Later this month MS-102 will receive a very minor update, following an update late last year that made some big changes, including a new section on Microsoft Defender for Cloud Apps, which I’ll focus on a bit more below. There were also been changes to the weightings of two sections of the exam, so let’s start off with that.
New weightings
Percentages in green are increases, percentages in red are decreases
- Deploy and manage a Microsoft 365 tenant (15–20%)
- Implement and manage Microsoft Entra identity and access (25–30%)
- Manage security and threats by using Microsoft Defender XDR (35–40%)
- Manage compliance by using Microsoft Purview (15–20%)
Old weightings
- Deploy and manage a Microsoft 365 tenant (25–30%)
- Implement and manage Microsoft Entra identity and access (25–30%)
- Manage security and threats by using Microsoft Defender XDR (25–30%)
- Manage compliance by using Microsoft Purview (15–20%)
As mentioned above, the major change was the inclusion of a new section for Microsoft Defender for Cloud Apps. Some of these overlap with what you might see in a few of the SC-x00 exams, as well as what you may have seen previously in MS-500 before it was retired. An important point to note here is that if you haven’t worked with Defender for Cloud Apps previously, you may be overwhelmed by the features it has, so it’s important to focus on what the exam covers, rather than spreading yourself too thin with other capabilities that it provides. Here is the list for this exam.
- Implement, and manage Microsoft Defender for Cloud Apps
- Configure the app connector for Microsoft 365
- Configure Microsoft Defender for Cloud Apps policies
- Review and respond to Microsoft Defender for Cloud Apps alerts
- Interpret activity log
- Configure Cloud App Discovery
- Review and respond to issues identified in Cloud App Discovery
In terms of other new additions, or items that have been mentioned explicitly versus alluded to, here is a summary
- Network connectivity insights
- Microsoft 365 backup (make sure you have a basic understanding of core Azure terminology)
- Shared mailboxes
- Entra custom roles
- MFA via Conditional Access policies
- Purview label usage monitoring
With all this preamble out of the way, let’s get into the latest resource guide.
Deploy and manage a Microsoft 365 tenant (15–20%)
Implement and manage a Microsoft 365 tenant
- Create a tenant
- Implement and manage domains
- Configure org settings, including Security & privacy and Organizational profile
- Identify and respond to service health issues
- Configure notifications in service health
- Configure and review Network connectivity insights
- Monitor adoption and usage
- Configure and manage Microsoft 365 Backup
Manage users and groups
- Create and manage users in Microsoft Entra, including external users and guests
- Create and manage contacts in the Microsoft 365 admin center
- Create and manage groups, including Microsoft 365 groups and shared mailboxes
- Manage and monitor Microsoft 365 licenses, including group-based licensing
- Perform bulk user management, including PowerShell
Manage roles and role groups
- Implement and manage built-in roles in Microsoft 365 and Microsoft Entra
- Implement and manage custom roles in Microsoft Entra admin center
- Manage role groups in Microsoft Defender XDR, Microsoft Purview, and Microsoft 365 workloads
- Manage delegation by using administrative units
- Manage roles in Microsoft Entra privileged identity management
Implement and manage Microsoft Entra identity and access (25–30%)
Implement and manage identity synchronization with Microsoft Entra tenant
- Prepare for identity synchronization by using IdFix
- Implement and manage directory synchronization by using Microsoft Entra Connect Sync or Microsoft Entra Cloud Sync
- Implement and manage directory synchronization by using Microsoft Entra Connect
- Monitor synchronization by using Microsoft Entra Connect Health
- Troubleshoot synchronization, including Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync
Implement and manage authentication
- Implement and manage authentication methods
- Implement and manage self-service password reset (SSPR)
- Implement and manage Microsoft Entra Password Protection
- Investigate and resolve authentication issues
Implement and manage secure access
- Plan for identity protection
- Implement and manage Microsoft Entra ID Protection
- Plan Conditional Access policies
- Implement and manage Conditional Access policies
- Implement and manage multi-factor authentication (MFA) by using conditional access policies
Manage security and threats by using Microsoft Defender XDR (35–40%)
Review and respond to security reports and alerts generated by Microsoft Defender XDR
- Review and take actions to improve the Microsoft Secure Score
- Review and respond to security incidents and alerts
- Review and respond to issues identified in security and compliance reports
- Review and respond to threats identified in threat analytics
Implement and manage email and collaboration protection by using Microsoft Defender for Office 365
- Implement policies and rules in Defender for Office 365
- Review and respond to threats identified in Defender for Office 365, including threats and investigations
- Create and run campaigns, such as attack simulation
- Unblock users
Implement and manage endpoint protection by using Microsoft Defender for Endpoint
- Onboard devices to Defender for Endpoint
- Configure endpoint settings
- Review and respond to endpoint vulnerabilities
- Review and respond to risks identified in the Microsoft Defender Vulnerability Management dashboard
Implement, and manage Microsoft Defender for Cloud Apps
- Configure the app connector for Microsoft 365
- Configure Microsoft Defender for Cloud Apps policies
- Review and respond to Microsoft Defender for Cloud Apps alerts
- Interpret activity log
- Configure Cloud App Discovery
- Review and respond to issues identified in Cloud App Discovery
Manage compliance by using Microsoft Purview (15–20%)
Implement Microsoft Purview information protection and data lifecycle management
- Implement and manage sensitive information types by using keywords, keyword lists, or regular expressions
- Implement retention labels, retention label policies, and retention policies
- Implement sensitivity labels and sensitivity label policies
- Monitor label usage by using Content explorer, Activity explorer, and label reports
Implement Microsoft Purview data loss prevention (DLP)
- Configure DLP policies for Exchange, SharePoint, OneDrive, and Teams
- Configure Endpoint DLP
- Review and respond to DLP alerts, events, and reports
intunedin.net 
Hey Mark,
Are you going to update this for the new version coming out on April 25th? Looks to be yet again more changes, more toward actual M365 tenant creation, but then a lot of “minor” changes listed which is always…intriguing.
LikeLike