MS-101: Microsoft 365 Mobility and Security

Plan, deploy and operate Office 365 services

Log in to Enroll

You have selected the Microsoft 365 Mobility and Security exam track.

Your track starts with the recommended online courses below, the goal is to pass the Microsoft Certified Professional exam at the end.

Summary

Who takes this course

IT professionals who are interested in evaluating, planning, deploying, and operating Office 365 services, including dependent and supporting technologies

Difficulty

Intermediate

Assessment

After the online courses your assessment score will be used to create a learning plan for the MOC on Demand course.

Certification

MS-101 Microsoft 365 Mobility and Security

Completion time

4 days

Curriculum

Microsoft 365 Security Management

Summary

Length
1 day
Level
Intermediate
Language
English

About this course

Microsoft 365 Security Management focuses on how to manage your security metrics, how to enable Azure AD Identity Protection, how to configure your Microsoft 365 security services, and user Microsoft 365 Threat Intelligence. The course begins by examining how to manage your security metrics. This begins by building a foundational understanding of the threat landscape that faces organizations today. The course introduces you to phishing, spoofing, spam and malware, account breaches, elevation of privileges, data exfiltration, data deletion, data spillage, and more. You will then be introduced to various security solutions that can address these threats, including Exchange Online Protection, Microsoft 365 Advanced Threat Protection, Microsoft 365 Threat Intelligence, and Advanced Security Management. The course then takes a deep dive into Azure AD Identity Protection, including how to enable it, how to configure it to detect vulnerabilities and risk events, and how to plan your investigation.

The course then conducts a detailed analysis of these solutions, starting with Exchange Online Protection (EOP). You will learn how EOP enables you to configure the anti-malware pipeline in Microsoft 365, as well as phishing and spoofing protection, zero-hour purge, and spoofing intelligence. The course then transitions to Advanced Threat Protection (ATP), where it examines how ATP expands on the protections provided by Exchange Online Protection by using its Safe Attachments and Safe Links features. The course then identifies a variety of reports that are available to monitor your security status.

The course concludes with an extensive examination of Microsoft 365 Threat Intelligence. Since Microsoft 365 hosts one of the largest networks in the world and manages content created on millions of devices, Microsoft has been able to build a vast repository of threat intelligence data, as well as the systems needed to spot patterns that correspond to attack behaviors and suspicious activity. Microsoft 365 Threat Intelligence is a collection of these insights, which can help organizations proactively find and eliminate threats. As such, the course examines how to plan for and implement Microsoft 365 Threat Intelligence. This includes using the Microsoft Intelligence Security Graph, the Security Dashboard, Threat Explorer, and Advanced Threat Analytics.

What you’ll learn

  • Manage Security Metrics
  • Implement security solutions in Microsoft 365
  • Plan and configure Azure AD identity protection
  • Implement Microsoft Secure Score
  • Implement Exchange Online Protection
  • Implement Advanced Threat Protection
  • Manage Safe Attachments and Safe Links
  • Implement Microsoft 365 Threat Intelligence
  • Use the Microsoft 365 Security Dashboard
  • Configure Advanced Threat Analytics
  • Implement cloud application security

Prerequisites

  • This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 work load administrator certification paths.
Microsoft 365 Compliance Management

Summary

Length
2 days
Level
Intermediate
Language
English

About this course

This course teaches IT Professional how to use Azure Active Directory (AD) to provide employees and customers with a multi-tenant cloud-based directory and identity management system. Students will learn the differences between Azure AD and Active Directory Domain Services (AD DS), as well the differences in functionality offered by the different editions of Azure AD. Students also learn how to configure self-service password reset, or to use the option of password writeback to reset user passwords regardless of their location. Students are then introduced to Azure AD Identity Protection and learn how they can use it to protect their organizations from compromised accounts, identity attacks, and configuration issues. Students also learn how to integrate Azure AD with the many Software as a Service (SaaS) applications that are used, in order to secure user access to those applications.

Next, the concepts of Azure domains and tenants, and users and groups are explained, and students learn how to work with the various Azure AD objects. Students are introduced to Azure role-based access control to be able to provide a more granular access based on the principle of least privilege. An administrator, or user, can do exactly the task they need to accomplish; no more, no less. Students also learn how to work with Azure joined devices and Hybrid AD joined devices, enabling their users to be productive wherever and whenever – but ensuring that corporate assets are protected and that devices meet security and compliance standards.

