MS-101: Microsoft 365 Mobility and Security

MS-101: Microsoft 365 Mobility and Security

Three Pack aligned to Microsoft 365 - Exam MS-101: Microsoft 365 Mobility and Security

Microsoft 365 Exam: Microsoft 365 Mobility and Security contains courseware that helps prepare students for Exams MS-101. Passing this exam is required to earn the Microsoft 365 Mobility and Security certification.

Courses in this packaged set:

Course MS-101T03: Microsoft 365 Device Management.

Course MS-101T01: Microsoft 365 Security Management.

Course MS-101T02: Microsoft 365 Compliance Management.

This packaged set provides students with the key knowledge to help prepare for Exam MS-101.

Contenido de los cursos

Course MS-101T01: Microsoft 365 Security Management

The Microsoft 365 Security Management course takes you on an extensive journey through the world of cloud security. The course begins by examining how to manage your security metrics. This begins by building a foundational understanding of the threat landscape that faces organizations today. The course introduces you to phishing, spoofing, spam and malware, account breaches, elevation of privileges, data exfiltration, data deletion, data spillage, and more. With this knowledge in place, you will then examine various security solutions that can address these threats, including Exchange Online Protection, Microsoft 365 Advanced Threat Protection, Microsoft 365 Threat Intelligence, and Advanced Security Management. The course then takes a deep dive into Azure AD Identity Protection, including how to enable it, how to configure it to detect vulnerabilities and risk events, and how to plan your investigation. This coverage of security metrics ends with an introduction to Microsoft Secure Score, which is a security analytics tool designed to help organizations understand what they have done to reduce the risk to their data, and show them what they can do to further reduce that risk.

With this foundational knowledge in place concerning today’s threat landscape and the Microsoft 365 security solutions that are available to address those threats, the course then examines how to configure those solutions. This begins with an introduction to Exchange Online Protection (EOP), during which you will learn how EOP enables you to configure the anti-malware pipeline in Microsoft 365, as well as phishing and spoofing protection, zero-hour purge, and spoofing intelligence. The course then transitions to Advanced Threat Protection (ATP), where it examines how ATP expands on the protections provided by Exchange Online Protection by using its Safe Attachments and Safe Links features. The course then takes a deep dive into each of these features and examines how to create and manage safe attachment and safe links policies in the Security and Compliance Center, as well as through Windows PowerShell. The course then identifies a variety of reports that are available to monitor your security status, including the Threat Protection Status report, the ATP message disposition report, the Malware Detections report, and much, much more.

The course concludes with an extensive examination of Microsoft 365 Threat Intelligence. Since Microsoft 365 hosts one of the largest networks in the world and manages content created on millions of devices, Microsoft has been able to build a vast repository of threat intelligence data, as well as the systems needed to spot patterns that correspond to attack behaviors and suspicious activity. Microsoft 365 Threat Intelligence is a collection of these insights, which can help organizations proactively find and eliminate threats. As such, the course examines how to plan for and implement Microsoft 365 Threat Intelligence. This includes using the Microsoft Intelligence Security Graph, the Security Dashboard, and Threat Explorer. You will then learn how to configure Advanced Threat Analytics (ATA) and how to manage ATA services. Finally, you will be instructed on how to implement your own cloud application security. This includes deploying cloud app security, controlling your cloud apps with policies, and troubleshooting your cloud app security status.

Course Outline

Module 1: Designing your Microsoft 365 Tenant


  • Planning a Microsoft 365 On-premises infrastructure
  • Planning Your Identity and Authentication Solution

Module 2: Configuring your Microsoft 365 Tenant


  • Planning your Microsoft 365 Experience
  • Configuring your Microsoft 365 Experience
  • Leveraging FastTrack and Partner Services
  • Implementing Your Domain Services

Module 3: Managing your Microsoft 365 Tenant


  • Configuring Tenant Roles
  • Managing Tenant Health and Services

Module 4: Hands-On Lab

Lab : Managing Microsoft 365 Security

  • Exercise 1: Setting up your lab environment
  • Exercise 2: Editing an ATP Safe Links policy and create a Safe Attachment policy
  • Exercise 3: Enabling and installing the ATA Center


    MS-101T02: Microsoft 365 Compliance Management

    This course introduces you to the world of Microsoft 365 compliance management.
    It begins with an introduction to the different solutions that are available in Microsoft 365 for data retention and data loss prevention. The course then takes a detailed look at the planning steps that are necessary to implement data retention policies and archiving rules. You will learn about the different approaches for single services with message retention management and a records center, as well as the new centralized approach of managing all Microsoft 365 data retention in the Security and Compliance Center.

    You will then examine the steps needed to implement security and compliance requirements, such as proper organizational role management and the correct technical solutions that meet your business requirements. The course then analyzes how to protect your sensitive business data from being shared in ways that break your compliance rules, including implementing ethical walls and setting up data loss prevention policies.

    Students are then introduced to the latest Microsoft 365 solutions for protecting your sensitive business data on client devices. You will learn how the Microsoft Information Protection solutions work to protect data and documents that leave your managed network perimeter and how to prevent users from accidental or intended sharing of business data with unsecure locations on their clients.

