Updated – 07/02/2024 – The MS-500 exam was retired by Microsoft on June 30, 2023. If you’re considering earning the Microsoft 365 Certified: Security Administrator Associate certification, we recommend that you consider one or more of the following certifications: Microsoft Certified: Security Operations Analyst Associate, Microsoft Certified: Identity and Access Administrator Associate, or Microsoft Certified: Information Protection Administrator Associate.
Are you preparing for the MS-500 Microsoft 365 Security Administrator Associate certification? This study guide will help you to prepare and pass the MS-500: Microsoft 365 Security Administration successfully.
In This Article
Microsoft is evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. At Ignite in September 2018, Microsoft announced new role-based certifications to help you and your career keep pace with today’s business requirements. They are evolving their learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities—you’ve earned. For more information about the new role-based certification, please check the following document to have a complete overview of the new Microsoft certification program.
After passing the Microsoft Azure Solutions Architect Expert exam, as well as the Azure Developer Associate exam, the Microsoft Azure Administrator certification, the Microsoft Azure Fundamentals certification, and finally the Microsoft Azure Security Engineer exam. I decided to go after the Microsoft 365 track to have a broad overview of how Microsoft Azure and Microsoft 365 (Office 365) complement each other.
As I started making the shift towards information security and data protection in my day-to-day job, I decided to sit for the Microsoft 365 Certified: Enterprise Administrator Expert exam focusing on managing security for both Microsoft 365 and Azure technologies.
To get the Microsoft 365 Certified: Enterprise Administrator Expert certification, you are required to pass two exams, the MS-100: Microsoft 365 Identity and Services and MS-101: Microsoft 365 Mobility and Security, as well as one of the following 5 prerequisite exams:
- Option 1: Microsoft 365 Certified: Modern Desktop Administrator Associate
- Option 2: Microsoft 365 Certified: Security Administrator Associate
- Option 3: Microsoft 365 Certified: Teamwork Administrator
- Option 4: Microsoft 365 Certified: Messaging Administrator Associate
- Option 5: MCSE Productivity
Here is the entire path for the Enterprise Administrator Expert certification:
I am so happy and grateful now that I passed the MS-500: Microsoft 365 Security Administrator Associate to become a Microsoft 365 Certified: Enterprise Administrator Expert, I figured that I would share my experience in this article to help you prepare and tackle the MS-500 exam successfully.
In this exam, I got around 44 questions in total with 2 case studies, and the total time for this exam was 150 minutes. The questions do pretty much match the list of skills measured below.
Updated on 03/08/2023 – For the renewal assessment, I got 25 questions in total without any case study.
The performance assessment is based on the following topics:
> Plan, implement and administer Conditional Access.
> Manage Azure AD Identity Protection.
> Query, visualize, and monitor data in Microsoft Sentinel.
> Implement app protection by using Microsoft Defender for Cloud Apps.
> Manage insider risk in Microsoft Purview.
MS-500 Exam Target Audience
Candidates for this exam implement, manage, and monitor security and compliance solutions for Microsoft 365 and hybrid environments. The Microsoft 365 Security Administrator proactively secures M365 enterprise environments, responds to threats, performs investigations, and enforces data governance. The Microsoft 365 Security Administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders, and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.
This exam is designed for candidates who are familiar with M365 workloads and have strong skills and experience with identity protection, information protection, threat protection, security management, and data governance. This role focuses on the M365 environment and includes hybrid environments.
If you are starting your journey with Microsoft 365, then I highly recommend studying and sitting for the MS-900 Exam: Microsoft 365 Certified Fundamentals.
Skills measured on this exam
This exam measures your ability to accomplish the technical topics listed below based on the latest update from Microsoft:
Implement and manage identity and access (30-35%)
- Secure Microsoft 365 hybrid environments
- Secure user accounts
- Implement authentication methods
- Implement conditional access
- Implement role-based access control (RBAC)
- Implement Azure AD Privileged Identity Management (PIM)
- Implement Azure AD Identity Protection
Implement and manage threat protection (20-25%)
- Implement an enterprise hybrid threat protection solution
- Implement device threat protection
- Implement and manage device and application protection
- Implement and manage Office 365 messaging protection
- Implement and manage Office 365 threat protection
Implement and manage information protection (15-20%)
- Secure data access within Office 365
- Manage Azure Information Protection (AIP)
- Manage Data Loss Prevention (DLP)
- Implement and manage Microsoft Cloud App Security
Manage governance and compliance features in Microsoft 365 (25-30%)
- Configure and analyze security reporting
- Manage and analyze audit logs and reports
- Configure Office 365 classification and labeling
- Manage data governance and retention
- Manage search and investigation
- Manage data privacy regulation compliance
Lessons Learned and Exam Preparation
Practice, practice, and read… I cannot stress enough that hands-on experience and understanding Microsoft 365 security concepts will help you to pass this exam.
At the time of this writing, You can place the order for the Exam Reference MS-500 Microsoft 365 Security Administration book released by Microsoft, or the new Exam Ref MS-500 Microsoft 365 Security Administration with Practice Test.
I highly recommend going through the following free Microsoft 365 security course from Microsoft to get you to prepare for this exam:
- Managing Microsoft 365 Identity and Access
- Here is a great overview of the latest Identity Infrastructure for Microsoft 365 Enterprise, which will help you to ramp up on the basics of identity to tackle all identity questions in the exam.
- Implementing Microsoft 365 Threat Protection
- Implementing Microsoft 365 Information Protection
- Administering Microsoft 365 Compliance
You can also watch the free Microsoft 365 Security videos provided by Microsoft to help you absorb the concepts to pass this exam.
If you want to validate your skills before taking the real exam, I highly encourage you to purchase the following course from udemy.com to practice and test your knowledge.
Last but not least, if you prefer an instructor-led training class, you can find a classroom from Microsoft Learning Partners here.
Bypassing the MS-500 Microsoft 365 Security Administration, you earn the Microsoft 365 Certified: Security Administrator Associate certificate.
And once you have passed the required exam MS-100 Microsoft 365 Identity and Services and MS-101 Microsoft 365 Mobility and Security, you are entitled to earn the Microsoft 365 Certified: Enterprise Administrator Expert level.
If you are planning to take the MS-500 exam… I wish you all the best and Happy Studying!!!
Thank you for reading my blog.
If you have any questions or feedback, please leave a comment.