Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Microsoft 365 Security, Compliance, and Identity Administration
  • Table Of Contents Toc
  • Feedback & Rating feedback
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

By : Peter Rising
4.9 (17)
Buy this Book
close
close
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

4.9 (17)
By: Peter Rising
Buy this Book

Overview of this book

The Microsoft 365 Security, Compliance, and Identity Administration is designed to help you manage, implement, and monitor security and compliance solutions for Microsoft 365 environments. With this book, you’ll first configure, administer identity and access within Microsoft 365. You’ll learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, you’ll discover how RBAC and Azure AD Identity Protection can be used to detect risks and secure information in your organization. You’ll also explore concepts such as Microsoft Defender for endpoint and identity, along with threat intelligence. As you progress, you’ll uncover additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention (DLP), and Microsoft Defender for Cloud Apps. By the end of this book, you’ll be well-equipped to manage and implement security measures within your Microsoft 365 suite successfully.
Table of Contents (25 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
1
Part 1: Implementing and Managing Identity and Access
Icon
Part 1: Implementing and Managing Identity and Access
Free Chapter
2
Chapter 1: Planning for Hybrid Identity
Icon
Chapter 1: Planning for Hybrid Identity
Icon
Planning your hybrid environment
Icon
Authentication methods in Azure AD
Icon
Synchronization methods with Azure AD Connect
Icon
Azure AD Connect cloud sync
Icon
Event monitoring and troubleshooting in Azure AD Connect
Icon
Summary
Icon
Questions
Icon
Further reading
3
Chapter 2: Authentication and Security
Icon
Chapter 2: Authentication and Security
Icon
Implementing Azure AD dynamic group membership
Icon
Implementing password management
Icon
Implementing and managing external identities
Icon
Implementing and managing MFA
Icon
Planning and implementing device authentication methods
Icon
Summary
Icon
Questions
Icon
Further reading
4
Chapter 3: Implementing Conditional Access Policies
Icon
Chapter 3: Implementing Conditional Access Policies
Icon
Explaining Conditional Access
Icon
Conditional Access and Microsoft Intune
Icon
Introducing the types of Conditional Access
Icon
Monitoring Conditional Access events
Icon
Summary
Icon
Questions
Icon
Further reading
5
Chapter 4: Managing Roles and Identity Governance
Icon
Chapter 4: Managing Roles and Identity Governance
Icon
Planning and configuring PIM
Icon
Planning and configuring entitlement management
Icon
Planning and configuring access reviews
Icon
Summary
Icon
Questions
Icon
Further reading
6
Chapter 5: Azure AD Identity Protection
Icon
Chapter 5: Azure AD Identity Protection
Icon
Understanding Identity Protection
Icon
Protecting users with risk and registration policies
Icon
Configuring alert options
Icon
Managing and resolving risk events
Icon
Summary
Icon
Questions
Icon
Further reading
7
Part 2: Implementing and Managing Threat Protection
Icon
Part 2: Implementing and Managing Threat Protection
8
Chapter 6: Configuring a Microsoft Defender for Identity Solution
Icon
Chapter 6: Configuring a Microsoft Defender for Identity Solution
Icon
Identifying the organizational need for MDI
Icon
Understanding the MDI architecture
Icon
Setting up MDI
Icon
Managing and monitoring MDI
Icon
Summary
Icon
Questions
Icon
Further reading
9
Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune
Icon
Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune
Icon
Planning and implementing MDE
Icon
Managing and monitoring MDE
Icon
Implementing Microsoft Defender Application Guard, Application Control, and exploit protection
Icon
Encrypting your Windows devices using BitLocker
Icon
Implementing application protection policies
Icon
Summary
Icon
Questions
Icon
Further reading
10
Chapter 8: Configuring Microsoft Defender for Office 365
Icon
Chapter 8: Configuring Microsoft Defender for Office 365
Icon
Protecting users and domains with anti-phishing protection and policies
Icon
Configuring Safe Attachments options and policies
Icon
Configuring Safe Links options, blocked URLs, and policies
Icon
Monitoring and remediating with Microsoft Defender for Office 365 reports
Icon
Running simulated attacks with Microsoft Defender for Office 365
Icon
Further attack simulation configuration options
Icon
Summary
Icon
Questions
Icon
Further reading
11
Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security
chevron up
Icon
Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security
Icon
Planning and configuring Microsoft Sentinel
Icon
Configuring playbooks in Microsoft Sentinel
Icon
Creating and using automation rules to manage responses
Icon
Managing and monitoring your Microsoft Sentinel instance
Icon
Summary
Icon
Questions
Icon
Further reading
12
Chapter 10: Configuring Microsoft Defender for Cloud Apps
Icon
Chapter 10: Configuring Microsoft Defender for Cloud Apps
Icon
Planning your MDA implementation
Icon
Configuring MDA
Icon
Managing Cloud App Discovery
Icon
Managing the MDA catalog
Icon
Managing apps and app connectors in MDA
Icon
Configuring policies and templates
Icon
Using Conditional Access App Control with MDA
Icon
Reviewing and interpreting alerts, reports, and dashboards
Icon
Summary
Icon
Questions
Icon
Further reading
13
Part 3: Implementing and Managing Information Protection
Icon
Part 3: Implementing and Managing Information Protection
14
Chapter 11: Managing Sensitive Information
Icon
Chapter 11: Managing Sensitive Information
Icon
Planning a sensitivity label solution for your organization
Icon
Creating and managing SITs
Icon
Setting up sensitivity labels and policies
Icon
Configuring and using Activity explorer
Icon
Using sensitivity labels with Teams, SharePoint, OneDrive, and Office apps
Icon
Summary
Icon
Questions
Icon
Further reading
15
Chapter 12: Managing Microsoft Purview Data Loss Prevention
Icon
Chapter 12: Managing Microsoft Purview Data Loss Prevention
Icon
Planning and implementing DLP
Icon
Managing DLP policies for Microsoft 365 workloads
Icon
DLP reporting and alerting capabilities
Icon
Implementing Endpoint DLP
Icon
Summary
Icon
Questions
Icon
Further reading
16
Chapter 13: Managing Microsoft Purview Data Lifecycle Management
Icon
Chapter 13: Managing Microsoft Purview Data Lifecycle Management
Icon
Planning for data lifecycle management
Icon
Analyzing reports and dashboards
Icon
Configuring retention labels and policies
Icon
Creating a retention policy
Icon
Planning and implementing adaptive scopes
Icon
Finding and recovering deleted Microsoft 365 data
Icon
Summary
Icon
Questions
Icon
Further reading
17
Part 4: Managing Compliance Features in Microsoft 365
Icon
Part 4: Managing Compliance Features in Microsoft 365
18
Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview
Icon
Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview
Icon
Planning for auditing and reporting
Icon
Investigating compliance activities by using audit logs
Icon
Reviewing and interpreting compliance reports and dashboards
Icon
Configuring alert policies
Icon
Configuring audit log retention policies
Icon
Summary
Icon
Questions
Icon
Further reading
19
Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases
Icon
Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases
Icon
Recommending eDiscovery (Standard) or eDiscovery (Premium)
Icon
Planning for content searches and eDiscovery
Icon
Delegating the required permissions to use search and discovery tools
Icon
Creating eDiscovery cases
Icon
Managing eDiscovery cases
Icon
Summary
Icon
Questions
Icon
Further reading
20
Chapter 16: Managing Regulatory and Privacy Requirements
Icon
Chapter 16: Managing Regulatory and Privacy Requirements
Icon
Planning your regulatory compliance journey in Microsoft 365
Icon
Managing regulatory compliance in Microsoft Purview Compliance Manager
Icon
Exploring Microsoft Priva
Icon
Summary
Icon
Questions
Icon
Further reading
21
Chapter 17: Managing Insider Risk Solutions in Microsoft 365
Icon
Chapter 17: Managing Insider Risk Solutions in Microsoft 365
Icon
Implementing Customer Lockbox
Icon
Implementing and managing Communication Compliance policies
Icon
Implementing and managing insider risk management policies
Icon
Implementing and managing Information Barriers policies
Icon
Implementing and managing Privileged Access Management
Icon
Summary
Icon
Questions
Icon
Further reading
22
Answers
Icon
Chapter 1
Icon
Chapter 2
Icon
Chapter 3
Icon
Chapter 4
Icon
Chapter 5
Icon
Chapter 6
Icon
Chapter 7
Icon
Chapter 8
Icon
Chapter 9
Icon
Chapter 10
Icon
Chapter 11
Icon
Chapter 12
Icon
Chapter 13
Icon
Chapter 14
Icon
Chapter 15
Icon
Chapter 16
Icon
Chapter 17
23
Index
Icon
Index
Icon
Why subscribe?
24
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Configuring playbooks in Microsoft Sentinel

In Microsoft Sentinel, playbooks are collections of responses and actions that can be run like a routine. Playbooks automate and orchestrate threat responses and can be integrated with other systems, both internal and external. They can be configured to run manually or automatically in response to specific alerts or incidents. An example of an automated trigger for a playbook is an automation rule.

Automation rules enable users to centrally manage incident automation. This includes the ability to assign playbooks to incidents and automate responses for multiple analytics rules at once. Additionally, you can automatically tag, assign, or close incidents without requiring a playbook. You can also control the order of the actions executed.

Playbooks are based on Azure Logic Apps. Microsoft Sentinel can leverage the following logic app types:

  • Consumption: This is the more classic Azure Logic Apps experience
  • Standard: This is...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 3
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY