from an organization
• Import all retention policies and tags to an organization
• Explain how a retention policy works
• Create a retention policy
• Manage retention policy settings

Implementing Data Governance in Microsoft 365 Intelligence

This module examines how to implement the key aspects of data governance, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.

Lessons

• Evaluating Your Compliance Readiness
• Implementing Compliance Center Solutions
• Building Ethical Walls in Exchange Online
• Creating a Simple DLP Policy from a Built-in Template
• Creating a Custom DLP Policy
• Creating a DLP Policy to Protect Documents
• Working with Policy Tips

Lab : Implement DLP Policies

• Manage DLP Policies
• Test MRM and DLP Policies

After completing this module, students will be able to:

• Describe the Microsoft 365 Compliance Center and how to access it
• Describe the purpose and function of Compliance score
• Explain the components of of how an organization’s Compliance score is determined
• Explain how assessments are used to formulate compliance scores
• Explain how Microsoft 365 helps address Global Data Protection Regulation
• Describe insider risk management functionality in Microsoft 365
• Configure insider risk management policies
• Configure insider risk management policies
• Explain the communication compliance capabilities in Microsoft 365
• Describe what an ethical wall in Exchange is and how it works
• Explain how to create an ethical wall in Exchange
• Identify best practices for building and working with ethical walls in Exchange
• Understand the different built-in templates for a DLP policies
• Determine how to choose the correct locations for a DLP policy
• Configure the correct rules for protecting content
• Enable and review the DLP policy correctly
• Describe how to modify existing rules of DLP policies
• Explain how to add and modify custom conditions and action to a DLP rule
• Describe how to change user notifications and policy tips
• Configure the user override option to a DLP rule
• Explain how incident reports are sent by a DLP rule violation
• Describe how to work with managed properties for DLP policies
• Explain how SharePoint Online creates crawled properties from documents
• Describe how to create a managed property from a crawled property in SharePoint Online
• Explain how to create a DLP policy with rules that apply to managed properties via PowerShell
• Describe the user experience when a user creates an email or site containing sensitive information
• Explain the behavior in Office apps when a user enters sensitive information

Managing Data Governance in Microsoft 365

This module focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection.

Lessons

• Managing Retention in Email
• Troubleshooting Data Governance
• Implementing Azure Information Protection
• Implementing Advanced Features of AIP
• Implementing Windows Information Protection

Lab : Implement AIP and WIP

• Implement Azure Information Protection
• Implement Windows Information Protection

After completing this module, students will be able to:

• Determine when and how to use retention tags in mailboxes
• Assign retention policy to an email folder
• Add optional retention policies to email messages and folders
• Remove a retention policy from an email message
• Explain how the retention age of elements is calculated
• Repair retention policies that do not run as expected
• Understand how to systematically troubleshoot when a retention policy appears to fail
• Perform policy tests in test mode with policy tips
• Describe how to monitor DLP policies through message tracking
• Describe the required planning steps to use AIP in your company
• Configure and customize labels
• Create policies to publish labels
• Plan a Deployment of the Azure Information Protection client
• Configure the advance AIP service settings for Rights Management Services (RMS) templates
• Implement automatic and recommended labeling
• Activate the Super User feature for administrative tasks
• Create your tenant key for encryption
• Deploy the AIP scanner for on-premises labeling
• Plan RMS connector deployment to connect on-premises servers
• Describe WIP and what it is used for
• Plan a deployment of WIP policies
• Implement WIP policies with Intune and SCCM
• Implement WIP policies in Windows desktop apps

Managing Search and Investigations

This module conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.

Lessons

• Searching for Content in the Security and Compliance Center
• Auditing Log Investigations
• Managing Advanced eDiscovery

Lab : Manage Search and Investigations

• Implement a Data Subject Request
• Investigate Your Microsoft 365 Data

After completing this module, students will be able to:

• Describe how to use content search
• Design your content search
• Configure search permission filtering
• Explain how to search for third-party data
• Describe when to use scripts for advanced searches
• Describe what the audit log is and the permissions that are necessary to search the Office 365 audit
• Configure Audit Policies
• Enter criteria for searching the audit log
• View, sort, and filter search results
• Export search results to a CSV file
• Search the unified audit log by using Windows PowerShell
• Describe Advanced eDiscovery
• Configure permissions for users in Advanced eDiscovery
• Create Cases in Advanced eDiscovery
• Search and prepare data for Advanced eDiscovery

Planning for Device Management

This module provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.

