How to Prepare for the MS-500 Exam?
Preparing for the MS-500 Microsoft 365 Security Administration exam to achieve the Microsoft 365 Certification for Security Administrator Associate? Don’t know where to start? This post is the MS-500 Certificate Study Guide (with links to each exam objective).
I have curated a list of articles from Microsoft documentation for each objective of the MS-500 exam. Please share the post within your circles so it helps them to prepare for the exam.
Exam Voucher for MS-500 with 1 Retake
Get 40% OFF with the combo
MS-500 M365 Security Administrator Course
| Pluralsight (Free trial) | Microsoft 365 Security Administration |
| Udemy | Microsoft 365 Security Admin Lectures & Sims |
MS-500 Microsoft 365 Security Admin Test
| Whizlabs Exam Questions | Microsoft 365 Security Administrator Test |
| Udemy Exam Questions | M365 Security Administration Exam |
| Amazon e-book (PDF) | Microsoft 365 Security Admin Exam Guide |
Looking for MS-500 Dumps? Read This!
Using ms-500 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.
Check out all the other Microsoft 365 certificate study guides
Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.
Implement and Manage Identity and Access (30-35%)
Secure Microsoft 365 Hybrid Environments
Plan Azure AD authentication options
Authentication methods available in Azure Active Directory
How to choose the right authentication option in Azure AD?
Choose the right authentication method for Azure AD hybrid identity
Plan Azure AD synchronization options
Azure AD Connect sync: Understand and customize synchronization
Deploy Microsoft 365 Directory Synchronization in Microsoft Azure
How does synchronization work in Azure Active Directory Domain Services?
Set up directory synchronization for Microsoft 365
Implement password hash synchronization with Azure AD Connect sync
Monitor and troubleshoot Azure AD Connect events
Troubleshoot Azure AD connectivity
Troubleshoot object synchronization with Azure AD Connect sync
Azure Active Directory Connect Health: Monitoring the sync engine
Monitor AD FS using Azure AD Connect Health
Secure Identities
Implement Azure AD group membership
Create a basic group and add members using Azure Active Directory
Create or update a dynamic group in Azure Active Directory
Implement password management
Plan an Azure Active Directory self-service password reset deployment
Enable users to unlock their account or reset passwords
Azure AD Password Protection is now generally available!
Configure and manage identity governance
What is Azure AD Identity Governance?
Manage identities and governance in Azure
Implement Authentication Methods
Plan sign-on security
Set up SSO for an application in your Azure Active Directory tenant
Implement multi-factor authentication (MFA)
How it works: Azure Multi-Factor Authentication
Enable per-user Azure MFA to secure sign-in events
Configure Azure Multi-Factor Authentication settings
Manage and monitor MFA
Manage user settings for Azure Multi-Factor Authentication
Use the sign-ins report to review Azure MFA events
Plan and implement device authentication methods like Windows Hello
How Windows Hello for Business works
Planning a Windows Hello for Business Deployment
Windows Hello for Business Deployment Guide
Configure and manage Azure AD user authentication options and self-service password management
Primary & secondary authentication methods in Azure AD
Configure & manage Azure AD authentication (Example Azure SQL)
Azure AD self-service password management
How it works: Azure AD self-service password reset
Implement Conditional Access
Plan for compliance and conditional access policies
What is Conditional Access in Azure AD?
Conditional Access: Require compliant devices
Plan a Conditional Access deployment
Configure and manage device compliance for endpoint security
Manage endpoint security in Microsoft Intune
Create a compliance policy in Intune
Implement and manage conditional access
Building a Conditional access policy
Create a device-based Conditional access policy
Secure user sign-in events with Azure MFA
Implement Role-based Access Control (RBAC)
Plan for roles
What is Azure role-based access control (Azure RBAC)?
Best practices for Azure role-based access control
Configure roles
Add or remove Azure role assignments using the Azure portal
Add/remove role assignments using Azure PowerShell
Add or remove Azure role assignments using Azure CLI
Audit roles
View activity logs for Azure RBAC changes
Amazon link (affiliate)
Implement Azure AD Privileged Identity Management (PIM)
Plan for Azure PIM
What is Azure AD Privileged Identity Management?
Start using Privileged Identity Management
Assign eligibility and activate admin roles
Activate my Azure resource roles in PIM
Assign Azure resource roles in Privileged Identity Management
Configure Azure resource role settings in PIM
Manage Azure PIM role requests and assignments
Extend or renew role assignments in Privileged Identity Management
Approve or deny requests for Azure resource roles in PIM
Monitor PIM history and alerts
View audit history for Azure AD roles in PIM
Configure security alerts for Azure AD roles in PIM
Implement Azure AD Identity Protection
Implement user risk policy
User risk policy in Identity Protection
How to configure and enable user risk policies?
Implement sign-in risk policy
Sign-in risk policy in Identity Protection
How to configure and enable a sign-in risk policy?
Configure Identity Protection alerts
Azure Active Directory Identity Protection notifications
Review and respond to risk events
Remediate risks and unblock users
Implement and Manage Threat Protection (20-25%)
Implement an Enterprise Hybrid Threat Protection Solution
Plan an Azure ATP solution
What is Azure Advanced Threat Protection?
Azure Advanced Threat Protection prerequisites
Quickstart: Plan capacity for Azure ATP
Install and configure Azure ATP
Download the Azure ATP sensor setup package
Quickstart: Install the Azure ATP sensor
Quickstart: Create your Azure ATP instance
Monitor and manage Azure ATP
Understanding Azure ATP sensor health alerts
Monitoring your domain controller coverage
Manage Azure ATP security alerts
Manage Azure ATP health alerts
Implement Device Threat Protection
Plan a Microsoft Defender ATP solution
What is Microsoft Defender Advanced Threat Protection?
Plan your Microsoft Defender ATP deployment strategy
Implement Microsoft Defender ATP
Prepare Microsoft Defender ATP deployment
Set up Microsoft Defender ATP deployment
Onboard to the Microsoft Defender ATP service
Manage and monitor Microsoft Defender ATP
Manage Microsoft Defender ATP capabilities
Implement and Manage Device and Application Protection
Plan for device and application protection
Prevent threats from removable storage
Microsoft Defender Application Guard overview
Configure and manage Windows Defender Application Guard
Configure Microsoft Defender Application Guard policy settings
Application Guard testing scenarios
Configure and manage Windows Defender Application Control
Application Control for Windows
Deploy Windows Defender Application Control policies by using Intune
Manage WDAC with Configuration Manager
Configure and manage exploit protection
Configure Secure Boot
Security considerations for OEMs: Secure boot
Secure the Windows 10 boot process
Configure and manage Windows device encryption
Device encryption in Windows 10
Turn on Windows 10 device encryption
Configure and manage non-Windows device encryption
How to Encrypt Drive with BitLocker in Linux?
Plan for securing applications data on devices
Protect your data in files, apps, and devices
Requirements for use-case in mobile device
Prevent data leaks on non-managed devices using Microsoft Intune
Implement application protection policies
App protection policies overview
How to create and assign app protection policies
Implement and Manage Office 365 ATP
Configure Office 365 ATP
Office 365 Advanced Threat Protection (ATP)
Monitor Office 365 ATP
View reports for Office 365 Advanced Threat Protection
Conduct simulated attacks using Attack Simulator
Implement Azure Sentinel for Microsoft 365
Plan and implement Azure Sentinel
Azure Sentinel, intelligent security analytics for your enterprise
Connect Office 365 Logs to Azure Sentinel
Azure Sentinel & Microsoft 365 Threat Protection
Configure playbooks in Azure Sentinel
Use playbooks in Sentinel to set automated threat responses
Manage and monitor Azure Sentinel
Monitor data using the Azure Sentinel
Respond to threats in Azure Sentinel
Set up automated threat responses in Azure Sentinel
Implement and Manage Information Protection (15-20%)
Secure Data Access within Office 365
Implement and manage Customer Lockbox
Customer Lockbox in Office 365
What is Customer Lockbox and How to Enable it
Configure data access in Office 365 collaboration workloads
Microsoft 365 inter-tenant collaboration
Set up secure collaboration with Microsoft 365
Protect user and device access
Configure B2B sharing for external users
Office 365 external sharing and Azure AD B2B collaboration
Manage Azure Information Protection (AIP)
Plan an AIP solution
What is Azure Information Protection?
Azure Information Protection requirements
Additional Azure AD requirements for Azure Information Protection
Configure Sensitivity labels and policies
Learn about sensitivity labels
Create & configure sensitivity labels and their policies
Deploy the RMS connector
Deploying the Azure Rights Management connector
Install & configure the Rights Management connector
Manage tenant keys
Plan & implement your Azure Information Protection tenant key
Microsoft-managed: Tenant key life cycle operations
Deploy the AIP client
Azure Information Protection client administrator guide
Install the Azure Information Protection client for users
Integrate AIP with Office 365 Services
Configuration for online services to use Azure RMS
Manage Data Loss Prevention (DLP)
Plan a DLP solution
Overview of data loss prevention
Create and manage DLP policies
Create, test, and tune a DLP policy
Create a DLP policy from a template
Create and manage sensitive information types
Sensitive information type entity definitions
Create a custom sensitive information type
Monitor DLP reports
View the reports for data loss prevention
Manage DLP notifications
Send email notifications & show policy tips for DLP policies
Implement and Manage Microsoft Cloud App Security
Plan Cloud App Security implementation
Microsoft Cloud App Security overview
Configure Microsoft Cloud App Security
Basic setup for Cloud App Security
Get started with Microsoft Cloud App Security
Manage cloud app discovery
Manage entries in the Cloud app catalog
Add custom apps to Cloud Discovery
Manage apps in Cloud App Security
Connect apps to get visibility & protection
Manage Microsoft Cloud App Security
Manage admin access to cloud app security
Configure Cloud App Security connectors and Oauth apps
Control which cloud OAuth apps get permissions
Configure Cloud App Security policies and templates
Control cloud apps with policies
Review, interpret and respond to Cloud App Security alerts, reports, dashboards, and logs
How to investigate anomaly detection alerts?
Manage Cloud App Security alerts
Monitor alerts in Cloud App Security
Generate data management reports
Create snapshot Cloud Discovery reports
Configure automatic log upload for continuous reports
Manage Governance and Compliance Features in Microsoft 365 (20-25%)
Configure and Analyze Security Reporting
Monitor and manage device security status using Microsoft Endpoint Manager Admin Center
Microsoft Endpoint Manager overview
Walkthrough Intune in Microsoft Endpoint Manager
Manage devices with endpoint security in Microsoft Intune
Manage and monitor security reports and dashboards using Microsoft 365 Security Center
Microsoft 365 security dashboards
Smart reports and insights in the Security Center
Plan for custom security reporting with Graph Security API
Microsoft Graph Security API overview
Use the Microsoft Graph Security API
Use secure score dashboards to review actions
Office 365 Secure Score is now Microsoft Secure Score
Configure alert policies in the Security & Compliance admin center
Alert policies in the security and compliance center
Manage and Analyze Audit Logs and Reports
Plan for auditing and reporting
Auditing and Reporting in Microsoft cloud services
Perform audit log search
Search the audit log in the Security & Compliance Center
Review and interpret compliance reports and dashboards
Reports in the Security & Compliance Center
Configure audit alert policy
Alert policies in the security and compliance center
Manage Data Governance and Retention
Plan for data governance and retention
Data governance and retention in your Microsoft 365 tenant
Review and interpret data governance reports and dashboards
View the data governance reports
Configure retention policies
Create and configure retention policies
Define data governance event types
Start retention when an event occurs
Define and manage communication compliance policies
Learn about communication compliance in Microsoft 365
Configure Information holds
In-Place Hold and Litigation Hold
Place a mailbox on Litigation Hold
Find and recover deleted Office 365 data
Recover deleted items in a user mailbox
Configure data archiving
Enable archive mailboxes in the Security & Compliance Center
Set up an archive & deletion policy for mailboxes in your organization
Manage inactive mailboxes
Overview of inactive mailboxes
Create and manage inactive mailboxes
Manage Search and Investigation
Plan for content search and eDiscovery
Content Search in Microsoft 365
Get started with Core eDiscovery
Search for personal data
Search for and find personal data
Monitor for leaks of personal data
Monitor for leaks of personal data
Delegate permissions to use search and discovery tools
Permissions in the Security & Compliance Center
Assign eDiscovery permissions in the Security & Compliance Center
Use search and investigation tools to perform content searches
Export content search results
Manage eDiscovery cases
Get started with Core eDiscovery
Manage Data Privacy Regulation Compliance
Plan for regulatory compliance in Microsoft 365
Microsoft 365 recommended action plan for GDPR
Review and interpret GDPR dashboards and reports
O365 / Data Privacy GDPR dashboard
Manage Data Subject Requests (DSRs)
Data Subject Requests and the GDPR and CCPA
Office 365 Data Subject Requests for the GDPR and CCPA
Manage GDPR DSR with the DSR case tool in the Compliance Center
Administer Compliance Manager in Microsoft 365 compliance center
Administrative functions of global admins are:
Assigning Compliance Manager roles to users
Review Compliance Manager reports
Export a report of account data history
Create and perform Compliance Manager assessments and action items
Assessments in Compliance Manager
Add an Assessment to Compliance Manager
This brings us to the end of the MS-500 Microsoft 365 Security Administration Study Guide.
What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your MS-500 certification preparation is going on!
In case you are preparing for other Microsoft 365 certification exams, check out the Microsoft 365 study guide for those exams.
Follow Me to Receive Updates on MS-500 Exam
Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.
