The key to preparation for MS-101: Microsoft 365 Mobility and Security exam is long term learning and sincerely understanding all the concepts. In order to learn more about MS-101: Microsoft 365 Mobility and Security exam, we’re going to provide you with a comprehensive study guide. But, first, we shall go over with the details of the examination so, that everything is understood.
The MS-101 certification exam by Microsoft is meant for Enterprise Administrators. These administrators are in charge of assessing, planning, moving, setting up, and looking after Microsoft 365 services. They handle important tasks related to Microsoft 365 for a business, like managing user identities, security, following rules, and the technologies that support it.
Who should take the exam?
- Candidates need to know how Microsoft 365 works and should have been an administrator for at least one part of it, like Exchange, SharePoint, Skype for Business, or Windows as a Service.
- They should also understand networking, server management, and basic IT stuff like DNS, Active Directory, and PowerShell.
Learning Objectives
The main aim of the Microsoft MS-101 exam is for candidates to get equipped with the following tasks:
The course outline for the Microsoft MS-101 exam was updated on November 2, 2022.
1. Plan and implement device services (35—40%)
1.1 Plan and implement device management by using Microsoft Endpoint Manager
- plan co-management between Endpoint Configuration Manager and Intune (Microsoft Documentation: co-management)
- plan and implement configuration profiles for Windows and MacOS clients (Microsoft Documentation: Create a device profile in Microsoft Intune)
- plan and implement configuration profiles for iOS and Android (Microsoft Documentation: Apply features and settings on your devices, Create a device profile in Microsoft Intune)
- review and respond to issues identified in Microsoft Endpoint Manager (Microsoft Documentation: Use Intune to remediate vulnerabilities)
1.2 Plan and implement device security and compliance by using Microsoft Endpoint Manager
- plan and implement device compliance (Microsoft Documentation: Use compliance policies to set rules)
- plan and implement for attack surface reduction (Microsoft Documentation: Configure attack surface reduction, Attack surface reduction)
- implement and manage security baselines (Microsoft Documentation: Use security baselines, Windows MDM security baseline)
- plan and configure conditional access policies for device compliance (Microsoft Documentation: Plan a Conditional Access deployment)
1.3 Deploy and manage applications by using Microsoft Endpoint Manager
- plan and implement application deployment (Microsoft Documentation: Create and deploy an application with Configuration Manager)
- publish public and private applications by using Microsoft Endpoint Manager (Microsoft Documentation: Getting started with Microsoft Endpoint Manager)
- plan and implement application protection policies (Microsoft Documentation: App protection policies overview)
- plan and implement application configuration policies
- monitor and troubleshoot application deployment (Microsoft Documentation: Deployment Monitoring Tool)
1.4 Plan for Windows client deployment and management
- choose Windows client deployment methods and tools based on requirements, including Windows Autopilot, USMT, Microsoft Deployment Toolkit, and Windows Deployment Services (Microsoft Documentation: Get started with MDT, Windows 10 deployment scenarios and tools)
- plan and implement Windows subscription-based activation (Microsoft Documentation: Windows 10/11 Subscription Activation)
- plan for Windows updates (Microsoft Documentation: Prepare servicing strategy for Windows client updates)
- plan and implement additional Windows client security features (Microsoft Documentation: Security baselines)
1.5 Plan and implement device enrollment
- plan and implement device join or hybrid join to Azure AD (Microsoft Documentation: Plan your hybrid Azure Active Directory join implementation)
- plan and implement device registration to Azure AD (Microsoft Documentation: Plan your Azure Active Directory device deployment)
- plan and implement manual and automated device enrollment into Intune (Microsoft Documentation: Set up enrollment for Windows devices)
2. Manage security and threats by using Microsoft 365 Defender (25— 30%)
2.1 Manage security reports and alerts by using the Microsoft 365 Defender portal
- review and respond to Microsoft 365 Secure Score (Microsoft Documentation: What is Microsoft Secure Score? Assess your security posture)
- review and respond to security alerts in Microsoft 365 Defender (Microsoft Documentation: Alerts in the Security & Compliance Center)
- review and respond to issues identified in security and compliance reports in Microsoft 365 Defender (Microsoft Documentation: Security dashboard in the Security & Compliance Center)
2.2 Plan, implement, and manage email and collaboration protection by using Microsoft Defender for Office 365
- plan and implement policies and rules in Microsoft Defender for Office 365 (Microsoft Documentation: Preset security policies in EOP and Microsoft Defender for Office 365)
- review and respond to issues identified in Microsoft Defender for Office 365, including threats, investigations, and campaigns (Microsoft Documentation: Investigate incidents in Microsoft 365 Defender, Review and manage remediation actions in Office 365)
- unblock users (Microsoft Documentation: Remove blocked users from the Restricted users portal in Microsoft 365)
2.3 Plan, implement, and manage endpoint protection by using Microsoft Defender for Endpoint
- plan Microsoft Defender for Endpoint (Microsoft Documentation: Microsoft Defender for Endpoint)
- onboard devices to Microsoft Defender for Endpoint (Microsoft Documentation: Onboard devices and configure Microsoft Defender for Endpoint capabilities)