Lessons

• Introduction to Co-management
• Preparing Your Windows 10 Devices for Co-management
• Transitioning from Configuration Manager to Intune
• Introduction to Microsoft Store for Business
• Planning for Mobile Application Management

Lab : Implement the Microsoft Store for Business

• Configure the Microsoft Store for Business
• Manage the Microsoft Store for Business

After completing this module, students will be able to:

• Describe the benefits of Co-management
• Plan your organization’s Co-management Strategy
• Describe the main features of Configuration Manager
• Describe how Azure Active Directory enables co-management
• Identify the prerequisites for using Co-management
• Configure Configuration Manager for Co-management
• Enroll Windows 10 Devices to Intune
• Modify your co-management settings
• Transfer workloads to Intune
• Monitor your co-management solution
• Check compliance for co-managed devices
• Describe the feature and benefits of the Microsoft Store for Business
• Configure the Microsoft Store for Business
• Manage settings for the Microsoft Store for Business

Planning Your Windows 10 Deployment Strategy

This module focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Windows Analytics, and planning your Windows 10 subscription activation service.,

Lessons

• Windows 10 Deployment Scenarios
• Implementing and Managing Windows Autopilot
• Planning Your Windows 10 Subscription Activation Strategy
• Resolving Windows 10 Upgrade Errors
• Introduction to Windows Analytics

After completing this module, students will be able to:

• Plan for Windows as a Service
• Plan a Modern Deployment
• Plan a Dynamic Deployment
• Plan a Traditional Deployment
• Describe Windows Autopilot requirements
• Configure Autopilot
• Create and Assign an Autopilot profile
• Deploy and validate Autopilot
• Describe Autopilot Self-deployments, White Glove deployments, and User-drive deployments
• Deploy BitLocker Encryption for Autopiloted Devices
• Understand Windows 10 Enterprise E3 in CSP
• Configure VDA for Subscription Activation
• Deploy Windows 10 Enterprise licenses
• Describe common fixes for Windows 10 upgrade errors
• Use SetupDiag
• Troubleshooting upgrade errors
• Describe Windows error reporting
• Understand the upgrade error codes and resolution procedure
• Describe Windows Analytics
• Describe Device Health
• Describe Update Compliance
• Determine Upgrade Readiness

Implementing Mobile Device Management

Managing the Transport Pipeline

In this module, you will learn about the different transport components of Exchange, how the message routing works, and how to configure the message flow for your organization. You will examine the tasks that messaging administrators must complete to configure message transport. You will review the message transport options and learn how to configure domains and connectors and how to implement an approval workflow for messaging. You will also learn how to manage transport rules, which are a very powerful configuration to control the message flow in your organization.

Lessons

• Overview of Transport Services
• Configuring Message Transport
• Managing Transport Rules

Lab : Configure Message Transport

• Create Connectors

After completing this module, students will be able to:

• Describe the transport components of Exchange
• Plan an effective message routing for your organization
• Modify message flow for your organization
• Describe which transport agents exist and what they do
• Configure the different transport options
• Plan and set up domains for your organizations
• Understand how receive and send connectors work
• Describe how message moderation for different recipients work
• Understand what transport rules are
• Describe how transport rules are working
• Configure custom transport rules
• Describe how transport rules can be used for data loss prevention

Managing and Troubleshooting Mail Flow

In this module, you will examine the components of mail flow, and you will learn how to manage your mail flow, which is a crucial task for every Exchange administrator. You will study the differences between managing mail flow in Exchange Online, Exchange Server, and Exchange Hybrid deployments. From managing mail flow, you will transition to troubleshooting mail flow issues such as emails not being routed correctly in or outside your organization, or when secure connections cannot be established successfully. Yo will learn about the tools Microsoft provides to help you find the root cause of your issues and fix your mail flow. You will then transition from troubleshooting mail flow to troubleshooting transport issues, such as network-based issues, connector and agent issues, and architectural issues, as well as how to troubleshoot in coexistence. Finally, you will learn how to check event, protocol, and tracking logs when all troubleshooting for service availability and message transport has finished and an issue still persists, or if you must find historical data about issues in the past.

