Book Image

Microsoft 365 Mobility and Security – Exam Guide MS-101

By : Nate Chamberlain
Book Image

Microsoft 365 Mobility and Security – Exam Guide MS-101

By: Nate Chamberlain

Overview of this book

Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you’ll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers. You’ll start by implementing mobile device management (MDM) and handling device compliance. You’ll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you’ll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you’ll cover best practices for configuring settings across your tenant to ensure compliance and security. By the end of this book, you’ll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.
Table of Contents (22 chapters)
Free Chapter
1
Section 1: Modern Device Services
6
Section 2: Microsoft 365 Security Threat Management
11
Section 3: Microsoft 365 Governance Compliance
17
Section 4: Mock Exams
18
Mock Exam 1
19
Mock Exam 2

Summary

In this chapter, we reviewed the possibilities for capturing and monitoring audit logs for Microsoft 365 apps and services.

We configured retention by starting data collection as an administrator with at least the Audit Logs role. We then had to enable audit log activity tracking for SharePoint sites and Exchange mailboxes separately.

We learned most of our auditing is enabled by default, and that E3 licenses give us 90 days' logging, and E5 licenses give us 365 days' worth.

We looked at the unified audit log and found that we have lots of flexibility in searching for, and filtering to, specific content across our tenant and that we can create alert policies for specific activities that appear.

We learned that Azure AD also has sign-in activity and audit logs available.

In the next and final chapter before the mock exams and assessment, we'll learn about...