This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management.
This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security management, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats. You will be introduced to the Microsoft Secure Score, as well as to Azure Active Directory Identity Protection. You will then learn how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. Finally, you will be introduced to the various reports that monitor your security health. You will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches. With your Microsoft 365 security components now firmly in place, you will examine the key components of Microsoft 365 compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP). You will then delve deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center. Now that you understand the key aspects of data governance, you will examine how to implement them, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips. You will then focus on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection. You will conclude this section by learning how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery. The course concludes with an in-depth examination of Microsoft 365 device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management. At this point, you will transition from planning to implementing device management; specifically, your Windows 10 deployment strategy. This includes learning how to implement Windows Autopilot, Windows Analytics, and Mobile Device Management (MDM). When examining MDM, you will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.
Prerequisite(s):
Completed a role-based administrator course such as Messaging, Teamwork, Security and Compliance, or Collaboration.
A proficient understanding of DNS and basic functional experience with Microsoft 365 services.
A proficient understanding of general IT practices.
Audience:
This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 role-based administrator certification paths.
Outline:
Module 1: Explore security metrics in Microsoft 365
In this learning path, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Identity Protection and Microsoft Defender for Office 365.
Lessons
Examine threat vectors and data breaches
Explore the Zero Trust security model
Explore security solutions in Microsoft 365
Examine Microsoft Secure Score
Examine Privileged Identity Management
Examine Azure Identity Protection
Lab : Tenant Setup and Privileged Identity Management
Initialize your Microsoft 365 Tenant
PIM Resource Workflows
After completing this module, students will be able to:
Describe several techniques hackers use to compromise user accounts through email
Describe techniques hackers use to gain control over resources
Describe techniques hackers use to compromise data
Describe the Zero Trust approach to security in Microsoft 365.
Describe the components of Zero Trust security.
Describe and five steps to implementing a Zero Trust model in your organization.
Explain Zero Trust networking
List the types of threats that can be avoided by using EOP and Microsoft Defender for Office 365
Describe how Microsoft 365 Threat Intelligence can be benefit your organization
Monitor your organization through auditing and alerts
Describe how ASM enhances visibility and control over your tenant through three core areas
Describe the benefits of Secure Score and what kind of services can be analyzed
Describe how to collect data using the Secure Score API
Know where to identify actions that will increase your security by mitigating risks
Explain how to determine the threats each action will mitigate and the impact it has on use
Explain Privileged Identity Management (PIM) in Azure administration
Configure PIM for use in your organization
Audit PIM roles
Explain Microsoft Identity Manager
Explain Privileged Access Management in Microsoft 365
Describe Azure Identity Protection and what kind of identities can be protected
Understand how to enable Azure Identity Protection
Know how to identify vulnerabilities and risk events
Plan your investigation in protecting cloud-based identities
Plan how to protect your Azure Active Directory environment from security breaches
Module 2: Manage your Microsoft 365 security services
This learning path examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Microsoft Defender for Office 365, Safe Attachments, and Safe Links. You will also be introduced to the various reports that help an organization monitor its security health.
Lessons
Examine Exchange Online Protection
Examine Microsoft Defender for Office 365
Manage Safe Attachments
Manage Safe Links
Explore reporting in the Microsoft 365 security services
Lab : Manage Microsoft 365 Security Services
Implement a Safe Attachments policy
Implement a Safe Links policy
After completing this module, students will be able to:
Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
List several mechanisms used to filter spam and malware
Describe additional solutions to protect against phishing and spoofing
Describe the benefits of the Spoof Intelligence feature
Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
Describe how Safe Links protect users from malicious URLs embedded in email and documents
Create and modify a Safe Attachments policy in the Security & Compliance Center
Create a Safe Attachments policy by using Windows PowerShell
Configure a Safe Attachments policy to take certain actions
Understand how a transport rule can be used to disable the Safe Attachments functionality
Describe the end-user experience when an email attachment is scanned and found to be malicious
Create and modify a Safe Links policy in the Security & Compliance Center
Create a Safe Links policy by using Windows PowerShell
Understand how a transport rule can be used to disable the Safe Links functionality
Describe the end-user experience when Safe Links identifies a link to a malicious website or file
Describe how the Microsoft 365 security reports show how your organization is being protected
Understand where to access reports generated by EOP and Microsoft Defender for Office 365
Understand how to access detailed information from the generated reports generated
Module 3: Implement threat intelligence in Microsoft 365
In this learning path, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard, Microsoft Defender for Identity, and Microsoft Cloud Application Security to stay ahead of potential security breaches.
