Preparing for the MS-100 Microsoft 365 Identity and Services Exam (July 2020 Update)

This guide has been updated, check out the latest version here – https://intunedin.net/2021/02/02/preparing-for-the-ms-100-microsoft-365-identity-and-services-exam-february-2021-update/

It’s been over a year and a half since I published the initial version of this prep guide, so I thought it’s about time I update it and discuss where this fits in the Microsoft 365 exam world. Additional exams have been announced and released since this exam first went into beta, moving the conversation away from comparisons with the exams that were being replaced.

What are the two main exams that have changed this landscape? MS-900 Microsoft 365 Fundamentals and MS-500 Microsoft 365 Security Administration were both introduced as exams that would give you a certification as opposed to this exam which also requires you to to pass multiple exams to get a certification. What I’ve learned, and been somewhat surprised by over the last couple of years is that for many people the exam to certification ratio drives behaviors in ways I wouldn’t have believed, even when it leads to people following a path that will lead to better skills.

I still recommend MS-100 as the starting exam exam for someone who wants to get Microsoft 365 certifications, as the skills required really have moved into being expected skills in many organizations. Once you’ve done MS-100 and MS-101, there really isn’t a huge amount of effort for you to sit MS-900 and MS-500 if you are in certification acquisition mode.

For the latest updates to exam prep guides please check https://intunedin.net/exams

Design and implement Microsoft 365 services (25-30%)

Plan Architecture

• plan integration of Microsoft 365 and on-premises environments
  • Prepare your organization’s network for Teams
  • Office 365 URLs and IP address ranges
• identify deployment workloads team
  • Deployment planning checklist for Microsoft 365
• plan an identity and authentication solution
  • Assign users to admin roles
  • Hybrid identity documentation
  • Authentication methods
  • Understanding Microsoft 365 identity and Azure Active Directory
• plan enterprise application modernization
  • Authentication methods

Deploy a Microsoft 365 tenant

• manage domains
  • Add domain
  • Can I pilot Microsoft 365 with just a few email addresses from my custom domain?
  • Domains FAQ
  • DNS basics
  • Can I add custom subdomains or multiple domains to Microsoft 365?
  • How do I change the default domain in Microsoft 365?
• configure organizational settings
  • Customize your organization theme
  • Customize Sign-in page
• complete the organizational profile
  • Change your organization’s address, technical contact, and more
• add a Microsoft partner or work with Microsoft FastTrack
  • Add, change, or delete a subscription advisor partner
• complete the subscription setup wizard
  • Try or buy Microsoft 365
• plan and create a tenant
  • Plan your setup
• edit an organizational profile
  • Change your organization’s address, technical contact, and more
• plan and create subscription(s)
  • Subscriptions, licenses, and tenants
• configure tenant-wide workload settings
  • About the Microsoft 365 admin center

Manage Microsoft 365 subscription and tenant health

• manage service health alerts
  • Service Health and Continuity
• create & manage service requests
  • Contact support for business products
• create internal service health response plan
  • Service Health and Continuity
• monitor service health
  • Service health
• monitor license allocations
  • Manage user accounts and licenses
• configure and review reports, including BI, Operations Management Suite (OMS), and Microsoft 365 reporting
  • Activity reports and analytics
  • Plan an Azure Active Directory reporting and monitoring deployment
  • Connect Office 365 Logs to Azure Sentinel
• schedule and review security and compliance reports
  • View the DLP reports
  • View the data governance reports
  • View Microsoft Defender for Office 365 reports
  • Manage schedules for multiple reports
• schedule and review usage metrics
  • Usage analytics

Plan migration of users and data

• identify data to be migrated and migration methods
  • Migrate to Microsoft 365 – Migrate to SharePoint and OneDrive
• identify users and mailboxes to be migrated and migration methods
  • Migrate email to Microsoft 365
  • Exchange Deployment Assistant
• plan migration of on-premises users and groups
  • Plan for directory synchronization
• import PST Files
  • Overview of importing your organization PST files to Office 365

Manage user identity and roles (25-30%)

Design identity strategy

• evaluate requirements and solutions for synchronization
  • Hybrid Identity Design Considerations Overview
  • Install and run the IdFix tool
• evaluate requirements and solutions for identity management
  • Understanding Microsoft 365 identity and Azure Active Directory
• evaluate requirements and solutions for authentication
  • Determine identity requirements

Plan identity synchronization

• design directory synchronization
  • Hybrid Identity Design Considerations Overview
• implement directory synchronization with directory services, federation services, and Azure endpoints by using Azure AD Connect
  • Managing federation with Azure AD Connect

Manage identity synchronization with Azure Active Directory (Azure AD)

• configure directory synchronization by using Azure AD Connect
  • Set up directory synchronization for Microsoft 365
• monitor Azure AD Connect Health
  • Azure AD Connect Health Operations
• manage Azure AD Connect synchronization
  • What is Azure AD Connect Sync?
• configure object filters
  • Configure filtering
• configure password synchronization
  • What is password hash synchronization?
• implement multi-forest AD Connect scenarios
  • Multiple forests, single Azure AD tenant

Manage Azure AD identities

• plan Azure AD identities
  • What is hybrid identity?
• implement and manage self-service password reset (SSPR)
  • Deploy self-service password reset
• manage access reviews
  • Manage user access with access reviews
  • Manage guest access with access reviews
• manage groups
  • Groups and access management
  • Group-based licensing
• manage passwords
  • Reset a user’s password
• manage product licenses
  • Manage user accounts and licenses
• manage users
  • Add or delete a new user
• perform bulk user management
  • Connect to all Microsoft 365 services in a single Windows PowerShell window
  • Overview

