Microsoft · MS-102
Validates ability to deploy and manage Microsoft 365 tenants, implement identity and access with Microsoft Entra ID, manage security and threats using Microsoft 365 Defender, and manage compliance using Microsoft Purview.
Questions
965
Duration
120 minutes
Passing Score
700/1000
Difficulty
ExpertLast Updated
Jan 2025
Use this MS-102 practice exam to prepare for Microsoft 365 Certified: Administrator Expert (MS-102) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 965 questions for Microsoft MS-102, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as Deploy and manage a Microsoft 365 tenant, Implement and manage Microsoft Entra identity and access, Manage security and threats by using Microsoft 365 Defender, and Manage compliance by using Microsoft Purview. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The MS-102 exam certifies Microsoft 365 Administrators who deploy and manage Microsoft 365 tenants across cloud and hybrid environments. It validates mastery across four critical pillars: tenant configuration and management, identity and access management via Microsoft Entra ID, threat protection through Microsoft Defender XDR, and compliance governance through Microsoft Purview. Passing this exam earns the Microsoft 365 Certified: Administrator Expert credential — the highest-level Microsoft 365 administration certification available.
The exam was last updated on November 10, 2025, and reflects current platform capabilities including Microsoft Entra Cloud Sync, Microsoft Defender Vulnerability Management, Defender for Cloud Apps, and Purview data lifecycle management. Candidates are assessed on practical, scenario-based tasks such as configuring Conditional Access policies, implementing directory synchronization using Microsoft Entra Connect Sync, managing attack simulation training, configuring DLP policies across Exchange, SharePoint, OneDrive, and Teams, and monitoring tenant health and adoption metrics through the Microsoft 365 admin center.
This certification targets experienced IT professionals already working as Microsoft 365 administrators who serve as the integrating hub across all Microsoft 365 workloads. Ideal candidates coordinate with architects and workload-specific administrators responsible for infrastructure, identity, security, compliance, endpoints, and applications in enterprise environments.
Typical job titles pursuing this certification include Microsoft 365 Administrator, Cloud Administrator, Identity and Access Administrator, and IT Manager overseeing Microsoft cloud services. Candidates are expected to have hands-on administration experience with at least one Microsoft 365 workload — such as Exchange Online, Teams, SharePoint, or Endpoint Management — and functional familiarity with all workloads. Working knowledge of networking fundamentals, Active Directory Domain Services, DNS, and PowerShell scripting is also expected.
To earn the Microsoft 365 Certified: Administrator Expert credential, candidates must first hold at least one qualifying Microsoft associate-level certification. Accepted prerequisites include: Microsoft 365 Certified: Endpoint Administrator Associate, Microsoft 365 Certified: Messaging Administrator Associate, Microsoft 365 Certified: Teams Administrator Associate, Microsoft Certified: Identity and Access Administrator Associate, or Microsoft Certified: Information Protection and Compliance Administrator Associate. At least one of these must be obtained before the expert certification can be awarded upon passing MS-102.
Beyond formal certification prerequisites, candidates should have practical experience administering Microsoft 365 and Microsoft Entra ID in production or lab environments. Recommended technical knowledge includes hybrid identity synchronization (Microsoft Entra Connect Sync or Cloud Sync), PowerShell-based administration, Microsoft Defender security tools, and Microsoft Purview compliance solutions. Familiarity with DNS configuration, Active Directory, and enterprise networking concepts is strongly advised.
MS-102 is a proctored exam delivered through Pearson VUE, available both online and at authorized testing centers. The exam has a time limit of 120 minutes and requires a passing score of 700 on a scale of 100–1000. Question count typically ranges from 40–60 items, though the exact number varies per exam form. Question types include scenario-based multiple-choice (single and multiple answer), drag-and-drop, build-list/reorder, and active screen (lab simulations may appear).
