• Hotline: (+84) 939 586 168

    Microsoft 365 Security Administration

    Overview

    In this course you will learn how to secure user access to your organization’s resources. The course covers user password protection, multi-factor authentication, how to enable Azure Identity Protection, how to setup and use Azure AD Connect, and introduces you to conditional access in Microsoft 365. You will learn about threat protection technologies that help protect your Microsoft 365 environment. Specifically, you will learn about threat vectors and Microsoft’s security solutions to mitigate threats. You will learn about Secure Score, Exchange Online protection, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, and threat management. In the course you will learn about information protection technologies that help secure your Microsoft 365 environment. The course discusses information rights managed content, message encryption, as well as labels, policies and rules that support data loss prevention and information protection. Lastly, you will learn about archiving and retention in Microsoft 365 as well as data governance and how to conduct content searches and investigations. This course covers data retention policies and tags, in-place records management for SharePoint, email retention, and how to conduct content searches that support eDiscovery investigations.

    Duration

    04 days

    Objectives

    -  Administer user and group access in Microsoft 365.

    -  Explain and manage Azure Identity Protection.

    -  Plan and implement Azure AD Connect.

    -  Manage synchronized user identities.

    -  Explain and use conditional access.

    -   Describe cyber-attack threat vectors.

    -   Explain security solutions for Microsoft 365.

    -   Use Microsoft Secure Score to evaluate and improve your security posture.

    -   Configure various advanced threat protection services for Microsoft 365.

    -   Plan for and deploy secure mobile devices.

    -   Implement information rights management.

    -   Secure messages in Office 365.

    -   Configure Data Loss Prevention policies.

    -   Deploy and manage Cloud App Security.

    -   Implement Windows information protection for devices.

    -   Plan and deploy a data archiving and retention system.

    -   Create and manage an eDiscovery investigation.

    -   Manage GDPR data subject requests.

    -   Explain and use sensitivity labels.

    Intended Audience

    The Microsoft 365 Security administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and to ensures that the solutions comply with the policies and regulations of the organization. This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance. The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and hybrid environments. This role has strong skills and experience with identity protection, information protection, threat protection, security management and data governance.

    Job role: Administrator

    Preparation for exam: MS-500

    Features: none

    Prerequisites
    Learners should start this course already having the following skills:
    • Basic conceptual understanding of Microsoft Azure.
    • Experience with Windows 10 devices.
    • Experience with Office 365.
    • Basic understanding of authorization and authentication.
    • Basic understanding of computer networks.
    • Working knowledge of managing mobile devices
    Course Outline

    Module 1: User and Group Management

    This module explains how to manage user accounts and groups in Microsoft 365. It introduces you to the Zero Trust concept as well as authentication. The module sets the foundation for the remainder of the course.

    Lessons

    • Identity and Access Management concepts
    • The Zero Trust model
    • Plan your identity and authentication solution
    • User accounts and roles
    • Password Management

    Lab: Initialize your tenant - users and groups

    • Set up your Microsoft 365 tenant
    • Manage users and groups

    Lab: Password management

    • Configure Self-service password reset (SSPR) for user accounts in Azure AD
    • Deploy Azure AD Smart Lockout
    After completing this module, students will be able to:
    • Create and manage user accounts.
    • Describe and use Microsoft 365 admin roles.
    • Plan for password policies and authentication.
    • Describe the concepts of Zero Trust security.
    • Explain the Zero Trust model.

    Module 2: Identity Synchronization and Protection

    This module explains concepts related to synchronizing identities for Microsoft 365. Specifically, it focuses on Azure AD Connect and managing directory synchronization to ensure the right people are connecting to your Microsoft 365 system

    Lessons

    • Plan directory synchronization
    • Configure and manage synchronized identities
    • Azure AD Identity Protection

    Lab: Implement Identity Synchronization

    • Set up your organization for identity synchronization
    After completing this module, students will be able to:
    • Explain directory synchronization.
    • Plan directory synchronization.
    • Describe and use Azure AD Connect.
    • Configure Azure AD Connect Prerequisites.
    • Manage users and groups with directory synchronization.
    • Describe Active Directory federation.
    • Enable Azure Identity Protection

    Module 3:  Identity and Access Management

    This module explains conditional access for Microsoft 365 and how it can be used to control access to resources in your organization. The module also explains Role Based Access Control (RBAC) and solutions for external access. We discuss identity governance as a concept and its components

    Lessons

    • Application Management
    • Identity Governance
    • Manage device access
    • Role Based Access Control (RBAC)
    • Solutions for external access
    • Privileged Identity Management

    Lab: Use Conditional Access to enable MFA

    • MFA Authentication Pilot (require MFA for specific apps)
    • MFA Conditional Access (complete an MFA roll out)

    Lab: Configure Privileged Identity Management

    • Manage Azure resources
    • Assign directory roles
    • Activate and deactivate PIM roles
    • Directory roles
    • PIM resource workflows
    • View audit history for Azure AD roles in PIM
    After completing this module, students will be able to:
    • Describe the concept of conditional access.
    • Describe and use conditional access policies.
    • Plan for device compliance.
    • Configure conditional users and groups.
    • Configure role based access control
    • Describe the concepts of identity governance
    • Configure and use Privileged Identity Management

    Module 4: Security in Microsoft 365

    This module explains the various cyber-attack threats that exist. It then introduces you to the Microsoft solutions used to mitigate those threats. The module finishes with an explanation of Microsoft Secure Score and how it can be used to evaluate and report your organizations security posture.

