Microsoft 365 Mobility and Security

Vor der Teilnahme an diesem Training müssen die Teilnehmer folgende Voraussetzungen erfüllen:

• Erfolgreicher Abschluss eines rollenbasierten Administratorkurses zu Themen wie Messaging, Teamarbeit, Sicherheit und Compliance oder Zusammenarbeit
• Ein fundiertes Verständnis von DNS und grundlegende Erfahrung mit den Funktionen von Microsoft 365-Diensten
• Ein fundiertes Verständnis allgemeiner IT-Verfahren

Dieses Training behandelt drei zentrale Aufgaben der Microsoft 365 Verwaltung:

soft 365 Sicherheit (Security)
soft 365 Konformität (Compliance)
soft 365 Geräteverwaltung (Device Management)

Sie erfahren, wie Microsoft 365 konfiguriert werden kann um aktuelle Bedrohungen in Bezug auf Datendiebstahl, unerlaubter Datenänderung und/oder mutwilliger Zerstörung von Daten entgegenzuwirken. Sie lernen u. a. Azure Active Directory Identity Protection und Priviledged Identity Management (PIM) inkl. Reporting und Access Reviews kennen. Darüber hinaus lernen Sie, wie Exchange Online Protection arbeitet und inwieweit Sie diese anpassen können bis hin zur Erstellung von Safe Attachments und Safe Links Richtlinien (Advanced Thread Protection).

Um einen schnellen Überblick über die aktuelle Bedrohungslage (threat landscape) und Ihren aktuellen Sicherheitseinstellungen zu bekommen, lernen Sie das Security Dashboard kennen. Damit können Sie auch u. a. Phishing-, Malware und andere Attacken erkennen und sogar die Qualität der verwendeten Passwörter der Benutzer überprüfen (Attack Simulator).

Um gesetzliche oder interne Vorschriften zur Handhabung von Daten und deren Speicherung lernen Sie, wie das Information Rights Management zu aktivieren und zu konfigurieren, Azure Information Protection zu implementieren, Data Loss Prevention und Sensitivity Labels einzusetzen. Auch erfahren Sie, wie Sie Daten automatisch und Richtlinien-konform archivieren können und Informationen wiederfinden können (Searches, DSRs).

Die letzte zentrale Thematik in diesem Kurs ist Geräteverwaltung. Lernen Sie, wie Sie Windows 10, iOS und Android Geräte mittels Endpoint Manager (Intunes) verwalten und konfigurieren können (Enrollment, Device Compliance policies, Device Configuration policies, Application policies, Windows Information Protection). Auch erhalten Sie einen Überblick über Cloud App Security.

Nach Abschluss dieses Trainings haben die Teilnehmer Wissen zu folgenden Themen aufgebaut:

soft 365 Security Metrics
soft 365 Security Services
soft 365 Threat Intelligence
Governance in Microsoft 365
ving and Retention in Office 365
Governance in Microsoft 365 Intelligence
h and Investigations
e Management
ws 10 Deployment Strategies
e Device Management

Hinweis:

wir empfehlen den Besuch des Powercamps Microsoft 365 Enterprise Administrator
Dieses Training richtet sich an Personen, die die Microsoft 365 Enterprise-Administratorrolle anstreben und einen der Microsoft 365-Zertifizierungspfade für rollenbasierte Administratoren abgeschlossen haben.
 
Examine threat vectors and data breaches

• Explore today’s work and threat landscape
• Examine how phishing retrieves sensitive information
• Examine how spoofing deceives users and compromises data security
• Compare spam and malware
• Examine how an account breach compromises a user account
• Examine elevation of privilege attacks
• Examine how data exfiltration moves data out of your tenant
• Examine how attackers delete data from your tenant
• Examine how data spillage exposes data outside your tenant
• Examine other types of attacks

Explore the Zero Trust security model

• Examine the principles and components of the Zero Trust model
• Plan for a Zero Trust security model in your organization
• Examine Microsoft’s strategy for Zero Trust networking
• Adopt a Zero Trust approach

Explore security solutions in Microsoft 365 Defender

• Enhance your email security using Microsoft Defender for Office 365
• Protect your organization’s identities using Microsoft Defender for Identity
• Protect your enterprise network against advanced threats using Microsoft Defender for Endpoint
• Protect against cyber attacks using Microsoft 365 Threat Intelligence
• Provide insight into suspicious activity using Microsoft Cloud App Security
• Review the security reports in Microsoft 365 Defender

Examine Microsoft Secure Score

• Explore Microsoft Secure Score
• Examine the Secure Score Dashboard
• Collect Secure Score data using the Secure Score API
• Improve your security posture

