Course MS-101T00: Microsoft 365 Mobility & Security

•  Explain techniques hackers use to compromise user accounts through email
•  Explain techniques hackers use to gain control over resources
•  Explain techniques hackers use to compromise data
•  Mitigate an account breach
•  Prevent an elevation of privilege attack
•  Prevent data exfiltration, data deletion, & data spillage

•  Explain the Zero Trust approach to security in Microsoft 365
•  Explain the principles & components of the Zero Trust security model
•  Explain the five steps to implementing a Zero Trust security model in your organization
•  Explain Microsoft's story & strategy around Zero Trust networking

•  Identify the features of Microsoft Defender for 365 office that increases email security in a Microsoft 365 deployment.
•  Explain how Microsoft Defender for Identity detects, identifies, & investigates advanced threats, compromised identities,& malicious insider actions directed at your organization
•  Explain how Microsoft Defender for Endpoint helps detect, enterprise networks prevent, investigate, & respond to advanced threats
•  Explain how Microsoft 365 Threat Intelligence can be beneficial to your organization's security officers & administrators
•  Explain how Microsoft Cloud App Security enhances visibility & control over the Microsoft 365 tenant through three core areas

• Explain the benefits of Secure Score & what kind of services can be analyzed
•  Explain how to collect data using the Secure Score API
•  Explain how to use the tool so as to identify gaps between one current state & where you would like to be regarding security
•  Identify actions that will increase security by mitigating risks
•  Explain where to look to understand the threats each Action will mitigate & the impact it has on users.

•  Explain how Privileged Identity Management allows you to manage,
•  Control, & monitor access to essential resources in your organization.
•  Set up Privileged Identity Management for use in your organization
•  Explain how Privileged Identity Management audit history allows you to see all the user assignments & activations for all privileged roles within a specific time frame
•  Explain how Microsoft Identity Manager helps companies manage the users, credentials, policies, & access within their organizations & hybrid environments
•  Explain how Privileged Access Management in Microsoft 365offers fine-grained access control over privileged admin tasks

• Explain Azure Identity Protection (AIP) & what type of identities can be protected
•  Allow the three default protection policies in AIP
•  Identify the vulnerabilities& risk events detected by AIP
•  Plan your investigation for protecting cloud-based identities
•  Plan how to protect the Azure Active Directory environment from security breaches

• Explain how Exchange Online Protection analyzes email to give anti-malware pipeline protection.
•  Write several mechanisms used by Exchange Online Protection to filter spam & malware.
•  Explain other solutions administrators may implement to give extra protection against phishing & spoofing.
•  Understand how EOP gives protection against outbound spam.

• Explain how the Safe Attachments feature in Microsoft Defender for 365 office blocks zero-day malware in email attachments &documents.
•  Explain how the Safe Links are a feature in Microsoft Defender for 365 Office that protects users from malicious URLs embedded in emails & documents that point to malicious websites.
•  Create outbound spam filtering policies.
•  Unblock users who violate spam filtering policies so they can continue sending emails.

•  Create & modify a Safe Attachments policy using Microsoft 365 Defender
• · Make Safe Attachments policy by using PowerShell
• · Configure a Safe Attachments policy
•  Explain how a transport rule can disable the Safe Attachments policy
•  Explain the end-user experience when an email attachment is scanned & found to be malicious

• Create & modify a Safe Links policy using Microsoft 365 Defender
•  Create a Safe Links policy using PowerShell
•  Set up a Safe Links policy
•  Explain how a transport rule can disable a Safe Links policy
•  Explain the end-user experience when Safe Links locate a link to a malicious website present in the email, & a link to a malicious file hosted on a website

•  Explain how threat intelligence in Microsoft 365 is used by the Microsoft Intelligent Security Graph.
•  Create alerts that can recognize malicious or suspicious events.
•  Understand how Microsoft 365 Defender's Automated investigation & response process works.
•  Explain how threat hunting enables security operators to identify cybersecurity threats.
•  Explain how Advanced hunting in Microsoft 365 Defender proactively examines events in your network to locate threat indicators & entities.

