Pass Microsoft 365 MS-900 Exam in First Attempt Easily

Getting Started

1. Introduction

Hi. Microsoft Office 365 is the leading software as a service platform available today. The Microsoft 365 Fundamentals MS-900 certification is a foundational exam that prepares you for other M-365 certifications. Hi. My name is Andre. Hi, Otis. I've been working as a Security Engineer for a number of years, focusing on security, governance, risk, and compliance. I hold multiple certifications on Amazon.AWS, microsoft Azure and Microsoft and 365. In this course, I have taken the following approach, which is aligned with the new Microsoft Performance-Based Training, which ensures that you not only understand the different concepts, but can relate them together and understand key differences. I also try as much as possible to teach you within the 365 portal. I tackle each section and lecture from the point of view of the exam and the questions that might be asked on the exam.

Hide

Cloud Concepts

1. NIST Public, Private and Hybrid cloud models

In this section, we will go over all of the cloud concepts that you need to know in order to pass the exam. This is the only section that will not make use of the Azure user interface, as I want this course to be very practical and hands-on and in line with the new performance-based testing from Microsoft. I also wanted to use an authoritative source of information for the cloud concepts. And the one that I've chosen is the U.S. government. the National Institute of Standards and Technology, or NISS. They have some very good documents that are available publicly, and this is what I'll be using for all of the cloud concepts lectures. In this lecture, we will focus on the different deployment models. In particular, the course curriculum basically covers three of them. Nas has four: private cloud, community cloud, public cloud, and hybrid cloud. We will look at three of those and what questions might be on the exam. So let's look at some of the definitions.

So the first is a private cloud. So the cloud infrastructure is operated solely for our organization. It can be managed by the organisation or by a third party and can exist on or off-site. So the key point here is that it is operated solely for one organization, and it may be managed by the organization, which means that organisations A, B, and C own a data centre and everything in it, and they either manage it themselves or outsource it to a third party. However, that data centre still belongs to one organization. So that is a key thing to look at during the exam compared to the other different cloud deployment models. So let's look at the public cloud. So the cloud infrastructure is made available to the general public or a large industry group and is owned by an organisation selling cloud services.

So Amazon as well as Azure fit really well into this public cloud model. And the keywords again are "general public" a large industry group," which sometimes some people will refer to as "community cloud." So, during the exam, the primary distinction between public and private is that public refers to the general public or industry group. While private, it's really operated for one organization, and it may be managed by that organisation or a third party, but it's still really for that organization. And the last definition, which is the hybrid cloud, is that the cloud infrastructure is a composition of two or more clouds, private, community, or public, that remain unique entities but are bound together by standardised or proprietary technology that enables data and application portability. So during the exam, a hybrid cloud could be made up of a private cloud that is interconnected with a public cloud, but it could also be basically two public clouds, or it could be two private clouds.

A hybrid is a combination of more than two of them. So again, that could be on the exam as well. But the key differentiator is between public and private. So if you get any questions, read carefully what the scenario is, and they might try to introduce the hybrid one. But remember, "hybrid" is not necessarily just between public and private. It could be between two private clouds or two public clouds. So I think that's all for the deployment models, and that's all for this lecture. And whenever you're ready, you can go to the next one.

2. NIST IaaS vs PaaS vs SaaS

Hi. In this lecture, we will go over the different service models. As we go through each of the definitions, we will look at some of the keywords that will enable you to understand each definition, as well as the differences between them. This should help you answer any questions that you have on the exam. Again, in this lecture, I am leveraging the NIST standard for some of these cloud definitions. All right, let's get started. So, let's start with the cloud infrastructure as a service, or IAS. So the definition is the capability provided to the consumer to provision processing, storage networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include an operating system and application.

The consumer does not manage or control the underlying cloud infrastructure. But here's the key thing: He has control over the operating system, storage, deployment applications, and possibly limited control of selected networking components. So in all of these, the cloud infrastructure provider provides base functionality, but in the IAS, the consumer has control over the operating system and storage and deployment applications. So that's the key thing. So when you think about IAS, think about Microsoft Azure, Amazon Web Services, and Google Cloud Platform, where the consumer has control of the OSS and the storage.

So that is the key part of IAZfor Cloud Platform as a Service, or Paz. The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure, including network servers, operating systems, or storage, but has control over the deployed application and possibly application hosting environments or configuration. The key aspect here is that the consumer leverages an application or a capability already provided, usually through a programming language.

So if you think of, for example, Salesforce.com, which is a SAS which we'll look at next), it has capabilities to do some custom deployment and configuration using their programming language. And in that respect, that capability is a PaaS capability. You would not have that in the IAS. So again, think about Pas, where now you have access to the functionality provided and can configure and customise it, usually through a programming language. All right, and the last one is cloud software as a service. The capability provided to the consumers to use the provider's application running on our cloud infrastructure—that is the key word—is that you're using the application and you're really not aware of or in control of what's underneath. The applications are accessible from various client devices. The consumer does not manage or control the underlying cloud infrastructure, including network servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

Again, if you want to think about it, the key application is Salesforce.com or any other application that you use, whether, for example, Facebook, where you just login and start using it, and you may have some level of customization, but you really have no control over the underlying infrastructure. So I think that one's fairly clear with SAS, and then with IADs, you really have control of the underlying infrastructure compared to the SAS one. So PaaS is sometimes a little bit more challenging. You do have somewhat less control than I do, but more control than SAS.

And if there are any answers that you can customise or a programming language that you can configure based on your requirements and needs during the exam, it may be closer to a Pass than a SaaS. But the keyword with SAS is that you're reusing the application, and you have no knowledge of the underlying infrastructure. So those are the three different cloud service models, and you should definitely get a question on the exam on this topic. All right, that's all for this lecture, and whenever you're ready, you can go to the next one.

3. Microsoft 365 SaaS

Hi. In the last couple of lectures, we really looked at some of the fundamental concepts of the cloud deployment models and the cloud service models. So in this lecture, we're going to try to bring all these concepts together and give some more concrete examples of what those different service models are, namely IAS, PAS, and SAS. That will help you answer the questions on the exam. So the first thing that we want to look at are the different responsibilities. So when you go to the cloud, depending on themodel I as Pas or SAS, the customer has differentresponsibilities, and that may be a question on the exam. So the first one we can look at is SAS. In a SAS model, the key thing to remember is that many of the responsibilities are taken on by the cloud provider. What the customers are responsible for is data classification and accountability.

And the other key aspect is identity and access management. So that's a joint responsibility. And you can think of identity and access management as how you identify users, authenticate users, and authorise users for that SaaS service. The platform as a service, or Pas, is similar to SAS, except you have a lot more application-level control, where you can customize, configure, and even extend. Then there's IAS, which gives you a lot more control and is more similar to what you'd have on premise, with full control of the application and partial control of the network and host infrastructure. So what is missing on the IAS is reallyaround more the data centres and the infrastructure. You don't have direct access to information that has been managed for you, and that is a value proposition compared to the on-premises environment.

So, on the premises, you are responsible for physical security, all host security, host infrastructure, and network controls, whereas on the IAS for the host in the network, you have only partial responsibilities. So as you go up the chain of responsibility, there's less and less customer responsibility, but there's more and more cloud provider responsibility. However, the key thing is what is common, so that could be another question. What is common across all of those models is that the customer always retains the data classification and accountability. All right, so now let's look at what that means and give some more concrete examples as it relates to Office 365 as well as Microsoft Azure. So let's start with Office 365. We're not going to go into detail in this particular area. There is a section specifically on the different plans and pricing and options. But this is a good page to look at the different services that are offered by Office 365. So the number one thing to remember for the exam is that Office 365 is a SAS service. It is not a PAL or IAS. It is the key SAS service for Microsoft.

