Earlier this month MS-102 was announced as the replacement for the MS-100 and MS-101 exams, reducing the number of exams required to attain the Microsoft 365 Certified: Enterprise Administrator Expert certification by one. Unlike the MD-102 exam which similarly replaces the MD-100 and MD-101 exams by mostly including MD-101 topics, MS-102 is fairly balanced in terms of balancing content from the two previous.

Let’s start off with major items in MS-100 that didn’t make their way into MS-102. The first section that didn’t survive is the Plan identity synchronization section. My prediction here is even though it’s not listed in the new exams, I’m going to assume that many of the topics will still be covered by the topics in Implement and manage identity synchronization with Azure AD. What does this mean in terms of exam preparation? Make sure you look at the removed section, as I think it might just fall into the category of assumed skills you should have for this exam that don’t need to be specifically mentioned.

Also falling by the wayside is Plan and implement application access. There are two main reasons why I can think of as to why this isn’t part of MS-102. The first is that while you could argue that this is mostly covering Azure AD functionality, therefore it could be in a Microsoft 365 exam, you could also argue that maybe it starts to get a little bit too identity admin specifc, or even starting to lean heavily on skills that an Azure app admin would have. The other though is that the topics are already covered in other exams such as SC-300 and AZ-500, for example. That doesn’t quite explain the removal of Microsoft Defender for Cloud Apps objective, but I’ll get back to that in the MS-101 conversation in a few paragraphs.

Up next we have an entire section being removed – Plan Microsoft 365 workloads and applications. This includes Plan and implement Microsoft 365 Apps deployment, Plan and implement Exchange Online deployments and Plan and implement Microsoft SharePoint Online, OneDrive, and Microsoft Teams. Overall I’m very happy with these items being removed, let me explain why. Microsoft 365 apps deployment is going to be covered in MD-102, so there’s less overlap. The others, which I’ll summarize as the Office 365 workloads, are things that I didn’t think should have been as much of a focus in MS-100.

My reasoning is that even though there was a small amount of Office 365 in the original version of this exam when it was released four years ago, it continued to expand and started shifting the exam to include way too much of it, and I preferred the identity heavy focus of the exam as it originally existed. There are already three Teams exams, two Exchange exams and a SharePoint exam, so it wasn’t like people couldn’t prove those skills elsewhere. I should also disclose that I’m much more passionate about non-productivity components of Microsoft 365, so I am quite biased.

Let’s move on to the casualties of MS-101 in the brave new world of MS-102. Once again we have entire section being retired – Plan and implement device services. This section includes Plan and implement device management by using Microsoft Endpoint Manager, Plan and implement device security and compliance by using Microsoft Endpoint Manager, Deploy and manage applications by using Microsoft Endpoint Manager, Plan for Windows client deployment and management and Plan and implement device enrollment. MS-101 has “Devices” in its name, so there obviously had to be Intune content, but now with the exam consolidations that are taking place, it’s easy to understand why all things Intune are now going only to be part of MD-102.

If we continue on to other items that aren’t moving forward from MS-101, we have Microsoft Defender for Cloud Apps. We saw this with MS-100 as well, so what can we interpret about the lack of Microsoft Defender for Cloud Apps in this exam? My best guess is based on Microsoft Defender for Identity not having been part of MS-101, they are focused on the Microsoft 365 Defender workloads that protect Microsoft 365 workloads directly rather than indirectly. Even though we can definitely argue that Microsoft Defender for Cloud Apps does provide additional protection to Microsoft 365, it’s not necssarily the same level of direct application of protection like we see with Defender for Office 365 and Defender for Endpoint. If only two of the Microsoft 365 Defender technologies could be included, I think the right choice has been made.

The two final culled objective areas are from the Manage Microsoft 365 compliance section, and they are Plan and implement information governance and Manage search and investigation. The big takeaway here is that if someone is focused on compliance, governance and/or information protection, then they should be looking at SC-400 instead. The retirement of MS-500 also supports this line of thinking.

This brings us to the final discussion before the exam resource section, should this change your exam plans? There are several ways we can approach this conversation, but let’s try to focus on it from a pure technology perspective. This means that other considerations such as the cost of multiple exams, the stress of multiple exams, differences in preparation time, existing certification deadlines for work etc. aren’t going to be part of this discussion. If these are things you want me to discuss, drop a comment below.

Exam weightings, strikethrough highlights either most of, or the entire objective domain doesn’t make it into MS-102.


  • Deploy and manage a Microsoft 365 tenant (15–20%)
  • Plan and manage user identity and roles (30–35%)
  • Manage access and authentication (20–25%)
  • Plan Microsoft 365 workloads and applications (20–25%)


  • Plan and implement device services (35–40%)
  • Manage security and threats by using Microsoft 365 Defender (25–30%)
  • Manage Microsoft 365 compliance (30–35%)


  • Deploy and manage a Microsoft 365 tenant (25–30%)
  • Implement and manage identity and access in Azure AD (25–30%)
  • Manage security and threats by using Microsoft 365 Defender (25–30%)
  • Manage compliance by using Microsoft Purview (15–20%)

If the areas that are being retired are for technologies that are your weaknesses, it might be a good idea to go straight to MS-102. What this suggests, based on the objectives that carry forward is that you are comfortable with much of the Microsoft 365 security stack.

The opposite also applies – if the retiring objectives are your strengths, it makes more sense to do the current exams instead of waiting. Where this is most easily explainable is if we look at MS-101 removing all the device related content. If Intune is your strength, and your skills in the other two secions are average to good, you have a pretty chance of passing that exam because the device section is 40% of the exam.

Applying the same logic to MS-100, if your Microsoft 365 skills are mostly based on your exposure to Office 365 productivity workloads, it might be a good idea to do this exam. Even though the Office 365 section weighting is only 20-25%, your Office 365 skills should help you substantially in other parts of the exam. Just make sure that if you only with Office 365 environments with no additional AAD Premium licensing, that you spend time getting up to speed with the relevant Azure AD Premium P1 and P2 features.

Deploy and manage a Microsoft 365 tenant (25–30%)

Implement and manage a Microsoft 365 tenant

Manage users and groups

Manage roles in Microsoft 365

Implement and manage identity and access in Azure AD (25–30%)

Implement and manage identity synchronization with Azure AD

Implement and manage authentication

Implement and manage secure access

Manage security and threats by using Microsoft 365 Defender (25– 30%)

Manage security reports and alerts by using the Microsoft 365 Defender portal

Implement and manage email and collaboration protection by using Microsoft Defender for Office 365

Implement and manage endpoint protection by using Microsoft Defender for Endpoint

Manage compliance by using Microsoft Purview (15–20%)

Implement Microsoft Purview information protection and data lifecycle management

Implement Microsoft Purview data loss prevention (DLP)