Microsoft 365 Certified: Security Administrator Associate (MS500)

Microsoft 365 Security Administration (MS-500)

Module 1: Create, configure, and manage identities

• Create, configure, and manage users
• Create, configure, and manage groups
• Manage licenses
• Explain custom security attributes and automatic user provisioning

Module 2: Explore identity synchronization

• Examine authentication options in Microsoft 365
• Examine provisioning options in Microsoft 365
• Explore directory synchronization
• Explore Azure AD Connect

Module 3: Implement and manage hybrid identity

• Plan, design, and implement Azure Active Directory Connect
• Implement manage password hash synchronization (PHS)
• Implement manage pass-through authentication (PTA)
• Demo - Manage pass-through authentication and seamless single sign-on (SSO)
• Implement and manage federation
• Trouble-shoot synchronization errors
• Implement Azure Active Directory Connect Health
• Manage Azure Active Directory Connect Health

Module 4: Implement and manage external identities

• Describe guest access and Business to Business accounts
• Manage external collaboration
• Invite external users - individually and in bulk
• Manage external user accounts in Azure Active Directory
• Manage external users in Microsoft 365 workloads
• Implement cross-tenant access controls
• Configure identity providers
• Implement and manage Entra Verified ID

Module 5: Manage secure user access in Microsoft 365

• Manage user passwords
• Enable pass-through authentication
• Enable multifactor authentication
• Explore self-service password management
• Implement Azure AD Smart Lockout
• Implement entitlement packages in Azure AD Identity Governance
• Implement Conditional Access policies
• Create and run an access review
• Investigate authentication issues using sign-in logs

Module 6: Manage user authentication

• Administer FIDO2 and passwordless authentication methods
• Explore Authenticator app and OATH tokens
• Implement an authentication solution based on Windows Hello for Business
• Exercise configure and deploy self-service password reset
• Deploy and manage password protection
• Configure smart lockout thresholds
• Exercise - Manage Azure Active Directory smart lockout values
• Implement Kerberos and certificate-based authentication in Azure AD
• Configure Azure AD user authentication for virtual machines

Module 7: Plan, implement, and administer Conditional Access

• Plan security defaults
• Plan Conditional Access policies
• Implement Conditional Access policy controls and assignments
• Test and troubleshoot Conditional Access policies
• Implement application controls
• Implement session management
• Implement continuous access evaluation

Module 8: Plan and implement privileged access

• Define a privileged access strategy for administrative users
• Configure Privileged Identity Management for Azure resources
• Plan and configure Privileged Access Groups
• Analyze Privileged Identity Management audit history and reports
• Create and manage emergency access accounts

Module 9: Plan and implement entitlement management

• Define access packages
• Configure entitlement management
• Configure and manage connected organizations
• Review per-user entitlements

Module 10: Manage Azure AD Identity Protection

• Review identity protection basics
• Implement and manage user risk policy
• Monitor, investigate, and remediate elevated risky users
• Implement security for workload identities
• Explore Microsoft Defender for Identity

Module 11: Protect against threats with Microsoft Defender for Endpoint

• Introduction to Microsoft Defender for Endpoint
• Practice security administration
• Hunt threats within your network

Module 12: Deploy the Microsoft Defender for Endpoint environment

• Create your environment
• Understand operating systems compatibility and features
• Onboard devices
• Manage access
• Create and manage roles for role-based access control
• Configure device groups
• Configure environment advanced features

Module 13: Protect against malicious attacks and unauthorized access with Microsoft Edge

• Understand the secure foundations of Microsoft Edge
• Intercept malicious attacks with Microsoft Defender SmartScreen
• Enhance browser security with Microsoft Defender Application Guard
• Manage controls and policies for Microsoft Edge in Microsoft Endpoint Manager

Module 14: Understand Microsoft 365 encryption

• Learn how BitLocker encrypts data-at-rest
• Understand service encryption in Microsoft Purview
• Explore customer key management using Customer Key
• Learn how data is encrypted in-transit

Module 15: Understand app management using Microsoft Endpoint Manager

• Understand the app management lifecycle
• Learn about configuring apps
• Understand how to protect apps
• Learn about protected apps
• Understand how to apply the data protection framework

