Free Practice Questions for Microsoft 365 Certified: Administrator Expert (MS-102) Certification

    🔄 Last checked for updates July 5th, 2026

    Study with 346 exam-style practice questions designed to help you prepare for the Microsoft 365 Certified: Administrator Expert (MS-102). All questions are aligned with the latest exam guide and include detailed explanations to help you master the material.

    Start Practicing

    All Domains

    Practice with randomly mixed questions from all topics

    Question MixAll Topics
    FormatRandom Order

    Domain Mode

    Practice questions from a specific topic area

    Quiz History

    Exam Details

    Key information about Microsoft 365 Certified: Administrator Expert (MS-102)

    Official study guide

    View

    Question formats CertSafari offers
    • Multiple choice
    • Ordering
    • Matching
    • True/False
    • Fill in the blank
    prerequisites:

    Functional experience with all Microsoft 365 workloads and Microsoft Entra ID, having administered at least one of these. Working knowledge of Networking, Active Directory Domain Services, DNS, and PowerShell.

    target audience:

    Administrators who deploy and manage Microsoft 365, performing tenant-level implementation and administration of cloud and hybrid environments. They function as an integrating hub for all Microsoft 365 workloads and coordinate with architects and other administrators.

    Exam Topics & Skills Assessed

    Skills measured (from the official study guide)

    Domain 1: Deploy and manage a Microsoft 365 tenant

    Subdomain 1.1: Implement and manage a Microsoft 365 tenant

    - Create a tenant - Implement and manage domains - Configure org settings, including Security & privacy and Organization profile - Monitor the health of Microsoft 365 services by using Service Health, including configuration of notifications - Configure and review Network connectivity insights - Configure and monitor software updates by using the Microsoft 365 admin center - Monitor Microsoft 365 adoption and usage - Configure and manage Microsoft 365 Backup

    Subdomain 1.2: Manage users and groups

    - Create and manage users in Microsoft Entra ID, including external users - Create and manage contacts in the Microsoft 365 admin center - Create and manage groups, including Microsoft 365 Groups and manage shared mailboxes - Manage and monitor Microsoft 365 licenses, including group-based licensing - Perform bulk user management, including Microsoft Graph PowerShell and Microsoft Entra PowerShell

    Subdomain 1.3: Manage roles and role groups

    - Implement and manage roles in Microsoft 365 and Microsoft Entra ID - Manage permissions for Microsoft Defender XDR, Microsoft Purview and other Microsoft 365 workloads using roles or role groups - Manage delegation by using administrative units - Manage Microsoft Entra ID roles in Microsoft Entra Privileged Identity Management (PIM)

    Domain 2: Implement and manage Microsoft Entra identity and access

    Subdomain 2.1: Implement and manage identity synchronization with Microsoft Entra tenant

    - Prepare for identity synchronization, including IdFix - Implement and manage directory synchronization by using Microsoft Entra Connect Sync or Microsoft Entra Cloud Sync - Monitor synchronization by using Microsoft Entra Connect Health - Troubleshoot synchronization, including Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync

    Subdomain 2.2: Implement and manage authentication

    - Implement and manage authentication methods - Implement and manage self-service password reset (SSPR) - Implement and manage Microsoft Entra Password Protection - Investigate and resolve authentication issues

    Subdomain 2.3: Implement and manage secure access

    - Plan for identity protection - Implement and manage Microsoft Entra Identity Protection - Plan Conditional Access policies - Implement and manage Conditional Access policies - Implement and manage multifactor authentication (MFA) by using Conditional Access policies

    Domain 3: Manage security and threats by using Microsoft Defender XDR

    Subdomain 3.1: Review and respond to security reports and alerts generated by Microsoft Defender XDR

    - Review and respond to threats by using Microsoft Security Exposure Management, including the Microsoft Secure Score - Review and respond to incidents and alerts generated by Microsoft Defender XDR, including advanced hunting - Review and respond to issues identified in Microsoft Defender XDR reports - Review and respond to threats identified by Microsoft Defender Threat Intelligence

    Subdomain 3.2: Implement and manage email and collaboration protection by using Microsoft Defender for Office 365

    - Implement threat policies and rules in Microsoft Defender for Office 365 - Configure alert policies in Microsoft Defender for Office 365 - Investigate and respond to email and collaboration threats by using Microsoft Defender for Office 365 - Manage attack simulations, including training campaigns - Manage restricted entities, including blocked users

    Subdomain 3.3: Implement and manage endpoint protection by using Microsoft Defender for Endpoint

    - Onboard devices to Microsoft Defender for Endpoint - Configure endpoint settings - Review and respond to vulnerabilities identified in the Microsoft Defender Vulnerability Management dashboard

    Subdomain 3.4: Implement and manage Microsoft Defender for Cloud Apps

    - Configure the app connector for Microsoft 365 - Configure Microsoft Defender for Cloud Apps policies, including triggering alerts - Interpret activity log - Configure Cloud App Discovery - Review and respond to issues identified in Cloud App Discovery

    Domain 4: Manage compliance by using Microsoft Purview

    Subdomain 4.1: Implement Microsoft Purview information protection and data lifecycle management

    - Implement and manage sensitive information types by using keywords, keyword lists, or regular expressions - Implement retention labels, retention label policies, and retention policies - Implement sensitivity labels and sensitivity label policies - Monitor label usage by using Content explorer, Activity explorer, and label reports

    Subdomain 4.2: Implement Microsoft Purview data loss prevention (DLP)

    - Configure DLP policies for Microsoft 365 workloads, including Exchange Online, SharePoint Online, OneDrive, Teams, Power BI, and Microsoft 365 Copilot - Configure Endpoint DLP - Review and respond to DLP alerts, events, and reports

    Techniques & products

    Microsoft 365 tenant
    Microsoft Entra ID
    Microsoft Defender XDR
    Microsoft Purview
    Service Health
    Network connectivity insights
    Microsoft 365 admin center
    Microsoft 365 Backup
    Microsoft 365 Groups
    Shared mailboxes
    Microsoft Graph PowerShell
    Microsoft Entra PowerShell
    Administrative units
    Microsoft Entra Privileged Identity Management (PIM)
    IdFix
    Microsoft Entra Connect Sync
    Microsoft Entra Cloud Sync
    Microsoft Entra Connect Health
    Self-service password reset (SSPR)
    Microsoft Entra Password Protection
    Microsoft Entra Identity Protection
    Conditional Access policies
    Multifactor authentication (MFA)
    Microsoft Security Exposure Management
    Microsoft Secure Score
    Advanced hunting
    Microsoft Defender Threat Intelligence
    Microsoft Defender for Office 365
    Attack simulations
    Restricted entities
    Microsoft Defender for Endpoint
    Microsoft Defender Vulnerability Management
    Microsoft Defender for Cloud Apps
    Cloud App Discovery
    Sensitive information types
    Retention labels
    Retention label policies
    Retention policies
    Sensitivity labels
    Sensitivity label policies
    Content explorer
    Activity explorer
    Data loss prevention (DLP)
    Exchange Online
    SharePoint Online
    OneDrive
    Teams
    Power BI
    Microsoft 365 Copilot
    Endpoint DLP
    Networking
    Active Directory Domain Services
    DNS
    PowerShell

    CertSafari is not affiliated with, endorsed by, or officially connected to Microsoft Corporation. Full disclaimer