Configure your company’s organization profile, which is essential for setting up for your company’s tenant.
Maintain minimum subscription requirements for your company.
Manage your services and add-ins by assigning more licenses, purchasing more storage, and so on.
Create a checklist that enables you to confirm your Microsoft Entra tenant meets your business needs.

Identify which user identity model best suited for your organization.
Create user accounts from both the Microsoft 365 admin center and Windows PowerShell.
Manage user accounts and licenses in Microsoft 365.
Recover deleted user accounts in Microsoft 365.
Perform bulk user maintenance in Microsoft Entra ID.
Create and manage guests and collaborate with them in SharePoint sites.
Create and manage contacts.

Describe the various types of groups available in Microsoft 365.
Create and manage groups using the Microsoft 365 admin center and Windows PowerShell.
Create and manage groups in Exchange Online and SharePoint Online.

Identify the factors that must be considered when adding a custom domain to Microsoft 365.
Plan the DNS zones used in a custom domain.
Plan the DNS record requirements for a custom domain.
Add a custom domain to your Microsoft 365 deployment.

Describe how Outlook uses Autodiscover to connect an Outlook client to Exchange Online.
Identify the DNS records needed for Outlook and other Office-related clients to automatically locate the services in Microsoft 365 using the Autodiscover process.
Describe the connectivity protocols that enable Outlook to connect to Microsoft 365.
Identify the tools that can help you troubleshoot connectivity issues in Microsoft 365 deployments.

Understand how roles are used in the Microsoft 365 ecosystem.
Describe the Azure role-based access control permission model used in Microsoft 365.
Identify the key tasks assigned to the common Microsoft 365 admin roles.
Identify best practices when configuring admin roles.
Delegate admin roles to partners.
Implement role groups in Microsoft 365.
Manage permissions using administrative units in Microsoft Entra ID.
Manage permissions in SharePoint to prevent oversharing of data.
Elevate privileges to access admin centers by using Microsoft Entra ID Privileged Identity Management.

Monitor your organization’s Microsoft 365 service health in the Microsoft 365 admin center.
Implement Microsoft 365 network connectivity for assessments and insights.
Implement Microsoft 365 Backup (Preview) for fast content backup and restoration.
Develop an incident response plan to deal with incidents that can occur with your Microsoft 365 service.
Request assistance from Microsoft to address technical, presales, billing, and subscription support issues.

Describe the Microsoft 365 Apps for enterprise functionality.
Plan a deployment strategy for Microsoft 365 Apps for enterprise.
Complete a user-driven installation of Microsoft 365 Apps for enterprise.
Deploy Microsoft 365 Apps for enterprise with Microsoft Endpoint Configuration Manager.
Identify the mechanisms for managing centralized deployments of Microsoft 365 Apps for enterprise.
Deploy Microsoft 365 Apps for enterprise with the Office Deployment Toolkit.
Describe how to manage Microsoft 365 Apps for enterprise updates.
Determine which update channel and application method applies for your organization.
Add Microsoft 365 Apps for enterprise to Microsoft Intune.
Deploy Microsoft 365 Apps for enterprise security baseline.

Identify how Microsoft Viva Insights can help improve collaboration behaviors in your organization.
Describe how the Personal insights app analyzes how you work.
Describe how the Team insights app provides visibility into team work habits that might lead to stress and burnout.
Describe how the Organization insights app enables managers to see how their work culture affects employee wellbeing.
Describe how the Advanced insights app addresses critical questions about resiliency and work culture.

Describe the Microsoft 365 authentication and provisioning options.
Explain the two identity models in Microsoft 365 – cloud-only identity and hybrid identity.
Explain the three authentication methods in the hybrid identity model – Password hash synchronization, Pass-through authentication, and federated authentication.
Describe how Microsoft 365 commonly uses directory synchronization.

Identify the tasks necessary to configure your Azure Active Directory environment.
Plan directory synchronization to synchronize your on-premises Active Directory objects to Azure AD.
Identify the features of Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync.
Choose which directory synchronization best fits your environment and business needs.

Configure Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync prerequisites.
Set up Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync.
Monitor synchronization services using Microsoft Entra Connect Health.