Lessons
Explore threat intelligence in Microsoft 365
Explore the Security Dashboard
Implement Microsoft Defender for Identity
Implement Microsoft Cloud Application Security
Lab : Implement Threat Intelligence
Conduct a Spear Phishing attack using the Attack Simulator
Conduct Password attacks using the Attack Simulator
Prepare for Alert Policies
Implement a Mailbox Permission Alert
Implement a SharePoint Permission Alert
Test the Default eDiscovery Alert
After completing this module, students will be able to:
Understand how threat intelligence is powered by the Microsoft Intelligent Security Graph
Describe how the threat dashboard can benefit C-level security officers
Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
Describe how the Security Dashboard displays top risks, global trends, and protection quality
Describe what Microsoft Defender for Identity is and what requirements are needed to deploy it
Configure Microsoft Defender for Identity
Manage the Microsoft Defender for Identity services
Describe Cloud App Security
Explain how to deploy Cloud App Security
Control your Cloud Apps with Policies
Troubleshoot Cloud App Security
Module 4: Introduction to Data Governance in Microsoft 365
This learning path examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Office 365 message encryption, In-place Records Management in SharePoint, and data loss prevention (DLP).
Lessons
Explore archiving in Microsoft 365
Explore retention in Microsoft 365
Explore Information Rights Management
Explore Office 365 Message Encryption
Explore In-place Records Management in SharePoint
Explore Data Loss Prevention in Microsoft 365
Lab : Implement Data Governance
Configure Microsoft 365 Message Encryption
Validate Information Rights Management
Initialize Compliance
Configure Retention Tags and Policies
After completing this module, students will be able to:
Understand Data Governance in Microsoft 365
Describe the difference between In-Place Archive and Records Management
Explain how data is archived in Exchange
Recognize the benefits of In Place Records Management in SharePoint
Understand how Messaging Records Management works in Exchange
List the types of retention tags that can be applied to mailboxes
Know the different Microsoft 365 Encryption Options
Understand how Information Rights Management (IRM) can be used in Exchange
Configure IRM protection for Exchange mails
Explain how IRM can be used in SharePoint
Apply IRM protection to SharePoint documents
Tell the differences between IRM protection and AIP classification
Understand how message encryption works
Perform encryption on a message
Accomplish decryption of a message
Understand the co-operation of signing and encryption simultaneously
Explain what triple-wrapped messages are
Describe when you can use Office 365 Message Encryption
Explain how Office 365 Message Encryption works
Describe Data Loss Prevention (DLP)
Understand what sensitive information and search patterns are that DLP is using
Know what a DLP policy is and what it contains
Recognize how actions and conditions work together for DLP
Express how actions contain functions to send emails on matches
Show policy tips to the users if a DLP rule applies
Use policy templates to implement DLP policies for commonly used information
Explain document finger
Understand how to use DLP to protect documents in Windows Server FCI
Module 5: Implement data governance in Microsoft 365
This learning path examines how to implement the key aspects of data governance, including the building of information barriers in Microsoft 365 and ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.
Lessons
Evaluate your compliance readiness
Implement compliance solutions
Create information barriers in Microsoft 365
Create a DLP policy from a built-in template
Create a custom DLP policy
Create a DLP policy to protect documents
Implement policy tips for DLP policies
Lab : Implement DLP Policies
Manage DLP Policies
Test MRM and DLP Policies
After completing this module, students will be able to:
Describe the Microsoft 365 Compliance Center and how to access it
Describe the purpose and function of Compliance score
Explain the components of of how an organization’s Compliance score is determined
Explain how assessments are used to formulate compliance scores
Explain how Microsoft 365 helps address Global Data Protection Regulation
Describe insider risk management functionality in Microsoft 365
Configure insider risk management policies
Configure insider risk management policies
Explain the communication compliance capabilities in Microsoft 365
Describe what an ethical wall in Exchange is and how it works
Explain how to create information barriers in Microsoft 365
Identify best practices for building and working with ethical walls
Understand the different built-in templates for a DLP policies
Determine how to choose the correct locations for a DLP policy
Configure the correct rules for protecting content
Enable and review the DLP policy correctly
Describe how to modify existing rules of DLP policies
Explain how to add and modify custom conditions and action to a DLP rule
Describe how to change user notifications and policy tips
Configure the user override option to a DLP rule
Explain how incident reports are sent by a DLP rule violation
Describe how to work with managed properties for DLP policies
Explain how SharePoint Online creates crawled properties from documents
Describe how to create a managed property from a crawled property in SharePoint Online
Explain how to create a DLP policy with rules that apply to managed properties via PowerShell
Describe the user experience when a user creates an email or site containing sensitive information
Explain the behavior in Office apps when a user enters sensitive information
Module 6: Manage data governance in Microsoft 365
This learning path focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement sensitivity labels and Windows Information Protection.
