Exam MS-102: Microsoft 365 Administrator

 

If you’re an administrator who deploys and manages Microsoft 365 and performs Microsoft 365 tenant-level implementation and administration of cloud and hybrid environments, this exam is designed for you.
 

As a candidate for this exam, you have functional experience with all Microsoft 365 workloads and Microsoft Entra ID and have administered at least one of these. You should also have a working knowledge of the following:
• Networking
• Server administration
• DNS
• PowerShell

Deploy and manage a Microsoft 365 tenant (15–20%) Implement and manage a Microsoft 365 tenant

• Create a tenant
• Implement and manage domains
• Configure org settings, including Security & privacy and Organizational profile
• Identify and respond to service health issues
• Configure notifications in service health
• Configure and review Network connectivity insights
• Monitor adoption and usage
• Configure and manage Microsoft 365 Backup

Manage users and groups

• Create and manage users in Microsoft Entra, including external users and guests
• Create and manage contacts in the Microsoft 365 admin center
• Create and manage groups, including Microsoft 365 groups and shared mailboxes
• Manage and monitor Microsoft 365 licenses, including group-based licensing
• Perform bulk user management, including PowerShell

Manage roles and role groups

• Implement and manage built-in roles in Microsoft 365 and Microsoft Entra
• Implement and manage custom roles in Microsoft Entra admin center
• Manage role groups in Microsoft Defender XDR, Microsoft Purview, and Microsoft 365 workloads
• Manage delegation by using administrative units
• Manage roles in Microsoft Entra privileged identity management

Implement and manage Microsoft Entra identity and access (25–30%) Implement and manage identity synchronization with Microsoft Entra tenant

• Prepare for identity synchronization by using IdFix
• Implement and manage directory synchronization by using Microsoft Entra Connect cloud sync
• Implement and manage directory synchronization by using Microsoft Entra Connect
• Monitor synchronization by using Microsoft Entra Connect Health
• Troubleshoot synchronization, including Microsoft Entra Connect and Microsoft Entra Connect cloud sync

Implement and manage authentication

• Implement and manage authentication methods
• Implement and manage self-service password reset (SSPR)
• Implement and manage Microsoft Entra Password Protection
• Investigate and resolve authentication issues

Implement and manage secure access

• Plan for identity protection
• Implement and manage Microsoft Entra ID Protection
• Plan Conditional Access policies
• Implement and manage Conditional Access policies
• Implement and manage multi-factor authentication (MFA) by using conditional access policies

Manage security and threats by using Microsoft Defender XDR (35–40%) Review and respond to security reports and alerts generated by Microsoft Defender XDR

• Review and take actions to improve the Microsoft Secure Score
• Review and respond to security incidents and alerts
• Review and respond to issues identified in security and compliance reports
• Review and respond to threats identified in threat analytics

Implement and manage email and collaboration protection by using Microsoft Defender for Office 365

• Implement policies and rules in Defender for Office 365
• Review and respond to threats identified in Defender for Office 365, including threats and investigations
• Create and run campaigns, such as attack simulation
• Unblock users

Implement and manage endpoint protection by using Microsoft Defender for Endpoint

• Onboard devices to Defender for Endpoint
• Configure endpoint settings
• Review and respond to endpoint vulnerabilities
• Review and respond to risks identified in the Microsoft Defender Vulnerability Management dashboard

Implement, and manage Microsoft Defender for Cloud Apps

• Configure the app connector for Microsoft 365
• Configure Microsoft Defender for Cloud Apps policies
• Review and respond to Microsoft Defender for Cloud Apps alerts
• Interpret activity log
• Configure Cloud App Discovery
• Review and respond to issues identified in Cloud App Discovery

Manage compliance by using Microsoft Purview (15–20%) Implement Microsoft Purview information protection and data lifecycle management

• Implement and manage sensitive information types by using keywords, keyword lists, or regular expressions
• Implement retention labels, retention label policies, and retention policies
• Implement sensitivity labels and sensitivity label policies
• Monitor label usage by using Content explorer, Activity explorer, and label reports

Implement Microsoft Purview data loss prevention (DLP)

• Configure DLP policies for Exchange, SharePoint, OneDrive, and Teams
• Configure Endpoint DLP
• Review and respond to DLP alerts, events, and reports