Students learn how to use Azure AD Connect to integrate their on-premises directories with Azure AD, providing a common identity for their users of Office 365, Azure, and SaaS applications integrated with Azure AD. Lastly, students also learn how to use Azure AD Application Proxy to be able to provide their users with remote access to web application that are published on-premises, such as SharePoint sites, Outlook Web Access, or any other line of business (LOB) applications the organization has.

What you’ll learn

  • How to create and configure user, group, and computer accounts
  • How to implement Group Policy Objects to enforce standard
  • Understand Data Governance in Microsoft 365, including:
    • Archiving
    • Retention
    • Information Rights Management
    • Secure Multipurpose Internet Mail Extension (S/MIME)
    • Office 365 Message Encryption
    • Data Loss Prevention
  • Implement In-Place Records Management in SharePoint
  • Implement archiving and retention in Exchange
  • Create retention policies in the Security and Compliance Center
  • Plan their security and compliance needs
  • Build ethical walls in Exchange Online
  • Create a DLP Policy from a built-in template
  • Create a custom DLP policy
  • Create a DLP policy to protect documents
  • Implement policy tips
  • Manage retention in email
  • Troubleshoot data governance
  • Implement information protection
  • Implement Advanced Implementation Protection
  • Understand Windows Information Protections
  • Search for content in the Security and Compliance Center
  • Audit log investigations
  • Manage advanced eDiscovery

Prerequisites

  • This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 work load administrator certification paths.
Microsoft 365 Device Management

Summary

Length
1 day
Level
Intermediate
Language
English

About this course

Microsoft 365 Device Management focuses on how to establish Microsoft Intune, enroll devices to Intune, monitor the devices, and control what users can do from the enrolled devices by using conditional access policies. If you are already managing devices by using a traditional device management tool such as Configuration Manager, you will be interested to know how you can seamlessly move to modern management, in which devices are managed by Intune, and how you can benefit from new device management capabilities, such as compliance, conditional access, and Windows Autopilot to deploy new devices from the cloud.

The course begins by examining how to move from traditional management, where devices are managed by Configuration Manager, to modern management, where you can benefit from new capabilities such as device compliance and conditional access. This journey can begin by enabling co-management, which you can do in your current environment by adding Intune as an additional device management option. You can then move management of some Windows 10 devices to Intune, while all other devices remain managed by Configuration Manager. After you get confidence and experience with the benefits of modern management, you will probably want to move the management of your other devices to Intune as well.

The course then examines how you can monitor Windows 10 devices by using Windows Analytics. You will better understand the differences between quality updates and feature updates, as well as the Windows as a Service (WaaS) model, and when you must upgrade Windows 10 to a newer version to be supported by Microsoft. Although traditional, image-based deployment is still supported with Windows 10, many organizations will start exploring dynamic deployment and modern deployment options, such as Windows Autopilot.

The course concludes with an examination of how to implement Mobile Device Management (MDM). With Microsoft 365 you have two Mobile Device Management options: Intune and MDM for Office 365. You will learn how to perform an initial configuration of Intune so that it can manage Windows 10 and Android devices, as well as the additional preparation steps that are required for iOS devices. As Intune can manage only enrolled devices, you will learn how to enroll different device types. You will also learn also how to define a company baseline and use Intune to monitor device compliance against the baseline.

What you’ll learn

  • Plan your organization for Co-management
  • Prepare your Windows 10 devices for Co-management
  • Transition from Configuration Manager to Intune
  • Configure Microsoft Store for Business
  • Plan for Mobile Application Management
  • Plan your Windows 10 deployment strategy
  • Plan your Windows 10 subscription activation strategy
  • Resolve Windows 10 upgrade errors
  • Implement Windows 10 Analytics
  • Deploy Mobile Device Management
  • Manage devices with Mobile Device Management
  • Enroll devices to Mobile Device Management
  • Manage device compliance

Prerequisites

  • This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 work load administrator certification paths.

Need help?

If you have questions about our courses, check our FAQs or get in touch with us here.