Lessons

• Managing Mail Flow
• Troubleshooting Mail Flow
• Troubleshooting Transport Issues
• Troubleshooting with Logs

Lab : Conditional Mail Routing

• Create Mail Flow Rules

After completing this module, students will be able to:

• Manage mail flow in organizations
• Understand mail flow for Exchange Servers
• Manage mail flow for Exchange Online
• Describe and manage mail flow in hybrid environments
• Understand how to troubleshoot SMTP mail flow issues
• Describe how to troubleshoot issues with a shared namespace
• Describe how to troubleshoot encryption issues with TLS
• Perform troubleshooting for network-based issues
• Describe troubleshooting procedures for connector and agent issues
• Plan troubleshooting for architectural issues
• Understand how to perform troubleshooting in coexistence
• Create searches for the message tracking log
• Describe how to troubleshoot using the protocol logs
• Understand how to work with the event logging for Exchange

Managing Message Hygiene

In this module, you will learn about Microsoft Exchange Online Protection (EOP) features and functionality. You will also learn how to plan messaging routing for this service, which provides anti-malware and anti-spam policies that protect your organization against spam and malware and safeguards your organization from messaging-policy violations. You will then review the anti-malware and anti-spam protection that Exchange Server and Online Protection provide, and you will learn how to configure SPAM and malware filters, policies, and settings to provide protection for your users. You will conclude the module by examining Advanced Threat Protection (ATP) and how it extends the protection provided by EOP by filtering targeted attacks that could pass through EOP’s line of defenses, including advanced threats such as zero-day attacks in email attachments and Office documents and time-of-click protection against malicious URLs. You will learn how Microsoft 365 ATP protects users from advanced threats through features such as safe attachments and safe links, and how it generates reports which provide administrators with insight into attacks targeting their tenants through email.

Lessons

• Planning for Message Hygiene
• Managing Anti-Malware and Anti-Spam Policies
• Managing Advanced Threat Protection

Lab : Managing Messaging Hygiene

• Create Hygiene Filters

After completing this module, students will be able to:

• Explain the use and features of Exchange Online Protection
• Plan message routing for Exchange Online Protection
• Investigate the available EOP reports and logs
• Understand the different message header fields relevant for spam and spoofing protection
• Configure anti-spam and anti-malware filters in Exchange Server
• Using additional features for outbound spam filtering and quarantine
• Implementing protection features against phishing and spoofing
• Create transport rules for custom requirements
• Describe the features of Advanced Threat Protection
• Describe the protection provided by Safe Attachment and Safe Links policies
• Understand the spoof intelligence features
• Know how ATP anti-phishing policies work

Managing Compliance

This module begins by describing the different compliance features in the Security & Compliance Center (SCC) that messaging administrators can use to comply with legal and regulatory requirements. This module supports compliance in Exchange by examining the compliance features available in the Exchange Admin Center for Exchange Server and hybrid deployments. Because of the complex retention requirements of modern messaging environments, this module focuses on how archiving is performed with Exchange so that you can provide an efficient and compliant environment to your users. You will also examine how additional archive storage is provided to your users, how messages are automatically processed and archived, and how audit logging in Exchange that provides information about administrator, delegate, and user actions in user mailboxes and your Exchange organization. Finally, because organizations must adhere to legal discovery requirements (related to organizational policy, compliance, or lawsuits), you will examine how eDiscovery for Microsoft Exchange can help you perform discovery searches for relevant content within mailboxes.

