Microsoft 365 Mobility and Security - MS-101T00 Course Outline

(5 Days) - Learning Credits Accepted

Overview

This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security management, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats. You will be introduced to the Microsoft Secure Score, as well as to Azure Active Directory Identity Protection. You will then learn how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. Finally, you will be introduced to the various reports that monitor your security health. You will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches. With your Microsoft 365 security components now firmly in place, you will examine the key components of Microsoft 365 compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP). You will then delve deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center. Now that you understand the key aspects of data governance, you will examine how to implement them, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips. You will then focus on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection. You will conclude this section by learning how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery. The course concludes with an in-depth examination of Microsoft 365 device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management. At this point, you will transition from planning to implementing device management; specifically, your Windows 10 deployment strategy. This includes learning how to implement Windows Autopilot, Windows Analytics, and Mobile Device Management (MDM). When examining MDM, you will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.

Audience Profile

This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 role-based administrator certification paths.

Prerequisites

  • Completed a role-based administrator course, such as Messaging, Teamwork, Security and Compliance, or Collaboration.
  • A proficient understanding of DNS and basic functional experience with Microsoft 365 services.
  • A proficient understanding of general IT practices.

At Course Completion

By actively participating in this course, you will learn about the following:

  • Microsoft 365 Security Metrics
  • Microsoft 365 Security Services
  • Microsoft 365 Threat Intelligence
  • Data Governance in Microsoft 365
  • Archiving and Retention in Office 365
  • Data Governance in Microsoft 365 Intelligence
  • Search and Investigations
  • Device Management
  • Windows 10 Deployment Strategies
  • Mobile Device Management

Course Outline

Module 1: Introduction to Microsoft 365 Security Metrics

In this module, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Active Directory Identity Protection.

Lessons

  • Threat Vectors and Data Breaches
  • The Zero Trust Model
  • Security Solutions in Microsoft 365
  • Introduction to Microsoft Secure Score
  • Privileged Identity Management
  • Introduction to Azure Active Directory Identity Protection

Lab : Tenant Setup and PIM

  • Initialize your Microsoft 365 Tenant
  • PIM Resource Workflows

After completing this module, students will be able to:

  • Describe several techniques hackers use to compromise user accounts through email
  • Describe techniques hackers use to gain control over resources
  • Describe techniques hackers use to compromise data
  • Describe the Zero Trust approach to security in Microsoft 365.
  • Describe the components of Zero Trust security.
  • Describe and five steps to implementing a Zero Trust model in your organization.
  • Explain Zero Trust networking
  • List the types of threats that can be avoided by using EOP and Office 365 ATP
  • Describe how Microsoft 365 Threat Intelligence can be benefit your organization
  • Monitor your organization through auditing and alerts
  • Describe how ASM enhances visibility and control over your tenant through three core areas
  • Describe the benefits of Secure Score and what kind of services can be analyzed
  • Describe how to collect data using the Secure Score API
  • Know where to identify actions that will increase your security by mitigating risks
  • Explain how to determine the threats each action will mitigate and the impact it has on use
  • Explain Privileged Identity Management (PIM) in Azure administration
  • Configure PIM for use in your organization
  • Audit PIM roles
  • Explain Microsoft Identity Manager
  • Explain Privileged Access Management in Microsoft 365
  • Describe Azure Identity Protection and what kind of identities can be protected
  • Understand how to enable Azure Identity Protection
  • Know how to identify vulnerabilities and risk events
  • Plan your investigation in protecting cloud-based identities
  • Plan how to protect your Azure Active Directory environment from security breaches

Module 2: Managing Your Microsoft 365 Security Services

This module examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. You will be introduced to the various reports that monitor your security health.

Lessons

  • Introduction to Exchange Online Protection
  • Introduction to Advanced Threat Protection
  • Managing Safe Attachments
  • Managing Safe Links
  • Monitoring and Reports

Lab : Manage Microsoft 365 Security Services

  • Implement a Safe Attachments policy
  • Implement a Safe Links policy

After completing this module, students will be able to:

  • Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
  • List several mechanisms used to filter spam and malware
  • Describe additional solutions to protect against phishing and spoofing
  • Describe the benefits of the Spoof Intelligence feature
  • Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
  • Describe how Safe Links protect users from malicious URLs embedded in email and documents
  • Create and modify a Safe Attachments policy in the Security & Compliance Center
  • Create a Safe Attachments policy by using Windows PowerShell
  • Configure a Safe Attachments policy to take certain actions
  • Understand how a transport rule can be used to disable the Safe Attachments functionality
  • Describe the end-user experience when an email attachment is scanned and found to be malicious
  • Create and modify a Safe Links policy in the Security & Compliance Center
  • Create a Safe Links policy by using Windows PowerShell
  • Understand how a transport rule can be used to disable the Safe Links functionality
  • Describe the end-user experience when Safe Links identifies a link to a malicious website or file
  • Describe how reports provide visibility into how EOP and ATP is protecting your organization
  • Understand where to access reports generated by EOP and ATP
  • Understand how to access detailed information from reports generated by EOP and ATP

Module 3: Microsoft 365 Threat Intelligence

In this module, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches.

Lessons

  • Overview of Microsoft 365 Threat Intelligence
  • Using the Security Dashboard
  • Configuring Advanced Threat Analytics
  • Implementing Your Cloud Application Security

Lab : Implement Threat Intelligence

  • Conduct a Spear Phishing attack using the Attack Simulator
  • Conduct Password attacks using the Attack Simulator
  • Prepare for Alert Policies
  • Implement a Mailbox Permission Alert
  • Implement a SharePoint Permission Alert
  • Test the Default eDiscovery Alert

After completing this module, students will be able to:

  • Understand how threat intelligence is powered by the Microsoft Intelligent Security Graph
  • Describe how the threat dashboard can benefit C-level security officers
  • Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
  • Describe how the Security Dashboard displays top risks, global trends, and protection quality
  • Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it
  • Configure Advanced Threat Analytics
  • Manage the ATA services
  • Describe Cloud App Security
  • Explain how to deploy Cloud App Security
  • Control your Cloud Apps with Policies
  • Troubleshoot Cloud App