Microsoft 365 Security Administration (MS-500) Practice Exam - RETIRED

Microsoft 365 Security Administration (MS-500) 


This exam retired on June 30, 2023. Exam replaced by Microsoft 365 Administrator (MS-102).



About Microsoft 365 Security Administration MS-500 Certification

The Microsoft 365 Security Administration MS-500 exam is suitable for candidates familiar with Microsoft 365 and hybrid environments together with the ability to possess the skills to implement, manage, and monitor security and compliance solutions.


Roles and Responsibilities

The Microsoft 365 Security Administrator is responsible to perform the following tasks -

  • Ability to proactively secures Microsoft 365 enterprise environments
  • Ability to respond to threats
  • Ability to perform investigations
  • Ability to enforce data governance. 


As a Microsoft 365 Security Administrator candidate will be required to collaborate with the Microsoft 365 Enterprise Administrator, business stakeholders, as well as other workload administrators for planning and implementing security strategies to ascertain that the solution complies with the organizational policies and regulations.


Knowledge Required 

The candidates planning to take the Microsoft 365 Security Administration (MS-500) exam are suggested -

  • To be familiar with Microsoft 365 workloads
  • To have core skills and knowledge about  - identity protection, information protection, threat protection, security management, and data governance.
  • To have the knowledge to work with the Microsoft 365 environment and hybrid environments.


Course Outline

The topics covered in the MS-500 exam covers the latest exam updates and topics as per exam updates on November 4, 2023 -

Domain 1 - Implement and manage identity and access (35-40%)

1.1 Secure Microsoft 365 hybrid environments

  • Learn to Plan Azure AD authentication options
  • Learn to Plan Azure AD synchronization options
  • Learn to Monitor and troubleshoot Azure AD Connect events


1.2 Secure Identities

  • Learn to Implement Azure AD group membership
  • Learn to Implement password management
  • Learn to Manage external identities in Azure AD and Microsoft 365 workloads


1.3 Implement authentication methods

  • Learn to Implement multi-factor authentication (MFA) by using conditional access policy
  • Learn to Manage and monitor MFA
  • Learn to Plan and implement device authentication methods like Windows Hello


1.4 Implement conditional access

  • Learn to Plan for compliance and conditional access policies
  • Learn to Configure and manage device compliance policies
  • Learn to Implement and manage conditional access
  • Learn to Test and troubleshoot conditional access policies
  • Learn to Implement roles and role groups
  • Learn to Plan for roles and role groups
  • Learn to Configure roles and role groups
  • Learn to Audit roles for least privileged access


1.5 Configure and manage identity governance

  • Learn to Implement Azure AD Privileged Identity Management
  • Learn to Implement and manage entitlement management
  • Learn to Implement and manage access reviews


1.6 Implement Azure AD Identity Protection

  • Learn to Implement user risk policy
  • Learn to Implement sign-in risk policy
  • Learn to Configure Identity Protection alerts
  • Learn to Review and respond to risk events


Domain 2 - Implement and manage threat protection (25-30%)

2.1 Implement and manage Microsoft Defender for Identity

  • Learn to Plan a Microsoft Defender for Identity solution
  • Learn to Install and configure Microsoft Defender for Identity
  • Learn to Monitor and manage Microsoft Defender for Identity


2.2 Implement device threat protection

  • Learn to Plan a Microsoft Defender for Endpoint solution
  • Learn to Implement Microsoft Defender for Endpoint
  • Learn to Manage and monitor Microsoft Defender for Endpoint


2.3 Implement and manage device and application protection

  • Learn to Plan for device and application protection
  • Learn to Configure and manage Microsoft Defender Application Guard
  • Learn to Configure and manage Microsoft Defender Application Control
  • Learn to Configure and manage exploit protection
  • Learn to Configure and manage Windows device encryption
  • Learn to Configure and manage non-Windows device encryption
  • Learn to Implement application protection policies
  • Learn to Configure and manage device compliance for endpoint security


2.4 Implement and manage Microsoft Defender for Office 365

  • Learn to Configure Microsoft Defender for Office 365
  • Learn to Monitor for and remediate threats using Microsoft Defender for Office 365
  • Learn to Conduct simulated attacks using Attack simulation training


2.5 Monitor Microsoft 365 Security with Microsoft Sentinel

  • Learn to Plan and implement Microsoft Sentinel
  • Learn to Configure playbooks in Microsoft Sentinel
  • Learn to Manage and monitor with Microsoft Sentinel
  • Learn to Respond to threats using built-in playbooks in Microsoft Sentinel


2.5 Implement and manage Microsoft Defender for Cloud Apps

  • Learn to Plan Microsoft Defender for Cloud Apps implementation
  • Learn to Configure Microsoft Defender for Cloud Apps
  • Learn to Manage cloud app discovery
  • Learn to Manage entries in the Microsoft Defender for Cloud Apps catalog
  • Learn to Manage apps in Microsoft Defender for Cloud Apps
  • Learn to Configure Microsoft Defender Cloud Apps connectors and OAuth apps
  • Learn to Configure Microsoft Defender for Cloud Apps policies and templates
  • Learn to Review, interpret and respond to Microsoft Defender for Cloud Apps alerts, reports, dashboards, and logs


Domain 3 - Implement and manage information protection (10-15%)

3.1 Manage sensitive information

  • Learn to Plan a sensitivity label solution
  • Learn to Create and manage sensitive information types
  • Learn to Configure sensitivity labels and policies
  • Learn to Configure and use Activity Explorer
  • Learn to Use sensitivity labels with Teams, SharePoint, OneDrive, and Office apps


3.2 Manage Data Loss Prevention (DLP)

  • Learn to Plan a DLP solution
  • Learn to Create and manage DLP policies for Microsoft 365 workloads
  • Learn to Create and manage sensitive information types
  • Learn to Monitor DLP reports
  • Learn to Manage DLP notifications
  • Learn to Implement Endpoint DLP


3.3 Manage data governance and retention

  • Learn to Plan for data governance and retention
  • Learn to Review and interpret data governance reports and dashboards
  • Learn to Configure retention labels and policies
  • Learn to Configure retention in Microsoft 365 workloads
  • Learn to Find and recover deleted Office 365 data
  • Learn to Configure and use Microsoft 365 Records Management


Domain 4 - Manage governance and compliance features in Microsoft 365 (20-25%)

4.1 Configure and analyze security reporting

  • Learn to Monitor and manage device security status using Microsoft Endpoint Manager admin center
  • Learn to Manage and monitor security reports and dashboards using Microsoft 365 Defender portal
  • Learn to Plan for custom security reporting with Graph Security API
  • Learn to Use secure score dashboards to review actions and recommendations


4.2 Manage and analyze audit logs and reports

  • Learn to Plan for auditing and reporting
  • Learn to Perform audit log search
  • Learn to Review and interpret compliance reports and dashboards


4.3 Configure alert policies

  • Learn to Discover and respond to compliance queries in Microsoft 365
  • Learn to Plan for content search and eDiscovery
  • Learn to Delegate permissions to use search and discovery tools
  • Learn to Use search and investigation tools to discover and respond
  • Learn to Manage eDiscovery cases


4.4 Manage regulatory compliance

  • Learn to Plan for regulatory compliance in Microsoft 365
  • Learn to Manage Data Subject Requests (DSRs)
  • Learn to Administer Compliance Manager in Microsoft 365 compliance center
  • Learn to Use Compliance Manager


4.5 Manage insider risk solutions in Microsoft 365

  • Learn to Implement and manage Customer Lockbox
  • Learn to Implement and manage communication compliance policies
  • Learn to Implement and manage Insider risk management policies
  • Learn to Implement and manage information barrier policies
  • Learn to Implement and manage privileged access management


Exam Pattern 

  • Exam Name: Microsoft 365 Security Administration 
  • Exam Code: MS-500
  • Number of Questions: 40-60
  • Length of Time:  120 Minutes
  • Registration Fee: $165.00
  • Passing score: 700 (on a scale of 1-1000)
  • Exam Language English, Japanese


What do we offer?

  • Full-Length Mock Test with unique questions in each test set
  • Practice objective questions with section-wise scores
  • An in-depth and exhaustive explanation for every question
  • Reliable exam reports evaluating strengths and weaknesses
  • Latest Questions with an updated version
  • Tips & Tricks to crack the test
  • Unlimited access


What are our Practice Exams?

  • Practice exams have been designed by professionals and domain experts that simulate real time exam scenario.
  • Practice exam questions have been created on the basis of content outlined in the official documentation.
  • Each set in the practice exam contains unique questions built with the intent to provide real-time experience to the candidates as well as gain more confidence during exam preparation.
  • Practice exams help to self-evaluate against the exam content and work towards building strength to clear the exam.
  • You can also create your own practice exam based on your choice and preference 


100% Assured Test Pass Guarantee

We have built the TestPrepTraining Practice exams with 100% Unconditional and assured Test Pass Guarantee! 

If you are not able to clear the exam, you can ask for a 100% refund.




Tags: Microsoft 365 Security Administration (MS-500) Exam Dumps, Microsoft 365 Security Administration (MS-500) Exam Questions, Microsoft 365 Security Administration (MS-500) Free Test, Microsoft 365 Security Administration (MS-500) Practice Exam