    Lessons

    • Threat vectors and data breaches
    • Security strategy and principles
    • Microsoft security solutions
    • Secure Score

    Lab: Use Microsoft Secure Score

    • Improve your secure score in the Microsoft 365 Security Center
    After completing this module, students will be able to:
    • Describe several techniques attackers use to compromise user accounts through email.
    • Describe techniques attackers use to gain control over resources.
    • List the types of threats that can be avoided by using EOP and Microsoft Defender for Office 365.
    • Describe the benefits of Secure Score and what kind of services can be analyzed.
    • Describe how to use Secure Score to identify gaps in your current Microsoft 365 security posture.

    Module 5: Threat Protection

    This module explains the various threat protection technologies and services available for Microsoft 365. The module covers message protection through Exchange Online Protection, Microsoft Defender for Identity and Microsoft Defender for Endpoint.

    Lessons

    • Exchange Online Protection (EOP)
    • Microsoft Defender for Office 365
    • Manage Safe Attachments
    • Manage Safe Links
    • Microsoft Defender for Identity
    • Microsoft Defender for Endpoint

    Lab: Manage Microsoft 365 Security Services

    • Implement Microsoft Defender Policies
    After completing this module, students will be able to:
    • Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection.
    • Describe how Safe Attachments is used to block zero-day malware in email attachments and documents.
    • Describe how Safe Links protect users from malicious URLs embedded in email and documents that point
    • Configure Microsoft Defender for Identity.
    • Configure Microsoft Defender for Endpoint.

    Module 6: Threat Management

    This module explains Microsoft Threat Management which provides you with the tools to evaluate and address cyber threats and formulate responses. You will learn how to use the Security dashboard and Azure Sentinel for Microsoft 365.

    Lessons

    • Security dashboard
    • Threat investigation and response
    • Azure Sentinel
    • Advanced Threat Analytics

    Lab: Using Attack Simulator

    • Conduct a simulated Spear phishing attack
    • Conduct simulated password attacks
    After completing this module, students will be able to:
    • Describe how Threat Explorer can be used to investigate threats and help to protect your tenant.
    • Describe how the Security Dashboard gives C-level executives insight into top risks and trends.
    • Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it.
    • Configure Advanced Threat Analytics.
    • Use the attack simulator in Microsoft 365.
    • Describe how Azure Sentinel can used for Microsoft 365

    Module 7: Microsoft Cloud Application Security

    This module focuses on cloud application security in Microsoft 365. The module will explain cloud discovery, app connectors, policies, and alerts. You will learn how these features work to secure you cloud applications.

    Lessons

    • Deploy Cloud Application Security
    • Use cloud application security information
    After completing this module, students will be able to:
    • Describe Cloud App Security.
    • Explain how to deploy Cloud App Security.
    • Control your Cloud Apps with Policies.
    • Use the Cloud App Catalog.
    • Use the Cloud Discovery dashboard.
    • Manage cloud app permissions.

    Module 8: Mobility

    This module focuses on securing mobile devices and applications. You will learn about Mobile Device Management and how it works with Microsoft Intune. You will also learn about how Intune and Azure AD can be used to secure mobile applications.

    Lessons

    • Mobile Application Management (MAM)
    • Mobile Device Management (MDM)
    • Deploy mobile device services
    • Enroll devices to Mobile Device Management

    Lab: Device Management

    • Enable Device Management
    • Configure Azure AD for Intune
    • Create compliance and conditional access policies
    After completing this module, students will be able to:
    • Describe mobile application considerations.
    • Manage devices with MDM.
    • Configure Domains for MDM.
    • Manage Device Security Policies.
    • Enroll devices to MDM.
    • Configure a Device Enrollment Manager Role.

    Module 9: Information Protection and Governance

    This module focuses on data loss prevention in Microsoft 365. You will learn about how to create policies, edit rules, and customize user notifications to protect your data.

