Table of Contents

This Certification Exam Prep Article is designed for people experienced with Microsoft 365 who are interested in certification. Specifically, attendees will learn more about the recently announced Microsoft 365 Mobility and Security MS-101 exam that is part of the new Microsoft 365 Enterprise Administrator certification. You will learn about how to approach studying for this new job role and being successful in your exam endeavors. Readers of this article can expect to review the topics covered in the certification exams in a fast-paced format. Attendees will understand how Microsoft certification works, what are the key topics covered in the exams, and an exhaustive look at resources for getting ready for the exam.
I’d say go to since most of this is so new, all the info is update to date on docs.

however, I tried to highlight all exam aspects into sub-categories with direct reference to its documents

Microsoft 365 E5 Trial:
Microsoft Cloud App Security:

Implement Modern Device Services (30-35%)

Implement Mobile Device Management (MDM)

o Plan for MDM
o Configure MDM integration with Azure AD
o Set an MDM authority
o Set device enrollment limit for users

Manage device compliance

o Plan for device Compliance
o Design Conditional Access Policies
o Create Conditional Access Policies
o Configure device compliance policy
o Manage Conditional Access Policies

Plan for devices and apps

o Create and configure Microsoft Store for Business
o Plan app deployment
o Plan device co-management
o Plan device monitoring
o Plan for device profiles
o Plan for Mobile Application Management
o Plan mobile device security

Plan Windows 10 deployment

o Plan for Windows as a Service (WaaS)
o Plan the appropriate Windows 10 Enterprise deployment method
o Analyze upgrade readiness for Windows 10
o Evaluate and deploy additional Windows 10 Enterprise security features

Implement Microsoft 365 Security and Threat Management (30-35%)

Implement Cloud App Security (CAS)

o Configure Cloud App Security (CAS)
o Configure Cloud App Security (CAS) policies
o Configure Connected apps
o Design cloud app security (CAS) Solution
o Manage Cloud App Security (CAS) alerts
o Upload cloud app security (CAS) traffic logs

Implement threat management

o Plan a threat management solution
o Design Azure Advanced Threat Protection (ATP) Policies
o Design Microsoft 365 ATP Policies
o Configure Azure ATP Policies
o Configure Microsoft 365 ATP Policies
o Monitor Advanced Threat Analytics (ATA) incidents

Implement Windows Defender Advanced Threat Protection (ATP)

o Plan Windows Defender ATP Solution
o Configure preferences
o Implement Windows Defender ATP Policies
o Enable and configure security features of Windows 10 Enterprise

Manage security reports and alerts

o Manage service assurance dashboard
o Manage tracing and reporting on Azure AD Identity Protection
o Configure and manage Microsoft 365 security alerts
o Configure and manage Azure Identity Protection dashboard and alerts

Manage Microsoft 365 Governance and Compliance (35-40%)

Configure Data Loss Prevention (DLP)

o Configure DLP Policies
o Design data retention policies in Microsoft 365
o Manage DLP exceptions
o Monitor DLP policy matches
o Manage DLP policy matches

Implement Azure Information Protection (AIP)

o Plan AIP solution
o Plan for deployment On-Prem rights management Connector
o Plan for Windows information Protection (WIP) implementation
o Plan for classification labeling
o Configure Information Rights Management (IRM) for Workloads
o Configure Super User
o Deploy AIP Clients
o Implement Azure Information Protection policies
o Implement AIP tenant key

Manage data governance

o Configure information retention
o Plan for Microsoft 365 backup
o Plan for restoring deleted content
o Plan information Retention Policies

Manage auditing

o Configure audit log retention
o Configure audit policy
o Monitor Unified Audit Logs

Manage eDiscovery

o Search content by using Security and Compliance Center
o Plan for in-place and legal hold
o Configure eDiscovery

MS-101 Exam Tips and Tricks

It’s OK to go back to earlier questions and change answers but not case-study answers. It’s OK to change answers within a particular case study, but once it is completed there’s no going back.
The questions are straight-forward and not designed to be tricky. There could be more than one correct answer. Don’t read too much into a question trying to psyche out what the exam writers were trying to do to trick you; that’s not the case. So for the PowerShell command question above, the exam wouldn’t provide purposely misspelled commands as possible answers.
All the questions follow the same format. They all start with a common business problem. For example the candidate has an Office 365 subscription and plans to deploy a SharePoint solution, and that’s it. Then comes the goal statement, which always starts with the same three words: “you need to” followed by details of that goal. Correct answers directly answer the need-to.


Microsoft MVP & MCT | Azure Service Delivery Lead with over 12 years of experience in Microsoft solutions and Professional services, Leading the Azure team to help our customers to build successful Azure practices, Blogger, Speaker, and Community leader. Focus on Azure, Cloud Security, Modern Workspace, AVD, Infrastructure as Code, Endpoint Management, Office 365, EMS.