Book Image

Microsoft 365 Security Administration: MS-500 Exam Guide

By : Peter Rising
Book Image

Microsoft 365 Security Administration: MS-500 Exam Guide

By: Peter Rising

Overview of this book

The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments. This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios. By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.

Related Content you might be interested in

Current Title:

Small book image
Microsoft 365 Security Administration: MS-500 Exam Guide
Peter Rising
Jun, 2020 | 672 pages
Small book image
Microsoft 365 Mobility and Security – Exam Guide MS-101
Nate Chamberlain
Nov, 2019 | 312 pages
Small book image
Microsoft Information Protection Administrator SC-400 Certification Guide
Shabaz Darr | Viktor Hedberg
Feb, 2022 | 326 pages
Small book image
Microsoft 365 Administrator MS-102 Exam Guide
Aaron Guilmette
Dec, 2023 | 534 pages
Table of Contents (29 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Configuring and Administering Identity and Access in Microsoft 365
Section 1: Configuring and Administering Identity and Access in Microsoft 365
Free Chapter
2
Chapter 1: Planning for Hybrid Identity
Chapter 1: Planning for Hybrid Identity
Planning your hybrid environment
Synchronization methods with Azure AD Connect
Additional authentication security
Event monitoring and troubleshooting in Azure AD Connect
Summary
Questions
References
3
Chapter 2: Authentication and Security
Chapter 2: Authentication and Security
Implementing Azure AD dynamic group membership
Implementing Azure AD self-service password reset (SSPR)
Implementing and managing Multi-Factor Authentication (MFA)
Managing Azure AD access reviews
Summary
Questions
References
4
Chapter 3: Implementing Conditional Access Policies
Chapter 3: Implementing Conditional Access Policies
Explaining Conditional Access
Enhancing Conditional Access with Intune
Device-based Conditional Access
App-based Conditional Access
Monitoring Conditional Access events
Summary
Questions
References
5
Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
Planning, configuring, and monitoring RBAC
Planning, configuring, and monitoring PIM
Summary
Questions
References
6
Chapter 5: Azure AD Identity Protection
Chapter 5: Azure AD Identity Protection
Understanding Identity Protection
Configuring MFA registration policies
Configuring alert options
Managing and resolving risk events
Summary
Questions
References
7
Section 2: Implementing and Managing Threat Protection
Section 2: Implementing and Managing Threat Protection
8
Chapter 6: Configuring an Advanced Threat Protection Solution
Chapter 6: Configuring an Advanced Threat Protection Solution
Identifying the organizational needs for Azure ATP
Setting up an Azure ATP instance
Managing Azure ATP activities
Summary
Questions
References
9
Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
Technical requirements
Implementing Microsoft Defender ATP
Managing and monitoring Microsoft Defender ATP
Implementing additional Microsoft Defender features
Managing device encryption for your Windows 10 devices
Summary
Questions
References
10
Chapter 8: Message Protection in Office 365
Chapter 8: Message Protection in Office 365
Protecting users and domains with ATP anti-phishing protection and policies
Configuring Office 365 anti-spam protection
Exploring Office 365 ATP Safe Attachments options and policies
Exploring Office 365 ATP Safe Links options, blocked URLs, and policies
Summary
Questions
References
11
Chapter 9: Threat Intelligence and Tracking
Chapter 9: Threat Intelligence and Tracking
Understanding the Office 365 threat management security dashboard
Using Office 365 Threat Explorer and threat trackers
Managing quarantined messages and files
Performing controlled simulated attacks
Summary
Questions
References
12
Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
Planning and configuring Azure Sentinel
Using Azure Sentinel playbooks
Managing and monitoring Azure Sentinel
Summary
Questions
References
13
Section 3: Information Protection in Microsoft 365
Section 3: Information Protection in Microsoft 365
14
Chapter 11: Controlling Secure Access to Information Stored in Office 365
Chapter 11: Controlling Secure Access to Information Stored in Office 365
Understanding privileged access management
Understanding Customer Lockbox
Protecting access to the collaboration components of Office 365
Allowing external user access with B2B sharing
Summary
Questions
References
15
Chapter 12: Azure Information Protection
Chapter 12: Azure Information Protection
Planning and implementing an AIP deployment for your organization
Setting up AIP labels and policies
Using the AIP Scanner to detect and protect on-premises content
Tracking and revoking protected documents
Summary
Questions
References
16
Chapter 13: Data Loss Prevention
Chapter 13: Data Loss Prevention
Planning and implementing DLP
Creating DLP policies and assigning them to Office 365 locations
Managing sensitive information types
DLP reporting and alerting capabilities
Summary
Questions
References
17
Chapter 14: Cloud App Discovery and Security
Chapter 14: Cloud App Discovery and Security
Understanding Cloud App Security
Configuring Cloud App Security
Using the Cloud App Security dashboard, reports, and logs
Summary
Questions
References
18
Section 4: Data Governance and Compliance in Microsoft 365
Section 4: Data Governance and Compliance in Microsoft 365
19
Chapter 15: Security Analytics and Auditing Capabilities
Chapter 15: Security Analytics and Auditing Capabilities
Understanding Desktop Analytics, Windows diagnostics, and Office Telemetry
Configuring Office 365 auditing
Performing an audit log search
Configuring an audit alert policy
Summary
Questions
References
20
Chapter 16: Personal Data Protection in Microsoft 365
Chapter 16: Personal Data Protection in Microsoft 365
Conducting searches for personal data
Using retention labels to protect personal data
Accessing logs and reports to search for and monitor personal data leaks
Summary
Questions
References
21
Chapter 17: Data Governance and Retention
Chapter 17: Data Governance and Retention
Understanding data governance and the retention requirements for your organization
Navigating data governance reports and dashboards
Configuring retention tags, retention policies, and supervision policies
Configuring litigation holds to preserve Office 365 data
Importing data into Office 365 from the Security & Compliance Center
Configuring archiving
Summary
Questions
References
22
Chapter 18: Search and Investigation
Chapter 18: Search and Investigation
Understanding eDiscovery and content search in Microsoft 365
eDiscovery delegated role groups
Creating eDiscovery cases, placing locations on hold, and performing content searches
Exporting content search results
Summary
Questions
References
23
Chapter 19: Data Privacy Compliance
Chapter 19: Data Privacy Compliance
Planning for regulatory compliance in Microsoft 365
Accessing the GDPR dashboards and reports
Completing DSRs
Summary
Questions
References
24
Section 5: Mock Exam and Assessment
Section 5: Mock Exam and Assessment
25
Chapter 20: Mock Exam
Chapter 20: Mock Exam
Case Study
26
Chapter 21: Mock Exam Answers
Chapter 21: Mock Exam Answers
Answers and explanations
27
Chapter 22: Assessments
Chapter 22: Assessments
Chapter 1 – Planning for Hybrid Identity
Chapter 2 – Authentication and Security
Chapter 3 – Implementing Conditional Access Policies
Chapter 4 – Role Assignment and Privileged Identities in Microsoft 365
Chapter 5 – Azure AD Identity Protection
Chapter 6 – Configuring an Advanced Threat Protection Solution
Chapter 7 – Configuring Microsoft Defender ATP to Protect Devices
Chapter 8 – Message Protection in Office 365
Chapter 9 – Threat Intelligence and Tracking
Chapter 10 – Using Azure Sentinel to Monitor Microsoft 365 Security
Chapter 11 – Controlling Secure Access to Information Stored in Office 365
Chapter 12 – Azure Information Protection
Chapter 13 – Data Loss Prevention
Chapter 14 – Cloud App Discovery and Security
Chapter 15 – Security Analytics and Auditing Capabilities
Chapter 16 – Personal Data Protection in Microsoft 365
Chapter 17 – Data Governance and Retention
Chapter 18 – Search and Investigation
Chapter 19 – Data Privacy Compliance
28
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

