Study Guide MS-500 Banner

Study Guide: MS-500 – Microsoft 365 Security Administration

Having recently passed the MS-500, I wanted to share my study guide and the resources I used to help get me over the line for this certification. Once you pass the MS-500 exam you will earn the Microsoft 365 Certified: Security Administrator Associate certification, demonstrating that you are able to proactively secure Microsoft 365 enterprise environments, responds to threats, performs investigations, and enforces data governance.

With any Microsoft Exam the content changes on a regular basis, so it is always best to ensure you keep updated with the latest guidance from Microsoft. This can usually be found on the Exam page. In terms of the MS-500 exam the skills measured are broken down into the following categories and weighted as such:

  • Implement and manage identity and access (30-35%)
  • Implement and manage threat protection (20-25%)
  • Implement and manage information protection (15-20%)
  • Manage governance and compliance features in Microsoft 365 (25-30%)

It’s worth noting that by default, most of the questions cover features that are General Availability (GA), however, the exam may contain questions on Preview features if those features are commonly used.

Microsoft Learn Resources

By default, I always try to use the Microsoft Learn resources. If you aren’t aware of Microsoft Learn, it is a training platform built and maintained by Microsoft and is completely free of charge. Microsoft Learn provides a vast amount of online training and learning paths for a range of Microsoft technologies, the training is delivered through videos, reading materials, and labs, but also has quizzes at the end of sections, so that you can gauge your knowledge. By default, my first point is always to check the Microsoft Learn materials.

Microsoft Docs Resources

On top of the Microsoft Learn resources, is Microsoft Docs, again this is another free Microsoft Resource. I have created a list of resources based on the Skills measured exam document:

Implement and manage identity and access (30-35%)

Secure Microsoft 365 hybrid environments

Secure Identities

Implement authentication methods

Implement conditional access

Implement role-based access control (RBAC)

Implement Azure AD Privileged Identity Management (PIM)

Implement Azure AD Identity Protection

Implement and manage threat protection (20-25%)

Implement an enterprise hybrid threat protection solution

Implement device threat protection

Implement and manage device and application protection

Implement and manage Microsoft Defender for Office 365

Monitor Microsoft 365 Security with Azure Sentinel

Implement and manage information protection (15-20%)

Secure data access within Office 365

Manage sensitivity labels

Manage Data Loss Prevention (DLP)

Implement and manage Microsoft Cloud App Security

Manage governance and compliance features in Microsoft 365 (25-30%)

Configure and analyze security reporting

Manage and analyze audit logs and reports

Manage data governance and retention

Manage search and investigation

Manage data privacy regulation compliance

MS-500 Tips and other resources

Microsoft 365 Security Administrator badge (MS-500)

On top of these Microsoft resources, I always recommend trying to get some actual time with the toolsets if possible. This can be difficult to do unless you have a test Microsoft 365 subscription, so sometimes its worth discussing with your manager or even a colleague about building a test environment.

Youtube can always be a good resource to look at, if you are more of a visual learner, you can find a playlist for MS-500 here. Alternatively, check out some of the great courses around the topics on Pluralsight.

All the best and good luck on your journey to passing MS-500 and gaining your Microsoft 365 Certified: Security Administrator Associate certification. If you have any further links and resources then please let me know in the comments and I can add them to this blog.

Latest Posts

Twitter Feed

2 thoughts on “Study Guide: MS-500 – Microsoft 365 Security Administration”

  1. Pingback: Study Guide: AZ-104 - Microsoft Azure Administrator - Shifting To The Cloud

  2. Pingback: Summer 2021 Update: Home Office, MCT, And SC-300 - Shifting To The Cloud

Leave a Reply

General Availability of Continuous Access Evaluation

Well this week has been a good week and has seen a Conditional Access feature which adds further control to the Zero Trust story. One of the biggest issues around Conditional Access and also Multi-Factor Authentication is that it only protects at the time the session is authenticated, meaning conditions around the user session could

Read More »

Azure AD custom security attributes

Microsoft have launched in public preview the Azure AD custom security attributes and user attributes in Attribute-based Access Control (ABAC) conditions build on the previous preview of ABAC conditions for Azure Storage. What is a custom attribute? They are key-value pairs that can be defined in Azure AD and assigned to Azure AD Objects, such

Read More »
Microsoft Ignite Digital Event Banner

Microsoft Ignite – November 2021 – Book of News

With another Ignite in 2021, and yet again another Virtual event thanks to the ongoing pandemic, we see another Book of News launched with a load of new announcements. This time I will be focusing on the Security announcements and news. The link to the Book of News is here- Microsoft Ignite 2021 Book of

Read More »
Scroll to Top