Lessons

• Messaging Compliance in the SCC
• Messaging Compliance in Exchange
• Managing Exchange Online Archiving and Auditing
• Managing Content Search

After completing this module, students will be able to:

• Describe different policy and compliance features for messaging
• Evaluate the different roles in the Security & Compliance Center
• Plan retention policies for Exchange Online mailboxes
• Configure data loss prevention (DLP) policies for data in Microsoft 365
• Create message traces to understand the mail flow in your Exchange Online organization
• Describe litigation and in-place holds in Exchange Server
• Plan retention and deletion with Message Records Management (MRM)
• Protect your mail flow with data loss prevention policies in Exchange Server
• Investigate the message tracking log in your Exchange organization
• Describe what in-place archiving is and how it works
• Understand the differences between journaling and archiving
• Know what the mailbox and administrator audit logs are used for
• Understand content searches to search for messages in your organization
• Describe eDiscovery cases and in-place eDiscovery for Exchange
• Manage Advanced eDiscovery cases in the Security & Compliance Center

Managing Organizational Settings

This module begins with an examination on how to manage authentication for messaging. This module focuses on how to ensure that user accounts are well protected and secure, and how to deploy multiple security features that do not introduce unnecessary complexity in users’ everyday work, which can result in lower business productivity and new security risks. You will then transition from messaging authentication to organizational settings, where you will learn how to configure settings that apply to the entire organization or to many users in the organization. Finally, you will examine how to configure organizational sharing.

Lessons

• Managing Authentication for Messaging
• Configuring Organizational Settings
• Configuring Organizational Sharing

After completing this module, students will be able to:

• Configure password policy options
• Configure self-service password management
• Implement multi-factor authentication
• Plan password policies
• Configure workload policies and throttling
• Configure quota configurations
• Configure Exchange Server and Skype for Business integration
• Deploy Office 365 add-ins
• Provide an overview of Exchange federated delegation sharing features
• Describe federated sharing components
• Explain considerations for designing and implementing federation trusts and certificates
• Implement organization relationships
• Implement sharing policies

Managing Mobile Devices

In this module, you will begin by examining Mobile Device Management in Microsoft 365, as well as how Exchange ActiveSync and mobile device mailbox policies support this effort. You will then examine how to manage and troubleshoot mobile device access. This module then examines how to configure both access and infrastructure for mobile devices, understanding the implications of mobile device remote wipe, and learning about alternative methods for mobile device management.

Lessons

• Mobile Device Mailbox Policies
• Managing Mobile Device Access

Lab : Implement ActiveSync

• Implement Active Sync for single and multiple mailboxes

After completing this module, students will be able to:

• Describe how Exchange ActiveSync works
• Configure mobile device mailbox policies
• Understand Mobile Device Management in Microsoft 365
• Configure access for mobile devices
• Understand components of mobile device infrastructure
• Tell how a mobile device remote wipe works
• Describe alternatives for mobile device management
• Troubleshoot mobile device access

Managing Role-Based Permissions

This module examines how messaging administrators manage role-based permissions, which is an essential task for any messaging administrator. Since Exchange Server and Exchange Online both use the Role Based Access Control (RBAC) permission model, this module examines the basics of RBAC management. The module concludes by examining how a messaging administrator must plan and configure permissions carefully so as not to put their environment or their entire Active Directory at risk.

Lessons

• Managing Admin Roles
• Managing User Roles
• Exchange Setup – RBAC and AD Split Permission

Lab : Manage Roles and Permission Policies

• Manage Roles and Permission Policies

After completing this module, students will be able to:

• Describe how RBAC is used to assign roles to users
• Understand what management role group for administrative tasks are
• Assign the built-in management roles for administration
• Create custom management roles and assign them through role assignment policies to users
• Troubleshoot RBAC management roles
• Describe the built-in end-user roles
• Configure role assignment policies
• Create new custom roles and role assignment policies
• Understand the differences between shared permissions and split permissions
• Describe multi-forest permissions
• Identify the differences between the permission models

Managing Recipient Objects and Resources

This module examines some of the most common tasks that messaging administrators perform – creating and configuring email recipients, lists, and resources. This module examines the different types of Exchange Server recipients, including how they differ from each other. The module then focuses on the various tasks that require you to create and manage Exchange recipients in Exchange, including user mailboxes, resource mailboxes, shared mailboxes, mail contacts, and mail users. You will also learn how to manage permissions for recipients, and how to create and manage groups.

