What this book covers

Chapter 1, Planning for Hybrid Identity, teaches you how to plan your hybrid environment with Azure AD Connect and introduces you to additional authentication security methods.

Chapter 2, Authentication and Security, covers the implementation of Azure AD dynamic groups, Azure AD self-service password reset (SSPR), multi-factor authentication (MFA), and managing external identities.

Chapter 3, Implementing Conditional Access Policies, explains the principles of Azure AD Conditional Access, how it integrates with Microsoft Intune, and how Conditional Access may be used with device- and app-based policies.

Chapter 4, Managing Roles and Identity Governance, shows you how, with the help of Privileged Identity Management (PIM), you can reduce your permanently assigned admin roles and implement eligibility with just-in-time access. You will also learn about entitlement management and access reviews.

Chapter 5, Azure AD Identity Protection, introduces the principles of identity protection, how to configure user- and sign-in-based risk policies, and how to manage and respond to alerts.

Chapter 6, Configuring a Microsoft Defender for Identity Solution, explains how to set up and manage a Defender for Identity instance and install sensors on servers.

Chapter 7, Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune, helps you to understand how to reduce your attack surface by configuring policies for Microsoft Defender Application Guard, Application Control, Exploit Guard, and Secure Boot. In addition, you will learn how BitLocker device encryption can protect Windows devices.

Chapter 8, Configuring Microsoft Defender for Office 365, covers how to protect users and domains with anti-phishing and anti-spam protection, and the application of safe attachments and safe links policies. It also covers running simulated attacks and running reports.

Chapter 9, Using Microsoft Sentinel to Monitor Microsoft 365 Security, shows you how to configure and use Microsoft Sentinel to respond to threats with playbooks.

Chapter 10, Configuring Microsoft Defender for Cloud Apps, demonstrates how to track your SaaS application usage, configure file and activity policies, integrate with Conditional Access, and navigate dashboards and logs.

Chapter 11, Managing Sensitive Information, explains how to create sensitive information types; how to plan, set up, and implement sensitivity labels and policies; and how to use content explorer and Activity explorer.

Chapter 12, Managing Microsoft Purview Data Loss Prevention, covers the planning and creation of DLP policies and how to review DLP alerts.

Chapter 13, Managing Microsoft Purview Data Lifecycle Management, teaches you how to understand retention requirements for your organization, how to configure retention labels and retention policies, how to find and recover deleted data, and how to use adaptive scopes.

Chapter 14, Managing and Analyzing Audit Logs and Reports in Microsoft Purview, teaches you how to plan for auditing and reporting, as well as understanding how to use the audit logs and alert policies and configure audit log retention.

Chapter 15, Planning For, Conducting, and Managing eDiscovery Cases, shows you how to identify and understand the different versions of eDiscovery, the roles needed to run cases, and how to manage cases.

Chapter 16, Managing Regulatory and Privacy Requirements, explains how to manage regulatory compliance in Microsoft Purview, as well as implementing privacy risk management and subject rights requests.

Chapter 17, Managing Insider Risk Solutions in Microsoft 365, teaches you the principles of privileged access management, Customer Lockbox, Insider risk management policies, and Communication Compliance policies. It also goes over Information Barriers segments and policies.

To get the most out of this book

To get the most out of this book, it is highly recommended to create a test or practice Microsoft 365 environment, where you can follow along and recreate the steps that are covered in each chapter. Unfortunately, trial licenses for Microsoft 365 E5 are not available. The best option for working along with this book is to sign up for an Office 365 E5 trial at https://www.microsoft.com/en-gb/microsoft-365/business/office-365-enterprise-e5-business-software?activetab=pivot:overviewtab and an EM+S E5 trial at https://www.microsoft.com/en-us/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing. These trial subscriptions will allow you to recreate most of the steps covered in the chapters contained in this book. Should you wish to test the process of establishing a hybrid identity, it is recommended that you acquire a trial Azure subscription, which will allow you to create a Windows virtual server that you may use to install Azure AD Connect and synchronize to your test Microsoft 365 tenant.

This book also has some sample PowerShell commands that can be used instead of the Microsoft 365 admin centers. Therefore, it is recommended to have a Windows 10/11 device available to you where you can run PowerShell and practice some of the commands included in the chapters.

A Windows 10/11 device will also be useful for the purposes of testing how to set up Microsoft 365 test profiles to fully test and deploy features such as Microsoft Intune, Azure AD Conditional Access, MFA, Information Protection, and many more of the features described in the book. A mobile device, such as an iOS or Android device, will also be useful for testing Microsoft Intune in particular.

If you are using the digital version of this book, we advise you to type the code yourself or access the code from the book’s GitHub repository (a link is available in the next section). Doing so will help you avoid any potential errors related to the copying and pasting of code.