Preparing for the MS-101 Microsoft 365 Mobility and Security Exam (November 2020 Update)

The exam description for MS-101 has just been refreshed again, so it’s time to drop back in and update the resource list to make sure any new items are covered and that existing links are refreshed if needed. What are the changes to watch out for? Read on and see…

The main change is the shift away from Azure Information Protection to Sensitivity Labels in the governance section. One of the benefits of this is that it’s moved away from things like the on-premises RMS connector, as well as some of the more AIP specific items such as deploying the AIP client, instead focusing on the unified labelling approach that has been the real world push for a while now.

Implement Modern Device Services (30-35%)

• Implement Mobile Device Management (MDM)
  • Plan for MDM
    • Planning guide
    • Set the MDM authority
  • Configure MDM integration with Azure AD
    • What is device management in Azure AD?
    • Set up automatic enrollment
  • Set device enrollment limit for users
    • Restrictions
• Manage device compliance
  • Plan for device compliance
    • Create a device compliance policy
  • Design Conditional Access Policies
    • Common ways to use conditional access
  • Create Conditional Access Policies
    • Device-based Conditional Access policy
    • App-based Conditional Access
  • Configure device compliance policy
    • Get started with device compliance policies in Intune
  • Manage Conditional Access Policies
    • Create a device-based Conditional Access policy
• Plan for devices and apps
  • Create and configure Microsoft Store for Business
    • Microsoft Store for Business and Microsoft Store for Education overview
  • Plan app deployment
    • Distribute apps with a management tool
    • Distribute apps using your private store
    • Assign apps to employees
  • Plan device co-management
    • What is co-management?
  • Plan device monitoring
    • Intune reports
  • Plan for device profiles
    • Assign profiles
  • Plan for Mobile Application Management
    • Compare MDM and MAM
  • Plan mobile device security
    • Protect device data
• Plan Windows 10 deployment
  • Plan for Windows as a Service (WaaS)
    • Overview of Windows as a service
  • Plan the appropriate Windows 10 Enterprise deployment method
    • Windows 10 deployment considerations
  • Analyze upgrade readiness for Windows 10 by using services such as Desktop Analytics
    • What is Desktop Analytics
  • Evaluate and deploy additional Windows 10 Enterprise security features
    • Windows 10 Enterprise Security

Implement Microsoft 365 Security and Threat Management (30-35%)

• Implement Cloud App Security (CAS)
  • Configure Cloud App Security (CAS)
    • Basic set up
  • Configure Cloud App Security (CAS) policies
    • Control cloud apps with policies
  • Configure Connected apps
    • Connect apps
  • Design cloud app security (CAS) Solution
    • Compare MCAS and OCAS
  • Manage Cloud App Security (CAS) alerts
    • Manage alerts
  • Upload cloud app security (CAS) traffic logs
    • Configure automatic log upload for continuous reports
• Implement threat management
  • Plan a threat management solution
    • Protect against threats
  • Design Azure Advanced Threat Protection (ATP) Policies
    • Create your Azure ATP instance
  • Design Microsoft 365 ATP Policies
    • Turn on Microsoft Threat Protection
  • Configure Azure ATP
    • Configure the Azure ATP sensor
  • Configure Microsoft 365 ATP Policies
    • Overview
  • Monitor Advanced Threat Analytics (ATA) incidents
    • ATA reports
• Implement Microsoft Defender Advanced Threat Protection (ATP)
  • Plan a Microsoft Defender ATP Solution
    • Get started
  • Configure preferences
    • Configure and manage capabilities
    • Configure conditional access
    • Configure Microsoft Cloud App Security integration
  • Implement Microsoft Defender ATP Policies
    • Microsoft Defender ATP
  • Enable and configure security features of Windows 10 Enterprise
    • Configure attack surface reduction
    • Configure next generation protection
• Manage security reports and alerts
  • Manage service assurance dashboard
    • Service assurance in the Office 365 Security & Compliance Center
  • Manage tracing and reporting on Azure AD Identity Protection
    • What is Azure AD Identity Protection?
  • Configure and manage Microsoft 365 security alerts
    • Alerts in the Office 365 Security Compliance Center
  • Configure and manage Azure Identity Protection dashboard and alerts
    • Close active risk events

Manage Microsoft 365 Governance and Compliance (35-40%)

• Configure Data Loss Prevention (DLP)
  • Configure DLP Policies
    • Create a DLP policy from a template
  • Design data retention policies in Microsoft 365
    • Retention policies
  • Manage DLP exceptions
    • Create, test, and tune a DLP policy
  • Monitor DLP policy matches
    • View the DLP reports
  • Manage DLP policy matches
    • What the DLP functions look for

• Implement sensitivity labels
  • plan for sensitivity labels
    • Get started with sensitivity labels
  • create and publish sensitivity labels
    • Create and publish sensitivity labels
  • use sensitivity labels on SharePoint and OneDrive
    • Enable sensitivity labels for Office files in SharePoint and OneDrive
  • plan for Windows information Protection (WIP) implementation
    • Get ready for WIP app protection policies

• Manage data governance
  • Configure information retention
    • Retention policies
  • Plan for Microsoft 365 backup
    • Back up data before switching plans
  • Plan for restoring deleted content
    • Restore items in the Recycle Bin of a SharePoint site
    • Restore deleted items from the Site collection recycle bin 
    • Manage inactive mailboxes
  • Plan information Retention Policies
    • Retention policies
      
• Manage auditing
  • Configure audit log retention
    • Turn audit log search on or off
  • Configure audit policy
    • Configure your Microsoft 365 tenant for increased security
    • Enable mailbox auditing
  • Monitor Unified Audit Logs
    • Search the audit log in the Office 365 Security & Compliance Center
      
• Manage eDiscovery
  • Search content by using Security & Compliance admin center
    • Use Content Search
  • Plan for in-place and legal hold
    • In-Place and Litigation Holds
    • Retention policies and labels
  • Configure eDiscovery and create cases
    • Get Started With Core eDiscovery
    • Assign eDiscovery permissions

So, what are some of the things that have gotten a bit stale – probably the big one is the branding changes that were announced at Ignite 2020 haven’t come in to play yet. This isn’t really a big deal, and it does take a while for the new names to become better known, so I don’t really think it’s that big a deal. However, in a year’s time if it’s still referecing xTP instead of Microsoft Defender branded technologies, that’s a bigger issue. Some of the items that previously took a while to be updated such as Windows Defender ATP to Microsoft Defender ATP have been addressed though, so these changes do get rolled in over time.