November 11, 2019December 14, 2019 by Nate Chamberlain

MS-101 Exam Study Guide

Below you’ll find all exam areas and objectives with related documentation to help you prepare for the exam. Most of the references below are summarized in my exam prep book.

Implement modern device services (30-35%)

Implement Mobile Device Management (MDM)

plan for MDM
- Intune deployment planning, design, and implementation guide
- Apply features and settings on your devices using device profiles in Microsoft Intune
configure MDM integration with Azure AD
set an MDM authority
- Set the mobile device management authority
set device enrollment limit for users
- Set enrollment restrictions

Manage device compliance

plan for device Compliance
- Set rules on devices to allow access to resources in your organization using Intune
- Monitor Intune Device compliance policies
design/create/manage Conditional Access Policies
configure device compliance policy

Plan for devices and apps

create and configure Microsoft Store for Business
- Microsoft Store for Business and Education
- Microsoft Store for Business and Microsoft Store for Education overview
plan app deployment
- How to manage volume purchased apps from the Microsoft Store for Business with Microsoft Intune
plan device co-management
- How to prepare internet-based devices for co-management
plan device monitoring
- Device management in Microsoft 365
plan for device profiles
- Assign user and device profiles in Microsoft Intune
plan for Mobile Application Management
- Frequently asked questions about MAM and app protection
- App configuration policies for MicrosoftIntune
plan mobile device security
- Protect devices with Microsoft Intune

Plan Windows 10 deployment

plan for Windows as a Service (WaaS)
- Overview of Windows as a service
plan the appropriate Windows 10 Enterprise deployment method
- Windows 10 deployment considerations
analyze upgrade readiness for Windows 10
- Get started with Upgrade Readiness
evaluate and deploy additional Windows 10 Enterprise security features
- Windows 10 Enterprise Security

Implement Microsoft 365 security and threat management (30-35%)

Implement Cloud App Security (CAS)

configure Cloud App Security (CAS)
- Basic setup for Cloud App Security
- Microsoft Cloud App Security
configure Cloud App Security (CAS) policies
- Control cloud apps with policies
- Protect apps with Microsoft Cloud App Security Conditional Access App Control
configure Connected apps
- Connect apps
design cloud app security (CAS) Solution
- Quickstart: Get started with Microsoft Cloud App Security
- What are the differences between Microsoft Cloud App Security and Office 365 Cloud App Security?
manage Cloud App Security (CAS) alerts
- Manage alerts
upload cloud app security (CAS) traffic logs
- Configure automatic log upload for continuous reports

Implement threat management

plan a threat management solution
- Protect against threats in Office 365
design and configure Azure Advanced Threat Protection (ATP) Policies
design and configure Microsoft 365 ATP Policies
- Office 365 Advanced Threat Protection Service Description
- Set up Office 365 ATP Safe Links policies
- Set up Office 365 ATP Safe Attachments policies
monitor Advanced Threat Analytics (ATA) incidents

Implement Windows Defender Advanced Threat Protection (ATP)

plan Windows Defender ATP Solutiona
- Microsoft Defender Advanced Threat Protection
configure preferences
implement Windows Defender ATP Policies
- Enforce compliance for Microsoft Defender ATP with Conditional Access in Intune
enable and configure security features of Windows 10 Enterprise

Manage security reports and alerts

manage service assurance dashboard
- Service assurance in the Security & Compliance Center
manage tracing and reporting on Azure AD Identity Protection
- Tutorial: Investigate risky users
- What is Azure Active Directory Identity Protection?
configure and manage Microsoft 365 security alerts
- Alerts in the Office 365 Security & Compliance Center
configure and manage Azure Identity Protection dashboard and alerts
- Azure Active Directory Identity Protection – Security overview
- Remediate risks and unblock users

Manage Microsoft 365 governance and compliance (35-40%)

Configure Data Loss Prevention (DLP)

configure DLP Policies
- Get started with DLP policy recommendations
design data retention policies in Microsoft 365
- Overview of retention policies
manage DLP exceptions
- View the reports for data loss prevention
- What the DLP functions look for
monitor and manage DLP policy matches
- Create, test, and tune a DLP policy

Implement Azure Information Protection (AIP)

plan AIP solution
- Azure Information Protection deployment roadmap
- Azure Information Protection
plan for deployment On-Prem rights management Connector
- Deploying the Azure Rights Management connector
- Installing and configuring the Azure Rights Management connector
plan for Windows information Protection (WIP) implementation
- Create a Windows Information Protection (WIP) policy using Microsoft Intune
plan for classification labeling
- Quickstart: Configure a label for users to easily protect emails that contain sensitive information
configure Information Rights Management (IRM) for Workloads
- Comparing Azure Information Protection and AD RMS
configure Super User
- Configuring super users for Azure Information Protection and discovery services or data recovery
deploy AIP Clients
- Azure Information Protection client: Installation and configuration for clients
- The client side of Azure Information Protection
implement Azure Information Protection policies
- Configuring the Azure Information Protection policy
implement AIP tenant key
- Planning and implementing your Azure Information Protection tenant key

Manage data governance

configure and configure information retention
- Overview of retention policies
plan for Microsoft 365 backup
- Back up data before switching Office 365 for business plans
plan for restoring deleted content

Manage auditing

configure audit log retention
- Turn Office 365 audit log search on or off
- Permissions in Exchange Online
configure audit policy
- Configure your Office 365 tenant for increased security
- Manage mailbox auditing
monitor Unified Audit Logs
- Search the audit log in the Security & Compliance Center

Manage eDiscovery

search content by using Security and Compliance Center
- Content Search in Office 365
- Prepare a CSV file for an ID list Content Search in Office 365
plan for in-place and legal hold
- In-Place Hold and Litigation Hold
- Place a mailbox on Litigation Hold
configure eDiscovery
- eDiscovery cases in the Security & Compliance Center
- Assign eDiscovery permissions in the Security & Compliance Center

Make room on your shelf

Check out these two MS-101 exam prep books. The first is written by Nate Chamberlain.

Related

One Reply to “MS-101 Exam Study Guide”

Pingback: MS-100 & MS-101 Exam Study Guides | NateChamberlain.com

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d