MS-101 Study Guide – Microsoft 365 Mobility and Security
The MS-101 exam is the one of the two exams needed to get the Microsoft 365 Certified: Enterprise Administrator Expert certification. Candidates for this exam are Microsoft 365 Enterprise Administrators who take part in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. They perform Microsoft 365 tenant management tasks for an enterprise, including its identities, security, compliance, and supporting technologies. Candidates have a working knowledge of Microsoft 365 workloads and should have been an administrator for at least one Microsoft 365 workload (Exchange, SharePoint, Skype for Business, Windows as a Service). Candidates also have a working knowledge of networking, server administration, and IT fundamentals such as DNS, Active Directory, and PowerShell
In this MS-101 Study Guide, I will share both free and paid options, whether books, video training or simply links to articles and blog posts. I will not share any dumps as those are against the Microsoft Terms of Service, and by using dumps, we decrease the value of our certifications.
Certification Path
Requirement | Exam Name | Link to Exam on Microsoft Learning | Study Guide | |||||||
Optional Prerequisite: Microsoft 365 Fundamentals Certification | ||||||||||
Optional | MS-900 – Microsoft 365 Fundamentals | https://vladtalkstech.com/ms-900-study-guide-microsoft-365-fundamentals | ||||||||
Required Prerequisite: Microsoft 365 Certified Teamwork Administrator Associate (5 Options) | ||||||||||
Microsoft 365 Certified: Modern Desktop Administrator Associate | ||||||||||
Study Guides: https://vladtalkstech.com/microsoft-certification-study-guides | ||||||||||
![]() | ||||||||||
Microsoft 365 Certified: Enterprise Administrator Expert | ||||||||||
Required | MS-100: Microsoft 365 Identity and Services | https://vladtalkstech.com/ms-100-study-guide-microsoft-365-identity-and-services | ||||||||
Required | MS-101: Microsoft 365 Mobility and Security | https://vladtalkstech.com/ms-101-study-guide-microsoft-365-mobility-and-security | ||||||||
![]() |
Books
Exam Ref MS-101 Microsoft 365 Mobility and Security Exam Ref MS-101 Microsoft 365 Mobility and Security offers professional-level preparation that helps candidates maximize their exam performance and sharpen their skills on the job. It focuses on the specific areas of expertise modern IT professionals need to demonstrate mastery of Microsoft 365 mobility, security, and related management tasks. Coverage includes:
Links:
| |
Microsoft 365 Mobility and Security – Exam Guide MS 101: Implement threat management, prevent data loss, and manage data governance with the help of this certification guide Written in a clear, succinct way with self-assessment questions, exam tips and mock exams with detailed answer explanations, this book covers common tasks in mobile device management (MDM) and device compliance, security reporting and alerts, threat detection and management, data loss prevention (DLP) and data governance, auditing and eDiscovery, and Azure information protection (AIP).You’ll learn how to properly plan for, deploy, and manage Microsoft 365 services such as MDM and DLP. You’ll discover best practices in properly configuring settings across your tenant to ensure compliance and security.By the end of this book, you’ll have covered everything you need to pass the MS-101 exam and have a handy, on-the-job desktop reference guide. Links:
|
Video Training
NOTE: Pluralsight is a paid resource unlike Channel9 and Microsoft Virtual Academy which are free. The quality they provide is also superior because of all the quality checks they go through, and the instructors are one of the best in the industry. The Pluralsight courses have a link to where you can get a free trial and decide for yourself if paying a subscription or not is worth it, but the 10-day free trial should allow you to view all those courses for free.
![]() | Microsoft 365 Mobility and Security (MS-101) (Learning Path – 7 courses ) These courses cover the knowledge needed to take your Microsoft 365 administration skills to the next level. You will dive into the intricacies surrounding implementing modern device services, implementing Microsoft 365 security and threat management, and Managing governance and compliance. You’ll round out your skills needed to establish yourself as an enterprise administration expert. In addition, these courses align with the objectives for the MS-101 exam and can help you prepare for certification. MS-101 pairs with MS100 for the Microsoft 365 Enterprise Administrator Expert certification. |
![]() | Microsoft 365 Enterprise Admin role-based exam prep: MS-101 Mobility & Security – BRK2434 This Certification Exam Prep session is designed for people experienced with Microsoft 365 who are interested in certification. Specifically, attendees will learn more about the recently announced Microsoft 365 Mobility and Security MS-101 exam that is part of the new Microsoft 365 Enterprise Administrator certification. The session is led by a Microsoft Certified Trainer (MCT), experienced in delivering sessions on these topics. |
![]() | <Coming Soon> |
Instructor-led training (Microsoft Official Courses)
Management Course MS-101T01-A: Microsoft 365 Security Management Learn about Microsoft 365 Security Management, including how to manage your security metrics, how to enable Azure AD Identity Protection, how to configure your Microsoft 365 security services, and user Microsoft 365 Threat Intelligence. | |
MS-101T02-A: Microsoft 365 Compliance Management Learn about Microsoft 365 Compliance Management, including data retention and data loss prevention solutions in Microsoft 365, archiving and retention in Microsoft 365, implementing and managing data governance, and managing search and investigations. | |
Course MS-101T03-A: Microsoft 365 Device Management This course introduces you to the world of Microsoft 365 device management – from establishing Microsoft Intune, to enrolling devices to Intune, to monitoring the devices, to controlling what users can do from the enrolled devices by using conditional access policies. If you are already managing devices by using a traditional device management tool such as Configuration Manager, you will be interested to know how you can seamlessly move to modern management, in which devices are managed by Intune, and how you can benefit from new device management capabilities, such as compliance, conditional access, and Windows Autopilot to deploy new devices from the cloud. |
Articles / Blog Posts Per Objective
Implement modern device services (30-35%)
Implement Mobile Device Management (MDM)
- plan for MDM
- Intune deployment planning, design, and implementation guide [Microsoft – Docs – Enterprise Mobility Security]
- configure MDM integration with Azure AD
- What is device management in Azure Active Directory? [Microsoft – Docs – Azure]
- Quickstart: Set up automatic enrollment for Windows 10 devices [Microsoft – Docs – Enterprise Mobility Security]
- Set up enrollment for Windows devices [Microsoft – Docs – Enterprise Mobility Security]
- Azure Active Directory integration with MDM [Microsoft – Docs – Windows]
- Azure AD and Microsoft Intune: Automatic MDM enrollment in the new Portal [Microsoft – Docs – Windows]
- set an MDM authority
- Set the mobile device management authority [Microsoft – Docs – Enterprise Mobility Security]
- Change your MDM authority [Microsoft – Docs – Enterprise Mobility Security]
- set device enrollment limit for users
- Set enrollment restrictions [Microsoft – Docs – Enterprise Mobility Security]
Manage device compliance
- plan for device Compliance
- Device compliance policies in System Center Configuration Manager [Microsoft – Docs – Enterprise Mobility Security]
- Create a compliance policy in Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
- Monitor Intune Device compliance policies [Microsoft – Docs – Enterprise Mobility Security]
- design Conditional Access Policies
- What are common ways to use conditional access with Intune? [Microsoft – Docs – Enterprise Mobility Security]
- create Conditional Access Policies
- Create a compliance policy in Microsoft Intune [Microsoft – Docs – Azure]
- configure device compliance policy
- Set rules on devices to allow access to resources in your organization using Intune [Microsoft – Docs – Enterprise Mobility Security]
- manage Conditional Access Policies
- Monitor Intune Device compliance policies [Microsoft – Docs – Azure]
Plan for devices and apps
- create and configure Microsoft Store for Business
- Microsoft Store for Business and Microsoft Store for Education overview [Microsoft – Docs – Microsoft store for business]
- Integrate Windows Store for Business with Microsoft Intune [Microsoft – Blog – Developer]
- Manage settings for Microsoft Store for Business and Education [Microsoft – Docs – Microsoft store for business]
- Settings reference: Microsoft Store for Business and Education [Microsoft – Docs – Microsoft store for business]
- plan app deployment
- Distribute apps with a management tool [Microsoft – Docs – Microsoft store for business]
- Distribute apps using your private store [Microsoft – Docs – Microsoft store for business]
- Assign apps to employees [Microsoft – Docs – Microsoft store for business]
- Windows 10 app deployment using Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
- plan device co-management
- How to prepare internet-based devices for co-management [Microsoft – Docs – Enterprise Mobility Security]
- Tutorial: Enable co-management for existing Configuration Manager clients [Microsoft – Docs – Enterprise Mobility Security]
- Remote actions with co-management [Microsoft – Docs – Enterprise Mobility Security]
- Use Azure AD for co-management [Microsoft – Docs – Enterprise Mobility Security]
- How to monitor co-management in Configuration Manager [Microsoft – Docs – Enterprise Mobility Security]
- plan device monitoring
- Monitor Intune Device compliance policies [Microsoft – Docs – Enterprise Mobility Security]
- plan for device profiles
- Assign user and device profiles in Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
- Apply features and settings on your devices using device profiles in Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
- Create a device profile in Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
- plan for Mobile Application Management
- What is Microsoft Intune app management? [Microsoft – Docs – Enterprise Mobility Security]
- Overview of the app lifecycle in Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
- plan mobile device security
- Protect devices with Microsoft Intune [Microsoft – Docs – Enterprise Mobility Security]
Plan Windows 10 deployment
- plan for Windows as a Service (WaaS)
- Overview of Windows as a service [Microsoft – Docs ]
- Plan for Windows 10 deployment [Microsoft – Docs ]
- plan the appropriate Windows 10 Enterprise deployment method
- Windows 10 deployment considerations [Microsoft – Docs – Windows]
- Windows 10 Enterprise: FAQ for IT professionals [Microsoft – Docs – Windows]
- analyze upgrade readiness for Windows 10
- Get started with Upgrade Readiness [Microsoft – Docs – Windows]
- Windows 10 upgrade paths [Microsoft – Docs – Windows]
- evaluate and deploy additional Windows 10 Enterprise security features
- Windows 10 Enterprise Security [Microsoft – Docs – Windows]
- Deploy Windows 10 Enterprise security features [Microsoft – Docs – Microsoft 365]
Implement Microsoft 365 security and threat management (30-35%)
Implement Cloud App Security (CAS)
- configure Cloud App Security (CAS)
- Basic setup for Cloud App Security [Microsoft – Docs – Enterprise Mobility Security]
- Quickstart: Get started with Microsoft Cloud App Security [Microsoft – Docs – Enterprise Mobility Security]
- Microsoft Cloud App Security overview [Microsoft – Docs – Enterprise Mobility Security]
- configure Cloud App Security (CAS) policies
- Control cloud apps with policies [Microsoft – Docs – Enterprise Mobility Security]
- configure Connected apps
- Connect apps [Microsoft – Docs – Enterprise Mobility Security]
- Governing connected apps [Microsoft – Docs – Enterprise Mobility Security]
- design cloud app security (CAS) Solution
- What are the differences between Microsoft Cloud App Security and Office 365 Cloud App Security? [Microsoft – Docs – Enterprise Mobility Security]
- manage Cloud App Security (CAS) alerts
- Manage alerts [Microsoft – Docs – Enterprise Mobility Security]
- Monitor alerts in Cloud App Security [Microsoft – Docs – Enterprise Mobility Security]
- upload cloud app security (CAS) traffic logs
- Configure automatic log upload for continuous reports [Microsoft – Docs – Enterprise Mobility Security]
Implement threat management
- plan a threat management solution
- Protect against threats in Office 365 [Microsoft – Docs – Office 365]
- design Azure Advanced Threat Protection (ATP) Policies
- Quickstart: Create your Azure ATP instance [Microsoft – Docs – Quickstart]
- What is Azure Advanced Threat Protection? [Microsoft – Docs – Overview]
- Azure ATP Architecture [Microsoft – Docs – Overview]
- design Microsoft 365 ATP Policies
- Quickstart: Create your Azure ATP instance [Microsoft – Docs – Quickstart]
- Set up Office 365 ATP Safe Attachments policies [Microsoft – Docs – Office 365]
- Set up Office 365 ATP Safe Links policies [Microsoft – Docs – Office 365]
- configure Azure ATP Policies
- Quickstart: Configure Azure ATP sensor settings [Microsoft – Docs – Quickstart]
- configure Microsoft 365 ATP Policies
- Quickstart: Configure Azure ATP sensor settings [Microsoft – Docs – Quickstart]
- monitor Advanced Threat Analytics (ATA) incidents
- Working with ATA system health and events [Microsoft – Docs – Enterprise Mobility Security]
- Advanced Threat Analytics Documentation [Microsoft – Docs – Enterprise Mobility Security]
- ATA frequently asked questions [Microsoft – Docs – Enterprise Mobility Security]
- ATA Reports [Microsoft – Docs – Enterprise Mobility Security]
Implement Windows Defender Advanced Threat Protection (ATP)
- plan Windows Defender ATP Solution
- Get started with Windows Defender Advanced Threat Protection [Microsoft – Docs – Windows]
- Minimum requirements for Windows Defender ATP [Microsoft – Docs – Windows]
- configure preferences
- Configure and manage Windows Defender ATP capabilities [Microsoft – Docs – Windows]
- Configure conditional access in Windows Defender ATP [Microsoft – Docs – Windows]
- Configure Microsoft Cloud App Security in Windows Defender ATP [Microsoft – Docs – Windows]
- Validate licensing provisioning and complete set up for Windows Defender ATP [Microsoft – Docs – Windows]
- Configure Microsoft Cloud App Security in Windows Defender ATP [Microsoft – Docs – Windows]
- Windows Defender Advanced Threat Protection portal overview [Microsoft – Docs – Windows]
- implement Windows Defender ATP Policies
- Enforce compliance for Windows Defender ATP with conditional access in Intune [Microsoft – Docs – Enterprise Mobility Security]
- Windows Defender Advanced Threat Protection [Microsoft – Docs – Enterprise Mobility Security]
- enable and configure security features of Windows 10 Enterprise
- Configure attack surface reduction [Microsoft – Docs – Windows]
- Configure advanced features in Microsoft Defender ATP [Microsoft – Docs – Windows]
Manage security reports and alerts
- manage service assurance dashboard
- Office 365 Service Assurance—gaining your trust with transparency [Microsoft – Blog – Microsoft 365]
- Service assurance in the Security & Compliance Center [Microsoft – Docs – Office 365]
- An Overview of Office 365 Service Assurance Resources [Microsoft – Blog – technet]
- manage tracing and reporting on Azure AD Identity Protection
- Azure advanced threat detection [Microsoft – Docs – Azure]
- What is Azure Active Directory Identity Protection? [Microsoft – Docs – Azure]
- Plan an Azure Active Directory reporting and monitoring deployment [Microsoft]
- configure and manage Microsoft 365 security alerts
- Alerts in the Office 365 Security & Compliance Center [Microsoft – Docs – Office 365]
- Alert policies in the security and compliance center [Microsoft – Docs – Office 365]
- configure and manage Azure Identity Protection dashboard and alerts
- Azure Active Directory Identity Protection [Microsoft – Docs – Azure]
- Remediate risks and unblock users [Microsoft – Docs – Azure]
- Azure Active Directory risk events [Microsoft – Docs – Azure]
Manage Microsoft 365 governance and compliance (35-40%)
Configure Data Loss Prevention (DLP)
- configure DLP Policies
- Overview of data loss prevention [Microsoft – Docs – Office 365]
- Create a DLP policy from a template [Microsoft – Docs – Office 365]
- Get started with DLP policy recommendations [Microsoft – Docs – Office 365]
- Create, test, and tune a DLP policy [Microsoft – Docs – Office 365]
- design data retention policies in Microsoft 365
- Data Retention, Deletion, and Destruction in Office 365 [Microsoft – Docs – Office 365]
- Set up an archive and deletion policy for mailboxes in your Office 365 organization [Microsoft – Docs – Office 365]
- Retention tags and retention policies [Microsoft – Docs – Exchange]
- Retention policies in Microsoft Teams [Microsoft – Docs – Microsoft Teams]
- Overview of retention labels [Microsoft – Docs – Office 365]
- Overview of document deletion policies [Microsoft – Docs – Office 365]
- manage DLP exceptions
- Data loss prevention [Microsoft – Docs – Exchange]
- Create, test, and tune a DLP policy [Microsoft – Docs – Office 365]
- monitor DLP policy matches
- View the reports for data loss prevention [Microsoft – Docs – Office 365]
- How DLP works between the Security & Compliance Center and Exchange admin center [Microsoft – Docs – Office 365]
- manage DLP policy matches
- What the DLP functions look for [Microsoft – Docs – Office 365]
Implement Azure Information Protection (AIP)
- plan AIP solution
- Azure Information Protection deployment roadmap [Microsoft – Docs – Enterprise mobility + security]
- Frequently asked questions about data protection in Azure Information Protection [Microsoft – Docs – Enterprise mobility + security]
- Requirements for Azure Information Protection [Microsoft – Docs – Enterprise mobility + security]
- plan for deployment On-Prem rights management Connector
- Deploying the Azure Rights Management connector [Microsoft – Docs – Enterprise mobility + security]
- Installing and configuring the Azure Rights Management connector [Microsoft – Docs – Enterprise mobility + security]
- Configuring servers for the Azure Rights Management connector [Microsoft – Docs – Enterprise mobility + security]
- plan for Windows information Protection (WIP) implementation
- Windows Information Protection (WIP) [Microsoft – Docs – Windows]
- Create and deploy a Windows Information Protection (WIP) policy using System Center Configuration Manager [Microsoft – Docs – Windows]
- Create a Windows Information Protection (WIP) policy using the Azure portal for Microsoft Intune [Microsoft – Docs – Windows]
- plan for classification labeling
- Architect a classification schema for personal data [Microsoft – Docs – Office 365]
- Quickstart: Configure a label for users to easily protect emails that contain sensitive information [Microsoft – Docs – Enterprise mobility + security]
- Configure classification for your environment [Microsoft – Docs – Microsoft 365]
- Frequently asked questions about classification and labeling in Azure Information Protection [Microsoft – Docs – Enterprise mobility + security]
- configure Information Rights Management (IRM) for Workloads
- Activate Rights Management in the Office 365 admin center [Microsoft – Docs – Office 365 Enterprise]
- configure Super User
- Configuring super users for Azure Rights Management and discovery services or data recovery [Microsoft – Docs – Enterprise mobility + security]
- deploy AIP Clients
- Azure Information Protection client administrator guide [Microsoft – Docs – Enterprise mobility + security]
- Admin Guide: Install the Azure Information Protection client for users [Microsoft – Docs – Enterprise mobility + security]
- Deploying the Azure Information Protection scanner to automatically classify and protect files [Microsoft – Docs – Enterprise mobility + security]
- Azure Information Protection client: Installation and configuration for clients [Microsoft – Docs – Enterprise mobility + security]
- implement Azure Information Protection policies
- Configuring the Azure Information Protection policy [Microsoft – Docs – Enterprise mobility + security]
- How to configure the policy settings for Azure Information Protection [Microsoft – Docs – Enterprise mobility + security]
- Overview of the Azure Information Protection policy [Microsoft – Docs – Enterprise mobility + security]
- How to configure the Azure Information Protection policy for specific users by using scoped policies [Microsoft – Docs – Enterprise mobility + security]
- How to configure conditions for automatic and recommended classification for Azure Information Protection[Microsoft – Docs – Enterprise mobility + security]
- implement AIP tenant key
- Planning and implementing your Azure Information Protection tenant key [Microsoft – Docs – Enterprise mobility + security]
- Operations for your Azure Information Protection tenant key [Microsoft – Docs – Enterprise mobility + security]
- Bring your own key (BYOK) details for Azure Information Protection [Microsoft – Docs – Enterprise mobility + security]
Manage data governance
- configure information retention
- AIP AND RETENTION LABELS: WHAT’S THE DIFF? [Blog – Joanne Klein]
- Overview of retention policies [Microsoft – Docs – Office 365]
- plan for Microsoft 365 backup
- Data protection beyond backup and recovery with Office 365 [Microsoft – techcommunity]
- Back up data before switching O365 for business plans [Microsoft – Docs – Office 365]
- plan for restoring deleted content
- Restore a deleted Office 365 Group [Microsoft – Docs – Office 365]
- Recover deleted items in a user mailbox – Admin Help [Microsoft – Docs – Office 365 Enterprise]
- Restore your OneDrive [Microsoft – support office]
- How to recover missing, deleted or corrupted items in SharePoint Online and OneDrive for Business [Microsoft – support office]
- Restore deleted files or folders in OneDrive[Microsoft – support office]
- Restore items in the Recycle Bin of a SharePoint site [Microsoft – support office]
- Restore deleted items from the site collection recycle bin [Microsoft – support office]
- plan information Retention Policies
- Overview of retention policies [Microsoft – Docs – Office 365]
- Microsoft Teams retention policies FAQ [Microsoft – Docs – Microsoft]
- Retention policies for Microsoft Teams [Microsoft – techcommunity]
Manage auditing
- configure audit log retention
- Turn Office 365 audit log search on or off [Microsoft – Docs – Office 365]
- Search the audit log in the Security & Compliance Center (Before you begin section) [Microsoft Docs]
- configure audit policy
- Configure your Office 365 tenant for increased security [Microsoft – Docs – Office 365]
- Auditing in Office 365 (for Admins) [Microsoft – Docs – Office 365]
- monitor Unified Audit Logs
- Search the audit log in the Security & Compliance Center [Microsoft – Docs – Office 365]
Manage eDiscovery
- search content by using Security and Compliance Center
- eDiscovery and Search Features [Microsoft – Docs – Office 365]
- Content Search in Office 365 [Microsoft – Docs – Office 365]
- eDiscovery cases in the Security & Compliance Center [Microsoft – Docs – Office 365]
- Use Content Search in your eDiscovery workflow [Microsoft – Docs – Office 365]
- Limits for Content Search in the Security & Compliance Center [Microsoft – Docs – Office 365]
- plan for in-place and legal hold
- In-Place Hold and Litigation Hold [Microsoft – Docs – exchange]
- Create a Litigation Hold [Microsoft – Docs – Office 365]
- Manage legal investigations in Office 365 [Microsoft – Docs – Office 365]
- configure eDiscovery
- Quick setup for Office 365 Advanced eDiscovery [Microsoft – Docs – Office 365]
- eDiscovery in Office 365 [Microsoft – Docs – Office 365]
- Set up an eDiscovery Center in SharePoint Online [Microsoft – Docs – support office]
- eDiscovery cases in the Security & Compliance Center [Microsoft – Docs – Office 365]
- Assign eDiscovery permissions in the Security & Compliance Center [Microsoft – Docs – Office 365]
Additional Tips
I think the best thing that you can do after reading this, or even meanwhile, is to open a free Microsoft 365 trial (or a few), and play with those features, follow the tutorials and you shouldn’t have any problems with the exam!
Did I miss any cool links in this guide? Let me know in the comments!
7 Comments
Thank you sir.
Hi!
Why is “Microsoft 365 Certified Teamwork Administrator Associate” listed as a required perquisite for MS-101?
Is it just a recommendation of yours, or is it a prerequisite set by Microsoft?
Thank you!
You need an “Associate” level certification before going for the MS-100/101 exams (And getting your expert)
This is quite impressing and deserves recognition! I will do my part !
Hi Vlad
I would like to ask a few questions.
I want to find out, I want to study for this exam. But I noticed its being updated on the 24th February 2021. Would you recommend I only study for this after it has been updated?
Secondly, I just passed MS – 100, when I pass MS – 101 would I still need to write an associate exam to get the Enterprise Administrator Expert qualification?
Lastly, the links above, will it be updated to accommodate the new Microsoft study guide for this exam?
Thanks in advance.
Hello Dee,
Congratulations on the MS-100 :). As for the MS-101, you can already view the updated skills on the MS-101 Skills Required PDF page (bottom of the examp page on MS Learning), so you can already start studying!
As for the associate yes, you would need to get an Associate exam in order to get the badge!
As for the links updated, I will do my best to get them up soon after update goes live, but cannot promise an SLA at this moment due to other projects at the same time 🙁
Thanks!
Hi Vlad,
Thank you for getting back to me, really appreciate it. I will keep a look out for the updated links when you get a chance to do it.
Thanks for all the hard work!
Kind Regards,
Dee