Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Purpose of this document
This study guide should help you understand what to expect on the exam and includes a summary of the topics the exam might cover and links to additional resources. The information and materials in this document should help you focus your studies as you prepare for the exam.
| Useful links | Description |
|---|---|
| Certification renewal | Microsoft associate, expert, and specialty certifications expire annually. You can renew by passing a free online assessment on Microsoft Learn. |
| Your Microsoft Learn profile | Connecting your certification profile to Microsoft Learn allows you to schedule and renew exams and share and print certificates. |
| Exam scoring and score reports | A score of 700 or greater is required to pass. |
| Exam sandbox | You can explore the exam environment by visiting our exam sandbox. |
| Request accommodations | If you use assistive devices, require extra time, or need modification to any part of the exam experience, you can request an accommodation. |
About the exam
Some exams are localized into other languages, and those are updated approximately eight weeks after the English version is updated. If the exam isn't available in your preferred language, you can request an additional 30 minutes to complete the exam.
Note
The bullets that follow each of the skills measured are intended to illustrate how we are assessing that skill. Related topics may be covered in the exam.
Note
Most questions cover features that are general availability (GA). The exam may contain questions on Preview features if those features are commonly used.
Skills measured
Audience profile
As a candidate for this Microsoft Certification, you’re a business professional who works with digital tools and connected systems to perform your daily tasks, but you’re not a security professional. You typically work as an administrative staff member, analyst, project manager, marketer, or salesperson. Your primary focus is business productivity and collaboration, but you regularly handle sensitive data and interact across networks, making your apps and data a prime target for cyberthreats.
For this exam, you need foundational knowledge in cybersecurity awareness, privacy expectations, and security event response, along with the practical skills to work in these areas. You should understand basic security concepts and know how to apply simple, role-relevant practices to help reduce risks and maintain compliance for your organization.
As a candidate for this Certification, you have:
Digital reliance, and you frequently use computers, mobile devices, cloud services, and collaboration platforms to access, share, and store information.
A non-technical background and limited formal training in cybersecurity. Your expertise lies in business processes rather than in IT or security operations.
High exposure to cyber risks because you regularly handle sensitive data and communicate across networks, but you might not always be aware of potential risks.
Responsibility for privacy and accountability for safeguarding personal and organizational information in compliance with company policies.
You should be able to:
Recognize common threats, such as phishing, malware, and social engineering.
Apply basic protection practices, including strong passwords, multifactor authentication, and safe internet use.
Follow organizational privacy and security policies when handling sensitive data.
Report suspected incidents promptly and take appropriate steps during data breaches.
Maintain continuous awareness of evolving threats and best practices through organizational updates and training.
Skills at a glance
Understand cybersecurity concepts (25–30%)
Understand cybersecurity risks and threats (30–35%)
Apply basic security policies to protect the organization (25–30%)
Report and respond to security incidents (10–15%)
Understand cybersecurity concepts (25–30%)
Explain roles and responsibilities in cybersecurity
Explain the cybersecurity shared responsibility model
Identify activities that demonstrate employee participation in security awareness initiatives within an organization
Describe accountability practices
Identify activities that enhance security
Apply simple organizational policies and data-handling standards
Understand security and privacy policies applicable to work tasks
Identify types of data that shouldn’t be shared with AI tools
Describe the benefits of using a password manager to protect credentials
Describe security benefits and risk awareness
Describe the security benefits of using multifactor authentication
Identify business processes that may be targeted or infiltrated by threat actors
Describe the risks of working in a remote environment
Understand the importance of required software updates and security patches
Describe the impact of security events, such as ransomware
Define cybersecurity concepts and emerging threats
Define the terms vulnerability, threat, risk, encryption, and exploit
Describe what deepfakes are
Understand cybersecurity risks and threats (30–35%)
Identify common cybersecurity risks
Describe the risks associated with using public Wi-Fi networks
Describe psychological social engineering techniques, such as phishing, pretexting, and baiting
Detect indicators of malicious activity
Identify indicators of malware
Identify potential indicators of insider threats
Describe abnormal system behavior or infection symptoms
Evaluate and verify digital communications
Identify suspicious emails, malicious links, and unexpected attachments
Identify potential privacy and security risks
Verify the legitimacy of requests for access, payments, or sensitive data
Apply access controls
- Identify appropriate controls to limit access to systems and data
Apply basic security practices to protect the organization (25–30%)
Understand the basics of securing devices, accounts, and workspaces
- Understand the basics of securing remote and mobile devices and workspaces, including using strong passwords, multifactor authentication, and other essential security practices
Understand how to protect sensitive and proprietary data
Recognize and classify sensitive data
Understand the different types of document sensitivity labeling and when to apply each
Understand rights management
Understand safe internet and data-handling practices
Apply proper data-handling techniques
Understand how to collect, use, transfer, store, retain, and destroy data
Understand backup and recovery measures
Understand how to help ensure that data is backed up to support recovery from incidents
Identify and follow basic recovery measures for data loss or system issues
Report and respond to security incidents (10–15%)
Report on security incidents and policy violations
Identify situations that require reporting (for example, a phishing attempt, a lost device, or unauthorized access)
Select the correct information to include in a report (for example, the date, type of incident, and affected data)
Choose the appropriate reporting channel (for example, email, help desk, or incident form)
Take appropriate action during data breaches
Follow basic steps when a breach occurs (for example, stop sharing data, disconnect devices, and notify IT)
Recognize when escalation is required (for example, sensitive data exposure or a ransomware incident)
Study resources
We recommend that you train and get hands-on experience before you take the exam. We offer self-study options and classroom training as well as links to documentation, community sites, and videos.
| Study resources | Links to learning and documentation |
|---|---|
| Get trained | Choose from self-paced learning paths and modules or take an instructor-led course |
| Find documentation | Understand Microsoft security Security hub |
| Ask a question | Microsoft Q&A | Microsoft Docs |
| Follow Microsoft Learn | Microsoft Learn - Microsoft Tech Community |
| Find a video | Exam Readiness Zone Browse other Microsoft Learn shows |