Examine Privileged Identity Management

• Explore Privileged Identity Management in Azure AD
• Configure Privileged Identity Management
• Audit Privileged Identity Management
• Explore Microsoft Identity Manager
• Control privileged admin tasks using Privileged Access Management

Examine Azure Identity Protection

• Explore Azure Identity Protection
• Enable the default protection policies in AIP
• Explore the vulnerabilities and risk events detected by AIP
• Plan your identity investigation

Examine Exchange Online Protection

• Examine the anti-malware pipeline
• Detect messages with spam or malware using Zero-hour auto purge
• Explore anti-spoofing protection provided by Exchange Online Protection
• Explore other anti-spoofing protection
• Examine outbound spam filtering

Examine Microsoft Defender for Office 365

• Climb the security ladder from EOP to Microsoft Defender for Office 365
• Expand EOP protections by using Safe Attachments and Safe Links
• Protect users from malicious attachments by using Safe Attachments
• Protect users from malicious URLs by using Safe Links
• Manage spoof intelligence
• Configure outbound spam filtering policies
• Unblock users from sending email

Manage Safe Attachments

• Create Safe Attachment policies using Microsoft Defender for Office 365
• Create Safe Attachments policies using PowerShell
• Modify an existing Safe Attachments policy
• Create a transport rule to bypass a Safe Attachments policy
• Examine the end-user experience with Safe Attachments

Manage Safe Links

• Create Safe Links policies using Microsoft Defender for Office 365
• Create Safe Links policies using PowerShell
• Modify an existing Safe Links policy
• Create a transport rule to bypass a Safe Links policy
• Examine the end-user experience with Safe Links

Explore threat intelligence in Microsoft 365 Defender

• Explore Microsoft Intelligent Security Graph
• Explore alert policies in Microsoft 365
• Run automated investigations and responses
• Explore threat hunting with Microsoft Threat Protection
• Explore advanced threat hunting in Microsoft 365 Defender
• Explore threat analytics in Microsoft 365

Implement app protection by using Microsoft Defender for Cloud Apps

• Explore Microsoft Defender for Cloud Apps
• Deploy Microsoft Defender for Cloud Apps
• Configure file policies in Microsoft Defender for Cloud Apps
• Manage and respond to alerts in Microsoft Defender for Cloud Apps
• Configure Cloud Discovery in Microsoft Defender for Cloud Apps
• Troubleshoot Cloud Discovery in Microsoft Defender for Cloud Apps

Implement endpoint protection by using Microsoft Defender for Endpoint

• Explore Microsoft Defender for Endpoint
• Configure Microsoft Defender for Endpoint in Microsoft Intune
• Onboard devices in Microsoft Defender for Endpoint
• Manage endpoint threats and vulnerabilities
• Manage device discovery and vulnerability assessment
• Reduce your threat and vulnerability exposure

Implement threat protection by using Microsoft Defender for Office 365

• Explore the Microsoft Defender for Office 365 protection stack
• Investigate security attacks by using Threat Explorer
• Identify cybersecurity issues by using Threat Trackers
• Prepare for attacks with Attack Simulation training

Explore archiving and records management in Microsoft 365

• Explore archive mailboxes in Microsoft 365
• Enable archive mailboxes in Microsoft 365
• Explore records management in Microsoft 365
• Implement records management in Microsoft 365
• Restore deleted data in Exchange Online
• Restore deleted data in SharePoint Online

Explore retention in Microsoft 365

• Explore retention by using retention policies and retention labels
• Compare capabilities in retention policies and retention labels
• Define the scope of a retention policy
• Examine the principles of retention
• Implement retention using retention policies, retention labels, and eDiscovery holds
• Restrict retention changes by using preservation lock

Explore Data Loss Prevention in Microsoft 365

• Examine data loss prevention
• Explore Endpoint data loss prevention
• Examine DLP policies
• View DLP policy results
• Explore DLP reports

Create information barriers in Microsoft 365

• Explore information barriers in Microsoft 365
• Configure information barriers
• Examine information barriers in Microsoft Teams
• Examine information barriers in OneDrive
• Examine information barriers in SharePoint

Explore sensitivity labels

• Manage data protection using sensitivity labels
• Explore what sensitivity labels can do
• Determine a sensitivity label’s scope
• Explore sensitivity label policies

Implement sensitivity labels

• Examine the requirements to create a sensitivity label
• Plan your deployment strategy for sensitivity labels
• Create sensitivity labels
• Publish sensitivity labels
• Remove and delete sensitivity labels

Search for content in the Microsoft Purview compliance portal

• Explore Microsoft Purview eDiscovery solutions
• Create a content search
• View the search results and statistics
• Export the search results and search report
• Configure search permissions filtering
• Search for and delete email messages

MS-101 Manage content search and investigations in Microsoft 365

• Search for content in the Microsoft Purview compliance portal
• Explore Microsoft Purview eDiscovery solutions
• Create a content search
• View the search results and statistics
• Export the search results and search report
• Configure search permisions filtering
• Search for and delete email messages
• Manage Microsoft Purview Audit (Standard)
• Explore Microsoft Purview Audit solutions6 min
• Implement Microsoft Purview Audit (Standard)4 min
• Search the audit log10 min
• Export, configure, and view audit log records6 min
• Use audit log searching to investigate common support issues
• Manage Microsoft Purview Audit (Premium)
• Explore Microsoft Purview Audit (Premium)10 min
• Implement Microsoft Purview Audit (Premium)3 min
• Manage audit log retention policies9 min
• Investigate compromised email accounts
• Manage Microsoft Purview eDiscovery (Standard)
• Explore Microsoft Purview eDiscovery solutions
• Implement Microsoft Purview eDiscovery (Standard)
• Create eDiscovery holds
• Search for content in a case
• Export content from a case
• Close, reopen, and delete a case
• Manage Microsoft Purview eDiscovery (Premium)
• Explore Microsoft Purview eDiscovery (Premium)
• Implement Microsoft Purview eDiscovery (Premium)
• Create and manage an eDiscovery (Premium) case
• Manage custodians and non-custodial data sources
• Analyze case content

MS-101 Prepare for device management in Microsoft 365

• Explore device management using Microsoft Endpoint manager
• Explore device management in Microsoft Endpoint Manager
• Explore co-management of Windows devices
• Manage devices using Configuration Manager
• Manage devices using Microsoft Intune
• Create device profiles in Microsoft Intune
• Prepare your Windows devices for Co-management
• Plan your Co-management strategy
• Explore the prerequisites for using Co-management
• Configure Configuration Manager for Co-management
• Enroll Windows 10 devices to Intune
• Modify your co-management settings
• Transfer workload management from Configuration Manager to Intune
• Plan for mobile application management in Microsoft Intune
• Explore mobile application management in Microsoft Intune
• Add apps to Microsoft Intune
• Protect company data by using app protection policies
• Explore app configuration policies for Intune
• Troubleshoot app protection policy deployment in Intune

Prepare your Windows devices for Co-management

• Plan your Co-management strategy
• Explore the prerequisites for using Co-management
• Configure Configuration Manager for Co-management
• Enroll Windows 10 devices to Intune
• Modify your co-management settings
• Transfer workload management from Configuration Manager to Intune

Plan for mobile application management in Microsoft Intune

• Explore mobile application management in Microsoft Intune
• Add apps to Microsoft Intune
• Protect company data by using app protection policies
• Explore app configuration policies for Intune
• Troubleshoot app protection policy deployment in Intune

Examine Windows client deployment scenarios

• Explore Windows as a Service
• Explore the Windows client deployment models
• Examine the modern deployment methods
• Examine the dynamic deployment methods
• Examine the traditional deployment methods

Explore Windows Autopilot deployment models

• Explore Windows Autopilot
• Examine the Windows Autopilot prerequisites
• Plan the settings for Windows Autopilot profiles
• Examine the Windows Autopilot self-deployment model
• Examine the Windows Autopilot pre-provisioned deployment model
• Examine the Windows Autopilot user-driven deployment model
• Deploy BitLocker encryption for autopiloted devices

Plan your Windows client Subscription Activation strategy

• Explore Windows 10/11 Enterprise E3 availability through the Cloud Service Provider channel
• Configure Virtual Desktop Access for automatic subscription activation on virtual machines
• Deploy Windows 10/11 Enterprise licenses

Explore Mobile Device Management

• Explore Mobile Device Management in Microsoft 365
• Explore the Mobile Device Management services in Microsoft 365
• Examine the Mobile Device Management policy settings in Microsoft 365
• Examine how email and document access are controlled on mobile device-managed devices

Deploy Mobile Device Management

• Activate the Mobile Device Management services in Microsoft 365
• Configure domains for Mobile Device Management
• Obtain an Apple Push Notification Service certificate for iOS devices
• Manage security policies for mobile device-managed devices
• Define a corporate device enrollment policy

Enroll devices to Mobile Device Management

• Review device enrollment methods
• Examine Azure AD registered devices
• Explore Azure AD joined devices
• Explore hybrid Azure AD joined devices
• Examine device enrollment in Intune
• Examine device enrollment capabilities
• Set up enrollment for Windows devices

Manage device compliance

• Plan for device compliance
• Implement compliance policies for Intune managed devices
• Monitor results of your Intune device compliance policies
• Implement user and device groups to monitor device compliance
• Explore Conditional Access policies
• Build Conditional Access policies
• Monitor enrolled devices

https://www.etc.at/seminare/MS-101T00