Table of Contents

MS-500 Microsoft 365 Security Administration Exam Preparation

I’ve recently joined a Facebook group for Microsoft cloud technologies and notice that many people are looking to take this exam (MS-500: Microsoft 365 Security Administration Certification) which has just passed and added a new badge to my Acclaim (Microsoft 365 Certified: Security Administrator Associate), while the original preparation guide available on the exam registration page (link) as well as my previous blog about (Microsoft 365 Fundamentals 4 hours Learning Path), I thought that I can add some more deep insights to target the core exam objectives that needed to be addressed. Below I’m sharing with you the preparation notes and the current objectives as of the time of posting exam, along with resources that should help you prepare.

However, for starters, I would recommend taking the fundamentals first. by considering MS-900 and MS-101 if you have the time, But if you haven’t – or you just decide to go for it, then better to give it a try by hands-on experiences on Microsoft E5 security bundle like (Windows Defender ATP, Office 365 ATPs, AIP & Unified Labeling, DLP, PIM, Intune or Cloud App Security just get your Microsoft E5 trial tenant using this (link) and get into the deep dive and technologies details


Domains Covered in MS-500 Exam 

This exam measures your ability to accomplish the following technical tasks:

  • Implement and manage identity and access (30-35%)
  • Implement and manage threat protection (20-25%)
  • Implement and manage information protection (15-20%)
  • Manage governance and compliance features in Microsoft 365 (25-30%)

