Preface

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Preface

Chapter Layout and Conventions

Before you begin reading the book, I wanted to provide some background information on the structure and layout of the book.

Chapter Layout

The book is laid out in a way in which the reader can progress from beginning knowledge of PowerShell to immersion in the Security and Compliance Center PowerShell and end up in reference material for future follow-up and further reading. The book has been laid out like so:

Introduction: Brief introduction into the book and PowerShell

Chapters 1 to 3: Introduction to PowerShell using PowerShell cmdlets and examples from the Security and Compliance Center.

Chapters 4 to 14: Each chapter covers a different topic for the Security and Compliance Center (SCC) from DLP Holds to Information Barriers, Labels, Security and more. Extensive PowerShell examples and code are provided to assist in your learning of PowerShell for the SCC.

Appendices: Additional helpful PowerShell tips as well as further reading

Conventions

Throughout the book, the author uses some consistent tools to help you, the reader, learn about PowerShell for the Security and Compliance Center. These conventions come in many forms, from screenshots of actual script / cmdlet results, to PowerShell code that is indented and a different font, as well as providing ‘**Note**’ notes along the way to help provide further information for the reader.

Additionally, sources or reference materials are all click-able links (digital edition) for future reading and exploration of ideas brought up in this book.

As an added bonus, any real world issues or problems found are included in this book. This is done because the author wants to provide the best experience for the reader and to help them understand that sometimes there are issues with PowerShell in the Security and Compliance Center. Thus a raw, unbiased view is provided.

Author’s Notes and Findings

WARNING

** The below section contains observations and opinions related to issues found when making this book. These errors and issues may be fixed by the time you read this, so be aware of that. **

While writing this book, the author ran into a few issues and oddities along the way. Some of the features discussed in this book (at least at the time of publication) were either just reaching General Availability (GA) or the feature was in Preview. For example, for EDM, the DLP EDM cmdlets were being added and removed from the SCC PowerShell module for testing purposes. Below is a list of items that the author thought was important enough to place at the beginning of the book to inform the reader of the bumpy road ahead when using PowerShell with the SCC

(1) Some features are ONLY available in the Security and Compliance Center itself, with no PowerShell cmdlets to utilize:

Threat Management
MailFlow
Cloud App Security

(2) Some features are ONLY available in PowerShell for the Security and Compliance Center:

Information Barriers

(3) Some features have just been released or are in preview and as such, there isn’t a lot of information on these sections of the SCC:

Information Barriers
Exact Data Match (EDM)

(4) Help in the Security and Compliance Center is inconsistent at the moment - some observations:

Missing examples in Get-Help for numerous cmdlets
Missing synopsis for multiple cmdlets
Parameters are not always indicative of what the cmdlet accepts (misspelling on at least one parameter)
Help in Microsoft Docs is missing for some cmdlets as well. If the Get-Help information for a cmdlet is lacking, then this will make it even worse for finding relevant examples. Some cmdlets are new, so this is understandable, but others were released very recently.

(5) Errors when running cmdlets

Permissions to run a cmdlet are not discoverable:

Watson errors will occur when querying permissions on cmdlets.
Watson errors also register on other cmdlets

DLP Keyword Dictionaries generates errors about:

Limits to uploading content (100Kb limit on file and 1MB on connection limit)
** Note ** A lot of these items have been raised for awareness or have bug reports with Microsoft already and they could be fixed by the time you read this book. No guarantees on what will be fixed, broken or otherwise because Microsoft owns and maintains the PowerShell module for the Security and Compliance Center as you would expect.

(6) New-AdminAuditLogSearch

(7) Protection Alerts in PowerShell - unable to add multiple Operations:

However, notice that if we use the Set-ProtectionAlert to change the Operation value to any other value that was included in the multiple actions, They are added or changed without issue: