Microsoft 365 Security and Compliance for Administrators [1 ed.] 9781837638376
n today's hostile cyber landscape, securing data and complying with regulations is paramount for individuals, busin
156 104 38MB
English Pages 558 Year 2024
Table of contents :
Microsoft 365 Security and Compliance for Administrators
Contributors
About the authors
About the reviewers
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
Part 1:Introduction to Microsoft 365
1
Getting Started with Microsoft 365 Security and Compliance
Technical requirements
Introduction to Microsoft 365 offers, plans, and licenses
Microsoft 365 plans and components
Microsoft 365 licensing
Introduction to Microsoft 365 security
Introduction to Microsoft 365 compliance
Summary
2
The Role of Microsoft Entra ID in Microsoft 365 Security
Technical requirements
Microsoft Entra ID plans and features
Microsoft Entra ID roles and groups
Azure roles, or Azure RBAC roles
Microsoft Entra ID roles
Classic roles
Microsoft 365 roles in Microsoft Entra ID
Best practices for roles
Microsoft 365 groups
Microsoft Entra ID Protection
Summary
Part 2: Microsoft 365 Security
3
Microsoft Defender for Office 365
Technical requirements
Getting started with Microsoft Defender for Office 365
Protecting assets with Microsoft Defender for Office 365
Quarantine policy
Anti-phishing
Anti-spam
Anti-malware
Safe Attachment
Safe Links
Rules
Attack simulation training
Responding to alerts and mitigating threats
Summary
4
Microsoft Defender for Endpoint
Introducing Microsoft Defender for Endpoint
Technical and license requirements
Configuring Microsoft Defender for Endpoint
Microsoft Defender Vulnerability Management dashboard
Microsoft Defender for Endpoint Device inventory
Windows devices
Configuring advanced features in Microsoft Defender for Endpoint
Security recommendations
The Microsoft Defender for Endpoint configuration management dashboard
Microsoft Defender for Endpoint Tutorials & simulations
Microsoft Defender for Endpoint Co-management Authority
Configuring a compliance policy for Windows devices
Configuring a configuration profile for Windows devices
Windows 365
Enrollment device platform restrictions
Enrollment device limit restrictions
Configuring quality updates for Windows 10 and later in Intune
How to create a profile for update policies for iOS/iPadOS in Intune
How to create a profile for update policies for macOS in the Intune portal
How to create app protection policies in the Microsoft Intune admin portal
How to create app configuration policies
How to create policies for Office apps in the Intune admin portal
Endpoint Security
Creating a profile for a security baseline for Windows 10 and later
Creating a Microsoft Defender for Endpoint baseline
Creating a Microsoft Edge baseline
Creating a Windows 365 security baseline
Managing and creating different policies under Endpoint Security
Configuring an antivirus policy in the Intune portal
Configuring disk encryption
Configuring a firewall policy
Setting up endpoint detection and response
Configuring attack surface reduction
Configuring account protection
Configuring device compliance
Configuring Conditional Access policies
Summary
5
Getting Started with Microsoft Purview
About Microsoft Purview
How it works…
Benefits
Technical and license requirements
Configuring Microsoft Purview
Compliance Score
Classifiers in Microsoft 365 Purview
Configuring sensitive info types
Configuring content explorer
Content search
Streamlining data discovery
Enhancing data governance and compliance
Independence and objectivity
Regulatory oversight and accountability
Risk mitigation and control
A comprehensive compliance oversight
Collaboration and cross-functional alignment
Data loss prevention
Endpoint DLP settings
Summary
6
Microsoft Defender for Cloud Apps
Introducing Microsoft Defender for Cloud Apps
Discovering shadow IT with Microsoft Defender for Cloud Apps
Discovering and managing shadow IT in Microsoft Defender for Cloud Apps
Technical and license requirements
Configuring Microsoft Defender for Cloud Apps
Managing OAuth applications with Microsoft Defender for Cloud Apps
Managing files in Microsoft Defender for Cloud Apps
Managing the activity log in Microsoft Defender for Cloud Apps
Governance log