To get the most out of this book

In order to get the most from this book, it is highly recommended to create a test Office 365 environment where you can follow along and recreate the steps that are covered in each chapter. You may sign up for an Office 365 E5 trial at https://www.microsoft.com/en-gb/microsoft-365/business/office-365-enterprise-e5-business-software?activetab=pivot:overviewtab and an EM+S E5 trial at https://www.microsoft.com/en-gb/microsoft-365/enterprise-mobility-security?rtc=1.

The preceding trial subscriptions will allow you to recreate the steps covered in the chapters contained in this book. Should you wish to test the process of establishing a hybrid identity, it is recommended that you acquire a trial Azure subscription, which will allow you to create a Windows 2016 VM that you may use to install Azure AD Connect and synchronize to your test Microsoft 365 tenant.

This book also has some example PowerShell commands that can be used instead of, or in preference to, the Microsoft 365 admin centers. Therefore, it is recommended to have a Windows 10 device available to you where you can run PowerShell and practice some of the commands included in the chapters.

A Windows 10 device will also be useful for the purposes of testing how to set up Office 365 test profiles to fully test and deploy features such as Microsoft Intune, Azure AD Conditional Access, multi-factor authentication, Azure Information Protection, and many more of the features described in the book.

A mobile device, such as an iOS or Android device, will also be useful for testing Microsoft Intune in particular.

Previous Section
Next Section