Microsoft Intune
This site is where you can perform all administrative actions on devices that are enrolled to Azure.
What is Microsoft Intune
This security app can be used to troubleshoot ASR (attack surface reduction), firewall, and WDAC blocking software/drivers in addition to checking for
vulnerabilities
What is MDE or Microsoft Defender
This site is where you can check bitlocker keys, audit logs, accounts, devices, groups, and even see if delegation station has performed any action on devices
What is Entra ID or Azure Active Directory
This period is where newly enrolled intune devices do not have to be compliant
for 30 days
What is grace period
This command can be used to test connectivity to a remote server
What is ping
This remote action within intune allows an admin to re-install the operating system on an AUDS device
What is Fresh Start
This tool which is deployed to all users allows them to run scripts to either fix simple issues or perform simple tasks ranging from fixing bad drivers to enabling developer tools
What is self-help tool
This Microsoft Entra feature helps manage privileged access and enforces time-limited admin roles
What is PIM Privileged Identity Management
This ring is used for standard operations
What is Broad Ring
This issue occurs when a service account has too many failed login attempts
What is an account lockout
This remote action allows an admin to set the device back to its factory default settings by removing all data, apps, and settings.
What is Wipe
This web app allows the user to perform admin functions without a paw such as
manipulate ring groups, extension attributes, change primary users, and rename
devices
What is Front Door
This is used to delegate role-based access without giving full admin rights
What is Role-Based Access Control
This ring is used for critical systems and/or VIPs
What is sensitive ring
This command shows all running services on a machine
What is Get-Services
This action within intune allows the admin to forward a multitude of system files
from the remote device in question for troubleshooting.
What is collect diagnostics
This web app is designed to create records before initiating the imaging process so that the device can get onboarded to intune upon enrollment
What is delegation station
This feature prompts users to verify their identity using a second method
What is MFA Multi-Factor Authentication
PAW devices activate windows by connecting to this application
What is Global Protect
This object type in AD can be assigned permission and rights across the domain
What is a security group
This service silently authenticates with intune services before checking in to receive assigned installations for the device every 8 hours and can be restarted by any user
What is IME or Intune Management Extension service
One must stand this up in order to make their web apps authenticate with user's army 365 credentials in AUDS
What is Azure Application Proxy
Admins can utilize the following solution to elevate their rights on end user devices to perform various tasks including sideloading
What is LAPS
This role on the PAW allows the admin to manipulate extension attributes via powershell
What is PAG-AUDS-Device-EAS3-Update or Tag Administrator role
This log file records system boot and startup information
What is the system log in event viewer