MS-102 just received a minor update to reflect recent name changes of some of the technologies it includes due to the announcement of Entra ID, along with the previous Entra changes that occurred..

Last year MS-100 and MS-101 were retired in favor of MS-102, reducing the number of exams required to earn the Microsoft 365 Certified: Administrator Expert certification by one. Unlike the MD-102 exam which similarly replaces the MD-100 and MD-101 exams by mostly including MD-101 topics, MS-102 is fairly balanced in terms of balancing content from the two previous exams.

Let’s start off with major items in MS-100 that didn’t make their way into MS-102. The first section that didn’t survive is the Plan identity synchronization section. My prediction here is even though it’s not listed in the new exams, I’m going to assume that many of the topics will still be covered by the topics in Implement and manage identity synchronization with Microsoft Entra ID. What does this mean in terms of exam preparation? Make sure you look at the removed section, as I think it might just fall into the category of assumed skills you should have for this exam that don’t need to be specifically mentioned.

Also falling by the wayside is Plan and implement application access. There are two main reasons why I can think of as to why this isn’t part of MS-102. The first is that while you could argue that this is mostly covering Entra functionality, therefore it could be in a Microsoft 365 exam, you could also argue that maybe it starts to get a little bit too identity admin specifc, or even starting to lean heavily on skills that an Entra app admin would have. The other though is that the topics are already covered in other exams such as SC-300 and AZ-500, for example. That doesn’t quite explain the removal of Microsoft Defender for Cloud Apps objective, but I’ll get back to that in the MS-101 conversation in a few paragraphs.

Up next we have an entire section being removed – Plan Microsoft 365 workloads and applications. This includes Plan and implement Microsoft 365 Apps deployment, Plan and implement Exchange Online deployments and Plan and implement Microsoft SharePoint Online, OneDrive, and Microsoft Teams. Overall I’m very happy with these items being removed, let me explain why. Microsoft 365 apps deployment is going to be covered in MD-102, so there’s less overlap. The others, which I’ll summarize as the Office 365 workloads, are things that I didn’t think should have been as much of a focus in MS-100.

My reasoning is that even though there was a small amount of Office 365 in the original version of this exam when it was released four years ago, it continued to expand and started shifting the exam to include way too much of it, and I preferred the identity heavy focus of the exam as it originally existed. There are already three Teams exams, two Exchange exams and a SharePoint exam, so it wasn’t like people couldn’t prove those skills elsewhere. I should also disclose that I’m much more passionate about non-productivity components of Microsoft 365, so I am quite biased.

Let’s move on to the casualties of MS-101 in the brave new world of MS-102. Once again we have entire section being retired – Plan and implement device services. This section includes Plan and implement device management by using Microsoft Endpoint Manager, Plan and implement device security and compliance by using Microsoft Endpoint Manager, Deploy and manage applications by using Microsoft Endpoint Manager, Plan for Windows client deployment and management and Plan and implement device enrollment. MS-101 has “Devices” in its name, so there obviously had to be Intune content, but now with the exam consolidations that are taking place, it’s easy to understand why all things Intune are now going only to be part of MD-102.

If we continue on to other items that aren’t moving forward from MS-101, we have Microsoft Defender for Cloud Apps. We saw this with MS-100 as well, so what can we interpret about the lack of Microsoft Defender for Cloud Apps in this exam? My best guess is based on Microsoft Defender for Identity not having been part of MS-101, they are focused on the Microsoft 365 Defender workloads that protect Microsoft 365 workloads directly rather than indirectly. Even though we can definitely argue that Microsoft Defender for Cloud Apps does provide additional protection to Microsoft 365, it’s not necssarily the same level of direct application of protection like we see with Defender for Office 365 and Defender for Endpoint. If only two of the Microsoft 365 Defender technologies could be included, I think the right choice has been made.

The two final culled objective areas are from the Manage Microsoft 365 compliance section, and they are Plan and implement information governance and Manage search and investigation. The big takeaway here is that if someone is focused on compliance, governance and/or information protection, then they should be looking at SC-400 instead. The retirement of MS-500 also supports this line of thinking. There is still Purview content though, so don’t miss that.

Deploy and manage a Microsoft 365 tenant (25–30%)

Implement and manage a Microsoft 365 tenant

Manage users and groups

Manage roles in Microsoft 365

Implement and manage Microsoft Entra identity and access (25–30%)

Implement and manage identity synchronization with Microsoft Entra tenant

Implement and manage authentication

Implement and manage secure access

Manage security and threats by using Microsoft 365 Defender (25– 30%)

Manage security reports and alerts by using the Microsoft 365 Defender portal

Implement and manage email and collaboration protection by using Microsoft Defender for Office 365

Implement and manage endpoint protection by using Microsoft Defender for Endpoint

Manage compliance by using Microsoft Purview (15–20%)

Implement Microsoft Purview information protection and data lifecycle management

Implement Microsoft Purview data loss prevention (DLP)