
The exam description for MS-101 has just been refreshed again, so it’s time to drop back in and update the resource list to make sure any new items are covered and that existing links are refreshed if needed. What are the changes to watch out for? Read on and see…
The main change is the shift away from Azure Information Protection to Sensitivity Labels in the governance section. One of the benefits of this is that it’s moved away from things like the on-premises RMS connector, as well as some of the more AIP specific items such as deploying the AIP client, instead focusing on the unified labelling approach that has been the real world push for a while now.
Implement Modern Device Services (30-35%)
- Implement Mobile Device Management (MDM)
- Plan for MDM
- Configure MDM integration with Azure AD
- Set device enrollment limit for users
- Manage device compliance
- Plan for device compliance
- Design Conditional Access Policies
- Create Conditional Access Policies
- Configure device compliance policy
- Manage Conditional Access Policies
- Plan for devices and apps
- Create and configure Microsoft Store for Business
- Plan app deployment
- Plan device co-management
- Plan device monitoring
- Plan for device profiles
- Plan for Mobile Application Management
- Plan mobile device security
- Plan Windows 10 deployment
- Plan for Windows as a Service (WaaS)
- Plan the appropriate Windows 10 Enterprise deployment method
- Analyze upgrade readiness for Windows 10 by using services such as Desktop Analytics
- Evaluate and deploy additional Windows 10 Enterprise security features
Implement Microsoft 365 Security and Threat Management (30-35%)
- Implement Cloud App Security (CAS)
- Configure Cloud App Security (CAS)
- Configure Cloud App Security (CAS) policies
- Configure Connected apps
- Design cloud app security (CAS) Solution
- Manage Cloud App Security (CAS) alerts
- Upload cloud app security (CAS) traffic logs
- Implement threat management
- Plan a threat management solution
- Design Azure Advanced Threat Protection (ATP) Policies
- Design Microsoft 365 ATP Policies
- Configure Azure ATP
- Configure Microsoft 365 ATP Policies
- Monitor Advanced Threat Analytics (ATA) incidents
- Implement Microsoft Defender Advanced Threat Protection (ATP)
- Plan a Microsoft Defender ATP Solution
- Configure preferences
- Implement Microsoft Defender ATP Policies
- Enable and configure security features of Windows 10 Enterprise
- Manage security reports and alerts
- Manage service assurance dashboard
- Manage tracing and reporting on Azure AD Identity Protection
- Configure and manage Microsoft 365 security alerts
- Configure and manage Azure Identity Protection dashboard and alerts
Manage Microsoft 365 Governance and Compliance (35-40%)
- Configure Data Loss Prevention (DLP)
- Configure DLP Policies
- Design data retention policies in Microsoft 365
- Manage DLP exceptions
- Monitor DLP policy matches
- Manage DLP policy matches
- Implement sensitivity labels
- plan for sensitivity labels
- create and publish sensitivity labels
- use sensitivity labels on SharePoint and OneDrive
- plan for Windows information Protection (WIP) implementation
- Manage data governance
- Configure information retention
- Plan for Microsoft 365 backup
- Plan for restoring deleted content
- Plan information Retention Policies
- Manage auditing
- Configure audit log retention
- Configure audit policy
- Monitor Unified Audit Logs
- Manage eDiscovery
- Search content by using Security & Compliance admin center
- Plan for in-place and legal hold
- Configure eDiscovery and create cases
So, what are some of the things that have gotten a bit stale – probably the big one is the branding changes that were announced at Ignite 2020 haven’t come in to play yet. This isn’t really a big deal, and it does take a while for the new names to become better known, so I don’t really think it’s that big a deal. However, in a year’s time if it’s still referecing xTP instead of Microsoft Defender branded technologies, that’s a bigger issue. Some of the items that previously took a while to be updated such as Windows Defender ATP to Microsoft Defender ATP have been addressed though, so these changes do get rolled in over time.