The exam description for MS-101 has just been refreshed again, so it’s time to drop back in and update the resource list to make sure any new items are covered and that existing links are refreshed if needed. What are the changes to watch out for? Read on and see…
The main change is the shift away from Azure Information Protection to Sensitivity Labels in the governance section. One of the benefits of this is that it’s moved away from things like the on-premises RMS connector, as well as some of the more AIP specific items such as deploying the AIP client, instead focusing on the unified labelling approach that has been the real world push for a while now.
For the latest updates to exam prep guides please check https://intunedin.net/exams
Implement Modern Device Services (40-45%)
Plan device management
- plan device monitoring
- plan Microsoft Endpoint Manager implementation and integration with Azure AD
- plan for configuration profiles
Manage device compliance
- plan for device compliance
- plan for attack surface reduction
- configure security baselines
- configure device compliance policy
- plan and configure conditional access policies
Plan for apps
- create and configure Microsoft Store for Business
- plan app deployment
- plan for mobile application management (MAM)
Plan Windows 10 deployment
- plan for Windows as a Service (WaaS)
- plan for managing Windows quality and feature updates
- plan Windows 10 Enterprise deployment methods
- analyze upgrade readiness for Windows 10 by using services such as Desktop Analytics
- evaluate and deploy additional Windows 10 Enterprise security features
Enroll devices
- plan for device join to Azure Active Directory (Azure AD)
- plan for manual and automated device enrollment
- enable device enrollment
Implement Microsoft 365 Security and Threat Management (20-25%)
Manage security reports and alerts
- evaluate and manage Microsoft Office 365 tenant security by using Secure Score
- manage incident investigation
- review and manage Microsoft 365 security alerts
Plan and implement threat protection with Microsoft Defender
- plan Microsoft Defender for Endpoint
- design Microsoft Defender for Office 365 policies
- implement Microsoft Defender for Identity
Plan Microsoft Cloud App Security
- plan information protection by using Cloud App Security
- plan policies to manage access to cloud apps
- plan for application connectors
- configure Cloud App Security policies
- review and respond to Cloud App Security alerts
- monitor for unauthorized cloud applications
Manage Microsoft 365 Governance and Compliance (35-40%)
Plan for compliance requirements
- plan compliance solutions
- assess compliance
- plan for legislative and regional or industry requirements and drive implementation
Manage information governance
- plan data classification
- plan for classification labeling
- plan for restoring deleted content
- implement records management
- design data retention labels and policies in Microsoft 365
Implement Information protection
- plan an information protection solution
- plan and implement sensitivity labels and policies
- monitor label alerts and analytics
- deploy Azure Information Protection unified labels clients
- configure Information Rights Management (IRM) for workloads
- plan for Windows information Protection (WIP) implementation
Plan and implement data loss prevention (DLP)
- plan for DLP
- configure DLP policies
- monitor DLP
Manage search and investigation
- plan for auditing
- plan for eDiscovery
- implement insider risk management
- design a Content Search solution
For the latest updates to exam prep guides please check https://intunedin.net/exams