    The course concludes by delving deep into eDiscovery investigations to track compliance breaches and manage compliance incidents with the Microsoft 365 tools from the Security and Compliance Center. The course examines how to manage and consolidate admin and user auditing log data from the Microsoft 365 services to provide complete compliance insight into your Microsoft 365 data and processes.

    Course Online

    Module 1: Introduction to Data Governance in Microsoft 365


    • Introduction to Archiving in Microsoft 365
    • Introduction to Retention in Microsoft 365
    • Introduction to Information Rights Management
    • Introduction to Secure Multipurpose Internet Mail Extension
    • Introduction to Office 365 Message Encryption
    • Introduction to Data Loss Prevention

    Module 2: Archiving and Retention in Microsoft 365


    • In-Place Records Management in SharePoint
    • Archiving and Retention in Exchange
    • Retention Policies in the SCC
    • Implementing Your Domain Services

    Module 3: Implementing Data Governance in Microsoft 365 Intelligence


    • Planning Your Security and Compliance Needs
    • Building Ethical Walls in Exchange Online
    • Creating a Simple DLP Policy from a Built-in Template
    • Creating a Custom DLP Policy
    • Creating a DLP Policy to Protect Documents
    • Working with Policy Tips

    Module 4: Managing Data Governance in Microsoft 365


    • Managing Retention in Email
    • Troubleshooting Data Governance
    • Implementing Information Protection
    • Implementing Advanced Information Protection
    • Introduction to Windows Information Protection

    Module 5: Managing Search and Investigations


    • Searching for Content in the Security and Compliance Center
    • Auditing Log Investigations
    • Managing Advanced eDiscovery

    Module 6: Hands-On Lab

    Lab : Setting Up your Lab Environment

    • Exercise 1: Initialize Compliance in Your Organization

    Lab : Archiving and Retention in Microsoft 365

    • Exercise 1: Configure Retention Tags and Policies
    • Exercise 2: Configure AIP and WIP

    Lab : Implementing Data Governance

    • Exercise 1: Testing DLP Policies
    • Exercise 2: Using Azure Information Protection
    • Exercise 3: Using Windows Information Protection

    Lab : Verify Your Data Governance Policies

    • Exercise 1: Investigate your Microsoft 365 Data

    MS-101T03: Microsoft 365 Device Management

    Microsoft 365 Device Management focuses on how to establish Microsoft Intune, enroll devices to Intune, monitor the devices, and control what users can do from the enrolled devices by using conditional access policies. If you are already managing devices by using a traditional device management tool such as Configuration Manager, you will be interested to know how you can seamlessly move to modern management, in which devices are managed by Intune, and how you can benefit from new device management capabilities, such as compliance, conditional access, and Windows Autopilot to deploy new devices from the cloud. 

    The course begins by examining how to move from traditional management, where devices are managed by Configuration Manager, to modern management, where you can benefit from new capabilities such as device compliance and conditional access. This journey can begin by enabling co-management, which you can do in your current environment by adding Intune as an additional device management option. You can then move management of some Windows 10 devices to Intune, while all other devices remain managed by Configuration Manager. After you get confidence and experience with the benefits of modern management, you will probably want to move the management of your other devices to Intune as well.


    The course then examines how you can monitor Windows 10 devices by using Windows Analytics. You will better understand the differences between quality updates and feature updates, as well as the Windows as a Service (WaaS) model, and when you must upgrade Windows 10 to a newer version to be supported by Microsoft. Although traditional, image-based deployment is still supported with Windows 10, many organizations will start exploring dynamic deployment and modern deployment options, such as Windows Autopilot.


    The course concludes with an examination of how to implement Mobile Device Management (MDM). With Microsoft 365 you have two Mobile Device Management options: Intune and MDM for Office 365. You will learn how to perform an initial configuration of Intune so that it can manage Windows 10 and Android devices, as well as the additional preparation steps that are required for iOS devices. As Intune can manage only enrolled devices, you will learn how to enroll different device types. You will also learn also how to define a company baseline and use Intune to monitor device compliance against the baseline.

    Course Outline

    Module 1: Planning for Device Management


    • Introduction to Co-management
    • Preparing Your Windows 10 Devices for Co-management
    • Transitioning from Configuration Manager to Intune
    • Introduction Microsoft Store for Business
    • Planning for Mobile Application Management

    Module 2: Planning Your Windows 10 Deployment Strategy


    • Windows 10 Deployment Scenarios
    • Planning Your Windows 10 Subscription Activation Strategy
    • Resolving Windows 10 Upgrade Errors
    • Introduction to Windows Analytics

    Module 3: Implementing Mobile Device Management


    • Planning Mobile Device Management
    • Deploying Mobile Device Management
    • Enrolling Devices to MDM
    • Managing Device Compliance

    Module 4: Hands-On Lab

    Lab : Working with Microsoft Store for Business

    • Exercise 1: Provisioning and managing the Microsoft Store for Business
    • Exercise 2: Using the Microsoft Store for Business

    Lab : Managing Devices by using Intune

    • Exercise 1: Obtain Intune and enable device management
    • Exercise 2: Configure Azure AD for Intune
    • Exercise 3: Create Intune policies
    • Exercise 4: Enroll a Windows 10 device
    • Exercise 5: Manage and monitor a device in Intune