Ready to Start Your Career?

MS-500: Microsoft 365 Security Administration Course Review

Prasanna Peshkar's profile image

By: Prasanna Peshkar

April 28, 2021

The Microsoft 365 Security Administration course from Cybrary is intended for students to develop them to take and pass the MS-500 certification exam. The course includes the four fields of the exam, giving students the expertise and abilities they need to earn their credentials.

What is the MS-500 Certification?

Students for this exam apply, maintain, and control security and compliance solutions for Microsoft 365 and hybrid environments. The Microsoft 365 Security Administrator secures Microsoft 365 enterprise conditions, reacts to threats, conducts investigations, and implements data governance. The Microsoft 365 Security Administrator combines with the Microsoft 365 Enterprise Administrator, industry stakeholders, and other workload managers to design and execute security policies and assure that the solutions comply with the procedures and directions of the company.

The MS-500: Microsoft 365 Security Administration is a certification exam designed by Microsoft that endorses student's knowledge in performing, conducting, and monitoring security and compliance policies for Microsoft 365 and hybrid environments.

What Does the Microsoft 365 Security Administration Course Cover?

This course from Cybrary takes a close look at all the subjects included in the MS-500:Microsoft 365 Security Administration exam. Important focal areas cover identity access management, threat protection, information protection, and administration of governance and compliance within the Microsoft 365 environment. The course has five modules.

Module 1 is all about an overview of the course. Students will find how this exam measures their ability to accomplish technical tasks like implementing and managing identity and access, implementing and managing threats, managing information protection, and managing governance and compliance features in Microsoft 365.

Module 2, students will learn about ​identity and access. They will learn about user and group security, Windows NT Domains, active enterprise directory, smart card authentication, azure active directory, passwordless authentication, and hardware credential isolation. Next, they will determine how establishing an identity governance system provides organizations with a solid foundation to build on. Finally, they will discover how a one-time passcode authentication is a feature that allows guests without Microsoft or federated identities to access content without creating a user account.

Module 3 is all about MS-365 threat protection, where students will learn about threat protection, threat landscape, and security strategies. They will understand how to apply security strategy principles to an organization's cybersecurity framework to detect and respond to threats. Next, they will learn how phishing techniques are used to retrieve value information (credentials, passwords, financial numbers). Phishing attempts usually lure users into clicking a link to a malicious website that looks legitimate except for the URL of the website in question. Following, they will see how the Microsoft Secure Score provides a numerical summary, or rating, of an organization's security posture within 365 based on system configurations, user behavior, and other security-related measurements. Finally, they will discover how Azure Advanced Threat Protection helps identify, detect, and investigate threats.

Module 4, students will learn ​about MS-365 Information Protection. They will discover how Microsoft technologies can help protect sensitive data and the MS365 information protection lifecycle. They will find out how Azure information protection is a cloud-based solution that helps an organization to classify and optionally protect its documents and emails by applying labels. Labels can be automatically applied by administrators who define rules and conditions manually by users or a combination where users are given recommendations.

They will see how to implement WIP by creating WIP policies either in Microsoft Intune or SystemCenter Configuration Manager (SCCM). Next, they will learn how a digital signature works by performing a signing operation on the text of the email message when the message is sent and a verifying operation when the message is read. Finally, they will study how encryption can change the content not to be read or understood until changed back into a readable and understandable form. Office 365 message encryption uses built-in certificates to encrypt messages in the office 365 services during the transport of the message. Students will also learn how data loss prevention in Microsoft 365 identifies, monitors, reports, and protects sensitive data like social security and credit card numbers through deep content analysis while helping users understand and manage data risk.

Module 5 is all about MS-365 compliance. Students will understand data governance in MS365 and how an in-place archive differs from records management in this module. Data governance is the tools, processes, technologies, and strategies that users use to deliver consistent, usable, and secure data that's readily available and has high integrity. An in-Place archiving in exchange is a premium feature that requires an Exchange Enterprise Client Access License (CAL).


At the end of this course, students should:

  • Have a better understanding of the MS500 exam topics.
  • Implement security controls utilizing the MS365 suite.
  • Proactively respond to threats, perform investigations, and enforce data governance.
  • Collaborate with key stakeholders to plan and implement security strategies while ensuring the solutions comply with organizational goals.
Schedule Demo