MS-500: Microsoft 365 Security Administration

Systems engineer that takes cloud expertise further

Log in to Enroll

Summary

  • intermediate
  • m365
  • azure
  • azure-active-directory
  • office
  • office-365
  • Candidates for this exam implement, manage, and monitor security and compliance solutions for Microsoft 365 and hybrid environments. The Microsoft 365 Security Administrator proactively secures Microsoft 365 enterprise environments, responds to threats, performs investigations, and enforces data governance. The Microsoft 365 Security Administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders, and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.Candidates for this exam are familiar with Microsoft 365 workloads and have strong skills and experience with identity protection, information protection, threat protection, security management, and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

Learning paths

3 hr 44 min
Insider threats and risks from illegal, inappropriate, unauthorized, or unethical behavior and actions are a major issue for all companies and can easily go undetected until it is too late. From IP theft to data leaks to many other scenarios, protecting the data within an organization from inadvertent or malicious actions is paramount for any organization. Microsoft's solutions for minimizing threats help organizations achieve the right balance between keeping their data protected and their people productive.
1 hr 0 min
Protecting and securing your organization's information is more challenging than ever. The Protect enterprise information with Microsoft 365 learning path discusses how to protect your sensitive information from accidental oversharing or misuse, how to discover and classify data, how to protect it with sensitivity labels, and how to both monitor and analyze your sensitive information to protect against its loss.
58 min
Microsoft threat protection in Microsoft 365 addresses today's security challenges by securing your organization's assets and proactively identifying and protecting against persistent threats to your network endpoints.

Modules in this learning path

  • Introduction to threat protection with Microsoft 365
    4 Units
    11 min

    Learn about how attackers most commonly breach organizations–and the Microsoft tools that protect your organization in an ever shifting landscape.

  • Protect against threats with Microsoft Defender Advanced Threat Protection
    4 Units
    26 min

    Learn how new threat protection tools from Microsoft protect your organization’s users, devices, and data from attempted attacks.

  • Remediate risks with Office 365 Advanced Threat Protection
    5 Units
    49 min

    Learn about the Office 365 Advanced Threat Protection component of Microsoft Threat Protection.

  • Safeguard your environment with Azure Advanced Threat Protection
    5 Units
    1 hr 2 min

    Learn about the Azure Advanced Threat Protection component of Microsoft Threat Protection.

1 hr 0 min
Identity & access management is the foundation for a secure digital estate. The credentials that you issue to your users prove that they are who they claim to be and that they have permission to access your resources. Learn how to use Microsoft 365 to for authentication and authorization in your enterprise environment.

Modules in this learning path

  • Overview of identity and access management in Microsoft 365
    5 Units
    8 min

    Learn how identity and access management work in Microsoft 365.

  • Simplify access and identity provisioning with Microsoft 365
    6 Units
    17 min

    Learn how to use Microsoft 365 authentication tools for access and identity provisioning.

  • Strengthen authentication with Microsoft 365
    6 Units
    8 min

    Learn how to strengthen authentication across your enterprise deployment with security tools from Microsoft 365.

  • Protect those most targeted
    5 Units
    19 min

    Learn how to protect the most important credentials in your enterprise ecosystem – administrator credentials.

  • Use Microsoft 365 to promote a security mindset
    5 Units
    8 min

    Learn how to promote an enterprise-wide security mindset with Microsoft 365.

  • Embrace Zero Trust with Azure Active Directory
    5 Units
    35 min

    Learn about the Zero Trust model and how to implement Zero Trust into your organization.

44 min
We live in an always connected, technology-driven world. Efficient security management is the foundation to managing your assets – in the cloud, on-premises, or across a hybrid environment. You need to proactively manage and secure your organization’s identities, devices, end points (both apps and data), and IT infrastructure. Microsoft 365 helps you secure your infrastructure with a focus on visibility, control, and guidance, and helps you consolidate from a plethora of specialized functions and tools, leveraging the shared intelligence, to keep your security teams focused on the most critical insights for their workloads.

Modules in this learning path

  • Overview of security management in Microsoft 365 security center
    3 Units
    10 min

    Learn how the security management tools from Microsoft help you protect your organization’s users, devices, and data.

  • Use reporting in the Microsoft 365 security center
    3 Units
    12 min

    Learn how to take advantage of the reporting and insights available through the Microsoft 365 security center to drive organizational security health.

  • Protect mail with Office 365 Advanced Threat Protection
    3 Units
    10 min

    Learn how Office 365 Advanced Threat Protection (ATP) helps safeguard your organization against unknown malware, viruses, and harmful email links and attachments.

  • Secure Windows 10 endpoints
    4 Units
    12 min

    Learn how to mitigate end-point threats by using Windows 10 security features.