Module 16: Manage device compliance

• Plan for device compliance
• Implement compliance policies for Intune managed devices
• Monitor results of your Intune device compliance policies
• Implement user and device groups to monitor device compliance
• Explore Conditional Access policies
• Build Conditional Access policies
• Monitor enrolled devices

Module 17: Remediate risks with Microsoft Defender for Office 365

• Introduction to Microsoft Defender for Office 365
• Automate, investigate, and remediate
• Configure, protect, and detect
• Simulate attacks

Module 18: Query, visualize, and monitor data in Microsoft Sentinel

• Monitor and visualize data
• Query data using Kusto Query Language
• Use default Microsoft Sentinel Workbooks
• Create a new Microsoft Sentinel Workbook

Module 19: Create and manage sensitive information types

• Compare built-in versus custom sensitive information types
• Create and manage custom sensitive information types
• Describe custom sensitive information types with exact data match
• Implement document fingerprinting
• Create keyword dictionary

Module 20: Apply and manage sensitivity labels

• Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
• Plan on-premises labeling
• Configure on-premises labeling for the Unified Labeling Scanner
• Apply protections and restrictions to email and files
• Monitor label performance using label analytics

Module 21: Prevent data loss in Microsoft Purview

• Data loss prevention overview
• Identify content to protect
• Define policy settings for your DLP policy
• Test and create your DLP policy
• Prepare Endpoint DLP
• Manage DLP alerts in the Microsoft Purview compliance portal
• View data loss prevention reports
• Implement the Microsoft Purview Extension

Module 22: Manage data loss prevention policies and reports in Microsoft 365

• Configure data loss prevention for policy precedence
• Implement data loss prevention policies in test mode
• Explain data loss prevention reporting capabilities
• Review and analyze data loss prevention reports
• Manage permissions for data loss prevention reports
• Manage and respond to data loss prevention policy violations

Module 23: Manage the data lifecycle in Microsoft Purview

• Data Lifecycle Management overview
• Configure retention policies
• Configure retention labels
• Configure manual retention label policies
• Configure auto-apply retention label policies
• Import data for Data Lifecycle Management
• Manage, monitor, and remediate Data Lifecycle Management

Module 24: Manage data retention in Microsoft 365 workloads

• Explain retention in Exchange Online
• Explain retention in SharePoint Online and OneDrive
• Explain retention in Microsoft Teams
• Explain retention in Microsoft Yammer
• Recover content in Microsoft 365 workloads
• Activate archive mailboxes in Microsoft Exchange
• Apply mailbox holds in Microsoft Exchange
• Recover content in Microsoft Exchange

Module 25: Manage records in Microsoft Purview

• Records management overview
• Import a file plan
• Configure retention labels
• Configure event driven retention
• Manage, monitor, and remediate records

Module 26: Manage compliance in Microsoft 365 and Exchange Online

• Introduction to managing compliance
• Configure retention policies
• Configure data loss prevention policies
• Configure and analyze audit logs
• Manage journal rules
• Manage content search

Module 27: Manage Microsoft Purview eDiscovery (Premium)

• Explore Microsoft Purview eDiscovery (Premium)
• Implement Microsoft Purview eDiscovery (Premium)
• Create and manage an eDiscovery (Premium) case
• Manage custodians and non-custodial data sources
• Analyze case content

Module 28: Manage regulatory and privacy requirements with Microsoft Priva

• Create and manage risk management policies
• Investigate and remediate risk management alerts
• Create rights requests
• Manage data estimate and retrieval for rights requests
• Review data from rights requests
• Get reports from rights requests

Module 29: Prepare Microsoft Purview Communication Compliance

• Introduction to communication compliance
• Identify and resolve communication compliance workflow
• Introduction to communication compliance policies
• Knowledge check
• Case study--Configure an offensive language policy
• Investigate and remediate communication compliance alerts

Module 30: Manage insider risk in Microsoft Purview

• Insider risk management overview
• Introduction to managing insider risk policies
• Create and manage insider risk policies
• Knowledge check
• Investigate insider risk alerts
• Take action on insider risk alerts through cases

Module 31: Plan information barriers

• Introduction to planning information barriers
• Plan information barriers
• Sample scenario on information barriers

Module 32: Implement privileged access management

• Introduction to privileged access management
• Case study--Implementing privileged access management

Module 33 : Manage Customer Lockbox

• Introduction to Customer Lockbox
• Manage Customer Lockbox requests