Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Microsoft 365 Security, Compliance, and Identity Administration
  • Table Of Contents Toc
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

By : Rising
4.9 (16)
Buy this Book
close
close
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

4.9 (16)
By: Rising
Buy this Book

Overview of this book

The Microsoft 365 Security, Compliance, and Identity Administration is designed to help you manage, implement, and monitor security and compliance solutions for Microsoft 365 environments. With this book, you’ll first configure, administer identity and access within Microsoft 365. You’ll learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, you’ll discover how RBAC and Azure AD Identity Protection can be used to detect risks and secure information in your organization. You’ll also explore concepts such as Microsoft Defender for endpoint and identity, along with threat intelligence. As you progress, you’ll uncover additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention (DLP), and Microsoft Defender for Cloud Apps. By the end of this book, you’ll be well-equipped to manage and implement security measures within your Microsoft 365 suite successfully.
Table of Contents (25 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
1
Part 1: Implementing and Managing Identity and Access
Icon
Part 1: Implementing and Managing Identity and Access
Lock Free Chapter
2
Chapter 1: Planning for Hybrid Identity
Icon
Chapter 1: Planning for Hybrid Identity
Icon
Planning your hybrid environment
Icon
Authentication methods in Azure AD
Icon
Synchronization methods with Azure AD Connect
Icon
Azure AD Connect cloud sync
Icon
Event monitoring and troubleshooting in Azure AD Connect
Icon
Summary
Icon
Questions
Icon
Further reading
3
Chapter 2: Authentication and Security
Icon
Chapter 2: Authentication and Security
Icon
Implementing Azure AD dynamic group membership
Icon
Implementing password management
Icon
Implementing and managing external identities
Icon
Implementing and managing MFA
Icon
Planning and implementing device authentication methods
Icon
Summary
Icon
Questions
Icon
Further reading
4
Chapter 3: Implementing Conditional Access Policies
Icon
Chapter 3: Implementing Conditional Access Policies
Icon
Explaining Conditional Access
Icon
Conditional Access and Microsoft Intune
Icon
Introducing the types of Conditional Access
Icon
Monitoring Conditional Access events
Icon
Summary
Icon
Questions
Icon
Further reading
5
Chapter 4: Managing Roles and Identity Governance
Icon
Chapter 4: Managing Roles and Identity Governance
Icon
Planning and configuring PIM
Icon
Planning and configuring entitlement management
Icon
Planning and configuring access reviews
Icon
Summary
Icon
Questions
Icon
Further reading
6
Chapter 5: Azure AD Identity Protection
Icon
Chapter 5: Azure AD Identity Protection
Icon
Understanding Identity Protection
Icon
Protecting users with risk and registration policies
Icon
Configuring alert options
Icon
Managing and resolving risk events
Icon
Summary
Icon
Questions
Icon
Further reading
7
Part 2: Implementing and Managing Threat Protection
Icon
Part 2: Implementing and Managing Threat Protection
8
Chapter 6: Configuring a Microsoft Defender for Identity Solution
Icon
Chapter 6: Configuring a Microsoft Defender for Identity Solution
Icon
Identifying the organizational need for MDI
Icon
Understanding the MDI architecture
Icon
Setting up MDI
Icon
Managing and monitoring MDI
Icon
Summary
Icon
Questions
Icon
Further reading
9
Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune
Icon
Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune
Icon
Planning and implementing MDE
Icon
Managing and monitoring MDE
Icon
Implementing Microsoft Defender Application Guard, Application Control, and exploit protection
Icon
Encrypting your Windows devices using BitLocker
Icon
Implementing application protection policies
Icon
Summary
Icon
Questions
Icon
Further reading
10
Chapter 8: Configuring Microsoft Defender for Office 365
Icon
Chapter 8: Configuring Microsoft Defender for Office 365
Icon
Protecting users and domains with anti-phishing protection and policies
Icon
Configuring Safe Attachments options and policies
Icon
Configuring Safe Links options, blocked URLs, and policies
Icon
Monitoring and remediating with Microsoft Defender for Office 365 reports
Icon
Running simulated attacks with Microsoft Defender for Office 365
Icon
Further attack simulation configuration options
Icon
Summary
Icon
Questions
Icon
Further reading
11
Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security
chevron up
Icon
Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security
Icon
Planning and configuring Microsoft Sentinel
Icon
Configuring playbooks in Microsoft Sentinel
Icon
Creating and using automation rules to manage responses
Icon
Managing and monitoring your Microsoft Sentinel instance
Icon
Summary
Icon
Questions
Icon
Further reading
12
Chapter 10: Configuring Microsoft Defender for Cloud Apps
Icon
Chapter 10: Configuring Microsoft Defender for Cloud Apps
