Contents

Introduction

Organization of this book

Preparing for the exam

Microsoft certifications

Quick access to online references

Errata, updates, & book support

Stay in touch

Chapter 1 Implement and manage identity and access

Skill 1.1: Secure Microsoft 365 hybrid environments

Plan Azure AD authentication options

Plan Azure AD synchronization options

Monitor and troubleshoot Azure AD Connect events

Skill 1.2: Secure identities

Implement Azure AD group membership

Implement password management

Configure and manage identity governance

Skill 1.3: Implement authentication methods

Plan sign-in security

Implement multifactor authentication (MFA)

Manage and monitor MFA

Plan and implement device authentication methods like Windows Hello

Configure and manage Azure AD user authentication options

Skill 1.4: Implement conditional access

Plan for compliance and conditional access policies

Configure and manage device compliance for endpoint security

Implement and manage conditional access

Skill 1.5: Implement role-based access control (RBAC)

Plan for roles

Configure roles

Audit roles

Skill 1.6: Implement Azure AD Privileged Identity Management (PIM)

Plan for Azure PIM

Implement and configure Azure PIM roles

Manage Azure PIM role assignments

Skill 1.7: Implement Azure AD Identity Protection

Implement user risk policy

Implement sign-in risk policy

Configure Identity Protection alerts

Review and respond to risk events

Thought Experiment Answers

Secure Microsoft 365 hybrid environments

Secure identities

Implement authentication methods

Implement conditional access

Implement role-based access control (RBAC)

Implement Azure AD Privileged Identity Management

Implement Azure AD Identity Protection

Chapter 2 Implement and manage threat protection

Skill 2.1: Implement an enterprise hybrid threat protection solution

Planning an Azure Advanced Threat Protection (ATP) solution

Install and configure Azure ATP

Manage Azure ATP Workspace Health

Generate Azure ATP reports

Integrate Azure ATP with Microsoft Defender ATP

Manage suspicious activities

Skill 2.2: Implement device threat protection

Plan and implement a Microsoft Defender ATP solution

Manage Microsoft Defender ATP

Monitoring Microsoft Defender ATP

Skill 2.3: Implement and manage device and application protection

Plan for device protection

Configure and manage Windows Defender Application Guard

Configure and manage Windows Defender Application Control

Configure and manage Windows Defender Exploit Guard

Configure Secure Boot

Configure and manage Windows 10 device encryption

Plan for securing applications data on devices

Define managed apps for mobile application management (MAM)

Protect your enterprise data using Windows Information Protection (WIP)

Configure WIP policies

Configure Intune App Protection Policies for non-Windows devices

Skill 2.4: Implement and manage Office 365 ATP

Configure Office 365 ATP anti-phishing policies

Define users and domains to protect with Office 365 ATP Anti-Phishing

Configure actions against impersonation

Configure Office 365 ATP anti-spam protection

Enable Office 365 ATP Safe Attachments

Configure Office 365 ATP Safe Attachments policies

Configure Office 365 ATP Safe Links policies

Configure Office 365 ATP Safe Links blocked URLs

Configure Office 365 Threat Intelligence

Integrate Office 365 Threat Intelligence with Microsoft Defender ATP

Review threats and malware trends on the Office 365 ATP Threat Management dashboard

Review threats and malware trends with Office 365 ATP Threat Explorer and Threat Tracker

Create and review Office 365 ATP incidents

Review quarantined items in ATP

Monitor online anti-malware solutions using Office 365 ATP reports

Perform tests using Attack Simulator

Skill 2.5: Implement Azure Sentinel for Microsoft 365

Plan and implement Azure Sentinel

Configure Playbooks in Azure Sentinel

Manage and monitor Azure Sentinel

Respond to threats in Azure Sentinel

Thought Experiment Answers

Using Azure ATP

Using Microsoft Defender ATP

Device Protection

Protecting users from phishing attacks

Using Office 365 Threat Intelligence

Chapter 3 Implement and manage information protection

Skill 3.1: Secure data access within Office 365

Implement and manage Customer Lockbox

Configure data access in Office 365 collaboration workloads

Configure B2B sharing for external users

Skill 3.2: Manage Azure Information Protection (AIP)

Plan an AIP solution

Configure Sensitivity Labels and policies

Deploy the RMS connector

Manage tenant keys

Deploy the AIP client

Integrate AIP with Office 365 Services

Skill 3.3: Manage Data Loss Prevention (DLP)

Plan a DLP solution

Create and manage DLP policies

Create and manage sensitive information types

Monitor DLP reports

Manage DLP notifications

Skill 3.4: Implement and manage Microsoft Cloud App Security

Plan Cloud App Security implementation

Configure Microsoft Cloud App Security

Manage cloud app discovery

Manage entries in the Cloud app catalog

Manage apps in Cloud App Security

Manage Microsoft Cloud App Security

Configure Cloud App Security connectors and OAuth apps

Configure Cloud App Security policies and templates

Review, interpret, and respond to Cloud App Security alerts, reports, dashboards, and logs

Thought Experiment Answers

Secure data access within Office 365

Manage Azure Information Protection (AIP)

Manage Data Loss Prevention (DLP)

Implement and manage Microsoft Cloud App Security

Chapter 4 Manage governance and compliance features in Microsoft 365

Skill 4.1: Configure and analyze security reporting

Interpret Windows Analytics

Configure Windows Telemetry options

Configure Office Telemetry options

Review and interpret security reports and dashboards

Plan for custom security reporting with Intelligent Security Graph

Review Office 365 Secure Score actions and recommendations

Configure alert policies in the Office 365 Security and Compliance Center

Skill 4.2: Manage and analyze audit logs and reports

Plan for auditing and reporting

Configure Office 365 auditing and reporting

Perform audit log search

Review and interpret compliance reports and dashboards

Configure audit alert policy

Skill 4.3: Configure Office 365 classification and labeling

Plan for data governance classification and labels

Search for personal data

Apply labels to personal data

Monitor for leaks of personal data

Create and publish Office 365 labels

Configure label policies

Skill 4.4: Manage data governance and retention

Plan for data governance and retention

Review and interpret data governance reports and dashboards

Configure retention policies

Define data governance event types

Define data governance supervision policies

Configure information holds

Import data in the Security and Compliance Center

Configure data archiving

Manage inactive mailboxes

Skill 4.5: Manage search and investigation

Plan for content search and eDiscovery

Delegate permissions to use search and discovery tools

Use search and investigation tools to perform content searches

Export content search results

Manage eDiscovery cases

Skill 4.6: Manage data privacy regulation compliance

Plan for regulatory compliance in Microsoft 365

Review and interpret GDPR dashboards and reports

Manage Data Subject Requests (DSRs)

Review Compliance Manager reports

Create and perform Compliance Manager assessments and action items

Thought Experiment Answers

Configure and analyze security reporting

Manage and analyze audit logs and reports

Configure Office 365 classification and labeling

Manage data governance and retention

Manage search and investigation

Manage data privacy regulation compliance

Index

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.218.196.182