It’s been over a year and a half since I wrote my original guide for this exam, and that was while it was in beta, so this update is long overdue. Just like with MS-100, the exam objectives haven’t really changed much, but in this exam it means the objectives are, let’s be polite and say a little bit stale in places.

What do I mean by stale? The main area that jumps out at me are some of the client related areas. it still refers to Windows Defender Advanced Threat Protection, which was renamed over a year ago. The other area is with Windows 10 and Upgrade Analyzer, which is also something that has been phased out. MS-500 however, has been updated to reflect the name change from WDATP to MDATP, but I think that’s probably more of a sign that the MS-500 exam gets a bit more attention due to it being a standalone exam that also gets you a certification.

These are fairly minor issues to call out though, and I could nitpick over some of the others, but they don’t really change what you need to know for the exam to the point where the inaccuracies would cause you to fail the exam. The reality is that over the last year and a half since the exam was released there are many more people familiar with many of these technologies, so you may not have as steep a learning learning curve for this exam today.

One of the things that also stands is that Conditional Access policies are lumped in under device management rather than being AAD associated, which is a bit of a dated view, but again, it shouldn’t cause problems in the exam. I’m sure you might notice a few other things in here that you would like more clarity on, such as whether or not protection.office.com is what you should know how to navigate versus security.microsoft.com and compliance.microsoft.com, but again at this stage it shouldn’t really have an impact on your results.

For the latest updates to exam prep guides please check https://intunedin.net/exams

Implement Modern Device Services (40-45%)

Plan device management

• plan device monitoring
  • Intune reports
• plan Microsoft Endpoint Manager implementation and integration with Azure AD
  • What is co-management?
• plan for configuration profiles
  • Assign profiles

Manage device compliance

• plan for device compliance
  • Get started with device compliance policies in Intune
  • Create a device compliance policy
• plan for attack surface reduction
  • Protect device data
  • Configure attack surface reduction
  • Configure next generation protection
• configure security baselines
  • Manage security baselines
• configure device compliance policy
  • Create a device compliance policy
• plan and configure conditional access policies
  • Common ways to use conditional access
  • Device-based Conditional Access policy
  • App-based Conditional Access

Plan for apps

• create and configure Microsoft Store for Business
  • Microsoft Store for Business and Microsoft Store for Education overview
• plan app deployment
  • Distribute apps with a management tool
  • Distribute apps using your private store
  • Assign apps to employees
• plan for mobile application management (MAM)
  • Compare MDM and MAM

Plan Windows 10 deployment

• plan for Windows as a Service (WaaS)
  • Overview of Windows as a service
• plan for managing Windows quality and feature updates
  • Feature updates policy
  • Update rings policy
• plan Windows 10 Enterprise deployment methods
  • Windows 10 deployment considerations
• analyze upgrade readiness for Windows 10 by using services such as Desktop Analytics
  • What is Desktop Analytics
• evaluate and deploy additional Windows 10 Enterprise security features
  • Windows 10 Enterprise Security

Enroll devices

• plan for device join to Azure Active Directory (Azure AD)
  • What is device management in Azure AD?
• plan for manual and automated device enrollment
  • Set up automatic enrollment
• enable device enrollment
  • Planning guide
  • Set the MDM authority
  • Restrictions

Implement Microsoft 365 Security and Threat Management (20-25%)

Manage security reports and alerts

• evaluate and manage Microsoft Office 365 tenant security by using Secure Score
  • Secure score and security controls
• manage incident investigation
  • Manage incidents
• review and manage Microsoft 365 security alerts
  • Alerts in the Security & Compliance Center

Plan and implement threat protection with Microsoft Defender

• plan Microsoft Defender for Endpoint
  • Get started
  • Configure and manage capabilities
  • Configure conditional access
  • Configure Microsoft Cloud App Security integration
• design Microsoft Defender for Office 365 policies
  • Overview
• implement Microsoft Defender for Identity
  • Create your Microsoft Defender for Identity instance
  • Install the Microsoft Defender for Identity sensor

Plan Microsoft Cloud App Security

• plan information protection by using Cloud App Security
  • Compare MCAS and OCAS
• plan policies to manage access to cloud apps
  • Basic set up
• plan for application connectors
  • Connect apps
• configure Cloud App Security policies
  • Control cloud apps with policies
• review and respond to Cloud App Security alerts
  • Manage alerts
• monitor for unauthorized cloud applications
  • Configure automatic log upload for continuous reports

Manage Microsoft 365 Governance and Compliance (35-40%)

Plan for compliance requirements

• plan compliance solutions
  • Microsoft 365 compliance center
• assess compliance
  • Compliance Manager
• plan for legislative and regional or industry requirements and drive implementation
  • How your compliance score is calculated

Manage information governance

• plan data classification
  • Get started with sensitivity labels
• plan for classification labeling
  • Create and publish sensitivity labels
  • Enable sensitivity labels for Office files in SharePoint and OneDrive
• plan for restoring deleted content
  • Restore items in the Recycle Bin of a SharePoint site
  • Restore deleted items from the Site collection recycle bin 
  • Manage inactive mailboxes
• implement records management
  • Learn about records management
• design data retention labels and policies in Microsoft 365
  • Retention policies and labels

Implement Information protection

• plan an information protection solution
  • Learn about sensitivity labels
• plan and implement sensitivity labels and policies
  • Retention policies and labels
• monitor label alerts and analytics
  • Alert policies
  • Using Azure Information Protection reports
• deploy Azure Information Protection unified labels clients
  • Unified labeling client requirements
• configure Information Rights Management (IRM) for workloads
  • Configuration for online services to use the Azure Rights Management service
• plan for Windows information Protection (WIP) implementation
  • Get ready for WIP app protection policies

Plan and implement data loss prevention (DLP)

• plan for DLP
  • Learn about data loss prevention
• configure DLP policies
  • Create a DLP policy from a template
  • Create, test, and tune a DLP policy
• monitor DLP
  • View the DLP reports
  • What the DLP functions look for

Manage search and investigation

• plan for auditing
  • Turn audit log search on or off
  • Configure your Microsoft 365 tenant for increased security
  • Enable mailbox auditing
  • Search the audit log i
• plan for eDiscovery
  • Get Started With Core eDiscovery
  • Assign eDiscovery permissions
• implement insider risk management
  • Insider risk management
• design a Content Search solution
  • Use Content Search

For the latest updates to exam prep guides please check https://intunedin.net/exams