Microsoft 365 Identity and Services Track

The Microsoft 365 Mobility and Security course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role. This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In security management, you will examine all the common types of threat vectors and data breaches and how Microsoft 365’s security solutions address these security threats, including use of the Microsoft Secure Score, Azure Active Directory Identity Protection, Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. In compliance management, you will examine the key aspects of data governance, including Information Rights Management, message encryption, data loss prevention (DLP), in-place records management, archiving and retention, creating DLP policies and policy tips, and Azure and Windows Information Protection. In Microsoft 365 device management, you will learn how to co-manage your Windows 10 devices, how to transition from Configuration Manager to Intune, and how to implement Windows Autopilot, Windows Analytics, and Mobile Device Management.

At Course Completion

By actively participating in this course, you will learn about the following:

• Microsoft 365 Security Metrics
• Microsoft 365 Security Services
• Microsoft 365 Threat Intelligence
• Data Governance in Microsoft 365
• Archiving and Retention in Office 365
• Data Governance in Microsoft 365 Intelligence
• Search and Investigations
• Device Management
• Windows 10 Deployment Strategies
• Mobile Device Management

Module 1: Introduction to Microsoft 365 Security Metrics

In this module, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Active Directory Identity Protection.

Lessons

• Threat Vectors and Data Breaches
• The Zero Trust Model
• Security Solutions in Microsoft 365
• Introduction to Microsoft Secure Score
• Privileged Identity Management
• Introduction to Azure Active Directory Identity Protection

Lab: Tenant Setup and PIM

• Initialize your Microsoft 365 Tenant
• PIM Resource Workflows

After completing this module, students will be able to:

• Describe several techniques hackers use to compromise user accounts through email
• Describe techniques hackers use to gain control over resources
• Describe techniques hackers use to compromise data
• Describe the Zero Trust approach to security in Microsoft 365.
• Describe the components of Zero Trust security.
• Describe and five steps to implementing a Zero Trust model in your organization.
• Explain Zero Trust networking

List the types of threats that can be avoided by using EOP and Office 365 ATP

• Describe how Microsoft 365 Threat Intelligence can be benefit your organization
• Monitor your organization through auditing and alerts
• Describe how ASM enhances visibility and control over your tenant through three core areas
• Describe the benefits of Secure Score and what kind of services can be analyzed
• Describe how to collect data using the Secure Score API
• Know where to identify actions that will increase your security by mitigating risks
• Explain how to determine the threats each action will mitigate and the impact it has on use
• Explain Privileged Identity Management (PIM) in Azure administration
• Configure PIM for use in your organization
• Audit PIM roles
• Explain Microsoft Identity Manager
• Explain Privileged Access Management in Microsoft 365
• Describe Azure Identity Protection and what kind of identities can be protected
• Understand how to enable Azure Identity Protection
• Know how to identify vulnerabilities and risk events
• Plan your investigation in protecting cloud-based identities
• Plan how to protect your Azure Active Directory environment from security breaches

Module 2: Managing Your Microsoft 365 Security Services

This module examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. You will be introduced to the various reports that monitor your security health.

Lessons

• Introduction to Exchange Online Protection
• Introduction to Advanced Threat Protection
• Managing Safe Attachments
• Managing Safe Links
• Monitoring and Reports

Lab : Manage Microsoft 365 Security Services

• Implement a Safe Attachments policy
• Implement a Safe Links policy

After completing this module, students will be able to:

• Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
• List several mechanisms used to filter spam and malware
• Describe additional solutions to protect against phishing and spoofing
• Describe the benefits of the Spoof Intelligence feature
• Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
• Describe how Safe Links protect users from malicious URLs embedded in email and documents
• Create and modify a Safe Attachments policy in the Security & Compliance Center
• Create a Safe Attachments policy by using Windows PowerShell
• Configure a Safe Attachments policy to take certain actions
• Understand how a transport rule can be used to disable the Safe Attachments functionality
• Describe the end-user experience when an email attachment is scanned and found to be malicious
• Create and modify a Safe Links policy in the Security & Compliance Center
• Create a Safe Links policy by using Windows PowerShell
• Understand how a transport rule can be used to disable the Safe Links functionality
• Describe the end-user experience when Safe Links identifies a link to a malicious website or file
• Describe how reports provide visibility into how EOP and ATP is protecting your organization
• Understand where to access reports generated by EOP and ATP
• Understand how to access detailed information from reports generated by EOP and ATP

• Completed a role-based administrator course such as Messaging, Teamwork, Security and Compliance, or Collaboration.
• A proficient understanding of DNS and basic functional experience with Microsoft 365 services.
• A proficient understanding of general IT practices.

This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 work load administrator certification paths.