Book Image

Microsoft 365 Security Administration: MS-500 Exam Guide

By : Peter Rising
Book Image

Microsoft 365 Security Administration: MS-500 Exam Guide

By: Peter Rising

Overview of this book

The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments. This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios. By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.
Table of Contents (29 chapters)
1
Section 1: Configuring and Administering Identity and Access in Microsoft 365
7
Section 2: Implementing and Managing Threat Protection
13
Section 3: Information Protection in Microsoft 365
18
Section 4: Data Governance and Compliance in Microsoft 365
24
Section 5: Mock Exam and Assessment
25
Chapter 20: Mock Exam
26
Chapter 21: Mock Exam Answers

Chapter 12: Azure Information Protection

With data governance (DG) becoming more and more important, Microsoft 365 administrators need to consider how to identify and classify all of the data stored in their organization and take steps to protect against any sort of data loss, whether it be accidental or malicious.

Microsoft provides Azure Information Protection (AIP) to respond to these requirements. AIP enables the use of labels and policies to allow your users to classify and protect the data they are working with. This includes documents and emails. When you protect an email or document, encryption is applied, ensuring that the email or document may only be accessed by those who have permission. An example of AIP would be to apply a Do not forward label to an email, meaning that the recipient of that email is unable to forward the email to other parties who are not authorized to look at that content.

In this chapter, we will introduce the features of AIP. You will learn...