This month MS-100, MS-101 are both being updated, and MS-500 has just been updated. As I view these as a series of exams that you should have traditionally started with MS-100 before proceeding to the others, it makes sense to update this guide first. Why MS-100 first? It’s the gaps that preparation for this is exam are going to start to fill that are very closely related, if not identical to topics that you will see in MS-101 and MS-500.

Now, I know that many people chase MS-500 first because it’s a single exam that gives you a certification – Microsoft 365 Certified: Security Administrator Associate, but something I’ve seen happen way too many times is people failing this exam on topics that the other two exams would have more than prepared them for. However, with this update the MS-100 has really expanded the areas it can test you on, with much more of an emphasis on the Office 365 workloads and less overall on the pure Azure Active Directory side, and this is even reflected in the weightings.

So, what’s my current recommendation? If you have a good Office 365 and AAD base, start with this exam, and then MS-101 will start pulling in more Microsoft 365 security and compliance topics, and then MS-500 is going to be a natural third exam in this series. However, if you are already mostly focused on just the security and compliance capabilities of the workloads, without too much care or focus on the workloads themselves, then maybe MS-500 might be an easier first exam for you.

Design and implement Microsoft 365 services (25-30%)

Plan Architecture

Deploy Microsoft 365 tenant

Configure Microsoft 365 tenancy and subscription

Manage Microsoft 365 subscription and tenant health

Plan migration of users and data


Manage user identity and roles (25-30%)


Design identity strategy

Plan identity synchronization by using Azure AD Connect

Manage identity synchronization by using Azure Active Directory

Manage Azure AD identities

Manage roles

Manage access and authentication (15-20%)

Manage authentication

Plan and implement secure access

Configure application access

Plan Office 365 workloads and applications (25-30%)

Plan Microsoft 365 Apps deployment

Plan for messaging deployments

Plan for Microsoft SharePoint Online and OneDrive for Business

Plan for Microsoft Teams infrastructure

Plan Microsoft Power Platform integration