A Roadmap for Microsoft Security Certifications in 2023

Susan Asher | Friday, April 14, 2023

 A Roadmap for Microsoft Security Certifications in 2023

The cybersecurity industry is experiencing an unprecedented boom. While the estimated size of the cybersecurity workforce is 4.2 million, according to the 2022 Cybersecurity Workforce Study, there's still an estimated need for 3.4 million cybersecurity professionals — meaning the cybersecurity field needs to add almost a million professionals to catch up to demand.

To land a cybersecurity job, however, you not only need to have the necessary skills and knowledge — you also need to have proof of that. Thankfully, industry-approved certifications like those provided by Microsoft can help. In this article, we'll provide a road map for Microsoft security certifications in 2023 by outlining the steps you need to take to acquire these certifications and advance your cybersecurity career.

Why Choose Microsoft Security Certifications

Focus Areas of Microsoft Security Certifications

Microsoft security certifications are divided into different focus areas to help you specialize in areas of technology that align with your interests and career goals. These focus areas are designed to provide a more in-depth understanding of a particular technology or area of expertise. Let’s quickly go over the different focuses.

Identity and Access Management (IAM)

This focus validates the skills and expertise of cybersecurity professionals in managing identity and access to enterprise resources. This means the emphasis of IAM is on handling user access and permissions and is thus a critical and required component of any cybersecurity strategy.

Information Protection

In cybersecurity, Information Protection helps organizations ensure their sensitive data is secured and protected from unauthorized access, use, or disclosure. The Microsoft Purview Information Protection focus is designed to teach cybersecurity professionals how to secure this sensitive information.

The Microsoft Information Protection Administrator Associate certification is a testament of your ability to support policies and controls to address regulatory requirements and to secure data for an organization.

Threat Protection

Threat protection is a critical aspect of cybersecurity, as threats continue to evolve and become more sophisticated. Organizations need to implement effective strategies and technologies to protect themselves from these new and changing threats, including malware, ransomware and phishing. The Threat Protection focus area of Microsoft security certifications provides professionals with the knowledge and skills needed to implement and manage effective threat protection strategies in Microsoft environments.

If you’re interested in Threat Protection for Microsoft 365, a good certification to start with is the Microsoft 365 Security Administrator Associate.

Security Management

Effective cybersecurity in the cloud relies on the continuous management and administration of security policies, technologies and processes, which are collectively called “security management.” Proper security management enables organizations to ensure the confidentiality, integrity, and availability of their data and systems, as well as comply with data protection regulations. The Security Management focus provides professionals with the knowledge and skills needed to manage security in Microsoft environments.

An example of a Security Management certification is the Microsoft Azure Security Engineer Associate.

Levels of Microsoft Security Certifications

Microsoft Security certifications are divided into three skill levels: Fundamental, Associate and Expert. The Fundamentals level covers basic security concepts to get you acclimated, while the Associate level covers specialized security topics in more depth. The Expert-level certifications require advanced knowledge and expertise in specific cybersecurity areas and are designed for experienced professionals seeking to advance their careers in cybersecurity.

Microsoft Security Certifications – Fundamental Level

Microsoft Security, Compliance, and Identity Fundamentals

This entry-level certification provides foundational knowledge of security, compliance, and identity concepts for those looking to get started in the cybersecurity field. It covers basic security principles, threat protection, identity and access management and compliance.

However, before jumping into the Security, Compliance, and Identity Fundamentals exam, Microsoft recommends you sign up for an instructor-led training course like Microsoft Security, Compliance, and Identity Fundamentals. This training will prepare you for the exam by teaching you the skills to describe security concepts and methodologies and navigate Microsoft products like the Service Trust Portal, which is a web-based platform designed to help businesses evaluate the security and compliance of their services.

Note that this training course has prerequisites. You should have a general understanding of networking, cloud computing, Microsoft Azure, and Microsoft 365 before registering.

Microsoft Security Certifications – Associate Level

Security Operations Analyst Associate

This associate-level certification covers a range of concepts including threat management, incident response, compliance, and security operations management. At its core, the job of a Security Operations Analyst is to mitigate organizational risk. Therefore, this certification focuses on threat protection technologies, security monitoring and response, and how to conduct investigations and remediation. In this course, you'll also learn about managing security policies and compliance standards and maintaining data privacy and confidentiality.

The Security Operations Analyst Associate training course will teach you how to investigate, respond to, and hunt for threats in a myriad of Microsoft products, including Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender.

During this training course, you’ll learn how to configure Attack Surface Reduction (ASR) rules on Windows devices. This means you’ll be able to design configurations and policies to reduce the number of attack vectors. You’ll also learn how to write Kusto Query Language (KQL) statements ― which is a query language like SQL but is used in Azure environments. Other skills you’ll learn include investigating data loss prevention alerts in Microsoft Defender for Cloud apps, investigating domains and IP addresses in Microsoft Defender for Endpoint, and managing a Microsoft Sentinel workspace.

The prerequisites for this course are a little more involved than the Microsoft Security, Compliance, and Identity Fundamentals certification, as this is an associate-level course. You’ll need to have a basic understanding of Microsoft 365, Microsoft security, compliance, and identity products, an intermediate understanding of Windows, a familiarity with Azure, and knowledge of basic scripting concepts.

Information Protection Admin Associate

As the name suggests, this certification validates a professional’s proficiency and knowledge in designing and implementing Microsoft Information Protection (MIP) solutions, configuring data loss prevention (DLP) policies, and managing labels and sensitive information types in Microsoft 365.

Data is perhaps the most important aspect of any business and keeping that data private and secure is important not only for a business but for its customers as well. Thus, the Information Protection Admin is a critical role in the cybersecurity field.

The skills needed to be a successful Information Protection Admin are covered in the Microsoft Information Protection Administrator training course. In this course, you'll learn how to deploy Endpoint DPL, configure event-driven retention — which means designing policies that retain or delete data based on specific events or conditions — and how to secure messages with Microsoft Purview.

Like the other certifications, there are prerequisites. You should have a foundational knowledge of Microsoft security and compliance technologies, Microsoft 365 products and services, and have a basic understanding of information protection and cloud computing concepts.

Identity & Access Admin Associate

The Identity and Access Administrator Associate certification from Microsoft is designed for professionals who want to specialize in identity and access management; identity and access management (IAM) is a security framework that’s used to manage who’s permitted to use what IT resources. Specifically, this certification focuses on user access in Microsoft's Azure Active Directory and Microsoft 365 Identity and Services.

Some of the concepts covered on the exam include understanding the architecture and components of Active Directory and knowing different identity models — an identity model being a framework for defining and managing digital identities for not only users but devices and applications as well.  

The Microsoft Identity and Access Administrator training course will provide you with a thorough understanding of exam concepts. The course will teach you how to implement identity management, authentication and access management solutions, as well as how to implement access management for apps and how to plan and implement an identity governance strategy.

Before registering for this course, you should have an understanding of security best practices, identity concepts like authentication and you should have experience with deploying Azure workloads. Experience with Windows, Linux and scripting languages isn't required but recommended.

As well, you should complete the following training courses:

M365 Security Admin

By earning the M365 Security Admin certification, individuals demonstrate their ability to implement and manage security and compliance solutions in Microsoft 365, including threat management, data governance, identity and access management, and information protection.

The training course, facilitated by ExitCertified, will prepare you for the M365 Security Admin exam (MS-500). In this course, you’ll learn crucial skills like how to deploy secure mobile devices, how to leverage Microsoft Security Score to improve security, and how to configure advanced threat detection services in Microsoft 365.

Before registering, you should have a basic understanding of Microsoft Azure, computer networks, the management of mobile devices, and authorization and authentication. You should also have hands-on experience with Windows 10 and Office 365.

Azure Security Engineer

The Azure Security Engineer certification is designed for professionals who already have knowledge and experience in security operations and Azure security. This certification confirms the skills required to implement security controls, maintain security posture, and identify and respond to security threats in a professional environment.

Key concepts of the certification include how to design and implement security solutions in Azure, how to configure Azure network security, how to manage security operations in Azure, and how to implement platform protection.

In the Microsoft Azure Security Technologies training course, you’ll gain a wealth of knowledge to prepare you for the exam. A few of the skills you’ll learn include how to implement perimeter security strategies like VPNs and network segmentation; how to implement container security strategies using Azure Container Instances, Azure Container Registry and Azure Kubernetes; and how to implement storage security measures.

You should understand security best practices and industry security requirements, as well, as security protocols like VPNs, InternetSecurity Protocol (IPSec), and Secure Socket Layer (SSL).  Note that this course does not cover the basics of Azure administration.

Microsoft Security Certifications – Expert Level

Cybersecurity Architect  

The Microsoft Cybersecurity Architect course will help you prepare to become a Microsoft Cybersecurity Architect. The course covers several advanced concepts, including threat protection, identity and access management, information protection, and security management. You’ll learn how to design, implement, and maintain secure solutions using various Microsoft tools and technologies, including Azure Security Center, Azure Active Directory, Microsoft Intune, and Windows Defender. You’ll also learn about the Microsoft security stack, the Zero-Trust security model, security governance and regulatory compliance requirements, as well as best practices for securing network infrastructure, identities and access, and data both in transit and at rest.

To obtain this certification, Microsoft requires you to complete a prerequisite certification. This means before completing the Microsoft Security Architect exam, you must pass either the Azure Security Engineer Associate certification, the Identity and Access Administration Associate certification, the Security Administrator Associate certification or the Security Operations Analyst certification.

To prepare for the Microsoft Cybersecurity Architect exam, take the Microsoft Cybersecurity Architect course. We also recommend that you have advanced knowledge in identity and access, platform protection, and security operations, and that you have experience with hybrid and cloud implementations.

Interested in advancing your career with a Microsoft Security certificate?

Learn More
microsoft partner logo color
Microsoft Security, Compliance, and Identity Fundamentals