Preparing for the MS-101 Microsoft 365 Mobility and Security Exam

In the last post I covered the MS-100 Identity and Services exam, and this time round it’s the MS-101 Mobility and Security exam. One of the big differences I see with this exam is that the overall scope is larger, and because it includes coverage of more of the Microsoft 365 Enterprise E5 technologies it’s not likely the type of thing that many test takers would have broad exposure to just yet. That doesn’t mean you can’t get some experience though.

While you can easily sign up for an Enterprise Mobility + Security E5 trial and an Office 365 Enterprise E5 trial, a Windows 10 Enterprise E5 trial is a little trickier. What you will need to do is request a trial if Windows Defender Advanced Threat Protection here,  and pair that with Windows 10 Enterprise as part of the Modern Desktop Deployment and Management Lab Kit on the Microsoft Evaluation Center. As I mentioned in the previous post, this currently weighs in at 26.5GB but it provides a huge amount of flexibility as far as testing and learning scenarios are concerned.

While I positioned the MS-100 exam as a worthy successor to the 70-346 exam, with elements of 70-347 rolled in, this exam is quite different. If someone approaches this as an updated Office 365 exam, they will struggle with large portions of the exam. While this exam does cover some of the security and compliance elements of 70-347, it goes much further, so be prepared.

Implement Modern Device Services (30-35%)

• Implement Mobile Device Management (MDM)
  • Plan for MDM
    • Planning guide
  • Configure MDM integration with Azure AD
    • What is device management in Azure AD?
    • Set up automatic enrollment
  • Set an MDM authority
    • Set the MDM authority
  • Set device enrollment limit for users
    • Restrictions
• Manage device compliance
  • Plan for device Compliance
    • Create a device compliance policy
  • Design Conditional Access Policies
    • Common ways to use conditional access
  • Create Conditional Access Policies
    • Create and assign conditional access policy
  • Configure device compliance policy
    • Get started with device compliance policies in Intune
  • Manage Conditional Access Policies
    • Monitor conditional access compliance
• Plan for devices and apps
  • Create and configure Microsoft Store for Business
    • Microsoft Store for Business and Microsoft Store for Education overview
  • Plan app deployment
    • Distribute apps with a management tool
    • Distribute apps using your private store
    • Assign apps to employees
  • Plan device co-management
    • Prepare Windows 10 devices for co-management
  • Plan device monitoring
    • Device management capabilities
  • Plan for device profiles
    • Assign profiles
  • Plan for Mobile Application Management
    • Compare MDM and MAM
  • Plan mobile device security
    • Protect device data
• Plan Windows 10 deployment
  • Plan for Windows as a Service (WaaS)
    • Overview of Windows as a service
  • Plan the appropriate Windows 10 Enterprise deployment method
    • Windows 10 deployment considerations
  • Analyze upgrade readiness for Windows 10
    • Get started with Upgrade Readiness
  • Evaluate and deploy additional Windows 10 Enterprise security features
    • Windows 10 Enterprise Security

Implement Microsoft 365 Security and Threat Management (30-35%)

• Implement Cloud App Security (CAS)
  • Configure Cloud App Security (CAS)
    • Basic set up
  • Configure Cloud App Security (CAS) policies
    • Control cloud apps with policies
  • Configure Connected apps
    • Connect apps
  • Design cloud app security (CAS) Solution
    • Compare MCAS and OCAS
  • Manage Cloud App Security (CAS) alerts
    • Manage alerts
  • Upload cloud app security (CAS) traffic logs
    • Configure automatic log upload for continuous reports
• Implement threat management
  • Plan a threat management solution
    • Protect against threats
  • Design Azure Advanced Threat Protection (ATP) Policies
    • Create your Azure ATP instance
  • Design Microsoft 365 ATP Policies
    • Create your Azure ATP instance
  • Configure Azure ATP Policies
    • Configure the Azure ATP sensor
  • Configure Microsoft 365 ATP Policies
    • Configure the Azure ATP sensor
  • Monitor Advanced Threat Analytics (ATA) incidents
    • ATA reports
• Implement Windows Defender Advanced Threat Protection (ATP)
  • Plan Windows Defender ATP Solution
    • Get started
  • Configure preferences
    • Configure and manage capabilities
    • Configure conditional access
    • Configure Microsoft Cloud App Security integration
  • Implement Windows Defender ATP Policies
    • Windows Defender ATP
  • Enable and configure security features of Windows 10 Enterprise
    • Configure attack surface reduction
    • Configure next generation protection
• Manage security reports and alerts
  • Manage service assurance dashboard
    • Service assurance in the Office 365 Security & Compliance Center
  • Manage tracing and reporting on Azure AD Identity Protection
    • What is Azure AD Identity Protection?
  • Configure and manage Microsoft 365 security alerts
    • Alerts in the Office 365 Security Compliance Center
  • Configure and manage Azure Identity Protection dashboard and alerts
    • Close active risk events

Manage Microsoft 365 Governance and Compliance (35-40%)

• Configure Data Loss Prevention (DLP)
  • Configure DLP Policies
    • Get started with DLP policy recommendations
  • Design data retention policies in Microsoft 365
    • Retention policies
  • Manage DLP exceptions
    • Create, test, and tune a DLP policy
  • Monitor DLP policy matches
    • View the DLP reports
  • Manage DLP policy matches
    • What the DLP functions look for
• Implement Azure Information Protection (AIP)
  • Plan AIP solution
    • Plan & Design
  • Plan for deployment On-Prem rights management Connector
    • Deploying the RMS connector
  • Plan for Windows information Protection (WIP) implementation
    • Configure Windows Information Protection settings
  • Plan for classification labeling
    • Quickstart: Configure a label for users to easily protect emails that contain sensitive information
  • Configure Information Rights Management (IRM) for Workloads
    • How applications support Azure Rights Management protection
  • Configure Super User
    • Configuring super users for discovery services or data recovery
  • Deploy AIP Clients
    • Azure Information Protection client
  • Implement Azure Information Protection policies
    • Configuring the Azure Information Protection policy
  • Implement AIP tenant key
    • Planning and implementing your tenant key
• Manage data governance
  • Configure information retention
    • Retention policies
  • Plan for Microsoft 365 backup
    • Back up data before switching plans
  • Plan for restoring deleted content
    • Restore items in the Recycle Bin of a SharePoint site
    • Restore deleted items from the Site collection recycle bin 
    • Manage inactive mailboxes
  • Plan information Retention Policies
    • Retention policies
• Manage auditing
  • Configure audit log retention
    • Turn audit log search on or off
  • Configure audit policy
    • Configure your Office 365 tenant for increased security
    • Enable mailbox auditing
  • Monitor Unified Audit Logs
    • Search the audit log in the Office 365 Security & Compliance Center
• Manage eDiscovery
  • Search content by using Security and Compliance Center
    • Use Content Search
  • Plan for in-place and legal hold
    • In-Place and Litigation Holds
    • Office 365 retention policies
    • eDiscovery cases
  • Configure eDiscovery
    • Create and manage eDiscovery cases
    • Assign eDiscovery permissions