Implementing application deployment can be a task that requires careful planning and considered implementation. The MS-101 Microsoft 365 Mobility and Security exam includes modules that cover the topic of planning and implementing application deployment and it’s worth taking a look at these when you’re revising or preparing for the exam.
Planning for Application Deployment
In general, when planning for application deployment, there are some key points that must be kept in mind:
I) Understanding Your Requirements:
Before beginning with your applications deployment plan, it is crucial to understand your organizational needs and application requirements. This includes knowing your end-user requirements, security constraints, and the nature of the apps you’re deploying.
II) Deployment Strategy:
Deciding whether you’ll be implementing a cloud-only deployment, an on-premise deployment, or a mix of the two (hybrid deployment). Cloud deployment is advantageous from a cost and maintenance standpoint since Microsoft hosts and maintains the services. However, hybrid deployment is often preferred for organizations that need to keep some of their workload on-premises for compliance or operational continuity reasons.
III) Security Planning:
This involves developing a strategy to protect your data both in transit and at rest, configuring network security settings and ensuring compliance with all relevant regulations.
Implementation of Deployment – Microsoft 365
In terms of implementation, Microsoft 365 provides various tools and features that help streamline the application deployment process:
- Microsoft Endpoint Manager: Endpoint Manager (earlier Intune and SCCM) is a unified, integrated management platform that provides flexible, comprehensive management of applications across all devices.
- SharePoint: SharePoint serves as a secure location to store, organize, share, and access information from any device. SharePoint is fully integrated with Microsoft 365, making it easy to share internal content with specific colleagues or teams within your organization.
- Teams for business: Microsoft Teams serves as the hub for teamwork in Office 365. You can quickly and easily create a team, start a conversation, share files, and organize meetings.
- Power Apps: Power Apps is a suite of applications, services, connectors, and data platforms that allows you to build custom business applications quickly and easily – all without needing to write and maintain code.
Each of these tools can be integrated within your application deployment strategy, making your deployment more effective and efficient. Understanding these tools, their functionality, and how they can be leveraged within your organization is part of planning for application deployment aspects covered in the MS-101 exam.
Web App Deployment Example using Endpoint Manager:
One of the examples of web app deployment can be using Endpoint Manager:
Firstly, you create an app in Endpoint Manager admin center where you provide details of the application.
1) Go to Microsoft Endpoint Manager Admin center and Login.
2) Select Apps > All apps > Add.
3) In the Select app type pane, under the section Other, select Web link.
4) Select Select. The Add app steps are displayed in the pane.
5) Provide a Name for the app, optionally provide a Description, and specify the URL for the web link.
6) Configure App Information like icons etc.
7) In the Scope tags section, optionally assign a tag to filter the policy to devices.
8) Configure assignments for the app.
9) Once all configurations are done, click “Add” to finish the application setup.
After the app setup, the app becomes available to end users who can then install the web link on their device directly from the Company Portal app or website.
Remember, plan and implement application deployment is a significant section of the MS-101 Microsoft 365 Mobility and Security exam and thus requires careful study and understanding. With the right preparation, you’ll be well equipped to pass the exam and apply this knowledge in your IT role.
Practice Test
True/False: Application deployment only requires an executable program, and no other files such as configuration, runtime, or system files.
- True
- False
Answer: False
Explanation: An application deployment process also includes installing and configuring the entire application on the target environment. Thus, additional files such as configuration files, runtime environments, and system files, if any, are also required.
Which of the following steps are involved in the planning phase of application deployment?
- A. Defining the deployment architecture
- B. Identifying the tools and strategies for deployment
- C. Testing the application’s performance
- D. Identifying and mitigating application vulnerabilities
Answer: A,B
Explanation: The planning phase involves defining the deployment architecture, setting up the deployment environment, identifying the tools and strategies for deployment. The other options belong to the implementation and post-deployment phase.
True or False: It is not necessary to roll back a faulty application deployment.
- True
- False
Answer: False
Explanation: It is essential to have a strategy to roll back a faulty application deployment. The effects of a failure can be minimized by quickly reversing changes to the environment.
Single select: Which Microsoft tool is used to manage and monitor applications and services across hybrid environments?
- A. Azure Information Protection
- B. Microsoft Endpoint Configuration Manager
- C. Windows Virtual Desktop
- D. Azure Arc
Answer: D. Azure Arc
Explanation: Azure Arc allows for the management of services and applications across on-premises, multi-cloud and edge deployments.
Which are the common strategies to mitigate application vulnerabilities?
- A. Implementing security patches
- B. Using Intrusion Detection Systems (IDS)
- C. Running regular backups
- D. All of the above
Answer: D. All of the above
Explanation: All the listed strategies are commonly used to mitigate application vulnerabilities during and after deployment.