And as you can see here on the far right, we're just going to look at the Enterprise E-5, as this is the subscription that has the most options. These are all SaaS services. We can see Outlook Word, Excel, PowerPoint, OneNote, and some services like Exchange OneDrive, SharePoint, and Skype Yammer Power Bi So those are all services and Office applications that you can say are part of the Office 365 ecosystem. But those are all SAS services. So during the exam, anything around Office365 is part of a SAR. All right, so now we'll look at Microsoft Azure. I'll bring you into the console, and we're just going to quickly look at what's available there. You won't be presented with any of those scenarios in the example, but it is good to understand what Azure looks like and where it falls in terms of the services that it offers. All right, so this is the main console of the Microsoft Azure platform. So like I said, Microsoft Azure has a number of services. So Microsoft Azure is primarily an IAS service. Most of the services you have full control of that service as I ask.

However, there is a part, and as more services are deployed on Azure, more Pass services are added. And let's scroll down here. We have some general services. Compute is the original service that is related to IAS networking. Again, all in all, it has 27 networking services. some gene use storage. So, again, these were the three that really are the foundation of cloud computing. Now, as we go into the web part, this is where Microsoft Azure is more of a path. Key things that could be on the exam that you probably need to remember I would remember three things and a couple of concepts or terms. One is app services.

So that should give you an idea. App Services is past. So what is an app service? Well, a NAPP service is any service that helps you host your application or your business logic. In terms of Azure, you can probably think of Web applications, mobile applications, or logic applications. Those are some of the examples. But again, these all fall under "app services." The other one that is also a PAZ is the CDN, which is the content distribution network of Microsoft. So this is where you could distribute your content around the world. The third one is search services. So search, CDN, and app services are all powered by Azure. The rest, for the most part, are all IRS. There's also sometimes a term that may be brought on to the exam which is Server less.

So, as the name implies, there are servers running it and your application, but you don't have access to them. You let Azure take care of all the provisioning and running and providing support. So naturally, those are the paths. So, for the exam, if I'm going to recap for the exam, SAS is Office 365. Other applications, such as salesforce.com Drobox, are now available. Those are all SaaS services. Interestingly. I don't think this will be on the exam, but it's good to know that the Azure IoT Suite, which is available here, is considered a SAS service. I don't believe that will be covered in the exam. That's just good information. So SaaS is Office 365 Azure is IAS. And within Azure, there are really these three core services. App services like Azure Search and AzureCDN are considered pies. Alright, that's all for this lecture. So whenever you're ready, you can go to the next one.

Hide

Understand core Microsoft 365 services and concepts

1. The Core Microsoft 365 Components

In this lecture, we're going to look at the applications that are part of the M 365 Enterprise. Let's get started. Here we see the M 365 Enterprise poster that Microsoft published. Now, on this Enterprise poster, I've put the link in the description of this lecture for you to refer to, and I suggest that you print it out and have a look at it.

At this level, we can see that the M365 is made up of Office 365, Windows 10 Enterprise, and Enterprise Mobility and Security, sometimes referred to as EMS. So it can be a little confusing. So during the exam, make sure that you read the question carefully, and sometimes it may refer to Office 365, and we'll see what that covers. But Microsoft 365 Enterprise, or sometimes just referred to as "M 365," includes Office 365. And these additional applications in this course and the other sections and lectures will go quite a bit into detail in each of these applications, including the different pricing and subscriptions. But here, it's just as important that we understand the different applications that make up M 365.So we'll look a little bit more in detail at each of these categories. So let's have a look at this view.

So this one is a little easier to look at than the other one, but I do suggest printing out the poster because it does cover other areas of the course and the exam. So the first thing we'll look at is Office 360. So what does that include? So really, this is the first part. Over here, the Office applications, email, chat, voice, social, and Internet So that's the course. So what is that made up of? It's made up, basically. Excel Word PowerPoint OneNote publisher. Microsoft Access Skype for business. So, Skype for Business is a unified communication channel. We have Exchange and Outlook. We have SharePoint. SharePoint is a document management repository. We have Microsoft Teams, which is a collaborative platform. And within teams, some of the services or capabilities you have are business messaging, calling, video meetings, and file sharing. And we also see on the right that there are different subscriptions. We won't cover this in this lecture.