•  Explain how Microsoft Defender for Cloud App provides improved visibility into network cloud activity & increases the protection of critical data in the cloud applications.
•  Describe how to deploy Microsoft Defender for Cloud Apps.
•  Manage your cloud apps with file policies.
•  Manage & respond to alerts that were generated by those policies.
•  Configure & troubleshoot Cloud Discovery.

•  Explain how Microsoft Defender for Endpoint support enterprise networks to prevent, investigate, detect & respond to advanced threats.
•  Onboard-supported devices to Microsoft Defender for Endpoint.
•  Implement the Threat &Vulnerability Management module to effectively identify, assess, & remediate endpoint weaknesses.
•  Configure gadget discovery to help find unmanaged gadgets connected to your corporate network.
•  Lower your organization's threat & vulnerability exposure by remediating issues based on prioritized security recommendations.

• Explain the protection stack provided by Microsoft Defender for Office 365.
•  Learn how Threat Explorer can be used to investigate threats & help to protect your tenant.
•  Explain the Threat Tracker widgets & views that provide you with intelligence on different cybersecurity problems that might affect your company.
•  Run realistic attack situations using Attack Simulator to help locate vulnerable users before a real attack impacts your organization.

• Safeguard sensitive data with Microsoft Purview Information Protection.
•  Manage organizational data with Microsoft Purview Data Lifecycle Management.
•  Decrease internal risks with Microsoft Purview Insider Risk Management.
•  Explain the Microsoft Purview eDiscovery solutions.

•  Enable & disable archived mail in the Microsoft Purview compliance portal & through
•   Windows PowerShell.
•  Run diagnostic tests on an archive mailbox.
•  Understand how retention labels can be used so as to allow or block actions when documents & emails are declared records.
•  Create your file plan for retention & deletion settings & actions.
•  Importing an existing plan can help you choose when to mark items as records. Or creating new retention labels.
•  Restore deleted data in Exchange Online & SharePoint Online.

• Explain how retention policies & retention labels work.
•  Identify the capabilities of both retention policies & retention labels.
•  Select the correct scope for a policy depending on business requirements.
•  Explain the principles of retention.
•  Identify the differences between retention settings & eDiscovery holds.
•  Restrict retention changes by using a preservation lock.

• Explain the features of Microsoft Purview Message Encryption.
•  Explain how Microsoft's Purview Message Encryption works & how to set it up.
•  Define mail flow rules that apply branding & encryption templates to encrypt email messages.
•  Add company branding to encrypted email messages.
•  Explain the extra features provided by Microsoft Purview Advanced Message Encryption.

• Explain how Microsoft 365 helps organizations manage risks, protect data, & remain compliant with regulations & standards.
•  Plan your beginning compliance work in Microsoft Purview.
•  control your compliance requirements with the Compliance Manager.
•  Manage compliance posture & improvement actions using the Compliance Manager dashboard.
•  Describe how an organization's compliance score is determined.

• Explain insider risk management functionality in Microsoft 365.
•  Develop a strategy to implement the Microsoft Purview Insider Risk Management solution.
•  Create insider risk management policies.
•  Manage insider risk management alerts & cases.

•  Explain how information barriers can restrict or allow communication & collaboration among specific groups of users.
•  Explain the components of an information barrier & how to enable information barriers.
•  Understand how information barrier modes help reinforce who can be permitted or removed from a Microsoft Team, OneDrive account, & SharePoint site.
•  Explain how information barriers prevent users or groups from communicating & collaborating with Microsoft Teams, OneDrive, & SharePoint.

•  Explain how Data Loss Prevention (DLP) is managed in Microsoft 365
•  Learn how DLP in Microsoft 365 uses sensitive information types & search patterns
•  Explain how Microsoft Endpoint DLP extends the DLP activity monitoring & protection capabilities.
•  Explain what a DLP policy is & what it contains
•  View DLP policy results using both queries & reports

• Create a data loss prevention implementation plan. Apply Microsoft 365's default DLP policy.
•  Make a custom DLP policy from a DLP template & from scratch.
•  Create email notifications & policy tips for people when a DLP rule applies.
•  Create policy tips for people when a DLP rule applies
•  Set up email notifications for DLP policies

• Explain the benefits & pain points of making a data classification framework.
•  Find out how Microsoft 365 handles sensitive data classification.
•  Understand how Microsoft 365 uses trainable classifiers to safeguard sensitive data.
•  Create & then retrain custom trainable classifiers.
•  Analyze the outcome of your data classification efforts in Content explorer & Activity explorer.
•  Implement Document Fingerprinting to safeguard sensitive information being sent through Exchange Online.

•  Explain how sensitivity labels let you classify & protect your organization's data
•  Identify the common reason why organizations use sensitivity labels
•  Explain what sensitivity the label is & what it can do for an organization
• Set up a sensitivity label's scope
•  Describe why the order of sensitivity labels in your admin center is essential
•  Explain what label policies can do

•  Explain the overall process of creating, configuring, & publish sensitivity labels
•  Determine the administrative rights that members of the compliance team must be given in order to implement sensitivity labels
•  Develop a data classification the framework that provides the foundation for your sensitivity labels
•  Create & configure sensitivity labels
•  Publish sensitivity labels by making a label policy
•  Identify the differences between removing & deleting sensitivity labels

• Explain how to use content search in the Microsoft Purview compliance portal.
•  Design & create a content search.
•  Preview the search results.
•  View the search statistics.
•  Export the search results & search report.
•  Configure search permission filtering.

•  Explain the difference between Audit (Standard) & Audit (Premium).
•  List the main characteristics of the Audit (Standard) solution.
•  Set up & implement audi log searching using the Audit (Standard) solution.
•  Export, configure, & view audit log records.
•  Use audit log searching for troubleshooting common support issues.

• Explain the difference between Audit (Standard) & Audit (Premium).
•  Set up & implement Microsoft Purview Audit (Premium).
•  Create audit log retention policies.
•  Perform forensic investigations of compromised user accounts.

•  Explain how Microsoft's Purview eDiscovery (Standard) builds on the basic search & export functionality of Content search.
•  Explain the basic workflow of eDiscovery (Standard).
•  Make an eDiscovery case.
•  Make an eDiscovery hold for an eDiscovery case.
•  Search for content in a case & then export that content.
•  Close, reopen, & delete a case.

•  Explain how Microsoft's Purview eDiscovery (Premium) builds on eDiscovery (Standard).
•  Explain the basic workflow of eDiscovery (Premium).
•  Create & manage cases in eDiscovery (Premium).
•  Manage custodians & non-custodial data sources.
•  Analyze case content & use analytical tools to decrease the size of search result sets.

•  Explain the device management capabilities found in Microsoft Endpoint Manager.
•  how Configuration Manager can be used to co-manage Windows devices in Endpoint Manager& Intune.
•  Manage devices using Configuration Manager.
•  Manage devices using Microsoft Intune.
•  Create device profiles in Microsoft Intune.

• Explain the prerequisites for using Co-management
•  Configure Microsoft Endpoint Configuration Manager for Co-management
•  Enroll Windows 10 gadget to Intune

• Explain the basic functionality of mobile application management in Microsoft Intune.
•  Assess your app requirements & add apps into Intune.
•  Protect organization data by using app protection policies.
•  Apply app configuration policies in Intune to eliminate app setup problems.
•  Troubleshoot app protection policy deployment in Intune.

• Explain how the Windows as the Service model continually gives new capabilities & updates while maintaining a high level of hardware & software compatibility.
•  Describe how the dynamic Windows 10/11 deployment model can change the existing version of Windows 10/11 that's included on a gadget.
•  To a customized version that's used in the company without reinstalling
•  windows. 
•  Describe how the current Windows 10/11 deployment model integrates both on-premises methods & cloud services to deliver a streamlined, cost-effective deployment experience. 
•  Describe how the standard Windows 10/11 deployment approach relies on images and uses the on-premises infrastructure of an organization.

• Explain the Windows Autopilot Deployment requirements.
•  Create & assign a Windows Autopilot profile.
•  Describe how the Autopilot self-deployment model deploys Windows 10 & 11 with little or no user interaction.
•  Describe how the Autopilot pre-provisioned deployment methodology enables end users to provision new devices by leveraging the OEM image and drivers that are already installed.
•  Describe how new Windows 10 & 11 devices can be modified from their initial factory state without requiring IT professionals to even touch the device, thanks to the Autopilot user-driven deployment approach.
•  Deploy BitLocker encryption for Autopiloted devices.

•  Describe the process for purchasing Windows 10/11 Enterprise E3 subscriptions via the Cloud Service Provider channel.
•  Set up Virtual Desktop access for automatic subscription activation on virtual machines 
•  Describe how Windows 10/11 enterprise licenses can be deployed automatically & without a device restart.

• Explain the two MDM authority solutions included in Microsoft 365 - Microsoft Intune & Basic Mobility & Security 
•  Compare the basic features in Microsoft Intune & Basic mobility & security
•  Explain the policy settings for mobile devices in Microsoft Intune & Basic Mobility & security
• · Explain how email & document access are controlled on devices managed by MDM

•  Activate & deploy Mobile gadget Management services in Microsoft 365
•  Create DNS records for clients to use Autodiscover when enrolling devices to configure domains for MDM.
•  Obtain an APNS certificate to enroll &control iOS gadgets
•  Manage device security settings, including encryption and password controls. &
•  settings that control the usage of device features
• Establish corporate device enrollment guidelines that can restrict enrollment and enable multi-factor authentication.

•  Enroll gadgets to mobile device management in Microsoft Intune.
•  Explore the use of Azure AD joined & hybrid Azure AD joined devices.
•  Explain how users can enroll their personal devices.
•  Explain best practices &capabilities for each device enrollment method.
•  Set up enrollment for Windows devices.

• Plan for device compliance by defining the rules & settings that must be configured on a device for it to be considered compliant
•  Configure conditional users & groups for deploying profiles, policies, & apps
•  Create Conditional Access policies to implement automated access control choices for your cloud applications.
•  Monitor enrolled devices to control their Intune activities & compliance status.

•  Explain how Microsoft Intune enables organizations to protect their data & devices.
•  Understand How Microsoft Intune's endpoint security prioritizes device security& risk mitigation.
•  Manage gadgets with endpoint security in Intune.
•  Use security baselines to configure Windows gadgets in Intune.
•  To reduce an organization's attack surface, implement attack surface reduction rules.

Administrators of Microsoft Teams basically

configure, deploy as well as manage Office 365 workloads for multiple Microsoft

Teams, which mainly focus on efficient & effective collaboration & also

on communication in an enterprise atmosphere.

Microsoft Enterprise Mobility + Security (EMS) is

an intelligent mobility management & security platform. It mainly helps to

protect & secure use company & empowers its employees to work in new

& flexible ways.

MDM manages all the features of the device while

EMM manages the entire device. EMM mainly provides app customization, policy

compliance, data & document security & incorporates various network

directory services.

Following are included in Microsoft 365 e3:-

· Microsoft 365 E3 includes

· Word

· Excel

· PowerPoint

· Outlook

· OneNote

· SharePoint

· OneDrive

· Microsoft Teams

To attend the training session, you should have an operational Desktop or

Laptop with the required specification, along with a good internet connection

to access the labs.

We would always recommend you attend the live session to practice & clarify

your doubts instantly & get more value from your investment. However, due to

some contingency, if you have to skip the class, Radiant Techunderstanding will

help you with the recorded session of that particular day. However, those

recorded sessions are not meant only for personal consumption & NOT for

distribution or any commercial use.

Radiant Tech understanding has a data center containing the Virtual Training

environment for the purpose of participant's h&-on-practice. 

Participants can easily access these labs over the cloud with the help of a remote desktop

connection. Radiant virtual labs provide you the flexibility to understand from anywhere in the world & in any time zone. 

The understanders will be enthralled as we engage them in the real world &

industry Oriented projects during the training program. These projects will

improve your skills & knowledge & you will gain a better experience.

These real-time projects will help you a lot in your future tasks &

Assignments.