Lessons
Manage retention in email
Troubleshoot data governance
Explore sensitivity labels
Implement sensitivity labels
Implement Data Governance
Lab : Implement Data Governance
Implement sensitivity labels
Implement Windows Information Protection
After completing this module, students will be able to:
Determine when and how to use retention tags in mailboxes
Assign retention policy to an email folder
Add optional retention policies to email messages and folders
Remove a retention policy from an email message
Explain how the retention age of elements is calculated
Repair retention policies that do not run as expected
Understand how to systematically troubleshoot when a retention policy appears to fail
Perform policy tests in test mode with policy tips
Describe how to monitor DLP policies through message tracking
Manage data protection using sensitivity labels
Describe the requirements to create a sensitivity label
Develop a data classification framework for your sensitivity labels
Create, publish, and remove sensitivity labels
Describe WIP and what it is used for
Plan a deployment of WIP policies
Implement WIP policies with Intune and SCCM
Implement WIP policies in Windows desktop apps
Module 7: Manage content search and investigations in Microsoft 365
This learning path conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.
Lessons
Search for content in the Microsoft 365 Compliance center
Conduct audit log investigations
Manage Advanced eDiscovery
Lab : Manage Search and Investigations
Conduct a data search
Investigate Your Microsoft 365 Data
After completing this module, students will be able to:
Describe how to use content search
Design your content search
Configure search permission filtering
Explain how to search for third-party data
Describe when to use scripts for advanced searches
Describe what the audit log is and the permissions required to search a Microsoft 365 audit
Configure Audit Policies
Enter criteria for searching the audit log
View, sort, and filter search results
Export search results to a CSV file
Search the unified audit log by using Windows PowerShell
Describe Advanced eDiscovery
Configure permissions for users in Advanced eDiscovery
Create Cases in Advanced eDiscovery
Search and prepare data for Advanced eDiscovery
Module 8: Prepare for device management in Microsoft 365
This learning path provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.
Lessons
Explore Co-management of Windows 10 device
Prepare your Windows 10 devices for Co-management
Transition from Configuration Manager to Intune
Examine the Microsoft Store for Business
Plan for application management
Lab : Implement the Microsoft Store for Business
Configure the Microsoft Store for Business
Manage the Microsoft Store for Business
After completing this module, students will be able to:
Describe the benefits of Co-management
Plan your organization’s Co-management Strategy
Describe the main features of Configuration Manager
Describe how Azure Active Directory enables co-management
Identify the prerequisites for using Co-management
Configure Configuration Manager for Co-management
Enroll Windows 10 Devices to Intune
Modify your co-management settings
Transfer workloads to Intune
Monitor your co-management solution
Check compliance for co-managed devices
Describe the feature and benefits of the Microsoft Store for Business
Configure the Microsoft Store for Business
Manage settings for the Microsoft Store for Business
Module 9: Plan your Windows 10 deployment strategy
This learning path focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Desktop Analytics, and planning your Windows 10 subscription activation service.
Lessons
Examine Windows 10 deployment scenarios
Explore Windows Autopilot deployment models
Plan your Windows 10 Subscription Activation strategy
Resolve Windows 10 upgrade errors
Analyze Windows 10 diagnostic data using Desktop Analytics
After completing this module, students will be able to:
Plan for Windows as a Service
Plan a Modern Deployment
Plan a Dynamic Deployment
Plan a Traditional Deployment
Describe Windows Autopilot requirements
Configure Autopilot
Describe Autopilot Self-deployments, Pre-provisioned deployments, and User-driven deployments
Deploy BitLocker Encryption for Autopiloted Devices
Understand Windows 10 Enterprise E3 in CSP
Configure VDA for Subscription Activation
Deploy Windows 10 Enterprise licenses
Describe common fixes for Windows 10 upgrade errors
Use SetupDiag
Troubleshooting upgrade errors
Describe Windows error reporting
Understand the upgrade error codes and resolution procedure
Describe Desktop Analytics
Describe Device Health
Describe Update Compliance
Determine Upgrade Readiness
Module 10: Implement Mobile Device Management in Microsoft 365
This learning path focuses on Mobile Device Management (MDM). You will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.
Lessons
Explore Mobile Device Management
Deploy Mobile Device Management
Enroll devices to Mobile Device Management
Manage device compliance
Lab : Manage devices with Intune
Enable device management
Configure Azure AD for Intune
Create Intune policies
Enroll a Windows 10 device
Manage and monitor a device in Intune
After completing this module, students will be able to:
MS-101 Microsoft 365 Mobility and Security
Dates are listed in Pacific Time Zone
$2,975.00
This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management.
Description
Overview:
This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security management, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats. You will be introduced to the Microsoft Secure Score, as well as to Azure Active Directory Identity Protection. You will then learn how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. Finally, you will be introduced to the various reports that monitor your security health. You will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches. With your Microsoft 365 security components now firmly in place, you will examine the key components of Microsoft 365 compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP). You will then delve deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center. Now that you understand the key aspects of data governance, you will examine how to implement them, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips. You will then focus on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection. You will conclude this section by learning how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery. The course concludes with an in-depth examination of Microsoft 365 device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management. At this point, you will transition from planning to implementing device management; specifically, your Windows 10 deployment strategy. This includes learning how to implement Windows Autopilot, Windows Analytics, and Mobile Device Management (MDM). When examining MDM, you will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.
Prerequisite(s):
Audience:
This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 role-based administrator certification paths.
Outline:
Module 1: Explore security metrics in Microsoft 365
In this learning path, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Identity Protection and Microsoft Defender for Office 365.
Lessons
Lab : Tenant Setup and Privileged Identity Management
After completing this module, students will be able to:
Module 2: Manage your Microsoft 365 security services
This learning path examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Microsoft Defender for Office 365, Safe Attachments, and Safe Links. You will also be introduced to the various reports that help an organization monitor its security health.
Lessons
Lab : Manage Microsoft 365 Security Services
After completing this module, students will be able to:
Module 3: Implement threat intelligence in Microsoft 365
In this learning path, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard, Microsoft Defender for Identity, and Microsoft Cloud Application Security to stay ahead of potential security breaches.
Lessons
Lab : Implement Threat Intelligence
After completing this module, students will be able to:
Module 4: Introduction to Data Governance in Microsoft 365
This learning path examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Office 365 message encryption, In-place Records Management in SharePoint, and data loss prevention (DLP).
Lessons
Lab : Implement Data Governance
After completing this module, students will be able to:
Module 5: Implement data governance in Microsoft 365
This learning path examines how to implement the key aspects of data governance, including the building of information barriers in Microsoft 365 and ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.
Lessons
Lab : Implement DLP Policies
After completing this module, students will be able to:
Module 6: Manage data governance in Microsoft 365
This learning path focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement sensitivity labels and Windows Information Protection.
Lessons
Lab : Implement Data Governance
After completing this module, students will be able to:
Module 7: Manage content search and investigations in Microsoft 365
This learning path conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.
Lessons
Lab : Manage Search and Investigations
After completing this module, students will be able to:
Module 8: Prepare for device management in Microsoft 365
This learning path provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.
Lessons
Lab : Implement the Microsoft Store for Business
After completing this module, students will be able to:
Module 9: Plan your Windows 10 deployment strategy
This learning path focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Desktop Analytics, and planning your Windows 10 subscription activation service.
Lessons
After completing this module, students will be able to:
Module 10: Implement Mobile Device Management in Microsoft 365
This learning path focuses on Mobile Device Management (MDM). You will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.
Lessons
Lab : Manage devices with Intune
After completing this module, students will be able to:
Additional information
5 days
No
Related products
MS-203 Microsoft 365 Messaging
$2,975.00 Add to cartMS-100 Microsoft 365 Identity and Services
$2,975.00 Add to cartMS-600 Building Applications and Solutions with Microsoft 365 Core Services
$2,380.00 Add to cart