There is a section and lecture that will go into much more detail on each of the different subscriptions and services associated with them. The next thing which is not really shown in thisview, but over here, which is the Windows Ten Enterprise. So Windows Ten Enterprise is the operating system. the Windows 10 operating system. There are some services in here; we can refer back to the fact that there are some that are in various areas. There is one for Windows 10. At Enterprise, we have information protection. Over here, we have Windows Defender antivirus, the Windows Defender application, Control, and Windows Defender Threat Protection, or ATP So anywhere we find Windows Defender again, then this is part of Windows 10 Enterprise. And the last major component that we have here is enterprise mobility and security, which is referred to as EMS. So there are some differences between E 3 and E 5. But in this lecture, we're just going to look at all the capabilities and applications within the E-5, because during the exam, it's really more important to understand the differences.

What is the difference between Office 360 and Windows 10 and the EMS? The foundation, and there will undoubtedly be many lectures, is Azure Active Directory. So we have two plans here. Plan one. Plan two for Microsoft Intune includes device and application management. Again, there's a lecture that goes over the device management, from registration to policies, and then application management—the applications that are part of it. We have some information protections. Data Loss Protection Azure Information Protection Plan and Protection Plan One are two examples. Protection Plan II And we also have some analytics, some advanced analytics. Here we see some examples of the applications that are included. To summarise this lecture, if we look at Office360, these 1234 sort of five things over here are part of what traditionally is Office 360. But for end-365, then we add Windows Ten Enterprise, which includes, as we said, Information Protection, BitLocker, and any of the Windows Defenders that you see over here. And then we have enterprise mobility and security. And we see that trend toward more DM here. So I would suggest spending some time on this slide and just getting comfortable and understanding what is Office 360, what is under Windows Ten Enterprise, which is DOS, and then DEM, as well as printing the poster here, which gives additional information. All right, that's it for this lecture. Whenever you're ready, you can go to the next one.

2. Microsoft M365 VS On Premise Services

In this lecture we're going to look at M 365 versus on premise. Now in Section 5 of the course, which covers M 365 pricing and support, there are three detailed lectures on the ROI Calculator, Capex versus Opex, the TCO Calculator, and cloud pricing. I'm not going to duplicate all of the information in this lecture. Many of the questions on the exam in this section are also covered in Section Five. So in this section, or particularly in this lecture, I will cover only a few topics as it relates to M-365 versus on premise. So this lecture will be a little shorter. I'm still going to leverage the total cost of ownership, or TCO calculator, to discuss about three or four areas of cloud versus on premise. All right, so let's get started. I'm just going to scroll down again.

Section 5 goes into great detail about the TCO D, ROI, and Capex versus OPEC. But I just want to focus on the categories. So here we see the on premises cost breakdown versus here is the Azure cost breakdown. So basically, this is an on premise versus cloud discussion. The costs that are shown here are fictitious, as you need to enter a lot of information, especially for the on-premises costs. But again, that is covered in Section 5. So here we're going to cover a few things that could be on the exam. One of the key differentiators between on-premises and cloud computing is cost. And here are a few categories of differences between on-premises and cloud computing. So on the left, if you look at on-premises, you have the whole data center in terms of cost. And then in the cloud, there is zero cost as this is the responsibility of Microsoft. same thing with networking. Networking in the cloud is zero cost. It labor naturally decreases because if the datacenter and network are in the cloud, the amount of it labor that is typically dedicated to on-premises is greatly reduced. The storage is very similar.

