Module 1: User and Group Management

• Identity and Access Management concepts
• The Zero Trust model
• Plan your identity and authentication solution
• User accounts and roles
• Password Management
• Set up your Microsoft 365 tenant
• Manage users and groups
• Lab: Initialize your tenant – users and groups
• Configure Self-service password reset (SSPR) for user accounts in Azure AD
• Deploy Azure AD Smart Lockout
• Lab: Password management

Module 2: Identity Synchronization and Protection

• Plan directory synchronization
• Configure and manage synchronized identities
• Azure AD Identity Protection
• Lab: Implement Identity Synchronization
• Set up your organization for identity synchronization

Module 3: Identity and Access Management

• Application Management
• Identity Governance
• Manage device access
• Role Based Access Control (RBAC)
• Solutions for external access
• Privileged Identity Management
• MFA Authentication Pilot (require MFA for specific apps)
• MFA Conditional Access (complete an MFA roll out)
• Lab: Use Conditional Access to enable MFA
• Manage Azure resources
• Assign directory roles
• Activate and deactivate PIM roles
• Directory roles
• PIM resource workflows
• View audit history for Azure AD roles in PIM
• Lab: Configure Privileged Identity Management

Module 4: Security in Microsoft 365

• Threat vectors and data breaches
• Security strategy and principles
• Microsoft security solutions
• Secure Score
• Lab: Use Microsoft Secure Score
• Improve your secure score in the Microsoft 365 Security Center

Module 5: Threat Protection

• Exchange Online Protection (EOP)
• Microsoft Defender for Office 365
• Manage Safe Attachments
• Manage Safe Links
• Microsoft Defender for Identity
• Microsoft Defender for Endpoint
• Lab: Manage Microsoft 365 Security Services
• Implement Microsoft Defender Policies

Module 6: Threat Management

• Security dashboard
• Threat investigation and response
• Azure Sentinel
• Advanced Threat Analytics
• Lab: Using Attack Simulator
• Conduct a simulated Spear phishing attack

Module 7: Microsoft Cloud Application Security

• Deploy Cloud Application Security
• Use cloud application security information

Module 8: Mobility

• Mobile Application Management (MAM)
• Mobile Device Management (MDM)
• Deploy mobile device services
• Enroll devices to Mobile Device Management
• Configure Azure AD for Intune
• Create compliance and conditional access policies
• Lab: Device Management
• Enable Device Management

Module 9: Information Protection and Governance

• Information protection concepts
• Governance and Records Management
• Sensitivity labels
• Archiving in Microsoft 365
• Retention in Microsoft 365
• Retention policies in the Microsoft 365 Compliance Center
• Archiving and retention in Exchange
• In-place records management in SharePoint
• Initialize compliance
• Configure retention tags and policies
• Lab: Archiving and Retention

Module 10: Rights Management and Encryption

• Information Rights Management (IRM)
• Secure Multipurpose Internet Mail Extension (S-MIME)
• Office 365 Message Encryption
• Lab: Configure Office 365 Message Encryption
• Configure Office 365 Message Encryption
• Validate Information Rights Management

Module 11: Data Loss Prevention

• Data loss prevention fundamentals
• Create a DLP policy
• Customize a DLP policy
• Create a DLP policy to protect documents
• Policy tips
• Manage DLP Policies
• Test MRM and DLP Policies
• Lab: Implement Data Loss Prevention policies

Module 12: Compliance Management

• Compliance center

Module 13: Insider Risk Management

• Insider Risk
• Privileged Access
• Information barriers
• Building ethical walls in Exchange Online
• Lab: Privileged Access Management
• Set up privileged access management and process a request

Module 14: Discover and Respond

• Content Search
• Audit Log Investigations
• Advanced eDiscovery
• Investigate your Microsoft 365 Data
• Conduct a Data Subject Request
• Lab: Manage Search and Investigation