Manage roles

• plan user roles
  • About admin roles
• manage admin roles
  • View and assign roles
  • Protect your Microsoft 365 global administrator accounts
  • Offer delegated administration
  • Delegate Azure AD admin roles
• allocate roles for workloads
  • Assign admin roles
  • Role security planning
  • Least-privileged roles by task
• manage role allocations by using Azure AD
  • Assign users to admin roles
  • Portal
  • PowerShell

Manage access and authentication (15-20%)

Manage authentication

• design an authentication method
  • Azure Active Directory deployment plans
  • Determine multi-factor auth requirements
• configure authentication
  • How it works: Azure Multi-Factor Authentication
  • How it works: Azure AD self-service password reset
  • How it works: Azure Multi-Factor Authentication
• implement an authentication method
  • Authentication methods
• manage authentication
  • Authentication methods
• monitor authentication
  • Sign-in logs
  • What are Azure AD reports?
  • What is Azure AD monitoring?

Plan and implement secure access

• design a conditional access solution
  • Common ways to use conditional access
• implement entitlement packages
  • What is Azure AD entitlement management?
• implement Azure AD Identity Protection
  • Configure the user risk policy
  • Configure the sign-in risk policy
• manage identity protection
  • Simulate risk events
• implement conditional access
  • Create and assign conditional access policy
• manage conditional access
  • Create a device compliance policy
  • Monitor conditional access
• implement and secure access for guest and external users
  • Add guest users to your directory in the Azure portal
  • Add a guest user with PowerShell
  • Manage access to Azure resources for external guest users using RBAC

Configure application access

• configure application registration in Azure AD
  • Register an app
• configure Azure AD application proxy
  • Enable Application Proxy
• publish enterprise apps in Azure AD
  • Add a non-gallery app

Plan Office 365 workloads and applications (25-30%)

Plan for Microsoft 365 Apps deployment

• plan for Microsoft connectivity
  • Assess your environment and requirements
• manage Microsoft 365 Apps
  • Deployment guide
• plan for Office online
  • Office Online Service Description
• assess readiness using Microsoft analytics
  • About usage analytics
• plan Microsoft 365 App compatibility
  • App compatability & readiness assessment tools
• manage Office software downloads
  • Deploy Microsoft 365 Apps from the cloud
  • Deploy Microsoft 365 Apps from a local source
  • Overview of the Office Deployment Tool
• plan for Microsoft 365 apps updates
  • Overview of update channels

Plan for messaging deployments

• plan migration strategy
  • Migrate your content to Microsoft 365
  • Migrate multiple email accounts to Microsoft 365
• plan messaging deployment
  • How to configure Exchange Server on-premises to use Hybrid Modern Authentication
• identify hybrid requirements
  • Exchange Hybrid deployment prerequisites
• plan for connectivity
  • Microsoft 365 Network Connectivity Principles
  • Network planning and performance tuning for Office 365
• plan for mail routing
  • Transport routing in Exchange hybrid deployments
  • Mail flow best practices
• plan email domains
  • Manage accepted domains

Plan for Microsoft SharePoint Online and OneDrive for Business

• plan migration strategy
  • Migrate your content to Microsoft 365
  • Migrate your content to SharePoint, OneDrive, and Teams
• plan external share settings
  • Add guest users in the portal
  • Add guest users with PowerShell
  • Admins adding B2B users
  • Information workers adding B2B users
  • Configure external collaboration settings
• identify hybrid requirements
  • Plan SharePoint Server hybrid
• manage access configurations
  • Permissions and sharing
• manage Microsoft groups
  • Overview of Microsoft 365 Groups for administrators
• manage SharePoint tenant and site settings
  • Manage sites in the new SharePoint admin center

Plan for Microsoft Teams infrastructure

• plan for communication and call quality and capacity
  • Monitor and improve call quality for Microsoft Teams
  • Set up Call Quality Dashboard (CQD)
  • Microsoft 365 Network Connectivity Principles
  • Network planning and performance tuning for Microsoft 365
• plan for Phone System
  • Understand calling in Microsoft Teams
  • What is Phone System?
• plan Microsoft Teams deployment
  • Migrate to Microsoft Teams
  • Migrate your content to Microsoft 365
• plan Microsoft Teams organizational settings
  • Manage Microsoft Teams settings for your organization
• plan for guest and external access
  • Manage External Access in Microsoft Teams
• plan for Microsoft Teams hybrid connectivity and co-existence
  • Migration and interoperability guidance for organizations using Teams together with Skype for Business
  • Understand Microsoft Teams and Skype for Business coexistence and interoperability

Plan Microsoft Power Platform integration

• implement Microsoft Power Platform Center of Excellence (CoE) starter kit
  • Center of Excellence (CoE) overview
• plan for Power Platform workload deployments
  • Power Apps enterprise deployment whitepaper
• plan resource deployment
  • Plan for deployment and administration
• plan for connectivity (and data flow)
  • Create and use dataflows in Microsoft Power Platform
• manage environments
  • Working with the admin portals
• manage resources
  • Resource overview

For the latest updates to exam prep guides please check https://intunedin.net/exams