MD-102 Exam Study Guide – Endpoint Administrator

Microsoft has recently announced the new MD-102: Endpoint Administrator exam which will become the single exam for you to achieve the Microsoft 365 Certified: Modern Desktop Administrator Associate certification.

In this MD-102 exam study guide I am sharing with you all free learning resources which will aid you in passing the exam. The resources are made up from all relevant Microsoft documentation pages, as well as community blog posts.

About the MD-102 exam

The MD-102 exam is the single exam required for you to earn the Microsoft 365 Certified: Modern Desktop Administrator Associate certification and it is aimed at experts who have experience deploying, configuration and managing devices and client applications in Microsoft 365. 

Here is the full exam description:

Candidates for this exam have subject matter expertise deploying, configuring, protecting, managing, and monitoring devices and client applications in a Microsoft 365 environment. They manage identity, security, access, policies, updates, and apps for endpoints. They implement solutions for efficient deployment and management of endpoints on various operating systems, platforms, and device types. They implement and manage endpoints at scale by using Microsoft Intune, Windows 365, Windows Autopilot, Microsoft Defender for Endpoint, and Azure Active Directory (Azure AD), part of Microsoft Entra.

Endpoint administrators collaborate with architects, Microsoft 365 administrators, security administrators, and other workload administrators to plan and implement a modern workplace strategy that meets the business needs of an organization.

Candidates for this exam have experience with Azure AD and Microsoft 365 technologies including Intune. They must have strong skills and experience in deploying, configuring, and maintaining Windows client and non-Windows devices.

MD-102 Exam Path

MD-102 exam path
MD-102 exam path

MD-102 Exam feedback

I sat the MD-102 exam personally this year so here is my feedback regarding the exam questioning and my recommended areas for study. 

I found the exam quite well written, I could not make out any technical or grammatical issues during the exam which was a bonus, but sometimes expected! Especially as I took the exam during the beta phase. There were still some references to old technologies such as AD DS (Active Directory Domain Servers), but as they will not be going anywhere for a long time, I felt it appropriate to remain in the exam and the question scenarios justify its existence. 

II did not get any questions on the new Windows LAPS technologies, however that doesn’t mean that you wont! I have plenty of tutorials on LAPS on this blog so check them out!

There were many different questions that came up on the exam. Of-course I cannot share details on the questions here, but what I can share is a list of some of the areas that were featured on the exam taken from the skills outline: (of-course you can expect all skills to be defined on the exam in some manner, but this list is quite long anyway so it may help you focus your study!).

  • Choose an imaging and/or provisioning strategy

  • Configure device registration for Autopilot

  • Create, validate, and assign deployment profiles

  • Set up the Enrollment Status Page (ESP)

  • Deploy Windows devices by using Autopilot

  • Plan and implement an MDT deployment infrastructure

  • Create, manage, and deploy images

  • Configure Remote Desktop on a Windows client

  • Configure the Windows Admin Center

  • Configure PowerShell remoting and Windows Remote Management (WinRM)

  • Implement user authentication on Windows devices, including Windows Hello for Business, passwordless, and tokens

  • Register devices in and join devices to Azure AD

  • Manage the membership of local groups on Windows devices

  • Implement Conditional Access policies that require a compliance status

  • Implement compliance policies

  • Monitor device compliance

  • Configure policy sets

  • Implement configuration profiles

  • Configure and implement Windows kiosk mode

  • Configure and implement profiles on Android devices, including fully managed, dedicated, corporate owned, and work profile

  • Monitor devices by using Intune

  • Plan for device updates

  • Create and manage update policies by using Intune

  • Monitor updates

  • Configure Windows client delivery optimization by using Intune

  • Create and manage update rings by using Intune

  • Implement and manage security baselines in Intune

  • Create and manage configuration policies for Endpoint security including antivirus, encryption, firewall, endpoint detection and response (EDR), and attack surface reduction (ASR)

  • Deploy apps by using Intune

  • Manage Microsoft 365 Apps by using the Microsoft 365 Apps admin center

  • Deploy Microsoft 365 Apps by using Intune

  • Plan and implement app protection policies for iOS and Android

  • Manage app protection policies

  • Implement Conditional Access policies for app protection policies

  • Plan and implement app configuration policies for managed apps and managed devices

  • Manage app configuration policies

How long is the MD-102 Exam

For the MD-102 exam, I was given 2 hours to complete 60 questions, which I found was plenty of time. However, due to the nature of Microsoft exams, your exam may have anywhere between 45 and 60 questions, so please bear that in mind.

Microsoft Learn paths

Although Microsoft have not released an official Microsoft learning path yet for the MD-102 exam, I have added all the relevant learning paths from Microsoft learn to a collection which you can access below:

MD-102 Exam Path

Deploy Windows client (25–30%)

Prepare for a Windows client deployment

Plan and implement a Windows client deployment by using Windows Autopilot

Plan and implement a Windows client deployment by using the Microsoft Deployment Toolkit (MDT)

Configure remote management

Manage identity and compliance (15–20%)

Manage identity

Implement compliance policies for all supported device platforms by using Intune

Manage, maintain, and protect devices (40–45%)

Manage the device lifecycle in Intune

Manage device configuration for all supported device platforms by using Intune

Monitor devices

Manage device updates for all supported device platforms by using Intune

Implement endpoint protection for all supported device platforms

Manage applications (10–15%)

Implement endpoint protection for all supported device platforms

Implement endpoint protection for all supported device platforms

Daniel Bradley

My name is Daniel Bradley and I work with Microsoft 365 and Azure as an Engineer and Consultant. I enjoy writing technical content for you and engaging with the community. All opinions are my own.

This Post Has 2 Comments

  1. Anonymous

    Wow thanks for all the links. Massive help in starting to prepare for the exam without having to spend a lot of time scrambling around finding the proper documentation

  2. Plinio

    Thank you a lot for your work on this study guide. It’s beneficial.

Leave a Reply