Microsoft Defender for Cloud Apps policies
Summary
7
Microsoft Defender Vulnerability Management
Getting started with Microsoft Defender Vulnerability Management
Microsoft Defender Vulnerability Management licensing and technical requirements
Key features and capabilities
Benefits of using the Vulnerability Management dashboard
Permissions
Recommendations and remediation
Security recommendations
Remediation tasks in Microsoft Intune
Remediation
Inventories and weaknesses
Inventories
Weaknesses
Summary
8
Microsoft Defender for Identity
Introducing Microsoft Defender for Identity
Technical and license requirements
Configuring Microsoft Defender for Identity
Configuring sensors for Microsoft Defender for Identity
Entity tags
Working with detection rules
Configuring Microsoft Defender for Identity and Microsoft Sentinel
Summary
Part 3: Microsoft 365 Governance and Compliance
9
Microsoft Purview Insider Risk Management
Technical requirements
Insider Risk Management
Initial setup
Resolving insider risk cases
Information barriers and access management
Microsoft Purview IB requirements
Communication Compliance
Summary
Further readings
10
Microsoft Purview Information Protection
About Microsoft Purview Information Protection
Data classification
Configuring Information Protection
Information Protection
Publishing label policies
Information Protection scanner
Installing the Microsoft Purview Information Protection scanner
Summary
11
Understanding the Lifecycle of Auditing and Records
Getting started with the lifecycle of auditing and records
The lifecycle of audits and records in Microsoft 365
Microsoft Purview Records Management
Microsoft data lifecycle management
Creating retention policies
Creating and publishing labels
Records management
eDiscovery and data holds
Configuring eDiscovery Standard and Premium
Creating and configuring eDiscovery premium cases
Auditing and alerts
Summary
Index
Why subscribe?
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book
Microsoft 365 Security and Compliance for Administrators
Contributors
About the authors
About the reviewers
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
Part 1:Introduction to Microsoft 365
1
Getting Started with Microsoft 365 Security and Compliance
Technical requirements
Introduction to Microsoft 365 offers, plans, and licenses
Microsoft 365 plans and components
Microsoft 365 licensing
Introduction to Microsoft 365 security
Introduction to Microsoft 365 compliance
Summary
2
The Role of Microsoft Entra ID in Microsoft 365 Security
Technical requirements
Microsoft Entra ID plans and features
Microsoft Entra ID roles and groups
Azure roles, or Azure RBAC roles
Microsoft Entra ID roles
Classic roles
Microsoft 365 roles in Microsoft Entra ID
Best practices for roles
Microsoft 365 groups
Microsoft Entra ID Protection
Summary
Part 2: Microsoft 365 Security
3
Microsoft Defender for Office 365
Technical requirements
Getting started with Microsoft Defender for Office 365
Protecting assets with Microsoft Defender for Office 365
Quarantine policy
Anti-phishing
Anti-spam
Anti-malware
Safe Attachment
Safe Links
Rules
Attack simulation training
Responding to alerts and mitigating threats
Summary
4
Microsoft Defender for Endpoint
Introducing Microsoft Defender for Endpoint
Technical and license requirements
Configuring Microsoft Defender for Endpoint
Microsoft Defender Vulnerability Management dashboard
Microsoft Defender for Endpoint Device inventory
Windows devices
Configuring advanced features in Microsoft Defender for Endpoint
Security recommendations
The Microsoft Defender for Endpoint configuration management dashboard
Microsoft Defender for Endpoint Tutorials & simulations
Microsoft Defender for Endpoint Co-management Authority
Configuring a compliance policy for Windows devices
Configuring a configuration profile for Windows devices
Windows 365
Enrollment device platform restrictions
Enrollment device limit restrictions
Configuring quality updates for Windows 10 and later in Intune
How to create a profile for update policies for iOS/iPadOS in Intune
How to create a profile for update policies for macOS in the Intune portal
How to create app protection policies in the Microsoft Intune admin portal
How to create app configuration policies
How to create policies for Office apps in the Intune admin portal
Endpoint Security
Creating a profile for a security baseline for Windows 10 and later
Creating a Microsoft Defender for Endpoint baseline
Creating a Microsoft Edge baseline
Creating a Windows 365 security baseline
Managing and creating different policies under Endpoint Security
Configuring an antivirus policy in the Intune portal
Configuring disk encryption
Configuring a firewall policy
Setting up endpoint detection and response
Configuring attack surface reduction
Configuring account protection
Configuring device compliance
Configuring Conditional Access policies
Summary
5
Getting Started with Microsoft Purview
About Microsoft Purview
How it works…
Benefits
Technical and license requirements
Configuring Microsoft Purview
Compliance Score
Classifiers in Microsoft 365 Purview
Configuring sensitive info types
Configuring content explorer
Content search
Streamlining data discovery
Enhancing data governance and compliance
Independence and objectivity
Regulatory oversight and accountability
Risk mitigation and control
A comprehensive compliance oversight
Collaboration and cross-functional alignment
Data loss prevention
Endpoint DLP settings
Summary
6
Microsoft Defender for Cloud Apps
Introducing Microsoft Defender for Cloud Apps
Discovering shadow IT with Microsoft Defender for Cloud Apps
Discovering and managing shadow IT in Microsoft Defender for Cloud Apps
Technical and license requirements
Configuring Microsoft Defender for Cloud Apps
Managing OAuth applications with Microsoft Defender for Cloud Apps
Managing files in Microsoft Defender for Cloud Apps
Managing the activity log in Microsoft Defender for Cloud Apps
Governance log
Microsoft Defender for Cloud Apps policies
Summary
7
Microsoft Defender Vulnerability Management
Getting started with Microsoft Defender Vulnerability Management
Microsoft Defender Vulnerability Management licensing and technical requirements
Key features and capabilities
Benefits of using the Vulnerability Management dashboard
Permissions
Recommendations and remediation
Security recommendations
Remediation tasks in Microsoft Intune
Remediation
Inventories and weaknesses
Inventories
Weaknesses
Summary
8
Microsoft Defender for Identity
Introducing Microsoft Defender for Identity
Technical and license requirements
Configuring Microsoft Defender for Identity
Configuring sensors for Microsoft Defender for Identity
Entity tags
Working with detection rules
Configuring Microsoft Defender for Identity and Microsoft Sentinel
Summary
Part 3: Microsoft 365 Governance and Compliance
9
Microsoft Purview Insider Risk Management
Technical requirements
Insider Risk Management
Initial setup
Resolving insider risk cases
Information barriers and access management
Microsoft Purview IB requirements
Communication Compliance
Summary
Further readings
10
Microsoft Purview Information Protection
About Microsoft Purview Information Protection
Data classification
Configuring Information Protection
Information Protection
Publishing label policies
Information Protection scanner
Installing the Microsoft Purview Information Protection scanner
Summary
11
Understanding the Lifecycle of Auditing and Records
Getting started with the lifecycle of auditing and records
The lifecycle of audits and records in Microsoft 365
Microsoft Purview Records Management
Microsoft data lifecycle management
Creating retention policies
Creating and publishing labels
Records management
eDiscovery and data holds
Configuring eDiscovery Standard and Premium
Creating and configuring eDiscovery premium cases
Auditing and alerts
Summary
Index
Why subscribe?
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book
![Microsoft 365 Security and Compliance for Administrators [1 ed.]
9781837638376](https://ebin.pub/img/200x200/microsoft-365-security-and-compliance-for-administrators-1nbsped-9781837638376.jpg)
![Microsoft 365 Security, Compliance, and Identity Administration: Plan and implement security and compliance strategies [True PDF] [Team-IRA]
1804611921, 9781804611920](https://ebin.pub/img/200x200/microsoft-365-security-compliance-and-identity-administration-plan-and-implement-security-and-compliance-strategies-true-pdf-team-ira-1804611921-9781804611920.jpg)
