Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Microsoft 365 Security, Compliance, and Identity Administration
  • Table Of Contents Toc
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

By : Rising
4.9 (16)
Buy this Book
close
close
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

4.9 (16)
By: Rising
Buy this Book

Overview of this book

The Microsoft 365 Security, Compliance, and Identity Administration is designed to help you manage, implement, and monitor security and compliance solutions for Microsoft 365 environments. With this book, you’ll first configure, administer identity and access within Microsoft 365. You’ll learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, you’ll discover how RBAC and Azure AD Identity Protection can be used to detect risks and secure information in your organization. You’ll also explore concepts such as Microsoft Defender for endpoint and identity, along with threat intelligence. As you progress, you’ll uncover additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention (DLP), and Microsoft Defender for Cloud Apps. By the end of this book, you’ll be well-equipped to manage and implement security measures within your Microsoft 365 suite successfully.
Table of Contents (25 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
1
Part 1: Implementing and Managing Identity and Access
Icon
Part 1: Implementing and Managing Identity and Access
Lock Free Chapter
2
Chapter 1: Planning for Hybrid Identity
chevron up
Icon
Chapter 1: Planning for Hybrid Identity
Icon
Planning your hybrid environment
Icon
Authentication methods in Azure AD
Icon
Synchronization methods with Azure AD Connect
Icon
Azure AD Connect cloud sync
Icon
Event monitoring and troubleshooting in Azure AD Connect
Icon
Summary
Icon
Questions
Icon
Further reading
3
Chapter 2: Authentication and Security
Icon
Chapter 2: Authentication and Security
Icon
Implementing Azure AD dynamic group membership
Icon
Implementing password management
Icon
Implementing and managing external identities
Icon
Implementing and managing MFA
Icon
Planning and implementing device authentication methods
Icon
Summary
Icon
Questions
Icon
Further reading
4
Chapter 3: Implementing Conditional Access Policies
Icon
Chapter 3: Implementing Conditional Access Policies
Icon
Explaining Conditional Access
Icon
Conditional Access and Microsoft Intune
Icon
Introducing the types of Conditional Access
Icon
Monitoring Conditional Access events
Icon
Summary
Icon
Questions
Icon
Further reading
5
Chapter 4: Managing Roles and Identity Governance
Icon
Chapter 4: Managing Roles and Identity Governance
Icon
Planning and configuring PIM
Icon
Planning and configuring entitlement management
Icon
Planning and configuring access reviews
Icon
Summary
Icon
Questions
Icon
Further reading
6
Chapter 5: Azure AD Identity Protection
Icon
Chapter 5: Azure AD Identity Protection
Icon
Understanding Identity Protection
Icon
Protecting users with risk and registration policies
Icon
Configuring alert options
Icon
Managing and resolving risk events
Icon
Summary
Icon
Questions
Icon
Further reading
7
Part 2: Implementing and Managing Threat Protection
Icon
Part 2: Implementing and Managing Threat Protection
8
Chapter 6: Configuring a Microsoft Defender for Identity Solution
Icon
Chapter 6: Configuring a Microsoft Defender for Identity Solution
Icon
Identifying the organizational need for MDI
Icon
Understanding the MDI architecture
Icon
Setting up MDI
Icon
Managing and monitoring MDI
Icon
Summary
Icon
Questions
Icon
Further reading
9
Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune
Icon
Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune
Icon
Planning and implementing MDE
Icon
Managing and monitoring MDE
Icon
Implementing Microsoft Defender Application Guard, Application Control, and exploit protection
Icon
Encrypting your Windows devices using BitLocker
Icon
Implementing application protection policies
Icon
Summary
Icon
Questions
Icon
Further reading
10
Chapter 8: Configuring Microsoft Defender for Office 365
Icon
Chapter 8: Configuring Microsoft Defender for Office 365
Icon
Protecting users and domains with anti-phishing protection and policies
Icon
Configuring Safe Attachments options and policies
Icon
Configuring Safe Links options, blocked URLs, and policies
Icon
Monitoring and remediating with Microsoft Defender for Office 365 reports
Icon
Running simulated attacks with Microsoft Defender for Office 365
Icon
Further attack simulation configuration options
Icon
Summary
Icon
Questions
Icon
Further reading
11
Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security
Icon
Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security
Icon
Planning and configuring Microsoft Sentinel
Icon
Configuring playbooks in Microsoft Sentinel
Icon
Creating and using automation rules to manage responses
Icon
Managing and monitoring your Microsoft Sentinel instance
Icon
Summary
Icon
Questions
Icon
Further reading
12
Chapter 10: Configuring Microsoft Defender for Cloud Apps
Icon
Chapter 10: Configuring Microsoft Defender for Cloud Apps
Icon
Planning your MDA implementation
Icon
Configuring MDA
Icon
Managing Cloud App Discovery
Icon
Managing the MDA catalog
Icon
Managing apps and app connectors in MDA
Icon
Configuring policies and templates
Icon
Using Conditional Access App Control with MDA
Icon
Reviewing and interpreting alerts, reports, and dashboards
Icon
Summary
Icon
Questions
Icon
Further reading
13
Part 3: Implementing and Managing Information Protection
Icon
Part 3: Implementing and Managing Information Protection
14
Chapter 11: Managing Sensitive Information
Icon
Chapter 11: Managing Sensitive Information
Icon
Planning a sensitivity label solution for your organization
Icon
Creating and managing SITs
Icon
Setting up sensitivity labels and policies
Icon
Configuring and using Activity explorer
Icon
Using sensitivity labels with Teams, SharePoint, OneDrive, and Office apps
Icon
Summary
Icon
Questions
Icon
Further reading
15
Chapter 12: Managing Microsoft Purview Data Loss Prevention
Icon
Chapter 12: Managing Microsoft Purview Data Loss Prevention
Icon
Planning and implementing DLP
Icon
Managing DLP policies for Microsoft 365 workloads
Icon
DLP reporting and alerting capabilities
Icon
Implementing Endpoint DLP
Icon
Summary
Icon
Questions
Icon
Further reading
16
Chapter 13: Managing Microsoft Purview Data Lifecycle Management
Icon
Chapter 13: Managing Microsoft Purview Data Lifecycle Management
Icon
Planning for data lifecycle management
Icon
Analyzing reports and dashboards
Icon
Configuring retention labels and policies
Icon
Creating a retention policy
Icon
Planning and implementing adaptive scopes
Icon
Finding and recovering deleted Microsoft 365 data
Icon
Summary
Icon
Questions
Icon
Further reading
17
Part 4: Managing Compliance Features in Microsoft 365
Icon
Part 4: Managing Compliance Features in Microsoft 365
18
Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview
Icon
Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview
Icon
Planning for auditing and reporting
Icon
Investigating compliance activities by using audit logs
Icon
Reviewing and interpreting compliance reports and dashboards
Icon
Configuring alert policies
Icon
Configuring audit log retention policies
Icon
Summary
Icon
Questions
Icon
Further reading
19
Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases
Icon
Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases
Icon
Recommending eDiscovery (Standard) or eDiscovery (Premium)
Icon
Planning for content searches and eDiscovery
Icon
Delegating the required permissions to use search and discovery tools
Icon
Creating eDiscovery cases
Icon
Managing eDiscovery cases
Icon
Summary
Icon
Questions
Icon
Further reading
20
Chapter 16: Managing Regulatory and Privacy Requirements
Icon
Chapter 16: Managing Regulatory and Privacy Requirements
Icon
Planning your regulatory compliance journey in Microsoft 365
Icon
Managing regulatory compliance in Microsoft Purview Compliance Manager
Icon
Exploring Microsoft Priva
Icon
Summary
Icon
Questions
Icon
Further reading
21
Chapter 17: Managing Insider Risk Solutions in Microsoft 365
Icon
Chapter 17: Managing Insider Risk Solutions in Microsoft 365
Icon
Implementing Customer Lockbox
Icon
Implementing and managing Communication Compliance policies
Icon
Implementing and managing insider risk management policies
Icon
Implementing and managing Information Barriers policies
Icon
Implementing and managing Privileged Access Management
Icon
Summary
Icon
Questions
Icon
Further reading
22
Answers
Icon
Chapter 1
Icon
Chapter 2
Icon
Chapter 3
Icon
Chapter 4
Icon
Chapter 5
Icon
Chapter 6
Icon
Chapter 7
Icon
Chapter 8
Icon
Chapter 9
Icon
Chapter 10
Icon
Chapter 11
Icon
Chapter 12
Icon
Chapter 13
Icon
Chapter 14
Icon
Chapter 15
Icon
Chapter 16
Icon
Chapter 17
23
Index
Icon
Index
Icon
Why subscribe?
24
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Event monitoring and troubleshooting in Azure AD Connect

Now that you have your hybrid identity method configured, it should all run smoothly. However, occasionally, you may still encounter some problems. This is where the ability to assess and troubleshoot Azure AD Connect with tools from the Microsoft 365 portal can assist administrators in quickly identifying and resolving issues. Administrators will be able to perform the following tasks as part of troubleshooting in Azure AD Connect:

  1. Review and interpret synchronization errors by accessing the Microsoft 365 admin center via https://admin.microsoft.com and examining the Azure AD Connect directory sync status. Here, you will see an overview of all directory synchronization errors. A common example may be a duplicate proxy address or UPNs causing conflicts and preventing an object from syncing. The following screenshot shows the Azure AD Connect tile in the admin center. Any issues with synchronization will be shown here by using red circles for critical warnings or yellow triangles for lesser warnings. A green circle means all is OK and healthy:

Figure 1.16: Azure AD Connect sync status

Figure 1.16: Azure AD Connect sync status

The preceding figure shows a sync status of only 37 minutes ago, which results in a yellow warning. Figure 1.17 shows more serious red warnings when sync has not completed for 3 days:

Figure 1.17: Azure AD Connect status

Figure 1.17: Azure AD Connect status

  1. If you scroll down further, you will see additional details about your Directory sync status, as shown in the following screenshot. One of the tools you can download from here is IdFix. You can run this tool from any domain-joined workstation in your environment. It provides detailed information on synchronization issues and guidelines on how to resolve them:

Figure 1.18: Directory sync status

Figure 1.18: Directory sync status

  1. Receive and act on email notifications relating to an unhealthy identity synchronization. These email alerts are configured by default to alert only the technical contact defined in your Microsoft 365 tenant under the organization profile. The technical contact will continue receiving these emails until the issue is resolved.
  2. Check Synchronization Service Manager on the Azure AD Connect server to confirm that the operations required for successful synchronization have been completed. If any errors occur, they will be displayed here with explanations for why the operation failed:

Figure 1.19: Synchronization Service Manager

Figure 1.19: Synchronization Service Manager

  1. Directory synchronization occurs every 30 minutes by default. However, you can generate a synchronization on demand by opening the Connectors tab and manually starting the process, as shown in the following screenshot:
Figure 1.20: Synchronization Service Manager

Figure 1.20: Synchronization Service Manager

  1. Click on Actions and select Run:

Figure 1.21: Connector actions

Figure 1.21: Connector actions

  1. You will be able to run the desired connectors from here, as shown:

Figure 1.22: Connector options

Figure 1.22: Connector options

  1. It is also possible, and far simpler, to run a manual synchronization process using PowerShell from your AD Connect server with the following commands:
    • To initiate a full synchronization:
      Start-ADSyncSyncCycle -PolicyType Initial
    • To initiate a delta synchronization
      Start-ADSyncSyncCycle -PolicyType Delta

In this section, we examined event monitoring and troubleshooting techniques in Azure AD Connect. We learned how to review, interpret, and respond to synchronization errors in the Office 365 portal and by checking the Synchronization Service Manager tool. We also explored how you can manually trigger the synchronization process from the Synchronization Service Manager tool and by using PowerShell.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Microsoft 365 Security, Compliance, and Identity Administration
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon