Microsoft 365 Administrator

This course covers three key elements of Microsoft 365 administration: tenant management, identity synchronization, and security and compliance.

In Microsoft 365 tenant management you learn how to configure your Microsoft 365 tenant, including your organizational profile, tenant subscription options, component services, user accounts and licenses, security groups, and administrative roles. This section of the course also covers adding customs domains to your tenant, configuring client connectivity and deploying Microsoft 365 Apps for enterprise.

The next section covers the synchronisation of Active Directory objects to Azure Active Directory, using Azure AD Connect or Azure AD Connect Cloud Sync. Password management options and multifactor authentication are also discussed.

In Microsoft 365 security management, common types of threat vectors and data breaches are discussed, and how Microsoft 365’s security solutions address these threats. Microsoft Secure Score, Azure Active Directory Identity Protection, Exchange Online Protection, Safe Attachments, and Safe Links are covered, as well as the various reports that monitor an organization’s security health. Threat protection using Microsoft 365 Defender, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint are discussed.

In Microsoft 365 compliance management, you will study data archiving and retention, Microsoft Purview message encryption, data loss prevention (DLP), Microsoft Purview insider risk management, and information barriers. Data classification and sensitivity labels are also discussed.

Target Audience

This course is designed for persons aspiring to the Microsoft 365 Administrator role and have completed at least one of the Microsoft 365 role-based administrator certification paths.

Job role: Administrator

Please note: This course covers general administration of Microsoft 365, including an Introduction to Microsoft Defender. It is suitable for delegates wishing to sit for the MS-102 exam as part of their exam preparation. The course does not cover administration of services like Teams, SharePoint Online or Exchange Online.

For a general course on Administering Office 365, including Exchange Online, Teams and SharePoint, please see Mastering Office 365 Administration (QAOFF365ADM)

For a deeper dive course specifically on Microsoft Defender features, please see Mastering security administration with Microsoft 365 Defender (QAM365DEF)

For specialised courses on Teams, SharePoint Online or Exchange Online, please see the following courses:

• Managing Microsoft Teams (MS700)

• Mastering Microsoft Teams Deployment and Administration (QA365TEAMST)

• Mastering SharePoint Online Design, Architecture and Best Practice Administration (QAASPOE)

• Microsoft 365 Messaging (MS203)

• Mastering Office 365 Exchange Online Administration (QAAEXOE)

• Mastering Exchange Hybrid Deployments (QADEXHE)

For a deeper dive course specifically on Microsoft 365 Compliance features, please see Mastering Security, Compliance and Governance in Microsoft 365 (QAOff365GOV)

Important This course may require the use of Multifactor Authentication (MFA). Please read this page and download the Microsoft Authenticator app (or similar app) prior to attending the course:

https://www.qa.com/resources/faqs/mfa-requirements/

Please see the below Microsoft article for further information on reasons for the MFA requirement:

https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mandatory-multifactor-authentication

Before attending this course, students should also have:

• A proficient understanding of DNS and basic functional experience with Microsoft 365 services.
• A proficient understanding of general IT practices.
• A working knowledge of PowerShell.

Learning Path 1: Configure your Microsoft 365 experience

Modules in this Learning Path

• Configure your Microsoft 365 experience
• Manage users, licenses, guests, and contacts in Microsoft 365
• Manage groups in Microsoft 365
• Add a custom domain in Microsoft 365
• Configure client connectivity to Microsoft 365

Lab exercises

• Initialize your Microsoft 365 tenant
• Manager users and groups
• Add a custom domain

Learning Path 2: Manage your Microsoft 365 tenant

Modules in this Learning Path

• Manage permissions, roles, and role groups in Microsoft 365
• Manage tenant health and services in Microsoft 365
• Deploy Microsoft 365 Apps for enterprise
• Analyze your Microsoft 365 workplace data using Microsoft Viva Insights

Lab exercises

• Manage roles and role groups
• Monitor and Troubleshoot Microsoft 365
• Manage a Microsoft 365 Apps for enterprise installation

Learning Path 3: Implement identity synchronization

Modules in this Learning Path

• Explore identity synchronization
• Prepare for identity synchronization to Microsoft 365
• Implement identity synchronization tools
• Manage synchronized identities

Lab exercises

• Prepare for identity synchronization
• Implement identity synchronization

Learning Path 4: Manage identity and access in Microsoft 365

Modules in this Learning Path

• Examine threat vectors and data breaches
• Explore the Zero Trust security model
• Manage secure user access in Microsoft 365
• Explore security solutions in Microsoft Defender XDR
• Examine Microsoft Secure Score
• Examine Privileged Identity Management in Microsoft Entra ID
• Examine Microsoft Entra ID Protection

Lab exercises

• Manage secure user access
• PIM Administrator approval
• PIM Self-Approval
• PIM Teammate Approval Request

Learning Path 5: Manage your security services in Microsoft Defender

Modules in this Learning Path

• Examine email protection in Microsoft 365
• Enhance your email protection using Microsoft Defender for Office 365
• Manage Safe Attachments
• Managing Safe Links

Lab exercises

• Implement a Safe Attachments policy
• Implement a Safe Links policy

Learning Path 6: Implement threat protection by using Microsoft Defender XDR

Modules in this Learning Path

• Explore threat intelligence in Microsoft Defender XDR
• Implement app protection by using Microsoft Defender for Cloud Apps
• Implement endpoint protection by using Microsoft Defender for Endpoint
• Implement threat protection by using Microsoft Defender for Office 365

Lab exercises

• Prepare for Alert Policies
• Implement a Mailbox Permission Alert
• Implement a SharePoint Permission Alert
• Test the Default eDiscovery Alert
• Conduct a Spear Phishing attack using Attack Simulation training
• Conduct a Drive-by URL attack using Attack Simulation training
• Validate alert notifications and simulated attacks

Learning Path 7: Explore data governance in Microsoft 365

Modules in this Learning Path

• Examine data governance solutions in Microsoft Purview
• Explore data management practices in Microsoft 365
• Explore retention in Microsoft 365

Lab exercises

• Configure In-place Archiving and Retention Policies

Learning Path 8: Implement compliance in Microsoft 365

Modules in this Learning Path

• Explore compliance in Microsoft 365
• Implement Microsoft Purview Insider Risk Management
• Implement Microsoft Purview Information Barriers
• Explore Microsoft Purview Data Loss Prevention
• Implement Microsoft Purview Data Loss Prevention

Lab exercises

• Manage DLP Policies
• Test the DLP policy

Learning Path 9: Manage compliance in Microsoft 365

Modules in this Learning Path

• Implement data classification of sensitive information
• Explore sensitivity labels
• Implement sensitivity labels

Lab exercises

• Implement Sensitivity labels with Microsoft Purview Information Protection