
It’s been over a year and a half since I wrote my original guide for this exam, and that was while it was in beta, so this update is long overdue. Just like with MS-100, the exam objectives haven’t really changed much, but in this exam it means the objectives are, let’s be polite and say a little bit stale in places.
What do I mean by stale? The main area that jumps out at me are some of the client related areas. it still refers to Windows Defender Advanced Threat Protection, which was renamed over a year ago. The other area is with Windows 10 and Upgrade Analyzer, which is also something that has been phased out. MS-500 however, has been updated to reflect the name change from WDATP to MDATP, but I think that’s probably more of a sign that the MS-500 exam gets a bit more attention due to it being a standalone exam that also gets you a certification.
These are fairly minor issues to call out though, and I could nitpick over some of the others, but they don’t really change what you need to know for the exam to the point where the inaccuracies would cause you to fail the exam. The reality is that over the last year and a half since the exam was released there are many more people familiar with many of these technologies, so you may not have as steep a learning learning curve for this exam today.
One of the things that also stands is that Conditional Access policies are lumped in under device management rather than being AAD associated, which is a bit of a dated view, but again, it shouldn’t cause problems in the exam. I’m sure you might notice a few other things in here that you would like more clarity on, such as whether or not protection.office.com is what you should know how to navigate versus security.microsoft.com and compliance.microsoft.com, but again at this stage it shouldn’t really have an impact on your results.
Implement Modern Device Services (30-35%)
- Implement Mobile Device Management (MDM)
- Plan for MDM
- Configure MDM integration with Azure AD
- Set an MDM authority
- Set device enrollment limit for users
- Manage device compliance
- Plan for device Compliance
- Design Conditional Access Policies
- Create Conditional Access Policies
- Configure device compliance policy
- Manage Conditional Access Policies
- Plan for devices and apps
- Create and configure Microsoft Store for Business
- Plan app deployment
- Plan device co-management
- Plan device monitoring
- Plan for device profiles
- Plan for Mobile Application Management
- Plan mobile device security
- Plan Windows 10 deployment
- Plan for Windows as a Service (WaaS)
- Plan the appropriate Windows 10 Enterprise deployment method
- Analyze upgrade readiness for Windows 10
- Evaluate and deploy additional Windows 10 Enterprise security features
Implement Microsoft 365 Security and Threat Management (30-35%)
- Implement Cloud App Security (CAS)
- Configure Cloud App Security (CAS)
- Configure Cloud App Security (CAS) policies
- Configure Connected apps
- Design cloud app security (CAS) Solution
- Manage Cloud App Security (CAS) alerts
- Upload cloud app security (CAS) traffic logs
- Implement threat management
- Plan a threat management solution
- Design Azure Advanced Threat Protection (ATP) Policies
- Design Microsoft 365 ATP Policies
- Configure Azure ATP
- Configure Microsoft 365 ATP Policies
- Monitor Advanced Threat Analytics (ATA) incidents
- Implement Windows Defender Advanced Threat Protection (ATP)
- Plan Windows Defender ATP Solution
- Configure preferences
- Implement Windows Defender ATP Policies
- Enable and configure security features of Windows 10 Enterprise
- Manage security reports and alerts
- Manage service assurance dashboard
- Manage tracing and reporting on Azure AD Identity Protection
- Configure and manage Microsoft 365 security alerts
- Configure and manage Azure Identity Protection dashboard and alerts
Manage Microsoft 365 Governance and Compliance (35-40%)
- Configure Data Loss Prevention (DLP)
- Configure DLP Policies
- Design data retention policies in Microsoft 365
- Manage DLP exceptions
- Monitor DLP policy matches
- Manage DLP policy matches
- Implement Azure Information Protection (AIP)
- Plan AIP solution
- Plan for deployment On-Prem rights management Connector
- Plan for Windows information Protection (WIP) implementation
- Plan for classification labeling
- Configure Information Rights Management (IRM) for Workloads
- Configure Super User
- Deploy AIP Clients
- Implement Azure Information Protection policies
- Implement AIP tenant key
- Manage data governance
- Configure information retention
- Plan for Microsoft 365 backup
- Plan for restoring deleted content
- Plan information Retention Policies
- Manage auditing
- Configure audit log retention
- Configure audit policy
- Monitor Unified Audit Logs
- Manage eDiscovery
- Search content by using Security and Compliance Center
- Plan for in-place and legal hold
- Configure eDiscovery and create cases