MS-500T00 Microsoft 365 Security Administration
8/16/2021 - 8/19/2021
9/13/2021 - 9/16/2021



COURSE TIMES: 9:00am - 4:30pm

Printable version of this course
Register for this course


This course teaches how to secure user access to your organization’s resources with password protection, multi-factor authentication, enable Azure Identity Protection, setup and use Azure AD Connect, and an introduction to conditional access in MS 365. You will learn about threat protection technologies to protect your environment such as threat vectors and Microsoft’s security solutions mitigation. Secure Score, Exchange Online protection, Azure Advanced Threat Protection, and Windows Defender Advanced Threat Protection.This course covers information rights managed content, message encryption, as well as labels, policies and rules that support data loss prevention and protection. Lastly, you will learn about archiving and retention in MS 365 as well as data governance and how to conduct content searches & investigations. Data retention policies & tags, in-place records management for SharePoint, email retention, and how to conduct content searches to support eDiscovery investigations.


The Microsoft 365 Security administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and to ensures that the solutions comply with the policies and regulations of the organization. This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance. The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and hybrid environments. This role has strong skills and experience with identity protection, information protection, threat protection, security management and data governance. Learners should start this course already having the following skills:

  • Basic conceptual understanding of Microsoft Azure.
  • Experience with Windows 10 devices.
  • Experience with Office 365.
  • Basic understanding of authorization and authentication.
  • Basic understanding of computer networks.
  • Working knowledge of managing mobile devices.


*Course Cost listed does not include the cost of courseware or exam. Course is subject to a minimum enrollment to run. Course may run virtually as a Virtual Instructor-Led (VILT) class if the minimum enrollment is not met or as a 4 day class (Bootcamp Style). For more information, please contact or call 207-775-0244.


Module 1: User and Group Protection
Identity and Access Management Concepts
The Zero Trust model
Plan your identity and authentication solution
User accounts and roles
Password Management
Lab : Initialize your tenant - users and groups
Lab : Password management

Module 2: Identity Synchronization and Protection
Plan directory synchronization
Configure and manage synchronized identities
Implementing Azure AD Connect
Azure AD Identity Protection
Lab : Implement Identity Synchronization

Module 3: Identity and Access Management
Application Management
Identity Governance
Manage device access
Role Based Access Control (RBAC)
Solutions for external access
Privileged Identity Management
Lab : Use Conditional Access to enable MFA
Lab : Configure Privileged Identity Management

Module 4: Security in Microsoft 365
Threat vectors and data breaches
Security strategy and principles
Microsoft security solutions
Secure Score
Lab : Use Microsoft Secure Score

Module 5: Threat Protection
Exchange Online Protection (EOP)
Microsoft Defender for Office 365
Manage Safe Attachments
Manage Safe Links
Microsoft Defender for Identity
Microsoft Defender for Endpoint
Lab : Manage Microsoft 365 Security Services

Module 6: Threat Management
Security dashboard
Threat investigation and response
Azure Sentinel
Advanced Threat Analytics
Lab : Using Attack Simulator

Module 7: Microsoft Cloud Application Security
Deploy Cloud Application Security
Use cloud application security information

Module 8: Mobility
Mobile Application Management (MAM)
Mobile Device Management (MDM)
Deploy mobile device services
Enroll devices to Mobile Device Management
Lab : Device Management

Module 9: Information Protection and Governance
Information protection concepts
Governance and Records Management
Sensitivity labels
Archiving in Microsoft 365
Retention in Microsoft 365
Retention policies in the Microsoft 365 Compliance Center
Archiving and retention in Exchange
In-place records management in SharePoint
Lab : Archiving and Retention

Module 10: Rights Management and Encryption
Information Rights Management (IRM)
Secure Multipurpose Internet Mail Extension (S-MIME)
Office 365 Message Encryption
Lab : Configure Office 365 Message Encryption

Module 11: Data Loss Prevention
Data loss prevention fundamentals
Create a DLP policy
Customize a DLP policy
Create a DLP policy to protect documents
Policy tips
Lab : Implement Data Loss Prevention policies

Compliance center

Module 13: Insider Risk Management
Insider Risk
Privileged Access
Information barriers
Building ethical walls in Exchange Online
Lab : Privileged Access Management

Module 14: Discover and Respond
Content Search
Audit Log Investigations
Advanced eDiscovery
Lab : Manage Search and Investigation