Course Code: 18933

MS-500T00 Microsoft 365 Security Administration

Class Dates:
4 Days
Class Time:
Virtual Instructor-Led Training


  • Course Overview
  • This course teaches how to secure user access to your organization’s resources with password protection, multi-factor authentication, enable Azure Identity Protection, setup and use Azure AD Connect, and an introduction to conditional access in MS 365. You will learn about threat protection technologies to protect your environment such as threat vectors and Microsoft’s security solutions mitigation. Secure Score, Exchange Online protection, Azure Advanced Threat Protection, and Windows Defender Advanced Threat Protection.This course covers information rights managed content, message encryption, as well as labels, policies and rules that support data loss prevention and protection. Lastly, you will learn about archiving and retention in MS 365 as well as data governance and how to conduct content searches & investigations. Data retention policies & tags, in-place records management for SharePoint, email retention, and how to conduct content searches to support eDiscovery investigations.
  • Audience
  • The Microsoft 365 Security administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and to ensures that the solutions comply with the policies and regulations of the organization. This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance. The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and hybrid environments. This role has strong skills and experience with identity protection, information protection, threat protection, security management and data governance.


  • Learners should start this course already having the following skills:
    • Basic conceptual understanding of Microsoft Azure.
    • Experience with Windows 10 devices.
    • Experience with Office 365.
    • Basic understanding of authorization and authentication.
    • Basic understanding of computer networks.
    • Working knowledge of managing mobile devices.

Course Details

  • Module 1: User and Group Protection
  • Identity and Access Management Concepts
  • The Zero Trust model
  • Plan your identity and authentication solution
  • User accounts and roles
  • Password Management
  • Lab : Initialize your tenant - users and groups
  • Lab : Password management
  • Module 2: Identity Synchronization and Protection
  • Plan directory synchronization
  • Configure and manage synchronized identities
  • Implementing Azure AD Connect
  • Azure AD Identity Protection
  • Lab : Implement Identity Synchronization
  • Module 3: Identity and Access Management
  • Application Management
  • Identity Governance
  • Manage device access
  • Role Based Access Control (RBAC)
  • Solutions for external access
  • Privileged Identity Management
  • Lab : Use Conditional Access to enable MFA
  • Lab : Configure Privileged Identity Management
  • Module 4: Security in Microsoft 365
  • Threat vectors and data breaches
  • Security strategy and principles
  • Microsoft security solutions
  • Secure Score
  • Lab : Use Microsoft Secure Score
  • Module 5: Threat Protection
  • Exchange Online Protection (EOP)
  • Microsoft Defender for Office 365
  • Manage Safe Attachments
  • Manage Safe Links
  • Microsoft Defender for Identity
  • Microsoft Defender for Endpoint
  • Lab : Manage Microsoft 365 Security Services
  • Module 6: Threat Management
  • Security dashboard
  • Threat investigation and response
  • Azure Sentinel
  • Advanced Threat Analytics
  • Lab : Using Attack Simulator
  • Module 7: Microsoft Cloud Application Security
  • Deploy Cloud Application Security
  • Use cloud application security information
  • Module 8: Mobility
  • Mobile Application Management (MAM)
  • Mobile Device Management (MDM)
  • Deploy mobile device services
  • Enroll devices to Mobile Device Management
  • Lab : Device Management
  • Module 9: Information Protection and Governance
  • Information protection concepts
  • Governance and Records Management
  • Sensitivity labels
  • Archiving in Microsoft 365
  • Retention in Microsoft 365
  • Retention policies in the Microsoft 365 Compliance Center
  • Archiving and retention in Exchange
  • In-place records management in SharePoint
  • Lab : Archiving and Retention
  • Module 10: Rights Management and Encryption
  • Information Rights Management (IRM)
  • Secure Multipurpose Internet Mail Extension (S-MIME)
  • Office 365 Message Encryption
  • Lab : Configure Office 365 Message Encryption
  • Module 11: Data Loss Prevention
  • Data loss prevention fundamentals
  • Create a DLP policy
  • Customize a DLP policy
  • Create a DLP policy to protect documents
  • Policy tips
  • Lab : Implement Data Loss Prevention policies
  • Compliance center
  • Module 13: Insider Risk Management
  • Insider Risk
  • Privileged Access
  • Information barriers
  • Building ethical walls in Exchange Online
  • Lab : Privileged Access Management
  • Module 14: Discover and Respond
  • Content Search
  • Audit Log Investigations
  • Advanced eDiscovery
  • Lab : Manage Search and Investigation