However, there is quite a substantial difference in the compute because, if you look at the sub-items of compute, we have hardware, which is the responsibility of the provider. In the cloud, we have software, we have electricity, and we have databases. All of these things are quite expensive on premise, and they need to be managed and evergreen. While in the cloud, you have the compute cost, which is much smaller, and you also pay as you go. In contrast, you must make a significant initial investment in this case. And that's why you sort of see it with these numbers. Here, that kind of ratio we're talking about is much lower. So, in terms of costs, if it's on the exam, cloud is much lower, particularly in data centre networking and a significant reduction in IT labour as well as compute. The other aspect that also indirectly we've beendiscussing is the deployment because here you've purchasedyour hardware, you've purchased your data center. You need to deploy and maintain these and have an IT labour force that is able to manage them. So that is also indirectly tied with thecost, but it's under the category of deployment. Here, all of the deployment is taken care of by Microsoft. The third area is control.

Naturally, on premise, you control everything. It is your data center, it is your hardware, it is your software, it is your network, and it is your resources that are managing everything in the cloud. In terms of customer responsibility, you are letting Microsoft handle the data center, the networking, much of the compute, and the labor. So if there was a question on the exam, then actually being on premise gives you much greater control, but at a price. The other part is security. So there's quite a bit of discussion on security in the cloud. At the end of the day, security should be the same on premises as it is in the cloud. You should apply the same kind of due diligence to the cloud. There are many services and capabilities that enable you to turn on security quite easily, though on premise there's usually quite a bit of additional cost. It is sort of under your control. But you do need to have the same due diligence on premise, which sometimes is not there. It is quite expensive and challenging to implement end-to-end security on premise. It is much easier to achieve this on the cloud. And the last thing we're going to discuss in this lecture is that this shows sort of on-premises versus in the cloud, but there's always the hybrid scenario, and that's a key thing to remember for the exam.

A hybrid means that certain aspects will remain on-premise and others will be in the cloud. So, that is sort of the last model. And so basically, you will have the blend of these figures. So there'll be a reduction in on-premises cost because it will be shifted to the cloud, but you'll still retain control over what you have on-premises. So it would be a good scenario. So for certain applications or for compliance reasons, you may leave certain critical applications on premises, but you can substantially reduce your compute, perhaps your data centre and networking, and to a certain extent your IT labour force. So that could also be on the exam. And, as previously stated, there are detailed lectures that really talk about M-365 or cloud versus on-premises and hybrid in each section five, and of course for M-365 pricing and support. And I cover there in much greater detail the ROI Calculator (Capex versus Opex), this TCO Calculator, and cloud pricing. That's it for this lecture. Whenever you're ready, you can go to the next one.

3. The Concept of Modern Management

In this lecture, we're going to look at the concept of modern management within M 365.Specifically, we're going to look at Windows as a Service, or WAAS. We're going to look at the M365Portal model, and we're going to look at the Microsoft deployment and release models. Let's get started. The first topic is Windows as a Service. So Windows as a Service is the approach Microsoft introduced with Windows 10 to deploy, update, and service the operating system. Instead of releasing a new version of Windows every three to five years, as Microsoft did in the past, it will now continually update Windows 10. So the updates are categorised in two ways. So that could be on the exam, which is about feature updates and quality updates. So feature updates occur about twice a year, roughly. They are scheduled in March and September.

As a result, they essentially add new functionality to the operating system. Quality updates are more cumulative. That comes out at least once a month and contains your traditional security patches and other fixes to make the OS more reliable. So again, for the exam, Windows as a Service is a new way of deploying and managing Windows, the operating system. There are two types of deployments: either feature updates or quality updates. Feature updates occur twice a year around March and September, while quality updates are continuous and let's say monthly for the purposes of the exam. So that covers a portion of the building in terms of deployment. What they call "service models" or "service channels" So for the exam, there are three servicing channels that you need to be aware of. The first one is the Windows Insider Program.

