Detailed Course Outline
User and Group Security
- User Accounts in Microsoft 365
- Administrator Roles and Security Groups in Microsoft 365
- Password Management in Microsoft 365
- Azure AD Identity Protection
Lab: Managing your Microsoft 365 Identity environment
- Setting up your lab environment
- Managing your Microsoft 365 identity environment using the Microsoft 365 admin center
- Assign service administrators
After completing this module, students should be able to:
- Describe the user identities in Microsoft 365.
- Create user accounts from both the Microsoft 365 admin center and in Windows PowerShell.
- Describe and use Microsoft 365 admin roles.
- Describe the various types of group available in Microsoft 365.
- Plan for password policies and authentication.
- Implement Multi-factor authentication in Office 365.
- Describe Azure Identity Protection and what kind of identities can be protected.
- Describe how to enable Azure Identity Protection.
- Identify vulnerabilities and risk events.
Identity Synchronization
- Introduction to Identity Synchronization
- Planning for Azure AD Connect
- Implementing Azure AD Connect
- Managing Synchronized Identities
Lab: Implementing Identity Synchronization
- Setting up your organization for identity synchronization
After completing this module, students should be able to:
- Describe the Microsoft 365 authentication options.
- Explain directory synchronization.
- Plan directory synchronization.
- Describe and plan Azure AD Connect.
- Configure Azure AD Connect Prerequisites.
- Set up Azure AD Connect.
- Manage users with directory synchronization.
- Manage groups with directory synchronization.
- Use Azure AD Connect Sync Security Groups.
Federated Identities
- Introduction to Federated Identities
- Planning an AD FS Deployment
- Implementing AD FS
After completing this module, students should be able to:
- Describe claims-based authentication and federation trusts.
- Describe how AD FS works.
- Plan an AD FS environment including best practices, high availability, and capacity planning.
- Plan Active Directory Federation Services in Microsoft Azure.
- Install and configure a Web Application Proxy for AD FS.
- Configure AD FS by using Azure AD Connect.
Access Management
- Conditional Access
- Managing Device Access
- Role Based Access Control (RBAC)
- Solutions for External Access
After completing this module, students should be able to:
- Describe the concept of conditional access.
- Describe conditional access policies.
- Plan for device compliance.
- Configure conditional users and groups.
- Configure RBAC.
- Distinguish between Azure RBAC and Azure AD administrative roles.
- Manage External Access.
- Explain Licensing Guidance for Azure AD B2B Collaboration.
Security in Microsoft 365
- Threat Vectors and Data Breaches
- Security Solutions for Microsoft 365
- Microsoft Secure Score
After completing this module, students will be able to:
- Describe several techniques hackers use to compromise user accounts through email.
- Describe techniques hackers use to gain control over resources.
- List the types of threats that can be avoided by using Exhange Online Protection and Office 365 ATP.
- Describe how Microsoft 365 Threat Intelligence can be beneficial to your organization’s security officers and administrators.
- Describe the benefits of Secure Score and what kind of services can be analyzed.
- Describe how to use the tool to identify gaps between your current state and where you would like to be with regards to security.
Advanced Threat Protection
- Exchange Online Protection
- Office 365 Advanced Threat Protection
- Managing Safe Attachments
- Managing Safe Links
- Azure Advanced Threat Protection
- Windows Defender Advanced Threat Protection
Lab: Advanced Threat Protection
- Setting up your lab environment
- Editing an ATP Safe Links policy and creating a Safe Attachment policy
After completing this module, students will be able to:
- Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection.
- Describe how Safe Attachments is used to block zero-day malware in email attachments and documents.
- Describe how Safe Links protect users from malicious URLs embedded in email and documents that point to malicious websites.
- Configure Azure Advanced Threat Protection.
- Configure Windows Defender ATP.
- Integrate Windows Defender ATP with Azure ATP.
Threat Intelligence
- Microsoft 365 Threat Intelligence
- Using the Security Dashboard
- Configuring Advanced Threat Analytics
Lab: Advanced Threat Analytics
- Enabling and installing the ATA Center
After completing this module, students will be able to:
- Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph.
- Describe how Threat Explorer can be used to investigate threats and help to protect your tenant.
- Describe how the Security Dashboard gives C-level executives insight into top risks, global trends, protection quality, and the organization’s exposure to threats.
- Describe how the Security dashboard can be used as a launching point to enable security analysts to drill down for more details by using Threat Explorer.
- Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it.
- Configure Advanced Threat Analytics.
