Duration

1 day(s)

Audience

This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 work load administrator certification paths.

Prerequisites

Objectives

After completing this course, students will be able to:

• Manage Security Metrics
• Implement security solutions in Microsoft 365
• Plan and configure Azure AD identity protection
• Implement Microsoft Secure Score
• Implement Exchange Online Protection
• Implement Advanced Threat Protection
• Manage Safe Attachments and Safe Links
• Implement Microsoft 365 Threat Intelligence
• Use the Microsoft 365 Security Dashboard
• Configure Advanced Threat Analytics
• Implement cloud application security

Methods

Classroom training with hands-on exercises

Description

The Microsoft 365 Security Management course takes you on an extensive journey through the world of cloud security. The course begins by examining how to manage your security metrics. This begins by building a foundational understanding of the threat landscape that faces organizations today. The course introduces you to phishing, spoofing, spam and malware, account breaches, elevation of privileges, data exfiltration, data deletion, data spillage, and more. With this knowledge in place, you will then examine various security solutions that can address these threats, including Exchange Online Protection, Microsoft 365 Advanced Threat Protection, Microsoft 365 Threat Intelligence, and Advanced Security Management. The course then takes a deep dive into Azure AD Identity Protection, including how to enable it, how to configure it to detect vulnerabilities and risk events, and how to plan your investigation. This coverage of security metrics ends with an introduction to Microsoft Secure Score, which is a security analytics tool designed to help organizations understand what they have done to reduce the risk to their data, and show them what they can do to further reduce that risk.

With this foundational knowledge in place concerning today’s threat landscape and the Microsoft 365 security solutions that are available to address those threats, the course then examines how to configure those solutions. This begins with an introduction to Exchange Online Protection (EOP), during which you will learn how EOP enables you to configure the anti-malware pipeline in Microsoft 365, as well as phishing and spoofing protection, zero-hour purge, and spoofing intelligence. The course then transitions to Advanced Threat Protection (ATP), where it examines how ATP expands on the protections provided by Exchange Online Protection by using its Safe Attachments and Safe Links features. The course then takes a deep dive into each of these features and examines how to create and manage safe attachment and safe links policies in the Security and Compliance Center, as well as through Windows PowerShell. The course then identifies a variety of reports that are available to monitor your security status, including the Threat Protection Status report, the ATP message disposition report, the Malware Detections report, and much, much more.

The course concludes with an extensive examination of Microsoft 365 Threat Intelligence. Since Microsoft 365 hosts one of the largest networks in the world and manages content created on millions of devices, Microsoft has been able to build a vast repository of threat intelligence data, as well as the systems needed to spot patterns that correspond to attack behaviors and suspicious activity. Microsoft 365 Threat Intelligence is a collection of these insights, which can help organizations proactively find and eliminate threats. As such, the course examines how to plan for and implement Microsoft 365 Threat Intelligence. This includes using the Microsoft Intelligence Security Graph, the Security Dashboard, and Threat Explorer. You will then learn how to configure Advanced Threat Analytics (ATA) and how to manage ATA services. Finally, you will be instructed on how to implement your own cloud application security. This includes deploying cloud app security, controlling your cloud apps with policies, and troubleshooting your cloud app security status.

Contents

Course Outline

Module 1: Designing your Microsoft 365 Tenant

Lessons

• Planning a Microsoft 365 On-premises infrastructure
• Planning Your Identity and Authentication Solution

Module 2: Configuring your Microsoft 365 Tenant

Lessons

• Planning your Microsoft 365 Experience
• Configuring your Microsoft 365 Experience
• Leveraging FastTrack and Partner Services
• Implementing Your Domain Services

Module 3: Managing your Microsoft 365 Tenant

Lessons

• Configuring Tenant Roles
• Managing Tenant Health and Services

Module 4: Hands-On Lab

Lab : Managing Microsoft 365 Security

• Exercise 1: Setting up your lab environment
• Exercise 2: Editing an ATP Safe Links policy and create a Safe Attachment policy
• Exercise 3: Enabling and installing the ATA Center