Microsoft 365: Identity & Services (MS-100) Exam Prep Guide

This blog is part of a series. For more exam prep guides check back in the future.

Back before I did my Office 365 MCSA, I used to wonder which of the two exams would be harder – 70-346 (Office 365 Identities & Requirements) or 70-347 (Enabling Office 365 Services). Most people I talked to said they thought 346 was the harder of the two – mainly because they had far less experience with, and exposure to, ADFS and Powershell.  Most took 346 after 347 and some didn’t take 346 at all. That’s a real shame. I took 346 first and would always recommended others to do so. Not because it was harder (it was significantly more focused than 347 in terms of scope) but because I feel that Identity really is the starting point for everything else. As an admin, how and what and where users can access services is as fundamental as it gets.

MS-100 is, to all extents, an updated 70-346. When you see Identity in a Microsoft exam you know you will get roles and domains and authentication. However, this time around there are several adds for new features such as Azure B2B. What is particularly noticeable in the exam description is that there is far less emphasis on ADFS and more on Azure AD Connect. Whilst there is still a need to still know ADFS, I personally think this is more reflective of how hybrid identity is implemented in the majority of cases. So its important to get to know Azure AD Connect inside and out, the supported scenario’s and how it’s configured for filtering, writeback and pass through. And even though there isn’t a great deal here on the services, which makes sense considering these will be in the associate workload exams, I would recommend getting to know Pro Plus deployments intimately.

A few Office 365 MCSA holders will no doubt feel a bit aggrieved by having to do this exam. After all, there’s no transition available from 346/347 as this and 101 are classed as expert level as opposed to associate exams. I understand – Microsoft announced these new exams on the August 2018 MCT Town Hall one month after I passed MCSA and MCT. It was tough. Yet there are a few reasons why it’s really worth it in the end. The first is that it has always been recommended to retake 346/347 regularly anyway as Office 365 changes so frequently. The second is that by doing this you’ll hold the certifications across two generations of services so it really defines your expertise across generational change. The third is that is that it’s recognised that this subject – your subject – really is expert level not associate.

MS-100 is part of the Enterprise Administrator Expert certification. On it’s own, it will only be an exam on your transcript. You’ll need MS-101 and then you’ll need either one of the new associate workloads (MS-200 – MS-500 exams) or MCSE Productivity. So for all those still kicking off about no transition exam your Office 365 MCSA may count after all.

Link to Exam: Here
Released: 5th November 2018 (Now in General Availability)
Practice Test: Available later in 2019
MOC Course: Available (MS-100T01, T02, T03)

Important Note: this exam prep guide should be used to supplement your own resources and should not be used for the whole of your learning. Some of the resources may be not completely cover the requirements especially if the requirement is vague. If you find better articles than the ones below, please feel free to reach out and I’ll amend.

Status: I passed this exam on 12/02/2019 having done the Beta. I had 60 odd questions in this particular paper. I remember I had quite a few questions on Azure AD Connect in several scenarios and Roles

——————————————————————————-

Design and Implement Microsoft 365 Services (25 – 30%)

Manage Domains

  • Add and configure additional domains

Add a Domain to Office 365 via Admin Centre

Add a custom Domain Name via Azure

DNS FAQ

  • Configure user identities for new domain name

DNS FAQ

  • Configure workloads for new domain name

DNS Basics

  • Design domain name configuration

DNS Basics

  • Set primary domain name

Changing Default Domain

  • Verify custom domain

Information for DNS Records

Create DNS records at your Hosting Provider

Plan a Microsoft 365 Implementation

  • Plan for Microsoft 365 on-premises Infrastructure

Networking Infrastructure for Microsoft 365

Optimising Network Performance for Microsoft Office 365

Office 365 URLs and IP’s

Prepare to provision users through Directory Synchronisation to Office 365

  • Plan identity and authentication solution

Office 365 Admin Roles

Understanding Office 365 and Azure Active Directory

Plan for multi-factor authentication for Office 365 Deployments

Modern Authentication

Setup Microsoft 365 Tenancy and Subscription

  • Configure subscription and tenant roles and workload settings

Try or Buy a Microsoft 365 Subscription

About Office 365 Admin Roles

Assign Admin Roles

  • Evaluate Microsoft 365 for organization

Try or Buy a Microsoft 365 Subscription

  • Plan and create tenant

Try or Buy a Microsoft 365 Subscription

Create your 365 Tenant

  • Upgrade existing subscriptions to Microsoft 365

Switch to a Different Plan

  • Monitor license allocations

Subscriptions and Licences

Manage Microsoft 365 Subscription and Tenant Health

  • Manage Service Health Alerts

Service Health and Continuity

How to check Office 365 Service Health

  • Create and Manage Service Requests

Support

  • Create Internal Service Health Response Plan

Service Health and Continuity

  • Monitor Service Health

Service Health and Continuity

How to check Office 365 Service Health

  • Configure and Review Reports, including BI, OMS and Microsoft 365 Reporting

Activity Reports

Microsoft 365 Usage Analytics

Enable Microsoft 365 Usage Analytics

Office 365 OMS

  • Schedule and Review Security and Compliance Reports

Security and Compliance Reports

  • Schedule and Review Service Usage Metrics

Microsoft 365 Usage Analytics

Enable Microsoft 365 Usage Analytics

Plan Migration of Users and Data

  • Identify data to be migrated and method

Decide on a Migration Path

Office 365 Migration Best Practice

Ways to Migrate Multiple Email Accounts to Office 365

  • Identify users and mailboxes to be migrated and method

Decide on a Migration Path

Office 365 Migration Best Practice

Ways to Migrate Multiple Email Accounts to Office 365

  • Plan migration of on-prem users and groups

Migrate Mailboxes from Exchange Server

  • Import PST Files

Importing PST Files to Office 365

——————————————————————————-

Manage User Identities and Roles (35 – 40%)

Design Identity Strategy

  • Evaluate requirements and solution for synchronization

Determine Directory Synchronisation Requirements

  • Evaluate requirements and solution for identity management

Determine Identity Requirements for your Hybrid Identity Solution

  • Evaluate requirements and solution for authentication

Determine Access Control Requirements for your Hybrid Identity Solution

Plan Identity Synchronisation by using Azure AD

  • Design directory synchronization

Azure Active Directory Hybrid Identity Design Considerations

  • Implement directory synchronization with directory services, federation services, and Azure endpoints

Managing Federation with Azure AD Connect

Manage Identity Synchronisation by using Azure AD

  • Monitor Azure AD Connect Health

Azure AD Connect Health Operations

  • Manage Azure AD Connect synchronization

Prerequisites for Azure AD Connect

Getting started with Azure AD Connect using express settings

Custom installation of Azure AD Connect

Operational Tasks and Configurations

  • Configure object filters

Configure Filtering

  • Configure password sync

Implement Password Hash Sync with Azure AD Connect Sync

  • Implement multi-forest AD Connect scenarios

Topologies for Azure AD Connect

Manage Azure AD Identities

  • Plan Azure AD identities

What is Hybrid Identity?

  • Implement and manage Azure AD self-service password reset

How to Successfully Roll Out Self Service Password Reset (SSPR)

  • Manage access reviews

What are Azure AD Access Reviews?

Create an access review of group members or application access with Azure AD

Manage User Access with Access Reviews

Manage Guest Access with Access Reviews

  • Manage groups

Groups and Access Management

  • Manage passwords

Azure AD Password Writeback

Azure AD Password Protection

Self Service Password Reset (SSPR)

Azure Multi Factor Authentication (MFA)

  • Manage product licenses

Manage User Accounts and Licences with Powershell

  • Manage users

Add or Delete users using Azure AD

  • Perform bulk user management

Getting Started with Office 365 Powershell

Connect to Office 365 Powershell

Manage User Roles

  • Plan user roles

About Office 365 Admin Roles

  • Allocate roles in workloads

Assign Admin Roles

  • Configure administrative accounts

Protect your Office 365 Administrator Accounts

  • Configure RBAC within Azure AD

What is Role Based Access Control (RBAC)?

Manage Access using RBAC and the Azure Portal

Manage Access using RBAC and Powershell

  • Delegate admin rights

Delegated Administration offer to Partners

Delegated Administration in Azure AD

  • Manage admin roles

About Office 365 Admin Roles

  • Manage role allocations by using Azure AD

Assign Admin and Non-Admin Roles in Azure AD

  • Plan security and compliance roles for Microsoft 365

Permissions in the Security and Compliance Admin Centre

——————————————————————————-

Manage Access and Authentication (20 – 25%)

Manage Authentication

  • Design authentication method

Azure AD Deployment Plans

Determine Access Control Requirements for your Hybrid Identity Solution

  • Configure authentication

Azure AD Password Writeback

Azure AD Password Protection

Self Service Password Reset (SSPR)

Azure Multi Factor Authentication (MFA)

  • Implement authentication method

Authentication Methods

  • Manage authentication

Authentication Methods

  • Monitor authentication

Azure AD Reports

Sign In Activity Reports

Risky Sign In Reports

Azure AD Activity Logs

Implement Multi Factor Authentication

  • Design an MFA solution

Determine Multi Factor Requirements

  • Configure MFA for apps or users

Setup Multi Factor Authentication

How it Works: Setup Multi Factor Authentication

Plan for MFA in Office 365 Deployments

  • Administer MFA users

Manage User Settings with MFA

Requiring Two Step Verification for a User

  • Report MFA utilization

Reports in Multi Factor Authentication

Configure Application Access

  • Configure application registration in Azure AD

Application Registration in Azure AD

  • Configure Azure AD application proxy

Understand and configure Azure AD application proxy

  • Publish enterprise apps in Azure AD

Application Management with Azure AD

Implement Access for External Users of Office 365 Workloads

  • Create B2B accounts

Add Azure AD B2B Collaboration Workers in the Portal

How Users in your Organisation can invite Guest users to an App

  • Create guest accounts

Create via Azure Portal

Create via Powershell

  • Design solutions for external access

Office 365 External Sharing and Azure AD B2B Collaboration

——————————————————————————-

Plan Office 365 Workloads and Applications (10 – 15%)

Plan for Office 365 Workload Deployment

  • Identify hybrid requirements

Identity Requirements

Exchange Hybrid Deployment Prerequisites

SharePoint Hybrid Requirements

Skype for Business Hybrid Requirements

  • Plan connectivity and data flow for each workload

Exchange Hybrid Deployment Prerequisites

SharePoint Hybrid Requirements

Skype for Business Hybrid Requirements

  • Plan for Microsoft 365 workload connectivity

Network Connectivity to Office 365

Network and Migration Planning to Office 365

Office 365 URL’s and IP Address Ranges

Office 365 Network Connectivity Principles

  • Plan migration strategy for workloads

Office 365 Migration Performance and Best Practice

Migrate to SharePoint Online and OneDrive

Move Skype for Business users between On Premises and Cloud

Plan Office 365 Applications Deployment

  • Manage Office 365 software downloads

Deploy Office 365 Pro Plus from the Cloud

Deploy Office 365 Pro Plus from local source

Download and Install Office 365

Overview of the Office Customisation Tool

  • Plan for Office 365 apps

Office Applications Service Description

Deploy and manage Mobile Apps

  • Plan for Office 365 Pro plus apps updates

Pro Plus Update Channels

Overview of the update process for Pro Plus

  • Plan for Office 365 Pro plus connectivity

Assess Environment and Requirements for Deploying Pro Plus

Office 365 URL’s and IP Address Ranges

  • Plan for Office online

Office Online Service Description

  • Plan Office 365 Pro plus deployment

Office Pro Plus Deployment Guide

Overview of the Office Customisation Tool

Plan your Enterprise Deployment of Pro Plus

Use the Readiness Toolkit to Assess Compatibility with Pro Plus

Overview of the Office Deployment Tool

Overview of Shared Computer Activation

Overview of Pro Plus in RDS Scenarios

2 thoughts on “Microsoft 365: Identity & Services (MS-100) Exam Prep Guide

Comments are closed.