Exam Core topics

URLTitleDescription
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#mfa-service-settingsConfigure Azure Multi-Factor Authentication – Azure Active DirectoryLearn how to configure settings for Azure Multi-Factor Authentication in the Azure portal
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-conditionLocation condition in Azure Active Directory Conditional AccessLearn how to use the location condition to control access to your cloud apps based on a user’s network location.
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portalHow to manage devices using the Azure portalLearn how to use the Azure portal to manage devices.
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writebackAzure AD Connect: Enabling device writebackThis document details how to enable device writeback using Azure AD Connect
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policyRisk policies – Azure Active Directory Identity ProtectionEnable and configure risk policies in Azure Active Directory Identity Protection
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-insSign-in activity reports in the Azure Active Directory portalIntroduction to sign-in activity reports in the Azure Active Directory portal
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-lifecycleSet expiration for Office 365 groups – Azure Active DirectoryHow to set up expiration for Office 365 groups in Azure Active Directory
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protectionConfigure an Azure Information Protection label for protection – AIPYou can protect your most sensitive documents and emails when you configure a label to use Rights Management protection.
https://docs.microsoft.com/en-us/azure/information-protection/preparePrepare users and groups for Azure Information ProtectionCheck that you have the user and group accounts that you need to start classifying, labeling, and protecting your organization’s documents and emails.
https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identitySecure your Azure AD identity infrastructure – Azure Active DirectoryThis document outlines a list of important actions administrators should implement to help them secure their organization using Azure AD capabilities
https://docs.microsoft.com/en-us/exchange/policy-and-compliance/ediscovery/ediscovery?view=exchserver-2019In-Place eDiscovery in Exchange ServerSummary: Learn about In-Place eDiscovery in Exchange Server 2016 and Exchange Server 2019.
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/apply-retention-policy#use-the-eac-to-apply-a-retention-policy-to-multiple-mailboxesApply a retention policy to mailboxesYou can use retention policies to group one or more retention tags and apply them to mailboxes to enforce message retention settings. A mailbox can’t have more than one retention policy.
https://docs.microsoft.com/en-us/exchange/security-and-compliance/messaging-records-management/create-a-retention-policy#step-2-create-a-retention-policyCreate a Retention PolicyIn Exchange Online, you can use retention policies to manage email lifecycle. Retention policies are applied by creating retention tags, adding them to a retention policy, and applying the policy to mailbox users.
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policyApp protection policies overview – Microsoft IntuneLearn how Microsoft Intune app protection policies help protect your company data and prevent data loss.
https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10#reporting-and-telemetryDevice restriction settings for Windows 10 in Microsoft Intune – AzureSee a list of all the settings and their descriptions for creating device restrictions on Windows 10 and later devices. Use these settings in a configuration profile to control screenshots, password requirements, kiosk settings, apps in the store, Microsoft Edge browser, Microsoft Defender, access to the cloud, start menu, and more in Microsoft Intune.
https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protectionUse Microsoft Defender ATP in Microsoft Intune – AzureUse Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) with Intune, including setup and configuration, onboarding of your Intune devices with ATP, and then use a devices ATP risk assessment with your Intune device compliance and conditional access policies to protect network resources.
https://docs.microsoft.com/en-us/mem/intune/protect/conditional-access-integrate-jamfIntegrate Jamf Pro with Microsoft Intune for compliance – Microsoft IntuneUse Microsoft Intune compliance policies with Azure Active Directory Conditional Access to help integrate and secure Jamf-managed devices.
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-windows-10Protection settings for Windows 10 devices in Microsoft Intune – AzureOn Windows 10 devices, use or configure endpoint protection settings to enable Microsoft Defender features, including Application Guard, Firewall, SmartScreen, encryption and BitLocker, Exploit Guard, Application Control, Security Center, and security on local devices in Microsoft Intune.
https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authentication?view=o365-worldwideSet up multi-factor authentication for users – Microsoft 365 adminLearn how to set up multi-factor authentication for your organization.
https://docs.microsoft.com/en-us/microsoft-365/compliance/supervision-policies?view=o365-worldwideSupervision policies – Microsoft 365 ComplianceLearn about using supervision policies in Microsoft 365 to capture employee communications for examination by designated reviewers.
https://docs.microsoft.com/en-us/microsoft-365/compliance/use-your-free-azure-ad-subscription-in-office-365?view=o365-worldwideUse your free Azure Active Directory subscription – Microsoft 365 ComplianceLearn how to access Azure Active Directory, which is included in your organization’s paid subscription.
https://docs.microsoft.com/en-us/microsoft-365/compliance/what-the-dlp-policy-templates-include?view=o365-worldwideWhat the DLP policy templates include – Microsoft 365 ComplianceData loss prevention (DLP) in the Security & Compliance Center includes ready-to-use policy templates that address common compliance requirements, such as helping you to protect sensitive information subject to the U.S. Health Insurance Act (HIPAA), U.S. Gramm-Leach-Bliley Act (GLBA), or U.S. Patriot Act. This topic lists all of the policy templates, what types of sensitive information they look for, and what the default conditions and actions are.
https://docs.microsoft.com/en-us/microsoft-365/compliance/working-with-compliance-manager?view=o365-worldwideWork with Microsoft Compliance Manager (Preview) – Microsoft 365 ComplianceMicrosoft Compliance Manager is a free workflow-based risk assessment tool. Use it to track, assign, and verify regulatory compliance activities related to Microsoft products.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwideAttack Simulator in ATP – Office 365Learn how to use Attack Simulator to run simulated phishing and password attacks in your Microsoft 365 E5 or ATP Plan 2 organization.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/dynamic-delivery-and-previewing?view=o365-worldwideDynamic Delivery and previewing with ATP Safe Attachments – Office 365When you set up your ATP safe attachments policies, you choose Dynamic Delivery to avoid message delays and enable people to preview attachments that are being scanned.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp?view=o365-worldwideIntegrate Office 365 ATP with Microsoft Defender ATP – Office 365Integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection to see more detailed threat management information.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/manage-quarantined-messages-and-files?view=o365-worldwideManage quarantined messages and files as an admin – Office 365Admins can learn how to view and manage quarantined messages for all users in Exchange Online Protection (EOP). Admins in organizations with Office 365 Advanced Threat Protection (Office 365 ATP) can also manage quarantined files in SharePoint Online, OneDrive for Business, and Microsoft Teams.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-worldwidePermissions – Microsoft 365 Security & Compliance Center – Office 365Admins can learn about the permissions that are available in the Microsoft 365 Security & Compliance Center.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-a-custom-blocked-urls-list-atp?view=o365-worldwideSet up a custom blocked URLs list using ATP Safe Links – Office 365Learn how to set up a list of blocked URLs for your organization using Office 365 Advanced Threat Protection.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-worldwideAnti-phishing policies – Office 365Admins can learn about the anti-phishing policies that are available in Exchange Online Protection (EOP) and Office 365 Advanced Threat Protection (Office 365 ATP).
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-atp-safe-links-policies?view=o365-worldwideSet up Office 365 ATP Safe Links policies – Office 365Set up Safe Links policies to protect your organization from malicious links in Word, Excel, PowerPoint, and Visio files, as well as in email messages.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/view-reports-for-atp?view=o365-worldwide#what-permissions-are-needed-to-view-the-atp-reportsView reports for Advanced Threat Protection – Office 365Find and use reports for Office 365 Advanced Threat Protection in the Security & Compliance Center.
https://docs.microsoft.com/en-us/office365/enterprise/fix-problems-with-directory-synchronizationFixing problems with directory synchronization for Microsoft 365Describes common causes of problems with directory synchronization in Office 365 and provides a few methods to help troubleshoot and resolve them.
https://docs.microsoft.com/en-us/office365/enterprise/view-service-healthHow to check Microsoft 365 service healthView the health status of Microsoft 365 services before you call support to see if there is an active service interruption.
https://docs.microsoft.com/en-us/onedrive/user-external-sharing-settingsChange the external sharing setting for a user’s OneDrive – OneDriveLearn how to change the OneDrive external sharing setting for a user in the Microsoft 365 admin center.
https://docs.microsoft.com/en-us/powershell/module/exchange/set-auditconfig?view=exchange-psSet-AuditConfigYou need to be assigned permissions in the Security & Compliance Center before you can use this cmdlet. For more information, see Permissions in the Security & Compliance Center.
