In this training course you'll learn to implement and manage identity and access; implement and manage threat protection; implement and manage information protection; and manage governance and compliance features in Microsoft 365.
As a Microsoft 365 security administrator, you'll proactively secure Microsoft 365 enterprise environments, responds to threats, performs investigations, and enforces data governance
At the end of this training, you will be ready for the exam MS-500: Microsoft 365 Security Administration.
Prerequisites
- IT professionals with minimum 1 year experience
- Working knowledge of networking, server administration, DNS, and PowerShell
Skills measured:
- Implement and manage identity and access (35—40%)
- Implement and manage threat protection (25—30%)
- Implement and manage information protection (10—15%)
- Manage governance and compliance features in Microsoft 365 (20—25%)
| Sr. |
Details |
1 |
Implement and manage identity and access (35-40%)
Secure Microsoft 365 hybrid environments
- Plan Azure AD authentication options
- Plan Azure AD synchronization options
- Monitor and troubleshoot Azure AD Connect events
Secure Identities
- Implement Azure AD group membership
- Implement password management
- Manage external identities in Azure AD and Microsoft 365 workloads
Implement authentication methods
Implement multi-factor authentication (MFA) by using conditional access policy
Manage and monitor MFA
Plan and implement device authentication methods like Windows Hello
Implement conditional access
- Plan for compliance and conditional access policies
- Configure and manage device compliance policies
- Implement and manage conditional access
- Test and troubleshoot conditional access policies
Implement roles and role groups
- Plan for roles and role groups
- Configure roles and role groups
- Audit roles for least privileged access
Configure and manage identity governance
- Implement Azure AD Privileged Identity Management
- Implement and manage entitlement management
- Implement and manage access reviews
Implement Azure AD Identity Protection
- Implement user risk policy
- Implement sign-in risk policy
- Configure Identity Protection alerts
- Review and respond to risk events
|
2 |
Implement and manage threat protection (25-30%)
Implement and manage Microsoft Defender for Identity
- Plan a Microsoft Defender for Identity solution
- Install and configure Microsoft Defender for Identity
- Monitor and manage Microsoft Defender for Identity
Implement device threat protection
- Plan a Microsoft Defender for Endpoint solution
- Implement Microsoft Defender for Endpoint
- Manage and monitor Microsoft Defender for Endpoint
Implement and manage device and application protection
- Plan for device and application protection
- Configure and manage Microsoft Defender Application Guard
- Configure and manage Microsoft Defender Application Control
- Configure and manage exploit protection
- Configure and manage Windows device encryption
- Configure and manage non-Windows device encryption
- Implement application protection policies
- Configure and manage device compliance for endpoint security
Implement and manage Microsoft Defender for Office 365
- Configure Microsoft Defender for Office 365
- Monitor for and remediate threats using Microsoft Defender for Office 365
- Conduct simulated attacks using Attack simulation training
Monitor Microsoft 365 Security with Microsoft Sentinel
- Plan and implement Microsoft Sentinel
- Configure playbooks in Microsoft Sentinel
- Manage and monitor with Microsoft Sentinel
- Respond to threats using built-in playbooks in Microsoft Sentinel
Implement and manage Microsoft Defender for Cloud Apps
- Plan Microsoft Defender for Cloud Apps implementation
- Configure Microsoft Defender for Cloud Apps
- Manage cloud app discovery
- Manage entries in the Microsoft Defender for Cloud Apps catalog
- Manage apps in Microsoft Defender for Cloud Apps
- Configure Microsoft Defender Cloud Apps connectors and OAuth apps
- Configure Microsoft Defender for Cloud Apps policies and templates
- Review, interpret and respond to Microsoft Defender for Cloud Apps alerts, reports, dashboards and logs
|
3 |
Implement and manage information protection (10-15%)
Manage sensitive information
- Plan a sensitivity label solution
- Create and manage sensitive information types
- Configure sensitivity labels and policies.
- Configure and use Activity Explorer
- Use sensitivity labels with Teams, SharePoint, OneDrive and Office apps
Manage Data Loss Prevention (DLP)
- Plan a DLP solution
- Create and manage DLP policies for Microsoft 365 workloads
- Create and manage sensitive information types
- Monitor DLP reports
- Manage DLP notifications
- Implement Endpoint DLP
Manage data governance and retention
- Plan for data governance and retention
- Review and interpret data governance reports and dashboards
- Configure retention labels and policies
- Configure retention in Microsoft 365 workloads
- Find and recover deleted Office 365 data
- Configure and use Microsoft 365 Records Management
|
4 |
Manage governance and compliance features in Microsoft 365 (20-25%)
Configure and analyze security reporting
- Monitor and manage device security status using Microsoft Endpoint Manager admin center
- Manage and monitor security reports and dashboards using Microsoft 365 Defender portal
- Plan for custom security reporting with Graph Security API
- Use secure score dashboards to review actions and recommendations
Manage and analyze audit logs and reports
- Plan for auditing and reporting
- Perform audit log search
- Review and interpret compliance reports and dashboards
- Configure alert policies
Discover and respond to compliance queries in Microsoft 365
- Plan for content search and eDiscovery
- Delegate permissions to use search and discovery tools
- Use search and investigation tools to discover and respond
- Manage eDiscovery cases
Manage regulatory compliance
- Plan for regulatory compliance in Microsoft 365
- Manage Data Subject Requests (DSRs)
- Administer Compliance Manager in Microsoft 365 compliance center
- Use Compliance Manager
Manage insider risk solutions in Microsoft 365
- Implement and manage Customer Lockbox
- Implement and manage communication compliance policies
- Implement and manage Insider risk management policies
- Implement and manage information barrier policies
- Implement and manage privileged access management
|
After completing this training, you can appear the "Exam MS-500 Microsoft 365 Security Administration".
Exam details for the exam MS-500 Microsoft 365 Security Administration:
- Exam pricing:$165 USD per exam. In India current Microsoft exam fee is $80 per exam. Worldwide it may vary.
- Total exam is of 1000 marks and you need to earn 700 marks to pass the exam.
- You will get 55 to 60 questions in an approximate 2-2½ hours of duration and may change per exam basis.
- Exam formats and question types: Mostly single or multiple choice, drag and drop, repeated answer choices and hands-on labs.
Click to view current exam offer »