The exam is available in English, Chinese (Simplified), German, Spanish, French, Japanese, and Portuguese (Brazil). Candidates taking a non-English version may receive 30 additional minutes. The certification is valid for one year and can be renewed annually at no cost by passing a free, unproctored online renewal assessment on Microsoft Learn. Microsoft's standard retake policy applies: 24-hour wait after the first failed attempt, 14-day wait for subsequent attempts, with a maximum of five attempts per exam in any 12-month period.
The Microsoft 365 Certified: Administrator Expert credential directly validates enterprise-level cloud administration skills sought by organizations deeply invested in the Microsoft 365 ecosystem. Common roles held by certified professionals include Microsoft 365 Administrator, Cloud Infrastructure Administrator, Identity and Access Administrator, Security & Compliance Administrator, and IT Manager overseeing Microsoft cloud environments. The certification is also a recognized prerequisite stepping stone toward advanced Microsoft security certifications such as SC-100 (Cybersecurity Architect Expert) and SC-200 (Security Operations Analyst Associate).
According to ZipRecruiter data, Microsoft 365 Certified Enterprise Administrator Experts in the United States earn an average of approximately $100,000 annually, with top earners exceeding $130,000 and contractors billing $50–$120 per hour depending on scope and region. The certification is particularly valued at Microsoft Partner organizations, consulting firms, and large enterprises running hybrid Microsoft 365 and on-premises Active Directory environments. With Microsoft 365 remaining the dominant cloud productivity platform globally, demand for credentialed administrators remains consistently high across North America, Europe, and Asia-Pacific markets.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 965 questions.
Preview — answers shown1. You work as a Systems Administrator for Trey Research. The company has an on-premises domain with DNS servers. Trey Research is expanding its network and needs to ensure centralized name resolution for new virtual machines. Which service should you integrate with the domain?
Explanation
DNS provides centralized name resolution for machines in the domain. Kerberos handles authentication, virtualization elasticity manages resource allocation, and provisioning packages configure devices.
2. Northwind Traders has departments across regions and wants to restrict administrative permissions to specific segments. They plan to use administrative units to delegate the Helpdesk Administrator role to regional specialists. Which resource types can administrative units contain?
Explanation
Administrative units can contain users, groups, or devices. They cannot contain sites and applications or groups, sites, and subscriptions.
3. At Northwind Traders, you've enabled sensitivity labels for SharePoint and OneDrive. For files encrypted with a cloud-based key, what collaborative features become available?
Explanation
Enabling allows processing for these features. Basic storage alone isn't enhanced. Encryption isn't removed, and access isn't limited to view-only.
4. You work at Trey Research, where sensitivity labels apply to Power BI. What does this enable for data protection?
Explanation
Extending sensitivity labels to Power BI allows viewing and applying labels to protect data when exported. It doesn't automatically encrypt datasets. Email attachments are handled differently. Meetings have separate scoping.
5. At Margie's Travel, a travel agency, the company wants to host a public website securely without exposing internal servers to the internet. Which network setup places the web server in a protected area with controlled access?
Explanation
A perimeter network or DMZ hosts the web server outside the internal network but behind firewalls, allowing public access while protecting internal resources. Direct connection exposes internal servers. VPN tunnel secures remote access but not public hosting. Azure Virtual Network is for cloud, not on-premises setup.
Microsoft Dynamics 365 Supply Chain Management Functional Consultant Expert (MB-335)
MB-335 · 2039 questions
Microsoft Dynamics 365 Business Central Functional Consultant (MB-800)
MB-800 · 1899 questions
Microsoft Certified: Azure AI Engineer Associate (AI-102)
AI-102 · 1392 questions
Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-801)
AZ-801 · 1376 questions
Microsoft Dynamics 365 Finance Functional Consultant (MB-310)
MB-310 · 1299 questions
Microsoft 365 Certified: Fundamentals (MS-900)
MS-900 · 1201 questions
$17.99
One-time access to this exam