The exam objectives for MS-500 have just had a minor update, so it’s time for an update to the objectives, as well as cleaning up a few links. You will notice that the threat protection branding hasn’t been updated to reflect the Defender rebranding, which means that the articles being linked to won’t always match the wording in the objectives.
Is the older branding usage a problem? Not really, I’d argue that it makes sense for their to be a bit of a delay in changing exam descriptions just because a product’s branding has changed. The reality is that those who are preparing for the exam should be aware of the changes, so it doesn’t really matter one way or the other. For those who are primarily learning about the technologies in order to sit the exam, having the older branding being referred to consistently can help get through the exam and then deal with coming to terms with the branding changes.
For the latest updates to exam prep guides please check https://intunedin.net/exams
Implement and manage identity and access (30-35%)
Secure Microsoft 365 hybrid environments
- plan Azure AD authentication options
- plan Azure AD synchronization options
- monitor and troubleshoot Azure AD Connect events
Secure Identities
- implement Azure AD membership
- implement password management
- configure and manage identity governance
Implement authentication methods
- plan sign-on security
- implement multi-factor authentication (MFA)
- manage and monitor MFA
- plan and implement device authentication methods like Windows Hello
- configure and manage Azure AD user authentication options and self-service password management
Implement conditional access
- plan for compliance and conditional access policies
- configure and manage device compliance for endpoint security
- implement and manage conditional access
Implement role-based access control (RBAC)
- plan for roles
- configure roles
- audit roles
Implement Azure AD Privileged Identity Management (PIM)
- plan for Azure PIM
- assign eligibility and activate admin roles
- manage Azure PIM role requests and assignments
- monitor PIM history and alerts
Implement Azure AD Identity Protection
- implement user risk policy
- implement sign-in risk policy
- configure Identity Protection alerts
- review and respond to risk events
Implement and manage threat protection (20-25%)
Implement an enterprise hybrid threat protection solution
- plan an Microsoft Defender for Identity solution
- install and configure Microsoft Defender for Identity
- monitor and manage Microsoft Defender for Identity
Implement device threat protection
- plan a Microsoft Defender for Endpoint solution
- implement Microsoft Defender for Endpoint
- manage and monitor Microsoft Defender for Endpoint
Implement and manage device and application protection
- plan for device and application protection
- configure and manage Windows Defender Application Guard
- configure and manage Windows Defender Application Control
- configure and manage exploit protection
- configure Secure Boot
- configure and manage Windows device encryption
- configure and manage non-Windows device encryption
- plan for securing applications data on devices
- implement application protection policies
Implement and manage Microsoft Defender for Office 365
- configure Microsoft Defender for Office 365
- monitor Microsoft Defender for Office 365
- conduct simulated attacks using Attack Simulator
Implement Azure Sentinel for Microsoft 365
- plan and implement Azure Sentinel
- configure playbooks in Azure Sentinel
- manage and monitor Azure Sentinel
- respond to threats in Azure Sentinel
Implement and manage information protection (15-20%)
Secure data access within Office 365
- implement and manage Customer Lockbox
- configure data access in Office 365 collaboration workloads
- configure B2B sharing for external users
Manage sensitivity labels
- plan an sensitivity labels solution
- configure Sensitivity labels and policies
- configure sensitivity labels and policies
- configure and use label analytics
- use sensitivity labels with Teams, SharePoint, OneDrive and Office apps
Manage Data Loss Prevention (DLP)
- plan a DLP solution
- create and manage DLP policies
- create and manage sensitive information types
- monitor DLP reports
- manage DLP notifications
Implement and manage Microsoft Cloud App Security
- plan Cloud App Security implementation
- configure Microsoft Cloud App Security
- manage cloud app discovery
- manage entries in the Cloud app catalog
- manage apps in Cloud App Security
- manage Microsoft Cloud App Security
- configure Cloud App Security connectors and Oauth apps
- configure Cloud App Security policies and templates
- review, interpret and respond to Cloud App Security alerts, reports, dashboards and logs
Manage governance and compliance features in Microsoft 365 (25-30%)
Configure and analyze security reporting
- monitor and manage device security status using Microsoft Endpoint Manager Admin Center
- manage and monitor security reports and dashboards using Microsoft 365 Security Center
- plan for custom security reporting with Graph Security API
- use secure score dashboards to review actions and recommendations
- configure alert policies
Manage and analyze audit logs and reports
- plan for auditing and reporting
- perform audit log search
- review and interpret compliance reports and dashboards
- configure audit alert policy
Manage data governance and retention
- plan for data governance and retention
- review and interpret data governance reports and dashboards
- configure retention policies
- define data governance event types
- define and manage communication compliance policies
- configure Information holds
- find and recover deleted Office 365 data
- configure data archiving
- manage inactive mailboxes
Manage search and investigation
- plan for content search and eDiscovery
- search for personal data
- monitor for leaks of personal data
- delegate permissions to use search and discovery tools
- use search and investigation tools to perform content searches
- export content search results
- manage eDiscovery cases
Manage data privacy regulation compliance
- plan for regulatory compliance in Microsoft 365
- review and interpret GDPR dashboards and reports
- manage Data Subject Requests (DSRs)
- administer Compliance Manager in Microsoft 365 compliance center
- review Compliance Manager reports
- create and perform Compliance Manager assessments and action items
For the latest updates to exam prep guides please check https://intunedin.net/exams
intunedin.net 
Hi Mark. Thanks for sharing the update. Can you please also suggest if the exam includes any hands-on lab or only multiple choice questions? I can’t find the relevant info on MS site.
LikeLike
At this stage there hasn’t been any feedback on this one having labs in it recently. Labs are slowly being reintroduced into some of the exams, so I would recommend going in with an expectation that exams could be in, but most likely aren’t. The only real difference it should make is how long it takes to complete the exam, the labs don’t really (in my view) have an impact on exam difficulty, just that it extends the time you spend completing the exam.
LikeLike
Thank you for the good work as it’s helping me to get prepared for the exam however i would like to know how deep should i know powershell to be able to pass the exam?
LikeLike
A basic understanding of PowerShell syntax goes a long way, it’s usually more useful than trying to learn all the cmdlets and switches because a core understanding helps to eliminate answers that cannot be correct. Overall the number of scripting questions is quite low, so it’s not something that should have too much impact overall.
LikeLiked by 1 person
Hi Mark. Thanks for your inputs. Can you please also suggest a Video training course for this certification?
LikeLike
HI Vivek – I haven’t looked at any of them for a while, the thing to watch out for is when it was created or updated. The other challenge I’ve seen with some of the broader M365 exams is that the content might be quite good on a particular set of topics eg O365, but the same level of quality isn’t there for AAD, Intune, Windows etc. That’s why I tend to rely on the docs content as it’s updated as needed. Probably the best overall video content would be youtube channels like Microsoft Mechanics.
LikeLike
Thanks,Mark for your quick response and guidance.
LikeLike