MS-500: Microsoft 365 Security Administration eLearning


Student financing options are available.

Transitioning military and Veterans, please contact us to sign up for a free consultation on training and hiring options.

Looking for group training? Contact Us

Download PDF of Course Details

Course Description:

This instructor led, online training course includes how to secure user access to your organization’s resources. We will also discuss user password protection, multi-factor authentication, how to enable Azure Identity Protection, how to setup and use Azure AD Connect, and introduces you to conditional access in Microsoft 365 / Office 365.

Students will also learn about Secure Score, Exchange Online protection, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, and threat management.

Exam Number: MS-500







Course Outline

Initial Security Steps

Create User accounts
Secure User Accounts by:
Implementing a zero-trust security model
Be able to describe zero trust security concepts
How does zero trust security apply to hosts inside the network
How does zero trust security apply to hosts outside the network
Implementing a password policy for authentication
What is multifactor authentication
How to implement multi-factor authentication for O365
Identity and Access management in Azure
What is the purpose of Identity and Access management?
Enabling Azure Identity Protection
Assign Roles / Configure Privileged Identity Management
Configure Directory Roles
Activate Privileged Identity Management Roles
Configure PIM Resource workflows
Pull up an audit history for AZURE AD roles in PIM
Manage Directory Synchronization

Go in depth on authentication options for O365
Directory Synchronization
Explain what Directory Synchronization is
Plan a scheme for Directory Synchronization
Manage users and groups with directory synchronization
AD Connect
Be able to describe what AD connect is
How to utilize Az AD connect
Configure prerequisites
Manage users
Ability to describe what AD federation is and how it is used
Identity Access Management and RBAC

Conditional Access as a tool to manage device access
Be able to explain Conditional Access
Be able to explain Conditional Access Policies
Be able to configure Conditional Access
Manage Device Access to the network
Be able to configure Multifactor Authentication Pilot for specific apps
Be able to configure Multifactor Authentication Conditional Access
How does a host from an external network gain access?
Explain Role Based Access Control
Configure RBAC
Microsoft 365: Threats & Mitigation

What techniques are used by attackers
Via email
To control resources
Utilize Security Center to improve a Secure Score
Describe the purpose of a Secure Score
Describe the benefits of a Secure Score
Detail secure score services
Detail analysis of secure score services and how the helps threat mitigation
How is secure score used to locate network security weaknesses?
O365 ATP & Exchange Online Protection
What protections do these services afford
What threats are they set to avoid?
Microsoft 365 Exchange Online and ATP

Be able to describe message protection via:
Exchange Online Protection
Anti-malware pipeline during email analysis
Azure Advanced Threat Protection
Be able to configure Azure ATP
Windows Defender Advance Threat Protection
Be able to configure Defender ATP
Be able to implement ATP Policies
How to manage safe attachments
How to manage safe links
Mitigating Threats via Microsoft Threat Management

Utilize the security dashboard & Azure Sentinel to mitigate threats
Discuss Security Dashboards ability to give executives analytics
On threats
On trends
How is azure Sentinel utilized in Microsoft 365?
Advance Threat analytics
What are the requirements for deployment?
What is its function
How to protect your tenant using threat explorer
Investigating threats using threat explorer
Be able to conduct simulated attacks
RM services & Encryption

Describe Information Rights
Why does it need to be managed?
Being able to validate information rights management
Message encryption
What options exist for encryption for M365
What options exist for encryption of O365
How are these enabled
How is S/MIME utilized
What is its purpose
How is it configured
How to mitigate Data loss

What is data loss
What is data loss prevention?
How are policies utilized
Be able to configure and implement DLP policies
New rules
Modify rules
User Override a rule
Manage policies
Test MRM / DLP policies
How are SharePoint Online properties created from documents

Implementing AZ and/or Windows Information Protection
What is information protection?
How is it configured in Azure?
Configure labels
Configure polices
How is it configured in Windows?
Planning deployments of policies
Configure AIP settings for services
Security in the Cloud

Be able to describe the function / purpose of Cloud App Security
How is it deployed
Enforcing control over apps with policies
How it the Cloud App Catalogue used to increase Cloud App security
Managing permissions
How to interact with the Cloud Discovery dashboard
Archiving data related to Retention

Archiving and Retaining Data in Exchange and SharePoint
Be able to start the compliance process
Set policies
How do policies function
Set retention tags
How to configure a useful retention tag
What makes a retention tag not useful?
Describe data retention functions in Exchange and SharePoint
Define in place Archive
Configure in-place archiving
Define Records management
Data Governance

What is Data Governance
What is the Compliance Manager?
Plan requirements for compliance
What capabilities does Compliance Manager provide
What are Global Data Protection Regulations & Reading a report
Considerations for DGPR implementation
Managing DSR
Utilizing eDiscovery to search data

What is eDiscovery software and what are its purposes/ uses
Describe advance eDiscovery
Steps of eDiscovery configuration
How is a search of content exported?
Purpose of an Audit
What components make up the audit log
How to use log data to investigate
Mobile Device Management

Plan / Enroll / and Deploy:
Mobile device management
Be able to enable device management
Be able to configure the management of Devices with MDM
Establish domains
Configure domains
Manage policies for security
Enroll devices into an MDM system / Intune
Configure roles for managers
Mobile app management
Configure Intune / MAM deployment
Considerations for securing a deployment

Skills Learned

Administer user and group access in Microsoft 365.
Explain and manage Azure Identity Protection.
Plan and implement Azure AD Connect.
Manage synchronized user identities.
Explain and use conditional access.
Describe cyber-attack threat vectors.
Explain security solutions for Microsoft 365.
Use Microsoft Secure Score to evaluate and improve your security posture.
Configure various advanced threat protection services for Microsoft 365.
Plan for and deploy secure mobile devices.
Implement information rights management.
Secure messages in Office 365.
Configure Data Loss Prevention policies.
Deploy and manage Cloud App Security.
Implement Windows information protection for devices.
Plan and deploy a data archiving and retention system.
Create and manage an eDiscovery investigation.
Manage GDPR data subject requests.
Explain and use sensitivity labels.

Who Should Attend This Course

The primary audience for this course is Microsoft 365 Security Administrators and Office 365 Administrators.


None but we recommend students have:

Basic conceptual understanding of Microsoft Azure.
Experience with Windows 10 devices.
Experience with Office 365 administration.
Basic understanding of authorization and authentication.
Basic understanding of computer networks.
Working knowledge of managing mobile devices.


  • Accessible 24x7x365 both from your PC and Mobile Device
  • Enjoy job placement assistance for the first 12 months after course completion.
  • This course is eligible for CCS Learning Academy’s Learn and Earn Program: get a tuition fee refund of up to 50% if you are placed in a job through CCS Global Tech’s Placement Division*
  • Government and Private pricing available.*

*For more details call: 858-208-4141 or email: training@ccslearningacademy.com; sales@ccslearningacademy.com

NOTE: These are our Partner Delivered eLearning.

Shopping Cart