- configure Microsoft Defender for Endpoint settings (Microsoft Documentation: Switch to Microsoft Defender for Endpoint – Phase 2)
- review and respond to endpoint vulnerabilities (Microsoft Documentation: Track and respond to emerging threats through threat analytics)
- review and respond to risks on devices (Microsoft Documentation: Review detected threats)
- review and respond to exposure score (Microsoft Documentation: Exposure score in Defender Vulnerability Management)
2.4 Plan, implement, and manage Microsoft Defender for Cloud Apps
- configure the application connector for Office 365 (Microsoft Documentation: set up a multifunction device or application)
- plan and configure Microsoft Defender for Cloud Apps policies (Microsoft Documentation: Get started with Microsoft Defender for Cloud Apps)
- review and respond to Microsoft Defender for Cloud Apps alerts (Microsoft Documentation: Manage alerts)
- review and respond to activity log (Microsoft Documentation: Azure Monitor activity log)
- configure Cloud App Discovery (Microsoft Documentation: Set up Cloud Discovery)
- review and respond to issues identified in Cloud App Discovery (Microsoft Documentation: new in Microsoft Defender for Cloud Apps)
3. Manage Microsoft 365 compliance (30—35%)
3.1 Plan and implement information governance
- plan and implement retention labels and label policies (Microsoft Documentation: Learn about retention policies and retention labels)
- recover deleted data in Exchange Online and SharePoint Online (Microsoft Documentation: Recover deleted messages in a user’s mailbox in Exchange Online)
- implement records management (Microsoft Documentation: Learn about records management)
3.2 Plan and implement information protection
- plan and implement data classification (Microsoft Documentation: Learn about data classification)
- plan and implement sensitivity labels and policies (Microsoft Documentation: Create and configure sensitivity labels and their policies)
- optimize label usage by using Content Explorer, Activity Explorer, and label reports (Microsoft Documentation: Get started with activity explorer)
3.3 Plan and implement data loss prevention (DLP)
- plan and implement DLP for workloads (Microsoft Documentation: Learn about data loss prevention)
- plan and implement Microsoft 365 Endpoint DLP (Microsoft Documentation: Get started with Endpoint data loss prevention)
- review and respond to DLP alerts, events, and reports (Microsoft Documentation: Configure and view alerts for data loss prevention polices)
3.4 Manage search and investigation
- configure auditing in Azure AD, including diagnostic settings(Microsoft Documentation: Integrate Azure AD logs with Azure Monitor logs)
- plan and configure audit retention policies for Microsoft 365 (Microsoft Documentation: Manage audit log retention policies)
- retrieve and interpret audit logs for workloads (Microsoft Documentation: Use audit logs to track and monitor events in Microsoft Intune)
- plan and configure eDiscovery and Advanced eDiscovery (Microsoft Documentation: Microsoft Purview eDiscovery solutions)
- specify a Content Search based on requirements (Microsoft Documentation: Create a content search)
Study Guide for Exam MS-101: Microsoft 365 Mobility and Security
Explaining everything about preparing for a certification exam would need more than one article. However, there are some important truths and resources that every candidate should know when getting ready for a certification exam. Now that we have all the information, let’s begin with the learning resources.
Learning Resource 1: Microsoft Documentation
Microsoft offers Microsoft documentation that contains different learning pages. You can grasp the basics of Microsoft Azure expert solutions and DevOps fundamentals by using Microsoft’s official documentation. This documentation provides in-depth information about various Azure services at different levels. It ensures that you stay up-to-date and learn about the latest Azure technologies directly from industry experts.
Learning Resource 2: Instructor Led Training
Microsoft provides you with both online as well as instructor-led training. These instructor-led training courses are basically on-demand classroom sessions that you can easily arrange anywhere and anytime according to your convenience. Taking Microsoft MS-101 training sessions gives you an advantage in the MS-101 exam. So, once you find a Microsoft training partner, you can visit their website to book your training sessions.
Learning Resource 3: Online Forums
Deciding to join a study group or forum is a personal choice, which means you don’t have to do it, but it’s available if you want. If you’re getting ready for the MS-101 exam, joining a study group or forum can boost your confidence. Online forums are a great choice because they connect you with others who are on the same journey. You can ask questions about topics you find hard or help other candidates.
Learning Resource 4: Books and Periodicals
Books are your oldest yet the most efficient medium to study from. They help you acquire knowledge in a clear and detailed manner. Furthermore, this helps you understand the basics of the exam topics. Also, you can find various books and periodicals on the market. So, we want you to which you can refer to the study for the exam. Following are the few Microsoft MS-101 course exam books which can support and guide your preparation process:
- First of all, Microsoft 365 Mobility And Security – Exam Ref Ms-101
- Secondly, Microsoft 365 Mobility And Security – Exam Guide Ms-101 by Nate Chamberlain
Learning Resource 5: Practice Tests
Your last and final step of preparation is Self-evaluation. Also, self-evaluation helps you find out your core strengths and weak spots. Remember to start with Microsoft MS-101 exam practice tests once you finish your whole syllabus. Practice tests will allow the candidate to encounter the real exam environment around them.
