Home/ cloud-computing/ Microsoft 365 Fundamentals/ Cheat Sheet
Microsoft 365 Fundamentals· Exam reference card · 2026 · Edureify AI
Microsoft 365 Fundamentals

Microsoft 365 Fundamentals Cheat Sheet

MS-900 Tests Cloud Concepts and M365 Service Knowledge — Not Configuration Skills

This is a foundational exam. Scenario questions test service selection and licensing understanding, not deep technical implementation.

Check Your Readiness →
Among the harder certs
Avg: Approximately 68–73%
Pass: 750 / 1000
Most candidates understand Microsoft 365 Fundamentals concepts — and still fail. This exam tests how you apply knowledge under pressure.
Core Framework

MS-900 Domain Areas

MS-900 is a breadth exam across five domain areas. Most questions are conceptual — know what each service does, when to use it, and how licensing tiers differ. Configuration knowledge is rarely tested at this level.

  1. 01
    Cloud Concepts — IaaS, PaaS, SaaS; shared responsibility; cloud benefits
  2. 02
    Microsoft 365 Core Services — Teams, SharePoint, Exchange, OneDrive, Intune
  3. 03
    Security & Compliance — Microsoft Defender, Purview, Entra ID, Compliance Center
  4. 04
    Microsoft 365 Pricing & Licensing — Plan comparisons, add-ons, subscription management
  5. 05
    Support & Service Lifecycle — Service health dashboard, support options, SLAs
Scenario Traps

Wrong instinct vs correct approach

A small business needs email, video meetings, and file storage
✕ Wrong instinct

Recommend Microsoft 365 E5 for maximum capability

✓ Correct approach

E5 is enterprise-level with advanced security features. A small business needs M365 Business Basic or Standard — match the plan to the organization's size and compliance requirements, not maximum features

A company needs to ensure sensitive data doesn't leave the organization via email
✕ Wrong instinct

Configure Exchange Online email filters

✓ Correct approach

Use Microsoft Purview Data Loss Prevention (DLP) policies — they detect and prevent sharing of sensitive information across M365 services including email, Teams, and SharePoint

Employees need to access M365 from personal devices securely
✕ Wrong instinct

Block all personal device access for security

✓ Correct approach

Use Microsoft Intune with conditional access policies (via Entra ID) to allow managed or compliant devices while blocking unmanaged ones — balance security with productivity

Quick Rules

Know these cold

  • OneDrive = personal storage; SharePoint = team collaboration and intranet
  • Microsoft Entra ID = cloud identity; not the same as on-premises Active Directory
  • Defender = security and threat protection; Purview = compliance and data governance
  • M365 Business plans cap at 300 users; Enterprise plans are for larger organizations
  • SaaS = vendor manages everything; IaaS = you manage OS and above; PaaS = you manage application
  • Conditional access policies enforce MFA, device compliance, and location-based access
  • Service health dashboard is the first place to check when a service is experiencing issues
Self Check

Can you answer these without checking your notes?

In this scenario: "A small business needs email, video meetings, and file storage" — what should you do first?
E5 is enterprise-level with advanced security features. A small business needs M365 Business Basic or Standard — match the plan to the organization's size and compliance requirements, not maximum features
In this scenario: "A company needs to ensure sensitive data doesn't leave the organization via email" — what should you do first?
Use Microsoft Purview Data Loss Prevention (DLP) policies — they detect and prevent sharing of sensitive information across M365 services including email, Teams, and SharePoint
In this scenario: "Employees need to access M365 from personal devices securely" — what should you do first?
Use Microsoft Intune with conditional access policies (via Entra ID) to allow managed or compliant devices while blocking unmanaged ones — balance security with productivity
Failure Patterns

Common Exam Mistakes — What candidates get wrong

Confusing SharePoint with OneDrive use cases

OneDrive is for personal file storage and individual productivity. SharePoint is for team collaboration, document libraries, and intranet sites. Candidates swap these in scenario questions regularly.

Misidentifying Microsoft Entra ID (formerly Azure AD) capabilities

Entra ID provides identity and access management for M365. Candidates confuse it with on-premises Active Directory — Entra ID is cloud-native and handles SSO, MFA, and conditional access, not on-prem group policy.

Confusing compliance and security service boundaries

Microsoft Defender handles threat protection (antivirus, EDR, SIEM). Microsoft Purview handles compliance (data classification, retention, eDiscovery). These serve different purposes and candidates regularly misapply them.

Treating all M365 plans as equivalent

M365 Business Basic, Standard, Premium, and Enterprise (E3/E5) have significant capability differences — especially around security features, compliance tools, and analytics. Plan selection questions test whether you know these differences.

Misidentifying SaaS vs. PaaS vs. IaaS for Microsoft services

M365 is SaaS (Microsoft manages everything). Azure offers IaaS (VMs) and PaaS (App Service, Functions). Candidates mixing these up fail cloud concept questions.

MS-900 covers more ground than most people prepare for. Test whether your M365 service knowledge is complete.

Start Diagnostic Test → View all exams