True/False: Version control systems have no role in application deployment.
- True
- False
Answer: False
Explanation: Version control systems allow tracking of changes, makes rollback more manageable in case of faulty deployment, and enables efficient collaboration between the development and operations teams.
Which phase of application deployment involves setting up the runtime environment?
- A. Planning
- B. Packaging
- C. Installation
- D. Testing
Answer: C. Installation
Explanation: During the installation phase, the runtime environment is set up, and the application and its dependencies are installed.
Single select: Which Microsoft tool guarantees secure access with session risk detection?
- A. Azure Active Directory
- B. Microsoft Endpoint Manager
- C. Azure Information Protection
- D. Microsoft SharePoint Online
Answer: A. Azure Active Directory
Explanation: Azure Active Directory provides secure access to applications, with features of risk-based conditional access policies and session risk detection.
True/False: Azure App Service enables quick and easy deployment of apps across all Microsoft cloud services.
- True
- False
Answer: True
Explanation: Azure App Service is a fully-managed service for building, deploying, and scaling web apps quickly across Microsoft Azure cloud services.
Single select: In application deployment, what does the term “Blue-Green Deployment” refer to?
- A. The use of multiple programming languages in the application
- B. The use of two identical production environments
- C. The existence of application vulnerabilities
- D. The compression of application files for faster deployment
Answer: B. The use of two identical production environments
Explanation: A “Blue-Green Deployment” refers to the practice of having two identical production environments, where one is live (green) and the new version is staged (blue). If everything works fine in the blue environment, the router can be switched to make it live.
Interview Questions
What is the primary function of Windows Autopilot in the application deployment process?
Windows Autopilot is used to simplify the process of deploying new devices in a corporate environment. It can automatically join devices to Azure Active Directory and auto-enroll them into Mobile Device Management.
How can Azure Information Protection be used in application deployment?
Azure Information Protection can be utilized to classify and protect documents and emails by applying labels. These labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users get recommendations.
What is the purpose of the Office Cloud Policy service for Microsoft 365?
The Office Cloud Policy service allows administrators to enforce policy settings for Office 365 ProPlus on devices running Windows, regardless of device location or domain membership.
What is the Mobile Device Management (MDM) in the context of MS-101 exam?
MDM is a type of security software used by an IT department to monitor, manage, and secure employees’ mobile devices that are deployed across multiple mobile service providers and across multiple mobile operating systems being used in the organization.
What does Exchange Online Archiving offer in an application deployment scenario?
Exchange Online Archiving offers a cloud-based, enterprise-class archiving solution that helps organizations solve archiving, compliance, regulatory, and eDiscovery challenges.
How does Microsoft Intune aid in application deployment?
Microsoft Intune allows for Mobile Application Management (MAM) which can protect data at the application level. It also enables administrators to manage devices and applications via the Azure portal.
What is the purpose of Multi-Factor Authentication in application deployment?
Multi-Factor Authentication is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction, enhancing application security.
What is the role of Azure Active Directory in application deployment?
Azure Active Directory (Azure AD) provides identity and access management services in the cloud to secure access to applications.
How do Managed Browser Policies support application deployment?
Managed browser policies with Microsoft Intune help ensure that company data stays protected, and that users can safely access company websites and other Internet resources.
Define the functionality of device compliance policies in Microsoft Intune.
Device compliance policies in Microsoft Intune define the rules and settings that a device must meet to be considered compliant. This includes factors like minimum OS version, password strength and length, and encryption settings.
What is the user experience after deploying applications with Intune?
After applications are deployed with Intune, users may be prompted to install the application on their device. The application will also appear in the company portal for them to install.
What is Microsoft Secure Score and how does it relate to MS-101 exam?
Microsoft Secure Score is a measurement of an organization’s security posture, with higher numbers indicating more improvement actions taken. It’s part of the wider Microsoft 365 security solutions which are a key component of the MS-101 exam.
How can you deploy a line-of-business app with Microsoft Intune?
A line-of-business app can be deployed with Microsoft Intune by adding the app to Microsoft Intune, assigning the app to a group, and then monitoring the app status.
How does Microsoft Defender for Endpoint enhance application deployment security?
Microsoft Defender for Endpoint provides preventative protection, post-breach detection, automated investigation, and response for the applications deployed. It brings robust threat analytics, threat intelligence, and machine learning-based protection.
What is the role of the Cloud App Security Broker (CASB) in application deployment?
A CASB like Microsoft Cloud App Security gives organizations visibility into their cloud apps and services, provides sophisticated analytics to identify and combat cyber threats, and enables control over data travel. This can provide additional security through the application deployment process.