Microsoft 365 Certified: Enterprise Administrator Expert

Validate your technical skills and grow your career.

This certification demonstrates that the recipient is proficient in planning, migration, deployment and
management of Microsoft 365 services.

Why Take The Microsoft 365 Certified: Security Administrator MS-100 & MS-101 Exam?

Measure your abilities in planning Office 365 workloads and applications, utilizing modern, cloud-
based device services, Microsoft 365 security and threat management, all while managing Microsoft
365 governance and data policy compliance.

Increase My Salary

  • The average salary for someone who holds a Microsoft 365 Enterprise Administrator Expert
    certification is around $90,000 / year.

Abilities Validated By The Certification:

  • Design and implement Microsoft 365 services
  • Manage user identity and roles
  • Manage access and authentication
  • Plan Office 365 workloads and applications
  • Implement modern device services
  • Implement Microsoft 365 security and threat management
  • Manage Microsoft 365 governance and compliance

Recommended Knowledge & Experience:

  • Candidates must earn at least one certification from this list:
    • Microsoft 365 Certified Modern Desktop Administrator Associate
    • Microsoft 365 Certified: Security Administrator Associate
    • Microsoft 365 Certified: Security Administrator Associate
    • Microsoft 365 Certified: Messaging Administrator Associate
    • MCSE: Productivity Solutions Expert
    • Microsoft 365 Certified: Teams Administrator Associate

Exam Topics & Scoring:

Exam MS-100: Microsoft 365 Identity and Services


Manage domains

  • add and configure additional domains
  • configure user identities for new domain name
  • configure workloads for new domain name
  • design domain name configuration
  • set primary domain name
  • verify custom domain

Plan a Microsoft 365 implementation

  • plan for Microsoft 365 on-premises Infrastructure
  • plan identity and authentication solution

Set up Microsoft 365 tenancy and subscription

  • configure subscription and tenant roles and workload settings
  • evaluate Microsoft 365 for organization
  • plan and create tenant
  • upgrade existing subscriptions to Microsoft 365
  • monitor license allocations

Manage Microsoft 365 subscription and tenant health

  • manage service health alerts
  • create & manage service requests
  • create internal service health response plan
  •  monitor service health
  • configure and review reports, including BI, OMS, and Microsoft 365 reporting
  • schedule and review security and compliance reports
  • schedule and review usage metrics

Plan migration of users and data

  • identify data to be migrated and method
  • identify users and mailboxes to be migrated and method
  • plan migration of on-prem users and groups
  • import PST Files


Design identity strategy

  • evaluate requirements and solution for synchronization
  • evaluate requirements and solution for identity management
  • evaluate requirements and solution for authentication

Plan identity synchronization by using Azure AD Connect

  • design directory synchronization
  • implement directory synchronization with directory services, federation services, and Azure endpoints

Manage identity synchronization by using Azure AD

  • monitor Azure AD Connect Health
  • manage Azure AD Connect synchronization
  •  configure object filters
  •  configure password sync
  •  implement multi-forest AD Connect scenarios

Manage Azure AD identities

  • plan Azure AD identities
  • implement and manage Azure AD self-service password reset
  • manage access reviews
  • manage groups
  • manage passwords
  • manage product licenses
  • manage users
  • perform bulk user management

Manage user roles

  • plan user roles
  • allocate roles in workloads
  • configure administrative accounts
  • configure RBAC within Azure AD
  • delegate admin rights
  • manage admin roles
  • manage role allocations by using Azure AD
  • plan security and compliance roles for Microsoft 365


Manage authentication

  • design authentication method
  • configure authentication
  • implement authentication method
  • manage authentication
  • monitor authentication

Implement Multi-Factor Authentication (MFA)

  • design an MFA solution
  • configure MFA for apps or users
  • administer MFA
  • report MFA utilization Configure application access
  • configure application registration in Azure AD
  • configure Azure AD application proxy
  • publish enterprise apps in Azure AD

Implement access for external users of Microsoft 365 workloads

  • create guest accounts
  • design solutions for external access
  • manage external collaboration settings


Plan for Office 365 workload deployment

  • identify hybrid requirements
  • plan connectivity and data flow for each workload
  • plan for Microsoft 365 workload connectivity
  • plan migration strategy for workloads
  • prepare workloads for new deployments and migrations

Plan Microsoft 365 Apps deployment

  • manage Office software downloads
  • manage Microsoft 365 apps
  • plan for Microsoft 365 Apps for enterprise
  • plan for Microsoft 365 Apps for enterprise updates
  • plan for Microsoft 365 Apps for enterprise connectivity
  • plan for Office for the web
  • plan Microsoft 365 Apps for enterprise deployment


Exam MS-101: Microsoft 365 Mobility and Security


  • plan for MDM
  • configure MDM integration with Azure AD
  • set device enrollment limit for users

Manage device compliance

  • plan for device compliance
  • design Conditional Access Policies
  • create Conditional Access Policies
  • configure device compliance policy
  • manage Conditional Access Policies

Plan for devices and apps

  • create and configure Microsoft Store for Business
  • plan app deployment
  • plan device co-management
  • plan device monitoring
  • plan for device profiles
  • plan for Mobile Application Management
  • plan mobile device security

Plan Windows 10 deployment

  • plan for Windows as a Service (WaaS)
  • plan the appropriate Windows 10 Enterprise deployment method
  • analyze upgrade readiness for Windows 10 by using services such as Desktop Analytics
  • evaluate and deploy additional Windows 10 Enterprise security features



Implement Cloud App Security (CAS)

  • configure Cloud App Security (CAS)
  • configure Cloud App Security (CAS) policies
  • configure Connected apps
  • design a Cloud App Security (CAS) Solution
  • manage Cloud App Security (CAS) alerts
  • upload Cloud App Security (CAS) traffic logs

Implement threat management

  • plan a threat management solution
  • design Azure Advanced Threat Protection (ATP) implementation
  • design Microsoft 365 ATP policies
  • configure Azure ATP
  • configure Microsoft 365 ATP policies
  • monitor Advanced Threat Analytics (ATA) incidents


Implement Microsoft Defender Advanced Threat Protection (ATP)

  • plan a Microsoft Defender ATP solution
  • configure preferences
  • implement Microsoft Defender ATP policies
  • enable and configure security features of Windows 10

Enterprise Manage security reports and alerts

  • manage service assurance dashboard
  • manage tracing and reporting on Azure AD Identity Protection
  • configure and manage Microsoft 365 security alerts
  • configure and manage Azure Identity Protection dashboard and alerts


Configure Data Loss Prevention (DLP)

  • configure DLP policies
  • design data retention policies in Microsoft 365
  • manage DLP exceptions
  • monitor DLP policy matches
  • manage DLP policy matches

Implement sensitivity labels

  • plan for sensitivity labels
  • create and publish sensitivity labels
  • use sensitivity labels on SharePoint and OneDrive
  • plan for Windows information Protection (WIP) implementation

Manage data governance

  • configure information retention
  • plan for Microsoft 365 backup
  • plan for restoring deleted content
  • plan information retention policies

Manage auditing

  • configure audit log retention
  • configure audit policy
  • monitor Unified Audit Logs

Manage eDiscovery

  • search content by using Security and Compliance Center
  • plan for in-place and legal hold
  • configure eDiscovery and create cases


Prepare for your exam:

The best way to prepare is with first-hand experience. Taking advantage of the opportunities that
Phoenix TS provides will assist you with gathering all the knowledge and skills you’ll need for

Phoenix TS Microsoft 365 Certified: Enterprise Administrator Expert – Learning Pathways


  • MD-100: Windows Client

    Course Overview Phoenix TS’ 5-day instructor-led Microsoft Windows Client training and certification boot camp in Washington, DC Metro, Tysons Corner, VA, Columbia, MD or Live Online teaches students learn how to support and configure Windows desktops in an organizational environment. Students will develop skills that include learning how to install, customize, and update Windows 10 […]

    Click To Read More


  • MS-101T00: Microsoft 365 Mobility and Security

    Course Overview Phoenix TS’ 5-day instructor-led Microsoft 365 Mobility and Security training and certification boot camp in Washington, DC Metro, Tysons Corner, VA, Columbia, MD or Live Online covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security […]

    Click To Read More



1 – https://www.globalknowledge.com/us-en/resources/resource-library/articles/top-paying-certifications/?utm_source=Sales-Enablement&utm_medium=White-Paper&utm_campaign=&utm_content=Top-Paying-Certs
Subscribe now

Get new class alerts, promotions, and blog posts

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

Download Course Brochure

Enter your information below to download this brochure!