The Microsoft 365 Security Administration (MS-500) exam measures a candidate’s ability to secure Microsoft 365 enterprise and hybrid environments. The following is a general outline of the topics covered in the exam:
- Implement and manage identity and access (30-35%)
- Configure and manage Azure AD identity services
- Configure and manage authentication
- Configure and manage access to resources
- Implement and manage threat protection (20-25%)
- Implement and manage Microsoft Defender for Office 365
- Implement and manage Microsoft Defender for Identity
- Implement and manage Microsoft 365 Defender
- Implement and manage information protection (15-20%)
- Implement and manage sensitivity labels
- Configure and manage Data Loss Prevention (DLP)
- Configure and manage information protection solutions
- Manage governance and compliance features in Microsoft 365 (25-30%)
- Implement and manage compliance management
- Configure and manage records management
- Configure and manage audit and eDiscovery
- Manage security reports and alerts (5-10%)
- Monitor and manage security reports and dashboards
- Manage security alerts
It’s important to note that the actual content and percentage weight of each topic on the exam may vary, and Microsoft may update the exam content and objectives over time. Therefore, it’s recommended that candidates review the official Microsoft exam page for the most up-to-date information on the exam contents and objectives.
Prequisites
There are no strict prerequisites for taking the Microsoft 365 Security Administration (MS-500) exam. However, Microsoft recommends that candidates have some experience with Microsoft 365 workloads and a basic understanding of cybersecurity concepts and technologies.
In addition, candidates may benefit from having experience with the following technologies and concepts:
- Azure AD and identity management
- Microsoft Defender for Office 365 and Exchange Online Protection
- Microsoft Defender for Identity (formerly Azure Advanced Threat Protection)
- Microsoft 365 Defender (formerly Microsoft Threat Protection)
- Data Loss Prevention (DLP)
- Microsoft Cloud App Security
- Microsoft Intune
- Microsoft Endpoint Manager
It’s important to note that the MS-500 exam is designed for candidates who are already familiar with Microsoft 365 technologies and services. Candidates who are new to Microsoft 365 may benefit from taking other certification exams or training courses to gain the necessary foundational knowledge and skills before attempting the MS-500 exam.