Icon
Planning your MDA implementation
Icon
Configuring MDA
Icon
Managing Cloud App Discovery
Icon
Managing the MDA catalog
Icon
Managing apps and app connectors in MDA
Icon
Configuring policies and templates
Icon
Using Conditional Access App Control with MDA
Icon
Reviewing and interpreting alerts, reports, and dashboards
Icon
Summary
Icon
Questions
Icon
Further reading
13
Part 3: Implementing and Managing Information Protection
Icon
Part 3: Implementing and Managing Information Protection
14
Chapter 11: Managing Sensitive Information
Icon
Chapter 11: Managing Sensitive Information
Icon
Planning a sensitivity label solution for your organization
Icon
Creating and managing SITs
Icon
Setting up sensitivity labels and policies
Icon
Configuring and using Activity explorer
Icon
Using sensitivity labels with Teams, SharePoint, OneDrive, and Office apps
Icon
Summary
Icon
Questions
Icon
Further reading
15
Chapter 12: Managing Microsoft Purview Data Loss Prevention
Icon
Chapter 12: Managing Microsoft Purview Data Loss Prevention
Icon
Planning and implementing DLP
Icon
Managing DLP policies for Microsoft 365 workloads
Icon
DLP reporting and alerting capabilities
Icon
Implementing Endpoint DLP
Icon
Summary
Icon
Questions
Icon
Further reading
16
Chapter 13: Managing Microsoft Purview Data Lifecycle Management
Icon
Chapter 13: Managing Microsoft Purview Data Lifecycle Management
Icon
Planning for data lifecycle management
Icon
Analyzing reports and dashboards
Icon
Configuring retention labels and policies
Icon
Creating a retention policy
Icon
Planning and implementing adaptive scopes
Icon
Finding and recovering deleted Microsoft 365 data
Icon
Summary
Icon
Questions
Icon
Further reading
17
Part 4: Managing Compliance Features in Microsoft 365
Icon
Part 4: Managing Compliance Features in Microsoft 365
18
Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview
Icon
Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview
Icon
Planning for auditing and reporting
Icon
Investigating compliance activities by using audit logs
Icon
Reviewing and interpreting compliance reports and dashboards
Icon
Configuring alert policies
Icon
Configuring audit log retention policies
Icon
Summary
Icon
Questions
Icon
Further reading
19
Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases
Icon
Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases
Icon
Recommending eDiscovery (Standard) or eDiscovery (Premium)
Icon
Planning for content searches and eDiscovery
Icon
Delegating the required permissions to use search and discovery tools
Icon
Creating eDiscovery cases
Icon
Managing eDiscovery cases
Icon
Summary
Icon
Questions
Icon
Further reading
20
Chapter 16: Managing Regulatory and Privacy Requirements
Icon
Chapter 16: Managing Regulatory and Privacy Requirements
Icon
Planning your regulatory compliance journey in Microsoft 365
Icon
Managing regulatory compliance in Microsoft Purview Compliance Manager
Icon
Exploring Microsoft Priva
Icon
Summary
Icon
Questions
Icon
Further reading
21
Chapter 17: Managing Insider Risk Solutions in Microsoft 365
Icon
Chapter 17: Managing Insider Risk Solutions in Microsoft 365
Icon
Implementing Customer Lockbox
Icon
Implementing and managing Communication Compliance policies
Icon
Implementing and managing insider risk management policies
Icon
Implementing and managing Information Barriers policies
Icon
Implementing and managing Privileged Access Management
Icon
Summary
Icon
Questions
Icon
Further reading
22
Answers
Icon
Chapter 1
Icon
Chapter 2
Icon
Chapter 3
Icon
Chapter 4
Icon
Chapter 5
Icon
Chapter 6
Icon
Chapter 7
Icon
Chapter 8
Icon
Chapter 9
Icon
Chapter 10
Icon
Chapter 11
Icon
Chapter 12
Icon
Chapter 13
Icon
Chapter 14
Icon
Chapter 15
Icon
Chapter 16
Icon
Chapter 17
23
Index
Icon
Index
Icon
Why subscribe?
24
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Creating and using automation rules to manage responses

Automation rules in Microsoft Sentinel are used to manage and orchestrate responses to threats. They can be set using triggers and actions, such as when an incident is created. In this case, this would be the trigger, and running a playbook in response would be the action. To create an automation rule, complete the following steps:

  1. In Microsoft Sentinel, navigate to Automation | Create | Automation rule. The Create new automation rule panel will open as shown here:

Figure 9.47: Configuring an automation rule

Figure 9.47: Configuring an automation rule

  1. Set a name for your rule and select a trigger action based on incident creation, incident update, or alert creation. Add any required conditions (for more information on this, refer to the Further reading section at the end of this chapter), and then select the action you wish to perform when there is a match. The available actions are as follows:
    • Run playbook
    • Change status...
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Microsoft 365 Security, Compliance, and Identity Administration
End of Section 11
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon