Book Image

Microsoft 365 Security Administration: MS-500 Exam Guide

By : Peter Rising
Book Image

Microsoft 365 Security Administration: MS-500 Exam Guide

By: Peter Rising

Overview of this book

The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments. This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios. By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.

Related Content you might be interested in

Current Title:

Small book image
Microsoft 365 Security Administration: MS-500 Exam Guide
Peter Rising
Jun, 2020 | 672 pages
Small book image
Microsoft 365 Mobility and Security – Exam Guide MS-101
Nate Chamberlain
Nov, 2019 | 312 pages
Small book image
Microsoft Information Protection Administrator SC-400 Certification Guide
Shabaz Darr | Viktor Hedberg
Feb, 2022 | 326 pages
Small book image
Microsoft 365 Administrator MS-102 Exam Guide
Aaron Guilmette
Dec, 2023 | 534 pages
Table of Contents (29 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Configuring and Administering Identity and Access in Microsoft 365
Section 1: Configuring and Administering Identity and Access in Microsoft 365
Free Chapter
2
Chapter 1: Planning for Hybrid Identity
Chapter 1: Planning for Hybrid Identity
Planning your hybrid environment
Synchronization methods with Azure AD Connect
Additional authentication security
Event monitoring and troubleshooting in Azure AD Connect
Summary
Questions
References
3
Chapter 2: Authentication and Security
Chapter 2: Authentication and Security
Implementing Azure AD dynamic group membership
Implementing Azure AD self-service password reset (SSPR)
Implementing and managing Multi-Factor Authentication (MFA)
Managing Azure AD access reviews
Summary
Questions
References
4
Chapter 3: Implementing Conditional Access Policies
Chapter 3: Implementing Conditional Access Policies
Explaining Conditional Access
Enhancing Conditional Access with Intune
Device-based Conditional Access
App-based Conditional Access
Monitoring Conditional Access events
Summary
Questions
References
5
Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
Planning, configuring, and monitoring RBAC
Planning, configuring, and monitoring PIM
Summary
Questions
References
6
Chapter 5: Azure AD Identity Protection
Chapter 5: Azure AD Identity Protection
Understanding Identity Protection
Configuring MFA registration policies
Configuring alert options
Managing and resolving risk events
Summary
Questions
References
7
Section 2: Implementing and Managing Threat Protection
Section 2: Implementing and Managing Threat Protection
8
Chapter 6: Configuring an Advanced Threat Protection Solution
Chapter 6: Configuring an Advanced Threat Protection Solution
Identifying the organizational needs for Azure ATP
Setting up an Azure ATP instance
Managing Azure ATP activities
Summary
Questions
References
9
Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
Technical requirements
Implementing Microsoft Defender ATP
Managing and monitoring Microsoft Defender ATP
Implementing additional Microsoft Defender features
Managing device encryption for your Windows 10 devices
Summary
Questions
References
10
Chapter 8: Message Protection in Office 365
Chapter 8: Message Protection in Office 365
Protecting users and domains with ATP anti-phishing protection and policies
Configuring Office 365 anti-spam protection
Exploring Office 365 ATP Safe Attachments options and policies
Exploring Office 365 ATP Safe Links options, blocked URLs, and policies
Summary
Questions
References
11
Chapter 9: Threat Intelligence and Tracking
Chapter 9: Threat Intelligence and Tracking
Understanding the Office 365 threat management security dashboard
Using Office 365 Threat Explorer and threat trackers
Managing quarantined messages and files
Performing controlled simulated attacks
Summary
Questions
References
12
Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
Planning and configuring Azure Sentinel
Using Azure Sentinel playbooks
Managing and monitoring Azure Sentinel
Summary
Questions
References
13
Section 3: Information Protection in Microsoft 365
Section 3: Information Protection in Microsoft 365
14
Chapter 11: Controlling Secure Access to Information Stored in Office 365
Chapter 11: Controlling Secure Access to Information Stored in Office 365
Understanding privileged access management
Understanding Customer Lockbox
Protecting access to the collaboration components of Office 365
Allowing external user access with B2B sharing
Summary
Questions
References
15
Chapter 12: Azure Information Protection
Chapter 12: Azure Information Protection
Planning and implementing an AIP deployment for your organization
Setting up AIP labels and policies
Using the AIP Scanner to detect and protect on-premises content
Tracking and revoking protected documents
Summary
Questions
References
16
Chapter 13: Data Loss Prevention
Chapter 13: Data Loss Prevention
Planning and implementing DLP
Creating DLP policies and assigning them to Office 365 locations
Managing sensitive information types
DLP reporting and alerting capabilities
Summary
Questions
References
17
Chapter 14: Cloud App Discovery and Security
Chapter 14: Cloud App Discovery and Security
Understanding Cloud App Security
Configuring Cloud App Security
Using the Cloud App Security dashboard, reports, and logs
Summary
Questions
References
18
Section 4: Data Governance and Compliance in Microsoft 365
Section 4: Data Governance and Compliance in Microsoft 365
19
Chapter 15: Security Analytics and Auditing Capabilities
Chapter 15: Security Analytics and Auditing Capabilities
Understanding Desktop Analytics, Windows diagnostics, and Office Telemetry
Configuring Office 365 auditing
Performing an audit log search
Configuring an audit alert policy
Summary
Questions
References
20
Chapter 16: Personal Data Protection in Microsoft 365
Chapter 16: Personal Data Protection in Microsoft 365
Conducting searches for personal data
Using retention labels to protect personal data
Accessing logs and reports to search for and monitor personal data leaks
Summary
Questions
References
21
Chapter 17: Data Governance and Retention
Chapter 17: Data Governance and Retention
Understanding data governance and the retention requirements for your organization
Navigating data governance reports and dashboards
Configuring retention tags, retention policies, and supervision policies
Configuring litigation holds to preserve Office 365 data
Importing data into Office 365 from the Security & Compliance Center
Configuring archiving
Summary
Questions
References
22
Chapter 18: Search and Investigation
Chapter 18: Search and Investigation
Understanding eDiscovery and content search in Microsoft 365
eDiscovery delegated role groups
Creating eDiscovery cases, placing locations on hold, and performing content searches
Exporting content search results
Summary
Questions
References
23
Chapter 19: Data Privacy Compliance
Chapter 19: Data Privacy Compliance
Planning for regulatory compliance in Microsoft 365
Accessing the GDPR dashboards and reports
Completing DSRs
Summary
Questions
References
24
Section 5: Mock Exam and Assessment
Section 5: Mock Exam and Assessment
25
Chapter 20: Mock Exam
Chapter 20: Mock Exam
Case Study
26
Chapter 21: Mock Exam Answers
Chapter 21: Mock Exam Answers
Answers and explanations
27
Chapter 22: Assessments
Chapter 22: Assessments
Chapter 1 – Planning for Hybrid Identity
Chapter 2 – Authentication and Security
Chapter 3 – Implementing Conditional Access Policies
Chapter 4 – Role Assignment and Privileged Identities in Microsoft 365
Chapter 5 – Azure AD Identity Protection
Chapter 6 – Configuring an Advanced Threat Protection Solution
Chapter 7 – Configuring Microsoft Defender ATP to Protect Devices
Chapter 8 – Message Protection in Office 365
Chapter 9 – Threat Intelligence and Tracking
Chapter 10 – Using Azure Sentinel to Monitor Microsoft 365 Security
Chapter 11 – Controlling Secure Access to Information Stored in Office 365
Chapter 12 – Azure Information Protection
Chapter 13 – Data Loss Prevention
Chapter 14 – Cloud App Discovery and Security
Chapter 15 – Security Analytics and Auditing Capabilities
Chapter 16 – Personal Data Protection in Microsoft 365
Chapter 17 – Data Governance and Retention
Chapter 18 – Search and Investigation
Chapter 19 – Data Privacy Compliance
28
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

What this book covers

Chapter 1, Planning for Hybrid Identity, teaches you how to plan your hybrid environment with Azure AD Connect and introduces you to additional authentication security methods.

Chapter 2, Authentication and Security, covers the implementation of Azure AD dynamic groups, Azure AD self-service password reset (SSPR), multi-factor authentication (MFA), and how to perform Azure AD access reviews.

Chapter 3, Implementing Conditional Access Policies, explains the principles of Azure AD Conditional Access, how it integrates with Microsoft Intune, and how Conditional Access may be used with device- and app-based policies.

Chapter 4, Role Assignment and Privileged Identities in Microsoft 365, shows you how Role-Based Access Control (RBAC) is used to assign access to built-in Microsoft 365 roles, and how, with the help of Privileged Identity Management (PIM), you can reduce your permanently assigned admin roles and implement eligibility with just-in-time access.

Chapter 5, Azure AD Identity Protection, introduces the principles of Identity Protection, how to configure user- and sign-in-based risk policies, and how to manage and respond to alerts.

Chapter 6, Configuring an Advanced Threat Protection Solution, explains how to set up and manage an Azure ATP instance.

Chapter 7, Configuring Microsoft Defender ATP to Protect Devices, helps you to understand how to reduce your attack surface by configuring policies for Windows Defender Application Guard, Application Control, Exploit Guard, and Secure Boot. In addition, you will learn how BitLocker device encryption can protect Windows 10 devices.

Chapter 8, Message Protection in Office 365, covers how to protect users and domains with anti-phishing and anti-spam protection, and the application of safe attachments and safe links policies.

Chapter 9, Threat Intelligence and Tracking, shows you how to understand the threat management dashboard and how to use Threat Explorer and Threat Trackers. It also examines how to manage quarantined messages and files and perform controlled, simulated attacks.

Chapter 10, Using Azure Sentinel to monitor Microsoft 365 Security, explains how to understand Azure Sentinel, and how to set it up from the Azure portal, then connect to workspaces, configure playbooks, and connect to both Microsoft native and third-party data sources.

Chapter 11, Controlling Secure Access to Information Stored in Office 365, explains the principles of privileged access management, Customer Lockbox, Azure B2B sharing for guest user access, and how to protect access to the collaboration components of Office 365.

Chapter 12, Azure Information Protection, explains how to plan, set up, and implement AIP labels to classify and protect content in Office 365, how to track and revoke protected content, and how the AIP scanner can autoclassify and protect on-premises SharePoint and file storage content.

Chapter 13, Data Loss Prevention, covers the planning and creation of DLP policies, the use of built-in sensitive information types, the creation of custom sensitive information types, and how to review DLP alerts.

Chapter 14, Cloud App Discovery and Security, demonstrates how Cloud App Security enables you to track your SaaS application usage, configure Cloud App Security with policies, integrate with Conditional Access, and navigate dashboards and logs.

Chapter 15, Security Analytics and Auditing Capabilities, provides an understanding of Desktop Analytics, Windows diagnostics, and Office Telemetry, and shows how to configure Office 365 auditing and complete an audit log search, and how you can configure alerting policies.

Chapter 16, Personal Data Protection in Microsoft 365, explains the process of conducting searches for personal data within Microsoft 365, how to use retention labels to protect personal data, and how to access logs to search for and monitor personal data leaks.

Chapter 17, Data Governance and Retention, teaches you how to understand data governance and retention requirements for your organization, how to configure retention tags and retention policies, supervision policies, and litigation holds to preserve data, how to import data into Office 365 from the Security and Compliance Center, and how to configure online archiving.

Chapter 18, Search and Investigation, teaches you the principles of eDiscovery and how to create and manage eDiscovery cases and content searches in Microsoft 365.

Chapter 19, Data Privacy Compliance, explains the process of planning for regulatory compliance in Microsoft 365, how to access GDPR dashboards and reports, and how to complete data subject requests.

Chapter 20, Mock Exam, includes 25 exam questions that will help to prepare you for the actual test.

Chapter 21, Mock Exam Answers, includes answers and explanations to the exam questions from the previous chapter.

Chapter 22, Assessments, includes answers to all of the practice questions that are provided at the end of each chapter.

Previous Section
Next Section