Ensure users synchronize efficiently.
Manage groups with directory synchronization.
Use Microsoft Entra Connect Sync Security Groups to help maintain directory synchronization.
Configure object filters for directory synchronization.
Explain how Microsoft Identity Manager helps organizations manage and synchronize user identities across their organizations and hybrid environments.
Troubleshoot directory synchronization using various troubleshooting tasks and tools.

Describe techniques hackers use to compromise user accounts through email.
Describe techniques hackers use to gain control over resources.
Describe techniques hackers use to compromise data.
Mitigate an account breach.
Prevent an elevation of privilege attack.
Prevent data exfiltration, data deletion, and data spillage.

Describe the Zero Trust approach to security in Microsoft 365.
Describe the principles and components of the Zero Trust security model.
Describe the five steps to implementing a Zero Trust security model in your organization.
Explain Microsoft’s story and strategy around Zero Trust networking.

Manage user passwords.
Create Conditional Access policies.
Enable security defaults.
Describe pass-through authentication.
Enable multifactor authentication.
Describe self-service password management.
Implement Microsoft Entra Smart Lockout.

Identify the features of Microsoft Defender for Office 365 that enhance email security in a Microsoft 365 deployment.
Explain how Microsoft Defender for Identity identifies, detects, and investigates advanced threats, compromised identities, and malicious insider actions directed at your organization.
Explain how Microsoft Defender for Endpoint helps enterprise networks prevent, detect, investigate, and respond to advanced threats.
Describe how Microsoft 365 Threat Intelligence can be beneficial to your organization’s security officers and administrators.
Describe how Microsoft Cloud App Security enhances visibility and control over your Microsoft 365 tenant through three core areas.

Describe the benefits of Secure Score and what kind of services can be analyzed.
Describe how to collect data using the Secure Score API.
Describe how to use the tool to identify gaps between your current state and where you would like to be regarding security.
Identify actions that increase your security by mitigating risks.
Explain where to look to determine the threats each action mitigates and the impact it has on users.

Describe how PIM enables you to manage, control, and monitor access to important resources in your organization.
Configure the PIM role assignment process for use in your organization.
Understand how PIM audit history enables you to see all the user assignments and activations within a given time period for all privileged roles.

Describe Azure Identity Protection (AIP) and what kind of identities can be protected.
Enable the three default protection policies in AIP.
Identify the vulnerabilities and risk events detected by AIP.
Plan your investigation in protecting cloud-based identities.
Plan how to protect your Azure Active Directory environment from security breaches.

Describe how Exchange Online Protection analyzes email to provide anti-malware and anti-spam protection.
List several mechanisms used by Exchange Online Protection to filter spam and malware.
Describe other solutions administrators might implement to provide extra protection against phishing and spoofing.
Understand how EOP provides protection against outbound spam.

Describe how the Safe Attachments feature in Microsoft Defender for Office 365 blocks zero-day malware in email attachments and documents.
Describe how the Safe Links feature in Microsoft Defender for Office 365 protects users from malicious URLs embedded in email and documents that point to malicious websites.
Create outbound spam filtering policies.
Manage email access with the Restrict Access list and the Tenant Allow/Block list.
Submit messages, URLs, files, and attachments to Microsoft for analysis.

Create and modify a Safe Attachments policy using Microsoft Defender XDR.
Create a Safe Attachments policy by using PowerShell.
Configure a Safe Attachments policy.
Describe how a transport rule can disable a Safe Attachments policy.
Describe the end-user experience when an email attachment is scanned and found to be malicious.

Create and modify a Safe Links policy using Microsoft Defender XDR.
Create a Safe Links policy using PowerShell.
Configure a Safe Links policy.
Describe how a transport rule can disable a Safe Links policy.
Describe the end-user experience when Safe Links identifies a link to a malicious website embedded in email, and a link to a malicious file hosted on a website.

Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph.
Create alerts that can identify malicious or suspicious events.
Understand how the automated investigation and response process works in Microsoft Defender XDR.
Describe how threat hunting enables security operators to identify cybersecurity threats.
Describe how Advanced hunting in Microsoft Defender XDR proactively inspects events in your network to locate threat indicators and entities.

Describe how Microsoft Defender for Cloud Apps provides improved visibility into network cloud activity and increases the protection of critical data across cloud applications.
Explain how to deploy Microsoft Defender for Cloud Apps.
Control your cloud apps with file policies.
Manage and respond to alerts generated by those policies.
Configure and troubleshoot Cloud Discovery.

Describe how Microsoft Defender for Endpoint helps enterprise networks prevent, detect, investigate, and respond to advanced threats.
Onboard supported devices to Microsoft Defender for Endpoint.
Implement the Threat and Vulnerability Management module to effectively identify, assess, and remediate endpoint weaknesses.
Configure device discovery to help find unmanaged devices connected to your corporate network.
Lower your organization’s threat and vulnerability exposure by remediating issues based on prioritized security recommendations.

Describe the protection stack provided by Microsoft Defender for Office 365.
Understand how Threat Explorer can be used to investigate threats and help to protect your tenant.
Describe the Threat Tracker widgets and views that provide you with intelligence on different cybersecurity issues that might affect your company.
Run realistic attack scenarios using Attack Simulator to help identify vulnerable users before a real attack impacts your organization.

Protect sensitive data with Microsoft Purview Information Protection.
Govern organizational data using Microsoft Purview Data Lifecycle Management.
Minimize internal risks with Microsoft Purview Insider Risk Management.
Explain the Microsoft Purview eDiscovery solutions.

Enable and disable an archive mailbox in the Microsoft Purview compliance portal and through Windows PowerShell.
Run diagnostic tests on an archive mailbox.
Restore deleted data in Exchange Online and SharePoint Online.

Explain how a retention policies and retention labels work.
Identify the capabilities of both retention policies and retention labels.
Select the appropriate scope for a policy depending on business requirements.
Explain the principles of retention.
Identify the differences between retention settings and eDiscovery holds.
Restrict retention changes by using preservation lock.

Describe how Microsoft 365 helps organizations manage risks, protect data, and remain compliant with regulations and standards.
Plan your beginning compliance tasks in Microsoft Purview.
Manage your compliance requirements with Compliance Manager.
Manage compliance posture and improvement actions using the Compliance Manager dashboard.
Explain how an organization’s compliance score is determined.

Describe insider risk management functionality in Microsoft 365.
Develop a plan to implement the Microsoft Purview Insider Risk Management solution.
Create insider risk management policies.
Manage insider risk management alerts and cases.

Describe how information barriers can restrict or allow communication and collaboration among specific groups of users.
Describe the components of an information barrier and how to enable information barriers.
Understand how information barriers help organizations determine which users to add or remove from a Microsoft Team, OneDrive account, and SharePoint site.
Describe how information barriers prevent users or groups from communicating and collaborating in Microsoft Teams, OneDrive, and SharePoint.

Describe how Data Loss Prevention (DLP) is managed in Microsoft 365.
Understand how DLP in Microsoft 365 uses sensitive information types and search patterns.
Describe how Microsoft Endpoint DLP extends the DLP activity monitoring and protection capabilities to devices.
Describe what a DLP policy is and what it contains.
Understand how adaptive protection integrates Insider Risk Management with DLP.
View DLP policy results using both queries and reports.

Create a data loss prevention implementation plan. Implement Microsoft 365’s default DLP policy.
Create a custom DLP policy from a DLP template and from scratch.
Create email notifications and policy tips for users when a DLP rule applies.
Create policy tips for users when a DLP rule applies.
Configure email notifications for DLP policies.

Explain the benefits and pain points of creating a data classification framework.
Identify how data classification of sensitive items is handled in Microsoft 365.
Understand how Microsoft 365 uses trainable classifiers to protect sensitive data.
Create and then retrain custom trainable classifiers.
Analyze the results of your data classification efforts in Content explorer and Activity explorer.
Implement Document Fingerprinting to protect sensitive information being sent through Exchange Online.

Describe how sensitivity labels let you classify and protect your organization’s data.
Identify the common reasons why organizations use sensitivity labels.
Explain what a sensitivity label is and what they can do for an organization.
Configure a sensitivity label’s scope.
Explain why the order of sensitivity labels in your admin center is important.
Describe what label policies can do.

Create a deployment strategy for implementing sensitivity labels that satisfies your organization’s requirements.
Enable sensitivity labels in SharePoint Online and OneDrive so they can use encrypted files.
Create and configure sensitivity labels.
Publish sensitivity labels by creating a label policy.
Identify the differences between removing and deleting sensitivity labels.