Exam MS-500: Microsoft 365 Security Administration

    Candidates for this exam implement, manage, and monitor security and compliance solutions for Microsoft 365 and hybrid environments. The Microsoft 365 Security Administrator proactively secures Microsoft 365 enterprise environments, responds to threats, performs investigations, and enforces data governance. The Microsoft 365 Security Administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders, and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.

    Candidates for this exam are familiar with Microsoft 365 workloads and have strong skills and experience with identity protection, information protection, threat protection, security management, and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

    Course Outline

    Secure Microsoft 365 hybrid environments

    • plan Azure AD authentication options
    • plan Azure AD synchronization options
    • monitor and troubleshoot Azure AD Connect events

    Secure Identities

    • implement Azure AD group membership
    • implement password management
    • manage external identities in Azure AD and Microsoft 365 workloads

    Implement authentication methods

    • implement multi-factor authentication (MFA) by using conditional access policy
    • manage and monitor MFA
    • plan and implement device authentication methods like Windows Hello

    Implement conditional access

    • plan for compliance and conditional access policies
    • configure and manage device compliance for endpoint security
    • implement and manage conditional access
    • test and troubleshoot conditional access policies

    Implement roles and role groups

    • plan for roles and role groups
    • configure roles and role groups
    • audit roles for least privileged access

    Configure and manage identity governance

    • implement Azure AD Privileged Identity Management
    • implement and manage entitlement management
    • implement and manage access reviews

    Implement Azure AD Identity Protection

    • implement user risk policy
    • implement sign-in risk policy
    • configure Identity Protection alerts
    • review and respond to risk events

    Implement and manage Microsoft Defender for Identity

    • plan a Microsoft Defender for Identity solution
    • install and configure Microsoft Defender for Identity
    • monitor and manage Microsoft Defender for Identity

    Implement device threat protection

    • plan a Microsoft Defender for Endpoint solution
    • implement Microsoft Defender for Endpoint
    • manage and monitor Microsoft Defender for Endpoint

    Implement and manage device and application protection

    • plan for device and application protection
    • configure and manage Microsoft Defender Application Guard
    • configure and manage Microsoft Defender Application Control
    • configure and manage exploit protection
    • configure and manage Windows device encryption
    • configure and manage non-Windows device encryption
    • implement application protection policies
    • configure and manage device compliance for endpoint security

    Implement and manage Microsoft Defender for Office 365

    • configure Microsoft Defender for Office 365
    • monitor for and remediate threats using Microsoft Defender for Office 365
    • conduct simulated attacks using Attack Simulator

    Monitor Microsoft 365 Security with Azure Sentinel

    • plan and implement Azure Sentinel
    • configure playbooks in Azure Sentinel
    • manage and monitor Azure Sentinel
    • respond to threats using built-in playbooks in Azure Sentinel

    Implement and manage Microsoft Cloud App Security

    • plan Cloud App Security implementation
    • configure Microsoft Cloud App Security
    • manage cloud app discovery
    • manage entries in the Cloud app catalog
    • manage apps in Cloud App Security
    • configure Cloud App Security connectors and OAuth apps
    • configure Cloud App Security policies and templates
    • review, interpret and respond to Cloud App Security alerts, reports, dashboards and logs

    Manage sensitive information

    • plan a sensitivity label solution
    • create and manage sensitive information types
    • configure sensitivity labels and policies.
    • configure and use Activity Explorer
    • use sensitivity labels with Teams, SharePoint, OneDrive and Office apps

    Manage Data Loss Prevention (DLP)

    • plan a DLP solution
    • create and manage DLP policies for Microsoft 365 workloads
    • create and manage sensitive information types
    • monitor DLP reports
    • manage DLP notifications
    • implement Endpoint DLP

    Manage data governance and retention

    • plan for data governance and retention
    • review and interpret data governance reports and dashboards
    • configure retention labels and policies
    • define and manage communication compliance policies
    • configure retention in Microsoft 365 workloads
    • find and recover deleted Office 365 data
    • configure and use Microsoft 365 Records Management

    Configure and analyze security reporting

    • monitor and manage device security status using Microsoft Endpoint Manager Admin
    • manage and monitor security reports and dashboards using Microsoft 365 Security
      CenterDefender portal
    • plan for custom security reporting with Graph Security API
    • use secure score dashboards to review actions and recommendations
    • configure alert policies in the Ssecurity &and Ccompliance center

    Manage and analyze audit logs and reports

    • plan for auditing and reporting
    • perform audit log search
    • review and interpret compliance reports and dashboards
    • configure audit alert policy

    Discover and respond to compliance queries in Microsoft 365

    • plan for content search and eDiscovery
    • delegate permissions to use search and discovery tools
    • use search and investigation tools to discover and respond
    • manage eDiscovery cases

    Manage regulatory compliance

    • plan for regulatory compliance in Microsoft 365
    • manage Data Subject Requests (DSRs)
    • administer Compliance Manager in Microsoft 365 compliance center
    • use Compliance Manager

    Manage insider risk solutions in Microsoft 365

    • implement and manage Customer Lockbox
    • implement and manage communication compliance policies
    • implement and manage Insider risk management policies
    • implement and manage information barrier policies
    • implement and manage privileged access management

    Popular Courses

    Learn new skills to boost your productivity and enable your organization to accomplish more with Microsoft Certifications.

    Build An In-house Team Of Cloud Experts With Dedicated Courses!

    Learn fundamental to advanced skills using Azure, Microsoft 365, and related business applications. Meet with a Microsoft Certified Training Specialist to design a custom learning plan for your organization!

    Contact Us