Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Microsoft 365 Security Administration: MS-500 Exam Guide
  • Toc
  • feedback
Microsoft 365 Security Administration: MS-500 Exam Guide

Microsoft 365 Security Administration: MS-500 Exam Guide

By : Rising
3.9 (10)
close
Microsoft 365 Security Administration: MS-500 Exam Guide

Microsoft 365 Security Administration: MS-500 Exam Guide

3.9 (10)
By: Rising

Overview of this book

The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments. This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios. By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.
Table of Contents (29 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Configuring and Administering Identity and Access in Microsoft 365
Section 1: Configuring and Administering Identity and Access in Microsoft 365
Free Chapter
2
Chapter 1: Planning for Hybrid Identity
Chapter 1: Planning for Hybrid Identity
Planning your hybrid environment
Synchronization methods with Azure AD Connect
Additional authentication security
Event monitoring and troubleshooting in Azure AD Connect
Summary
Questions
References
3
Chapter 2: Authentication and Security
Chapter 2: Authentication and Security
Implementing Azure AD dynamic group membership
Implementing Azure AD self-service password reset (SSPR)
Implementing and managing Multi-Factor Authentication (MFA)
Managing Azure AD access reviews
Summary
Questions
References
4
Chapter 3: Implementing Conditional Access Policies
Chapter 3: Implementing Conditional Access Policies
Explaining Conditional Access
Enhancing Conditional Access with Intune
Device-based Conditional Access
App-based Conditional Access
Monitoring Conditional Access events
Summary
Questions
References
5
Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
Planning, configuring, and monitoring RBAC
Planning, configuring, and monitoring PIM
Summary
Questions
References
6
Chapter 5: Azure AD Identity Protection
Chapter 5: Azure AD Identity Protection
Understanding Identity Protection
Configuring MFA registration policies
Configuring alert options
Managing and resolving risk events
Summary
Questions
References
7
Section 2: Implementing and Managing Threat Protection
Section 2: Implementing and Managing Threat Protection
8
Chapter 6: Configuring an Advanced Threat Protection Solution
Chapter 6: Configuring an Advanced Threat Protection Solution
Identifying the organizational needs for Azure ATP
Setting up an Azure ATP instance
Managing Azure ATP activities
Summary
Questions
References
9
Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
Technical requirements
Implementing Microsoft Defender ATP
Managing and monitoring Microsoft Defender ATP
Implementing additional Microsoft Defender features
Managing device encryption for your Windows 10 devices
Summary
Questions
References
10
Chapter 8: Message Protection in Office 365
Chapter 8: Message Protection in Office 365
Protecting users and domains with ATP anti-phishing protection and policies
Configuring Office 365 anti-spam protection
Exploring Office 365 ATP Safe Attachments options and policies
Exploring Office 365 ATP Safe Links options, blocked URLs, and policies
Summary
Questions
References
11
Chapter 9: Threat Intelligence and Tracking
Chapter 9: Threat Intelligence and Tracking
Understanding the Office 365 threat management security dashboard
Using Office 365 Threat Explorer and threat trackers
Managing quarantined messages and files
Performing controlled simulated attacks
Summary
Questions
References
12
Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
chevron up
Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
Planning and configuring Azure Sentinel
Using Azure Sentinel playbooks
Managing and monitoring Azure Sentinel
Summary
Questions
References
13
Section 3: Information Protection in Microsoft 365
Section 3: Information Protection in Microsoft 365
14
Chapter 11: Controlling Secure Access to Information Stored in Office 365
Chapter 11: Controlling Secure Access to Information Stored in Office 365
Understanding privileged access management
Understanding Customer Lockbox
Protecting access to the collaboration components of Office 365
Allowing external user access with B2B sharing
Summary
Questions
References
15
Chapter 12: Azure Information Protection
Chapter 12: Azure Information Protection
Planning and implementing an AIP deployment for your organization
Setting up AIP labels and policies
Using the AIP Scanner to detect and protect on-premises content
Tracking and revoking protected documents
Summary
Questions
References
16
Chapter 13: Data Loss Prevention
Chapter 13: Data Loss Prevention
Planning and implementing DLP
Creating DLP policies and assigning them to Office 365 locations
Managing sensitive information types
DLP reporting and alerting capabilities
Summary
Questions
References
17
Chapter 14: Cloud App Discovery and Security
Chapter 14: Cloud App Discovery and Security
Understanding Cloud App Security
Configuring Cloud App Security
Using the Cloud App Security dashboard, reports, and logs
Summary
Questions
References
18
Section 4: Data Governance and Compliance in Microsoft 365
Section 4: Data Governance and Compliance in Microsoft 365
19
Chapter 15: Security Analytics and Auditing Capabilities
Chapter 15: Security Analytics and Auditing Capabilities
Understanding Desktop Analytics, Windows diagnostics, and Office Telemetry
Configuring Office 365 auditing
Performing an audit log search
Configuring an audit alert policy
Summary
Questions
References
20
Chapter 16: Personal Data Protection in Microsoft 365
Chapter 16: Personal Data Protection in Microsoft 365
Conducting searches for personal data
Using retention labels to protect personal data
Accessing logs and reports to search for and monitor personal data leaks
Summary
Questions
References
21
Chapter 17: Data Governance and Retention
Chapter 17: Data Governance and Retention
Understanding data governance and the retention requirements for your organization
Navigating data governance reports and dashboards
Configuring retention tags, retention policies, and supervision policies
Configuring litigation holds to preserve Office 365 data
Importing data into Office 365 from the Security & Compliance Center
Configuring archiving
Summary
Questions
References
22
Chapter 18: Search and Investigation
Chapter 18: Search and Investigation
Understanding eDiscovery and content search in Microsoft 365
eDiscovery delegated role groups
Creating eDiscovery cases, placing locations on hold, and performing content searches
Exporting content search results
Summary
Questions
References
23
Chapter 19: Data Privacy Compliance
Chapter 19: Data Privacy Compliance
Planning for regulatory compliance in Microsoft 365
Accessing the GDPR dashboards and reports
Completing DSRs
Summary
Questions
References
24
Section 5: Mock Exam and Assessment
Section 5: Mock Exam and Assessment
25
Chapter 20: Mock Exam
Chapter 20: Mock Exam
Case Study
26
Chapter 21: Mock Exam Answers
Chapter 21: Mock Exam Answers
Answers and explanations
27
Chapter 22: Assessments
Chapter 22: Assessments
Chapter 1 – Planning for Hybrid Identity
Chapter 2 – Authentication and Security
Chapter 3 – Implementing Conditional Access Policies
Chapter 4 – Role Assignment and Privileged Identities in Microsoft 365
Chapter 5 – Azure AD Identity Protection
Chapter 6 – Configuring an Advanced Threat Protection Solution
Chapter 7 – Configuring Microsoft Defender ATP to Protect Devices
Chapter 8 – Message Protection in Office 365
Chapter 9 – Threat Intelligence and Tracking
Chapter 10 – Using Azure Sentinel to Monitor Microsoft 365 Security
Chapter 11 – Controlling Secure Access to Information Stored in Office 365
Chapter 12 – Azure Information Protection
Chapter 13 – Data Loss Prevention
Chapter 14 – Cloud App Discovery and Security
Chapter 15 – Security Analytics and Auditing Capabilities
Chapter 16 – Personal Data Protection in Microsoft 365
Chapter 17 – Data Governance and Retention
Chapter 18 – Search and Investigation
Chapter 19 – Data Privacy Compliance
28
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security

Azure Sentinel is a cloud-based security information and event management (SIEM) tool that enables the analysis of vast quantities of data both within Microsoft 365 and from external sources using artificial intelligence technology. Azure Sentinel allows you to gather data, detect potential threats, and then investigate and respond to those threats. In this chapter, we will show you how to plan and configure your Azure Sentinel instance, explain the process of using Azure Sentinel playbooks, and finally how to monitor and manage Azure Sentinel on an ongoing basis.

After reading this chapter, you will be able to access and enable Azure Sentinel in the Azure portal, set up a Log Analytics workspace, and connect to Microsoft and third-party data sources. You will learn how to use playbooks to automate responses to security issues and understand how to manage and monitor Azure Sentinel on an ongoing basis.

In this...

End of Section 1
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete