MS-500 Microsoft 365 Security Administration Exam Study Guide

This summer, Microsoft announced changes to the MS-500 exam objectives. Below you’ll find the updated listing for June 2020 and beyond with links to relevant documentation. The best way to use this study guide is to find the topics you’re least familiar with and focus on those. In any remaining time, you can always review those you’re familiar with to make sure nothing has changed significantly.

As stated on the MS-500 exam page, potential candidates for the MS-500 exam implement, manage and monitor security and compliance solutions for Microsoft 365 and hybrid environments. Professionals familiar with the content of the exam are well-positioned to secure their Microsoft 365 environments by responding to threats, performing investigations, enforcing data governance, and collaborating with other enterprise professionals on security and compliance topics.

Register for the MS-500 exam

Skills measured

  • Implement and manage identity and access (30-35%)
  • Implement and manage threat protection (20-25%)
  • Implement and manage information protection (15-20%)
  • Manage governance and compliance features in Microsoft 365 (20-25%)

MS-500 Study Guides

Objectives with online documentation for study

Implement and manage identity and access (30-35%)

Secure Microsoft 365 hybrid environments

Secure Identities

Implement authentication methods

Implement conditional access

Implement role-based access control (RBAC)

Implement Azure AD Privileged Identity Management (PIM)

Implement Azure AD Identity Protection

Implement and manage threat protection (20-25%)

Implement an enterprise hybrid threat protection solution

Implement device threat protection

Implement and manage device and application protection

Implement and manage Office 365 ATP

Implement Azure Sentinel for Microsoft 365

Implement and manage information protection (15-20%)

Secure data access within Office 365

Manage Azure information Protection (AIP)

Manage Data Loss Prevention (DLP)

Implement and manage Microsoft Cloud App Security

Manage governance and compliance features in Microsoft 365 (25-30%)

Configure and analyze security reporting

Center

Center

Manage and analyze audit logs and reports

Manage data governance and retention

Manage search and investigation

Manage data privacy regulation compliance

New book! MS-101 Exam Study Guide Announcement

Earlier this year, in January 2019, I wrote an MS-100 and MS-101 exams study guide blog post linking to resources to help people prep for both exams. MS-101 in particular seemed to have less available for it, and I jumped at the opportunity to change that. I’m pleased today to be able to add my own, new exam prep book to the listing.

My exam prep guide for MS-101: Microsoft 365 Mobility & Security covers every single objective in the exam description and offers mock questions to help check and solidify learning along the way. Passing MS-101 is a step toward becoming an M365 Certified Enterprise Administrator Expert.

You can currently buy my guide on Amazon or directly through my publisher, Packt.

Get up to speed with planning, deploying, and managing Microsoft Office 365 services and gain the skills you need to pass the MS-101 exam

Key Features

  • Explore everything from mobile device management and compliance,through to data governance and auditing
  • Get to grips with using Azure advanced threat protection and Azure information protection
  • Learn effectively through exam-focused practice exercises and mock tests

Book Description

Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you’ll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers.

You’ll start by implementing mobile device management (MDM) and handling device compliance. You’ll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you’ll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you’ll cover best practices for configuring settings across your tenant to ensure compliance and security.

By the end of this book, you’ll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.

What you will learn

  • Implement modern device services
  • Discover tools for configuring audit logs and policies
  • Plan, deploy, and manage Microsoft 365 services such as MDM and DLP
  • Get up to speed with configuring eDiscovery settings and features to enhance your organization’s ability to mitigate and respond to issues
  • Implement Microsoft 365 security and threat management
  • Explore best practices for effectively configuring settings

Who this book is for

This book is for IT professionals looking to pass the Microsoft 365 Mobility and Security certification exam. System administrators and network engineers interested in mobility, security, compliance, and supporting technologies will also benefit from this book. Some experience with Microsoft 365, Exchange servers, and PowerShell is necessary.

Table of Contents

  1. Implementing Mobile Device Management (MDM)
  2. Managing Device Compliance
  3. Planning for Devices and Apps
  4. Planning Windows 10 Deployment
  5. Implementing Cloud App Security (CAS)
  6. Implementing Threat Management
  7. Implementing Windows Defender ATP
  8. Managing Security Reports and Alerts
  9. Configuring Data Loss Prevention (DLP)
  10. Implementing Azure Information Protection (AIP)
  11. Managing Data Governance
  12. Managing Auditing
  13. Managing eDiscovery
  14. Mock Exam 1
  15. Mock Exam 2

MS-100 & MS-101 Exam Study Guides

Update 10/14/2019: My MS-101 exam guide is now available for pre-order. Also, the courses previously listed below are no longer available and have been removed.

If you’re pursuing the M365 Enterprise Administrator Expert certification, you’ll need to pass MS-100 and MS-101, as well as a prerequisite certification (see link for more info). The following study materials will help with preparing for these two exams.

Also, if you haven’t heard, the current MCSA exams 70-346 & 70-347 have retired so the exams below may very well be part of your new path:

Order exam prep books

My exam guide covers every MS-101 exam objective, helping you prepare for taking and passing the MS-101 exam. Includes:

  • Self-assessment example questions at the end of each chapter
  • Further reading recommendations for each objective
  • Exam tips throughout
  • Two 20-question mock exams with detailed answer explanations

Other exam prep books

Order the MS-100 exam prep book (release date May 6, 2019)

Order the MS-101 exam prep book (release date June 27, 2019)

Courses

  • Check LinkedIn Learning for MS-100 and MS-101 topics. You may have better luck searching for specific exam objectives than exam names.
  • Check Microsoft Learn for specific exam objectives.

Note: Previous OpenEdX courses have been archived and are not open for enrollment as of this post’s last update. If you had previously enrolled, you may review the archived course content by logging in.

Other blogs and pages

Ignite overview video


From Ignite 2018: Microsoft 365 Enterprise Admin role-based exam prep: MS-100 Identity & Services – BRK3385

Ready to take the exams?

  1. Buy exam voucher + replay (extra try if needed) on MindHub
  2. Schedule an exam:

MCSA: O365 certification & 70-346/70-347 exams retired; replaced by role-based M365: Enterprise Administrator Expert certification & MS-100/MS-101 exams

If you’ve been studying for 70-346 and 70-347 to get your MCSA, there’s no better time than right now to schedule those exams. As of March 31, 2019, they will both be retired. The exam page for each currently features the following notice.

“This exam retires on March 31, 2019. A replacement exam may be available. To learn more, visit our blog: https://www.microsoft.com/en-us/learning/community.aspx and review our Exam Retirement posts.”

New Exams

The retirement post last updated Dec 21, 2018, lists the two exams as follows, being replaced with role-based MS-100 and MS-101.

From https://www.microsoft.com/en-us/learning/microsoft-365-exams.aspx

Retired Certifications

Along with the 32 exams slated for retirement, they’re retiring a number of certifications as well, replaced with role-based certifications.

If you’ve already gotten your MCSA: O365, don’t worry – it’s still active after retired.

“This certification retires on March 31, 2019. You will no longer be able to earn this certification after this date. If you earn it prior to that date, it will remain in the Active Certifications section of your transcript after that date.”

From https://www.microsoft.com/en-us/learning/mcsa-office365-certification.aspx

What should I do now?

This info-graphic illustrates the various paths available:

What if I already have my MCSA?

  • Unfortunately, if you’ve already gotten your MCSA: Office 365, there is no transition exam. If you want to new certification you’ll need to start anew and take MS-100/MS-101 since the new certification is “expert” level as opposed to your current “associate” level.
  • You could also consider upgrading your MCSA to the existing MCSE: Productivity certification instead of pursuing the new M365 Expert certification

MCSA: Office 365 Study Guide for Exams 70-346 & 70-347

Note: The MCSA: O365 Certification and exams 70-346 & 70-347 are being retired March 31, 2019. Learn more about what to expect here.


Having just passed both 70-346 and 70-347, I know how hard it can be to find helpful and relevant resources to help you prepare for the exams. I’ve compiled resources below I used to help me prepare and I hope they help you with your own studying. I’ve included nothing more or less than I used myself. The most important piece for me was the Lynda.com courses – I wouldn’t have passed without them. Good luck!

Required Exams

(check links for most recent requirements)

Books

Videos

Courses

Lynda.com

(free access for card-holders at many libraries, or free trial month for new users)

edX

Courses are free on edX. Just create an account.

Pluralsight

Get a 10-day free trial

Prep Tips from Nate

70-346 Skills Measured

70-347 Skills Measured

These are taken directly from the exam info pages. Clicking a link will take you to the respective section of the page to see specific sub-topics covered under each skill section. I’ve also included the “Preparation resources” provided by Microsoft under each respective section:
Provision Office 365 (15–20%)Plan and implement networking and security in Office 365 (15–20%)

Manage cloud identities (15–20%)

Implement and Manage Identities by Using Azure AD Connect (15–20%)

Implement and manage federated identities for single sign-on (SSO) (15–20%)

Monitor and troubleshoot Office 365 availability and usage (15–20%)

Manage clients and end-user devices (20–25%)

Provision SharePoint Online site collections (20–25%)

Configure Exchange Online and Skype for Business Online for end users (20–25%)

Plan for Exchange Online and Skype for Business Online (20–25%)

Configure and secure Office 365 services (20–25%)