Overview
This instructor led, online training course includes how to secure user access to your organization’s resources. We will also discuss user password protection, multi-factor authentication, how to enable Azure Identity Protection, how to setup and use Azure AD Connect, and introduces you to conditional access in Microsoft 365 / Office 365.
Students will also learn about Secure Score, Exchange Online protection, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, and threat management.
Exam Number: MS-500
Course Instructor: Dale Hill
Course Outline
1. Initial Security Steps
- Create User accounts
- Secure User Accounts by:
- Implementing a zero-trust security model
- Be able to describe zero trust security concepts
- How does zero trust security apply to hosts inside the network
- How does zero trust security apply to hosts outside the network
- Implementing a password policy for authentication
- What is multifactor authentication
- How to implement multi-factor authentication for O365
- Identity and Access management in Azure
- What is the purpose of Identity and Access management?
- Enabling Azure Identity Protection
- Assign Roles / Configure Privileged Identity Management
- Configure Directory Roles
- Activate Privileged Identity Management Roles
- Configure PIM Resource workflows
- Pull up an audit history for AZURE AD roles in PIM
02. Manage Directory Synchronization
- Go in depth on authentication options for O365
- Directory Synchronization
- Explain what Directory Synchronization is
- Plan a scheme for Directory Synchronization
- Manage users and groups with directory synchronization
- AD Connect
- Be able to describe what AD connect is
- How to utilize Az AD connect
- Configure prerequisites
- Manage users
- Ability to describe what AD federation is and how it is used
03. Identity Access Management and RBAC
- Conditional Access as a tool to manage device access
- Be able to explain Conditional Access
- Be able to explain Conditional Access Policies
- Be able to configure Conditional Access
- Manage Device Access to the network
- Be able to configure Multifactor Authentication Pilot for specific apps
- Be able to configure Multifactor Authentication Conditional Access
- How does a host from an external network gain access?
- RBAC
- Explain Role Based Access Control
- Configure RBAC
04. Microsoft 365: Threats & Mitigation
- What techniques are used by attackers
- Via email
- To control resources
- Utilize Security Center to improve a Secure Score
- Describe the purpose of a Secure Score
- Describe the benefits of a Secure Score
- Detail secure score services
- Detail analysis of secure score services and how the helps threat mitigation
- How is secure score used to locate network security weaknesses?
- O365 ATP & Exchange Online Protection
- What protections do these services afford
- What threats are they set to avoid?
05. Microsoft 365 Exchange Online and ATP
- Be able to describe message protection via:
- Exchange Online Protection
- Anti-malware pipeline during email analysis
- Azure Advanced Threat Protection
- Be able to configure Azure ATP
- Windows Defender Advance Threat Protection
- Be able to configure Defender ATP
- Be able to implement ATP Policies
- How to manage safe attachments
- How to manage safe links
06. Mitigating Threats via Microsoft Threat Management
- Utilize the security dashboard & Azure Sentinel to mitigate threats
- Discuss Security Dashboards ability to give executives analytics
- On threats
- On trends
- How is azure Sentinel utilized in Microsoft 365?
- Advance Threat analytics
- What are the requirements for deployment?
- What is its function
- How to protect your tenant using threat explorer
- Investigating threats using threat explorer
- Be able to conduct simulated attacks
- Phishing
- Passwords
07. RM services & Encryption
- Describe Information Rights
- Why does it need to be managed?
- Being able to validate information rights management
- Message encryption
- What options exist for encryption for M365
- What options exist for encryption of O365
- How are these enabled
- How is S/MIME utilized
- What is its purpose
- How is it configured
08. How to mitigate Data loss
- What is data loss
- What is data loss prevention?
- How are policies utilized
- Be able to configure and implement DLP policies
- New rules
- Modify rules
- User Override a rule
- Manage policies
- Test MRM / DLP policies
- How are SharePoint Online properties created from documents
09. INFOSEC
- Implementing AZ and/or Windows Information Protection
- What is information protection?
- How is it configured in Azure?
- Configure labels
- Configure polices
- How is it configured in Windows?
- Planning deployments of policies
- Configure AIP settings for services
10. Security in the Cloud
- Be able to describe the function / purpose of Cloud App Security
- How is it deployed
- Enforcing control over apps with policies
- How it the Cloud App Catalogue used to increase Cloud App security
- Managing permissions
- How to interact with the Cloud Discovery dashboard
11. Archiving data related to Retention
- Archiving and Retaining Data in Exchange and SharePoint
- Be able to start the compliance process
- Set policies
- How do policies function
- Set retention tags
- How to configure a useful retention tag
- What makes a retention tag not useful?
- Describe data retention functions in Exchange and SharePoint
- Define in place Archive
- Configure in-place archiving
- Enable
- Disable
- Define Records management
12. Data Governance
- What is Data Governance
- What is the Compliance Manager?
- Plan requirements for compliance
- What capabilities does Compliance Manager provide
- What are Global Data Protection Regulations & Reading a report
- Considerations for DGPR implementation
- Managing DSR
13. Utilizing eDiscovery to search data
- What is eDiscovery software and what are its purposes/ uses
- Describe advance eDiscovery
- Steps of eDiscovery configuration
- Searches
- How is a search of content exported?
- Audits
- Purpose of an Audit
- What components make up the audit log
- How to use log data to investigate
14. Mobile Device Management
- Mobile device management
- Be able to enable device management
- Be able to configure the management of Devices with MDM
- Establish domains
- Configure domains
- Manage policies for security
- Enroll devices into an MDM system / Intune
- Configure roles for managers
- Mobile app management
- Configure Intune / MAM deployment
- Considerations for securing a deployment
Skills Learned
After completing this online training course, students will be able to:
- Administer user and group access in Microsoft 365
- Explain and manage Azure Identity Protection
- Plan and implement Azure AD Connect
- Manage synchronized user identities
- Explain and use conditional access
- Describe cyber-attack threat vectors
- Explain security solutions for Microsoft 365
- Use Microsoft Secure Score to evaluate and improve your security posture
- Configure various advanced threat protection services for Microsoft 365
- Plan for and deploy secure mobile devices
- Implement information rights management
- Secure messages in Office 365
- Configure Data Loss Prevention policies
- Deploy and manage Cloud App Security
- Implement Windows information protection for devices
- Plan and deploy a data archiving and retention system
- Create and manage an eDiscovery investigation
- Manage GDPR data subject requests
- Explain and use sensitivity labels