So those are members of the Windows Insider programme that get access to whatever updates are coming as soon as they are available during Microsoft's development process. So this helps IT organisations to work with the updates and test compatibility before the update goes out to the general public. The other servicing channel is the semi-annual channel. This channel follows the twice per year update model, and the third one is what is called the Long-Term Servicing Channel, or sometimes referred to as LTSC. So this channel is designed for more specialised devices like ATMs, for example, where security and stability are critical and any downtime associated with the OS updates is really unacceptable in terms of servicing. They are servicing tools. This might not be on the exam, but it's good to know just in case. So there are three principal tools that are used for servicing. One is your traditional Windows Update that you may be familiar with on your PC. There is also a business version, Windows Update for businesses. The other ones are more for its organization. One. It's called Service Update for Services or Server Update Services, which is WSUS. And then the other one is System Center Configuration Manager, or SCCM. So you're probably only familiar with the acronyms Sccmor, WSU, and Windows Updates.

So there are three tools for servicing. All right, so now let's look at the M 365 Administration Center. So once you log in to your subscription, this is what you're presented with. Now, in the other sections as well as the lecture, we're going to go into much more detail in some of these sections that are part of the curriculum. So in this lecture, we're just going to quickly look at some of the main areas. So when you log in after coming home, what can you do within the admin center? While you can manage users, you can also see your users, the Active Guess, and Deleted Groups as it displays user groups or groupings. You have all your information regarding billing support. You can create a new service request or view a service request that was previously submitted. And there's a whole section just on this—or a lecture you're setting for your subscription. You also have reports, and you have health. Again, there'll be a lecture on this topic.

This is the service guide for the M365 services as it relates to your subscription. The key point for the exam for this lecture is that there are numerous administrative centers. There's device management for security and compliance, as well as Azure Active Directory. The important thing to know is that Azure Active Directory is a directory service that enables you to manage groups and users, and specifically user identity passwords, which is authentication and then authorization, and the roles that they play once they are authenticated. So we're going to have a look at that in another lecture. We'll look at device management as well. Another lecture, Securing Compliance, will also be looked at several times. But we're going to have a quick look over here because it is quite extensive. So here is M-365 Security and Compliance, and there's quite a bit of information here, and there's a specific lecture that will go into most of these choices over here.

But I just wanted to give you an idea of what this looks like. So for the exam in this lecture, it's really important to understand that there are different administrative centers: securing compliance, device management, and Azure Active Directory. And then the main admin centre here basically just enables you to manage your subscription. Finally, in this lecture, we'll look at Windows and Microsoft's Deployment and Release model. Now that we've looked a little bit at the Windows ASA service, this is a more generic view. So, for the exam, all that is required is a high level understanding of the concepts of continuous integration and continuous delivery. So what's important to know for the exam are the types of users that may be involved. We have canaries, early doctors, and users. Canaries are individuals or organisations that are interested in testing the very latest features, almost like bleeding edge, and are willing to try something that may not be quite stable. Then when there's some stability or some lessons learned from the canaries, then you have a bigger audience.

Which are the early adopters? And they usually adopt those releases once there's some sort of stability, and eventually it goes into general release and you have your general users, as you can see in the terms on the right. You have your way at the beginning. early adopters and then full users. So in terms of number of users, canaries are a very small group, early adopters are quite a bit larger, and then there is the general availability of users. Here you have sort of a methodology or a method for releasing these updates, which is called continuous integration and continuous delivery. So we continuously made code changes, and as these code changes are checked in, they're automatically triggered. There's an approval process, and it's released.

Also worth noting is the blast radius, which is interesting because as you release, as you have your CICD, the number of or impact on canaries is smaller because there aren't as many of them, whereas early adopters are a little bit more end users. So that basically says, depending on the lifecycle of this feature, this is the impact of continuously updating that particular feature. So for the exam, I think the only thing really to remember is that concept of "canaries," early adopters, and users. You have continuous integration and continuous delivery, and it's basically a cycle of continuously releasing and updating features and having the community test and vet them before they are released to the public. Okay, so for this lecture, we looked at Windows as a service, the M365 portal and its main purpose, as well as how it looked, and we finished with the Microsoft deployment and release model. So I think that's all for this lecture. Whenever you're ready, you can go to the next one.

Hide