MS-500 Exam and Certification

I’ve had to run various Microsoft 365 security and compliance related courses over the last couple of months, and it’s amazing how quickly these technologies are evolving. This means that the exams are also being updated, so here’s an updated version of my preparation reading list based on the June 8, 2020 exam objective update.

Implement and manage identity and access (30-35%)

Secure Microsoft 365 hybrid environments

Secure Identities

Implement authentication methods

Implement conditional access

Implement role-based access control (RBAC)

Implement Azure AD Privileged Identity Management (PIM)

Implement Azure AD Identity Protection

Implement and manage threat protection (20-25%)

Implement an enterprise hybrid threat protection solution

Implement device threat protection

Implement and manage device and application protection

Implement and manage Office 365 ATP

Implement Azure Sentinel for Microsoft 365

Implement and manage information protection (15-20%)

Secure data access within Office 365

Manage Azure information Protection (AIP)

Manage Data Loss Prevention (DLP)

Implement and manage Microsoft Cloud App Security

Manage governance and compliance features in Microsoft 365 (25-30%)

Configure and analyze security reporting

Manage and analyze audit logs and reports

Manage data governance and retention

Manage search and investigation

Manage data privacy regulation compliance

Good luck in your exam preparation, and don’t forget to let me know if you hit any dead links. I’ve cleaned up a few already, but I’m sure there are some that will change over time.