Mobility
- Plan for Mobile Application Management
- Plan for Mobile Device Management
- Deploy Mobile Device Management
- Enroll Devices to Mobile Device Management
After completing this module, students will be able to:
- Describe mobile application considerations.
- Use Intune to manage mobile applications.
- Manage devices with MDM.
- Compare MDM for Office 365 and Intune.
- Configure Domains for MDM.
- Manage Device Security Policies.
- Define Corporate Device Enrollment Policy.
- Enroll devices to MDM.
- Configure a Device Enrollment Manager Role.
Information Protection
- Information Rights Management
- Secure Multipurpose Internet Mail Extension
- Office 365 Message Encryption
- Azure Information Protection
- Advanced Information Protection
- Windows Information Protection
Lab: Data Loss Prevention
- Create and license users in your organization
- Configure MDM auto-enrollment
- Configure AIP and WIP
After completing this module, students will be able to:
- Describe the different Microsoft 365 Encryption Options.
- Describe the use of S/MIME.
- Describe how Office 365 Message Encryption works.
- Configure labels and policies for Azure Information Protection.
- Configure the advance AIP service settings for Rights Management Services (RMS) templates.
- Plan a deployment of Windows Information Protection policies.
Data Loss Prevention
- Data Loss Prevention Explained
- Data Loss Prevention Policies
- Custom DLP Policies
- Creating a DLP Policy to Protect Documents
- Policy Tips
Lab: Data Loss Prevention
- Create and license users in your organization
- Create a DLP policy
- Testing DLP Policies
After completing this module, learners should be able to:
- Describe Data Loss Prevention (DLP).
- Recognize how actions and conditions work together for DLP.
- Use policy templates to implement DLP policies for commonly used information.
- Describe the different built-in templates for a DLP policies.
- Configure the correct rules for protecting content.
- Describe how to modify existing rules of DLP policies.
- Configure the user override option to a DLP rule.
- Describe how to work with managed properties for DLP policies.
- Explain how SharePoint Online creates crawled properties from documents.
- Describe the user experience when a user creates an email that contains sensitive information.
Cloud Application Security
- Cloud Application Security Explained
- Using Cloud Application Security Information
- Office 365 Cloud App Security
After completing this module, students will be able to:
- Describe Cloud App Security.
- Explain how to deploy Cloud App Security.
- Control your Cloud Apps with Policies.
- Troubleshoot Cloud App Security.
- Use the Cloud App Catalog.
- Use the Cloud Discovery Dashboard.
- Prepare for Office 365 Cloud App Security.
- Manage cloud app permissions.
Archiving and Retention
- Archiving in Microsoft 365
- Retention in Microsoft 365
- Retention Policies in the Security and Compliance Center
- Archiving and Retention in Exchange
- In-place Records Management in SharePoint
Lab: Archiving and Retention
- Create and license users in your organization
- Configure Retention Tags and Policies
- MRM Retention Policies
After completing this module, you should be able to:
- Describe Data Governance in Microsoft 365.
- Describe the difference between In-Place Archive and Records Management.
- Explain how data is archived in Exchange.
- Recognize the benefits of In Place Records Management in SharePoint.
- Explain the difference between Message Records Management (MRM) in Exchange and Retention in Security and Compliance center.
- Explain how a retention policy works.
- Create a retention policy.
- Enable and disable In-Place Archiving.
- Create useful retention tags.
Data Governance in Microsoft 365
- Planning Security and Compliance Needs
- Building Ethical Walls in Exchange Online
- Manage Retention in Email
- Troubleshooting Data Governance
- Analytics and Telemetry
After completing this module, you should be able to:
- Plan security and compliance roles.
- Describe what you need to consider for GDPR.
- Describe what an ethical wall in Exchange is and how it works.
- Work with retention tags in mailboxes
- Describe retention policies with email messages and email folders
- Explain how the retention age of elements is calculated.
- Repair retention policies that do not run as expected.
Managing Search and Investigations
- Searching for Content in the Security and Compliance Center
- Audit Log Investigations
- Advanced eDiscovery
Lab: eDiscovery
- Create and license users in your organization
- Investigate your Microsoft 365 Data
After completing this module, you should be able to:
- Describe how to use content search.
- Designing your content search.
- Configuring search permission filtering.
- Describe what the audit log is and the permissions that are necessary to search the Office 365 audit log.
- Configure Audit Policies.
- Enter criteria for searching the audit log.
- Export search results to a CSV file.
- Describe what Advanced eDiscovery is and what requirements are needed.
- Analyze data in Advanced eDiscovery.
- Viewing the Advanced eDiscovery event log.
- Use Express Analytics.