Additional courses

Managing Microsoft 365 Identity and Access

Summary

Length
1 day
Level
Intermediate
Language
English

About this course

Help protect against credential compromise with identity and access management. In this course you will learn how to secure user access to your organization’s resources. Specifically, this course covers user password protection, multi-factor authentication, how to enable Azure Identity Protection, how to configure Active Directory federation services, how to setup and use Azure AD Connect, and introduces you to Conditional Access. You will also learn about solutions for managing external access to your Microsoft 365 system.

What you’ll learn

  • Administer user and group security in Microsoft 365.
  • Manage passwords in Microsoft 365.
  • Describe Azure Identity Protection features.
  • Plan and implement Azure AD Connect.
  • Manage synchronized identities.
  • Plan implement federated identities.
  • Describe and use conditional access.

Prerequisites

  • Basic conceptual understanding of Microsoft Azure.
  • Experience with Windows 10 devices.
  • Experience with Office 365.
  • Basic understanding of authorization and authentication.
  • Basic understanding of computer networks.
  • Working knowledge of managing mobile devices.

Audience

This course is for the Microsoft 365 security administrator role. This role collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.

This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance.

The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and has strong skills and experience with identity protection, information protection, threat protection, security management and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

Implementing Microsoft 365 Threat Protection

Summary

Length
1 day
Level
Intermediate
Language
English

About this course

Threat protection helps stop damaging attacks with integrated and automated security. In this course you will learn about threat protection technologies that help protect your Microsoft 365 environment. Specifically, you will learn about threat vectors and Microsoft’s security solutions for them. You will learn about Secure Score, Exchange Online protection, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, and how to use Microsoft 365 Threat Intelligence. It also discusses securing mobile devices and applications. The goal of this course is to help you configure your Microsoft 365 deployment to achieve your desired security posture.

What you’ll learn

  • Describe cyber-attack threat vectors.
  • Describe security solutions for Microsoft 365
  • Use Microsoft Secure Score to evaluate your security posture.
  • Use the Security Dashboard in the Microsoft Security & Compliance center.
  • Configure various advanced threat protection services for Microsoft 365.
  • Configure Advanced Threat Analytics.
  • Plan and deploy Mobile Device Management.

Prerequisites

  • Basic conceptual understanding of Microsoft Azure.
  • Experience with Windows 10 devices.
  • Experience with Office 365.
  • Basic understanding of authorization and authentication.
  • Basic understanding of computer networks.
  • Working knowledge of managing mobile devices.

Audience

This course is for the Microsoft 365 security administrator role. This role collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.

This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance.

The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and has strong skills and experience with identity protection, information protection, threat protection, security management and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

Implementing Microsoft 365 Information Protection

Summary

Length
1 day
Level
Intermediate
Language
English

About this course

Information protection is the concept of locating and classifying data anywhere it lives. In this course you will learn about information protection technologies that help secure your Microsoft 365 environment. Specifically, this course discusses information rights managed content, message encryption, as well as labels, policies and rules that support data loss prevention and information protection. Lastly, the course explains the deployment of Microsoft Cloud App Security.

What you’ll learn

  • Implement information rights management.
  • Secure messages in Office 365.
  • Configure Data Loss Prevention policies.
  • Deploy and manage Cloud App Security.
  • Implement Azure information protection for Microsoft 365.
  • Implement Windows information protection for devices.

Prerequisites

  • Basic conceptual understanding of Microsoft Azure
  • Experience with Windows 10 devices
  • Experience with Office 365
  • Basic understanding of authorization and authentication
  • Basic understanding of computer networks
  • Working knowledge of managing mobile devices

Audience

This course is for the Microsoft 365 security administrator role. This role collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.

This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance.

The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and has strong skills and experience with identity protection, information protection, threat protection, security management and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

Administering Microsoft 365 Built-in Compliance

Summary

Length
1 day
Level
Intermediate
Language
English

About this course

Internal policies and external requirements for data retention and investigation may be necessary for your organization. In this course you will learn about archiving and retention in Microsoft 365 as well as data governance and how to conduct content searches and investigations. Specifically, this course covers data retention policies and tags, in-place records management for SharePoint, email retention, and how to conduct content searches that support eDiscovery investigations. The course also helps your organization prepare for Global Data Protection Regulation (GDPR).

What you’ll learn

  • Plan and deploy a data archiving and retention system.
  • Perform assessments in Compliance Manager.
  • Manage email retention through Exchange.
  • Conduct an audit log investigation.
  • Create and manage an eDiscovery investigation.
  • Manage GDPR data subject requests.

Prerequisites

  • Basic conceptual understanding of Microsoft Azure
  • Experience with Windows 10 devices
  • Experience with Office 365
  • Basic understanding of authorization and authentication
  • Basic understanding of computer networks
  • Working knowledge of managing mobile devices

Audience

This course is for the Microsoft 365 security administrator role. This role collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.

This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance.

The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and has strong skills and experience with identity protection, information protection, threat protection, security management and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.