MS-500: Microsoft 365 Security Administration

1. Initial Security Steps

• Create User accounts
• Secure User Accounts by:
• Implementing a zero-trust security model
• Be able to describe zero trust security concepts
• How does zero trust security apply to hosts inside the network
• How does zero trust security apply to hosts outside the network
• Implementing a password policy for authentication
• What is multifactor authentication
• How to implement multi-factor authentication for O365
• Identity and Access management in Azure
• What is the purpose of Identity and Access management?
• Enabling Azure Identity Protection
• Assign Roles / Configure Privileged Identity Management
• Configure Directory Roles
• Activate Privileged Identity Management Roles
• Configure PIM Resource workflows
• Pull up an audit history for AZURE AD roles in PIM

02. Manage Directory Synchronization

• Go in depth on authentication options for O365
• Directory Synchronization
• Explain what Directory Synchronization is
• Plan a scheme for Directory Synchronization
• Manage users and groups with directory synchronization
• AD Connect
• Be able to describe what AD connect is
• How to utilize Az AD connect
• Configure prerequisites
• Manage users
• Ability to describe what AD federation is and how it is used

03. Identity Access Management and RBAC

• Conditional Access as a tool to manage device access
• Be able to explain Conditional Access
• Be able to explain Conditional Access Policies
• Be able to configure Conditional Access
• Manage Device Access to the network
• Be able to configure Multifactor Authentication Pilot for specific apps
• Be able to configure Multifactor Authentication Conditional Access
• How does a host from an external network gain access?
• RBAC
• Explain Role Based Access Control
• Configure RBAC

04. Microsoft 365: Threats & Mitigation

• What techniques are used by attackers
• Via email
• To control resources
• Utilize Security Center to improve a Secure Score
• Describe the purpose of a Secure Score
• Describe the benefits of a Secure Score
• Detail secure score services
• Detail analysis of secure score services and how the helps threat mitigation
• How is secure score used to locate network security weaknesses?
• O365 ATP & Exchange Online Protection
• What protections do these services afford
• What threats are they set to avoid?

05. Microsoft 365 Exchange Online and ATP

• Be able to describe message protection via:
• Exchange Online Protection
• Anti-malware pipeline during email analysis
• Azure Advanced Threat Protection
• Be able to configure Azure ATP
• Windows Defender Advance Threat Protection
• Be able to configure Defender ATP
• Be able to implement ATP Policies
• How to manage safe attachments
• How to manage safe links

06. Mitigating Threats via Microsoft Threat Management

• Utilize the security dashboard & Azure Sentinel to mitigate threats
• Discuss Security Dashboards ability to give executives analytics
• On threats
• On trends
• How is azure Sentinel utilized in Microsoft 365?
• Advance Threat analytics
• What are the requirements for deployment?
• What is its function
• How to protect your tenant using threat explorer
• Investigating threats using threat explorer
• Be able to conduct simulated attacks
• Phishing
• Passwords

07. RM services & Encryption

• Describe Information Rights
• Why does it need to be managed?
• Being able to validate information rights management
• Message encryption
• What options exist for encryption for M365
• What options exist for encryption of O365
• How are these enabled
• How is S/MIME utilized
• What is its purpose
• How is it configured

08. How to mitigate Data loss

• What is data loss
• What is data loss prevention?
• How are policies utilized
• Be able to configure and implement DLP policies
• New rules
• Modify rules
• User Override a rule
• Manage policies
• Test MRM / DLP policies
• How are SharePoint Online properties created from documents

09. INFOSEC

• Implementing AZ and/or Windows Information Protection
• What is information protection?
• How is it configured in Azure?
• Configure labels
• Configure polices
• How is it configured in Windows?
• Planning deployments of policies
• Configure AIP settings for services

10. Security in the Cloud

• Be able to describe the function / purpose of Cloud App Security
• How is it deployed
• Enforcing control over apps with policies
• How it the Cloud App Catalogue used to increase Cloud App security
• Managing permissions
• How to interact with the Cloud Discovery dashboard

11. Archiving data related to Retention

• Archiving and Retaining Data in Exchange and SharePoint
• Be able to start the compliance process
• Set policies
• How do policies function
• Set retention tags
• How to configure a useful retention tag
• What makes a retention tag not useful?
• Describe data retention functions in Exchange and SharePoint
• Define in place Archive
• Configure in-place archiving
• Enable
• Disable
• Define Records management

12. Data Governance

• What is Data Governance
• What is the Compliance Manager?
• Plan requirements for compliance
• What capabilities does Compliance Manager provide
• What are Global Data Protection Regulations & Reading a report
• Considerations for DGPR implementation
• Managing DSR

13. Utilizing eDiscovery to search data

• What is eDiscovery software and what are its purposes/ uses
• Describe advance eDiscovery
• Steps of eDiscovery configuration
• Searches
• How is a search of content exported?
• Audits
• Purpose of an Audit
• What components make up the audit log
• How to use log data to investigate

14. Mobile Device Management

• Mobile device management
• Be able to enable device management
• Be able to configure the management of Devices with MDM
• Establish domains
• Configure domains
• Manage policies for security
• Enroll devices into an MDM system / Intune
• Configure roles for managers
• Mobile app management
• Configure Intune / MAM deployment
• Considerations for securing a deployment