https://docs.microsoft.com/en-us/powershell/module/exchange/set-mailbox?view=exchange-psSet-MailboxYou can use this cmdlet for one mailbox at a time. To perform bulk management, you can pipeline the output of various Get- cmdlets (for example, the Get-Mailbox or Get-User cmdlets) and configure several mailboxes in a single-line command. You can also use the Set-Mailbox cmdlet in scripts. You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they’re not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.
https://sharepointmaven.com/how-to-set-a-retention-policy-on-a-sharepoint-site/How to set a Retention Policy on a SharePoint site – SharePoint MavenIf you are looking for an explanation and instructions on how to set up a Retention Policy on a SharePoint site – this article will help.
https://support.microsoft.com/en-us/office/create-and-manage-sensitivity-labels-2fb96b54-7dd2-4f0c-ac8d-170790d4b8b9?ui=en-us&rs=en-us&ad=usCreate and manage sensitivity labels – Office SupportSensitivity labels allow you to classify and protect content that is sensitive to your business. Learn how to create a sensitivity label and make it available to your users.
https://support.microsoft.com/en-us/office/overview-of-data-loss-prevention-in-sharepoint-server-2016-80f907bb-b944-448d-b83d-8fec4abcc24c?ui=en-us&rs=en-us&ad=usOverview of data loss prevention in SharePoint Server 2016 – SharePointLearn how you can use data loss prevention (DLP) features such as DLP queries and DLP policies to identify, monitor, and automatically protect your sensitive information from inadvertent leaks.
https://support.microsoft.com/en-us/office/protect-against-phishing-attempts-in-microsoft-365-86c425e1-1686-430a-9151-f7176cce4f2c?ui=en-us&rs=en-us&ad=us#ID0EAABAAA=Try_itProtect against phishing attempts in Microsoft 365 – Office SupportProtect your email from phishing attacks by setting up ATP anti-phishing in Microsoft 365 Business and Enterprise.
https://support.pingidentity.com/s/article/PingOne-How-to-troubleshoot-an-AD-Connect-InstancePingOne: How to troubleshoot an AD Connect InstanceHelpful information for an Administrator that is troubleshooting AD Connect. Includes information on how to review the log data in Event Viewer and how to use the config.aspx page.
https://www.maadarani.com/office-365-classification-and-retention-labels/Office 365: Classification and Retention Labels – O365 Mike Office 365: Classification and Retention Labels – O365 Mike
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-advanced-audit-policyAzure Advanced Threat Protection Advanced Audit Policy checkThis article provides an overview of Azure ATP’s Advanced Audit Policy check.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/configure-event-forwardingConfigure Windows Event Forwarding in Azure Advanced Threat ProtectionDescribes your options for configuring Windows Event Forwarding with Azure ATP
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/configure-port-mirroringConfigure Port Mirroring when deploying Azure Advanced Threat ProtectionDescribes port mirroring options and how to configure them for Azure ATP
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5Configure Azure ATP sensor settings conceptualStep five of installing Azure ATP helps you configure settings for your Azure ATP standalone sensor.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step6-vpnInstall Azure Advanced Threat Protection VPN IntegrationCollect accounting information for Azure ATP by integrating a VPN.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/workspace-portalUnderstanding the Azure Advanced Threat Protection portalDescribes how to log into the Azure ATP portal and the components of the portal
https://docs.microsoft.com/en-us/cloud-app-security/activity-filtersVisibility into cloud app activities – Cloud App SecurityThis article provides a list of activities, filters and match parameters that can be applied to activity policies.
https://docs.microsoft.com/en-us/cloud-app-security/file-filtersUnderstanding file data and filters available in Cloud App SecurityThis reference article provides information about the types of files and file filters used by Cloud App Security.
https://docs.microsoft.com/en-us/cloud-app-security/session-policy-aadCreate session policies in Cloud App SecurityThis article describes the procedure for setting up a Cloud App Security Conditional Access App Control session policy gain deep visibility into user session activities and block downloads using reverse proxy capabilities.
https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exoPermissions in Exchange OnlineExchange Online in Office 365 includes a large set of predefined permissions, based on the Role Based Access Control (RBAC) permissions model, which you can use right away to easily grant permissions to your administrators and users. You can use the permissions features in Exchange Online so that you can get your new organization up and running quickly.
https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies?view=o365-worldwideAlert policies in the security and compliance centers – Microsoft 365 ComplianceCreate alert policies in the security and compliance center in Office 365 and Microsoft 365 to monitor potential threats, data loss, and permissions issues.
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-labels-to-personal-data-in-office-365?view=o365-worldwideApply labels to personal data – Microsoft 365 ComplianceLearn how to use Office labels as part of your General Data Protection Regulation (GDPR) protection plan.
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-worldwideApply a sensitivity label to content automatically – Microsoft 365 ComplianceWhen you create a sensitivity label, you can automatically assign a label to a document or email, or you can prompt users to select the label that you recommend.
https://docs.microsoft.com/en-us/microsoft-365/compliance/assign-ediscovery-permissions?view=o365-worldwideAssign eDiscovery permissions in the Security & Compliance Center – Microsoft 365 ComplianceAssign the permissions required to perform eDiscovery-related tasks using the Security & Compliance Center.
https://docs.microsoft.com/en-us/microsoft-365/compliance/content-search?view=o365-worldwideContent Search – Microsoft 365 ComplianceUse the Content Search tool in the compliance center in Office 365 or Microsoft 365 to search for content in a variety of Office 365 services.
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwideCreate activity alerts – Microsoft 365 ComplianceAdd and manage activity alerts in the Security & Compliance Center so that Microsoft 365 will send you email notifications when users perform specific activities
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-report-on-and-delete-multiple-content-searches?view=o365-worldwideCreate, report on, and delete multiple Content Searches – Microsoft 365 ComplianceLearn how to automate Content Search tasks like creating searches and running reports via PowerShell scripts in the Security & Compliance Center in Office 365.
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwideCreate, test, and tune a DLP policy – Microsoft 365 ComplianceIn this article, you’ll learn how to create, test, and tune a DLP policy according to your organizational needs.
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwideOverview of data loss prevention – Microsoft 365 ComplianceWith a data loss prevention (DLP) policy in the Security & Compliance Center, you can identify, monitor, and automatically protect sensitive information across Office 365.
https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-mailbox-auditing?view=o365-worldwideManage mailbox auditing – Microsoft 365 ComplianceMailbox audit logging is turned on by default (also called default mailbox auditing or mailbox auditing on by default). This means that certain actions performed by mailbox owners, delegates, and admins are automatically logged in a mailbox audit log, where you can search for activities performed on the mailbox.
https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenant?view=sharepoint-psSet-SPOTenantYou can use the Set-SPOTenant cmdlet to enable external services and to specify the versions in which site collections can be created. You can also use the Set-SPOSite cmdlet together with the Set-SPOTenant cmdlet to block access to a site in your organization and redirect traffic to another site. You must be a SharePoint Online administrator or Global Administrator to run the cmdlet.
https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devicesControl access from unmanaged devices – SharePoint in Microsoft 365Learn how to block or limit access to SharePoint and OneDrive content on devices that aren’t compliant or joined to a domain.
https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-offManage sharing settings – SharePoint in Microsoft 365Learn how global and SharePoint admins can change the organization-level sharing settings for SharePoint and OneDrive in Microsoft 365.
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/machine-groupsCreate and manage machine groups in Microsoft Defender ATP – Windows securityCreate machine groups and set automated remediation levels on them by confiring the rules that apply on the group
https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/ad-ca-vpn-connectivity-windows10Conditional access for VPN connectivity using Azure ADIn this optional step, you can fine-tune how authorized VPN users access your resources using Azure Active Directory (Azure AD) conditional access.
https://events.collab365.community/configure-data-loss-prevention-policies-in-exchange-online-in-office-365/Configure Data Loss Prevention policies in Exchange Online in Office 365 – Collab365 Events
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/privileged-identity-management/pim-how-to-change-default-settings.mdazure-docs/pim-how-to-change-default-settings.md at master · MicrosoftDocs/azure-docs · GitHubOpen source documentation of Microsoft Azure. Contribute to MicrosoftDocs/azure-docs development by creating an account on GitHub.
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/users-groups-roles/groups-dynamic-membership.mdazure-docs/groups-dynamic-membership.md at master · MicrosoftDocs/azure-docs · GitHubOpen source documentation of Microsoft Azure. Contribute to MicrosoftDocs/azure-docs development by creating an account on GitHub.
https://help.bittitan.com/hc/en-us/articles/115008104507-How-do-I-assign-the-elevated-admin-role-Organization-Management-to-the-account-that-is-performing-a-Public-Folder-migration-How do I assign the elevated admin role ‘Organization Management’ to the account that is performing a Public Folder migration? – BitTitan Help Center​How do I assign the elevated admin role ‘Organization Management’ to the administrative account that is performing a Public Folder…
https://lazyadmin.nl/office-365/how-to-setup-mfa-in-office-365/How-to Setup Multi-Factor Authentication in Office 365 — LazyAdminHowto enable Office 365 MFA, tips on rolling it out in your organisation and Office 365 MFA License details explained.
https://docs.microsoft.com/en-us/microsoft-365/compliance/export-search-results?view=o365-worldwideExport Content Search results – Microsoft 365 ComplianceExport the search results from a Content Search in the Security & Compliance Center to a local computer. Email results are exported as PST files. Content from SharePoint and OneDrive for Business sites are exported as native Office documents.
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-core-ediscovery?view=o365-worldwideGet started with core eDiscovery cases in Microsoft 365 – Microsoft 365 ComplianceThis article describes how to get started using core eDiscovery in Microsoft 365. After you assign eDiscovery permissions and create a case, you can add members, create eDiscovery holds, and then search for and export data that’s relevant to your investigation.
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-core-ediscovery?view=o365-worldwide#step-4-place-content-locations-on-holdGet started with core eDiscovery cases in Microsoft 365 – Microsoft 365 ComplianceThis article describes how to get started using core eDiscovery in Microsoft 365. After you assign eDiscovery permissions and create a case, you can add members, create eDiscovery holds, and then search for and export data that’s relevant to your investigation.
https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwideKeyword queries and search conditions for Content Search – Microsoft 365 ComplianceLearn about email and file properties that you can search in Exchange Online mailboxes and in SharePoint or OneDrive for Business sites using the Content Search tool in the Security & Compliance Center.
https://docs.microsoft.com/en-us/microsoft-365/compliance/labels?view=o365-worldwideLearn about retention labels – Microsoft 365 ComplianceLearn how retention labels classify data across your organization for governance, and enforce retention rules based on that classification. You can also use retention labels to implement a records management solution for Microsoft 365.
https://docs.microsoft.com/en-us/microsoft-365/compliance/manage-gdpr-data-subject-requests-with-the-dsr-case-tool?view=o365-worldwide#more-information-about-using-the-dsr-case-toolManage GDPR data subject requests with DSR case tool in Security & Compliance Center – Microsoft 365 ComplianceThe GDPR gives EU citizens (called data subjects) specific rights to their personal data; these rights include obtaining copies of it, requesting changes to it, restricting the processing of it, deleting it, or receiving it in an electronic format. A formal request by a data subject to take an action on their personal data is called a Data Subject Request or DSR. You can use DSR Cases in the compliance center in Office 365 and Microsoft 365 to manage your organization’s DSR investigations.
https://docs.microsoft.com/en-us/microsoft-365/compliance/meet-data-protection-and-regulatory-reqs-using-microsoft-cloud?view=o365-worldwideMeet data protection and regulatory requirements with Compliance Manager for Microsoft cloud services – Microsoft 365 ComplianceThe Compliance Manager in the Microsoft Service Trust Portal provides tools to track, implement, and manage the controls to help your organization reach compliance with security and data protection industry standards (such as GDPR, ISO 27001 and 27018, and HIPAA) when measured against Microsoft cloud services, such as Office 365 and Microsoft Azure. The Compliance Manager helps the person who oversees the data protection and privacy strategy for your organization manage your compliance and risk assessment process.
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies?view=o365-worldwideLearn about retention policies to automatically retain or delete content – Microsoft 365 ComplianceUse a retention policy to decide proactively whether to retain content, delete content, or both – retain and then delete the content; apply a single policy to the entire organization or specific locations or users; and apply a policy to all content or content meeting specific conditions.
https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-worldwideSearch the audit log in the Security & Compliance Center – Microsoft 365 ComplianceUse the Security & Compliance Center to search the unified audit log to view user and administrator activity in your organization.
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwideLearn about sensitivity labels – Microsoft 365 ComplianceUse sensitivity labels from the Microsoft Information Protection framework to classify and protect your organization’s data, without hindering user productivity and collaboration.

Also, please share the post within your circles so it helps them to prepare for the exam.

The free online CSS cleaner tool helps you to organize style files for websites.

Share:

administrator

Microsoft MVP & MCT | Azure Service Delivery Lead with over 12 years of experience in Microsoft solutions and Professional services, Leading the Azure team to help our customers to build successful Azure practices, Blogger, Speaker, and Community leader. Focus on Azure, Cloud Security, Modern Workspace, AVD, Infrastructure as Code, Endpoint Management, Office 365, EMS.