Lessons

• Exchange Recipients
• Creating and Managing Exchange Recipients
• Managing Email Addresses, Lists, and Resources

Lab : Create Recipient Objects and Resources

• Create Exchange Recipients
• Create Groups

After completing this module, students will be able to:

• Describe the different recipient objects in Exchange
• Describe resource mailboxes
• Describe shared mailboxes
• Describe linked mailboxes and site mailboxes
• Describe groups
• Create and manage Mailbox settings
• Create and manage Resource and Shared mailboxes
• Create and manage Mail contacts and mail users
• Create and manage Recipient permissions
• Create and manage Groups
• Describe address lists
• Explain how to configure address lists
• Describe address book policies
• Explain how to configure offline address books
• Describe email address policies

Managing Public Folders

In this module, you will learn about public folders in Exchange, review the planning considerations for deploying public folders, and discuss alternatives to public folders. You will also learn how to implement and manage public folder mailboxes, public folders, and public folder permissions, as well as how to create and manage mail-enabled public folders. The module concludes by examining how to monitor and troubleshoot Public Folder-related issues.

Lessons

• Planning the Public Folder Hierarchy
• Implementing and Managing Public Folders
• Troubleshooting Public Folders

Lab : Implement Public Folders

• Create Public Folders
• Manage Public Folders

After completing this module, students will be able to:

• Describe public folders in Exchange
• Plan a public folder hierarchy
• Plan public folder mailboxes
• Explain public folder quotas
• Evaluate alternatives to public folders
• Describe considerations for implementing Public Folders
• Deploy public folder mailboxes
• Manage public folder permissions
• Create and manage mail-enabled public folders
• Monitor public folders
• Troubleshoot public folders
• Troubleshoot public folder access

Planning a Hybrid Environment

In this module you will examine the requirements necessary to implement a hybrid deployment, and you will learn about the features and components that are required when implementing a hybrid deployment. This module examines all planning aspects that are required before running the Hybrid Configuration Wizard. This includes the configuration options of the HCW, as well as the details on Organization Configuration Transfer (OCT) and the Hybrid Agent. The module concludes with a review of the mail flow options for a hybrid deployment.

Lessons

• Exchange Hybrid Deployment Requirements
• Planning to Run the Hybrid Configuration Wizard

Lab : Prepare Azure AD for Hybrid Synchronization

• Prepare Azure AD for Hybrid Synchronization

After completing this module, students will be able to:

• Describe connection options that are available for connecting on-premises Exchange to Microsoft 365
• List and describe components of a hybrid deployment
• Describe Azure Active Directory Connect (Azure AD Connect)
• Identify Microsoft 365 identity options for Exchange hybrid
• Compare Exchange delegated federation vs. OAuth
• Plan for Exchange Hybrid configuration
• Describe Organization Configuration Transfer
• Explain Exchange Modern Hybrid and Hybrid Agent
• Plan mail flow options for a hybrid deployment

Performing Mailbox Migrations

This module examines the options that are available for migrating email to Exchange Online, such as performing a migration or using FastTrack to move mailboxes from your existing mail servers to Exchange Online. This module summarizes the migration and co-existence options and recommends when to use which option. The module then examines the requirements for running an IMAP migration, the migration options that are available, and the steps that are performed during a migration. The module then examines how to plan and perform both a cutover and staged migration. It compares each of these two migration approaches, and you will learn about the requirements, planning activities, and migration process for each option. The module concludes by examining important additional migration tasks, such as migrating a PST file and the considerations for a Public Folder migration.

Lessons

• Planning Mailbox Migrations
• Performing IMAP Migrations
• Performing Cutover and Staged Migrations
• Performing Advanced Migrations

After completing this module, students will be able to:

• Describe the migration and coexistence strategies with Exchange Online
• Use FastTrack to move mailboxes
• Describe the requirements for an IMAP migration and how it’s carried out
• Move mailbox data using an IMAP migration
• Describe the requirements for both cutover and staged migrations
• Perform a migration and move mailboxes either with a cutover or staged migration
• Import PST Files to Exchange Online mailboxes
• Migrate Public Folders to Exchange Online

Deploying and Troubleshooting a Hybrid Environment