    Lessons

    • Information protection concepts
    • Governance and Records Management
    • Sensitivity labels
    • Archiving in Microsoft 365
    • Retention in Microsoft 365
    • Retention policies in the Microsoft 365 Compliance Center
    • Archiving and retention in Exchange
    • In-place records management in SharePoint

    Lab: Archiving and Retention

    • Initialize compliance
    • Configure retention tags and policies
    After completing this module, students will be able to:
    • Configure sensitivity labels.
    • Configure archiving and retention in Microsoft 365.
    • Plan and configure Records Management

    Module 10: Rights Management and Encryption

    This module explains information rights management in Exchange and SharePoint. The module also describes encryption technologies used to secure messages

    Lessons

    • Information Rights Management (IRM)
    • Secure Multipurpose Internet Mail Extension (S-MIME)
    • Office 365 Message Encryption

    Lab: Configure Office 365 Message Encryption

    • Configure Office 365 Message Encryption
    • Validate Information Rights Management
    After completing this module, students will be able to:
    • Describe the various Microsoft 365 Encryption Options.
    • Describe the use of S/MIME.
    • Describe and enable Office 365 Message Encryption.

    Module 11: Data Loss Prevention

    This module focuses on data loss prevention in Microsoft 365. You will learn about how to create policies, edit rules, and customize user notifications to protect your data.

    Lessons

    • Data loss prevention fundamentals
    • Create a DLP policy
    • Customize a DLP policy
    • Create a DLP policy to protect documents
    • Policy tips

    Lab: Implement Data Loss Prevention policies

    • Manage DLP Policies
    • Test MRM and DLP Policies
    After completing this module, students will be able to:
    • Describe Data Loss Prevention (DLP).
    • Use policy templates to implement DLP policies for commonly used information.
    • Configure the correct rules for protecting content.
    • Describe how to modify existing rules of DLP policies.
    • Configure the user override option to a DLP rule.
    • Explain how SharePoint Online creates crawled properties from documents.

    Module 12: Compliance Management

    This module explains the Compliance center in Microsoft 365. It discusses the components of compliance score

    Lessons

    • Compliance center
    After completing this module, students will be able to:
    • Describe how to use compliance score to make organizational decisions.
    • Describe how assessments are used to determine compliance score.

    Module 13: Insider Risk Management

    This module focuses on insider risk related functionality within Microsoft 365. It covers not only Insider Risk Management in the compliance center but also information barriers and privileged access management as well.

    Lessons

    • Insider Risk
    • Privileged Access
    • Information barriers
    • Building ethical walls in Exchange Online

    Lab: Privileged Access Management

    • Set up privileged access management and process a request
    After completing this module, students will be able to:
    • Explain and configure Insider Risk Management in Microsoft 365.
    • Configure and approve privileged access requests for global administrators.
    • Configure and use information barriers to conform to organizational regulations.
    • Build ethical walls in Exchange Online
    • Configure Customer Lockbox

    Module 14: Discover and Respond

    This module focuses on content search and investigations. The module covers how to use eDiscovery to conduct advanced investigations of Microsoft 365 data. It also covers audit logs and discusses GDPR data subject requests.

    Lessons

    • Content Search
    • Audit Log Investigations
    • Advanced eDiscovery

    Lab: Manage Search and Investigation

    • Investigate your Microsoft 365 Data
    • Conduct a Data Subject Request
    After completing this module, students will be able to:
    • Conduct content searches in Microsoft 365
    • Perform and audit log investigation.
    • Configure Microsoft 365 for audit logging.
    • Use Advanced eDiscovery

           Create and manage user accounts.

           Describe and use Microsoft 365 admin roles.

           Plan for password policies and authentication.

           Describe the concepts of Zero Trust security.

    Explain the Zero Trust model.

    Microsoft 365 Mobility and Security

    I. Overview

    This course covers three central elements of Microsoft 365 enterprise administration – Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security management, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats. You will be introduced to the Microsoft Secure Score, as well as to Azure Active Directory Identity Protection. You will then learn how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. Finally, you will be introduced to the various reports that monitor your security health. You will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches.

    With your Microsoft 365 security components now firmly in place, you will examine the key components of Microsoft 365 compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP). You will then delve deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center.

    Now that you understand the key aspects of data governance, you will examine how to implement them, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips. You will then focus on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection. You will conclude this section by learning how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.

    The course concludes with an in-depth examination of Microsoft 365 device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management. At this point, you will transition from planning to implementing device management; specifically, your Windows 10 deployment strategy. This includes learning how to implement Windows Autopilot, Windows Analytics, and Mobile Device Management (MDM). When examining MDM, you will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.

    II. Duration

    05 days

    III. Objectives

    -   Microsoft 365 Security Metrics

    -   Microsoft 365 Security Services

    -   Microsoft 365 Threat Intelligence

    -   Data Governance in Microsoft 365

    -   Archiving and Retention in Office 365

    -   Data Governance in Microsoft 365 Intelligence

    -   Search and Investigations

    -   Device Management

    -   Windows 10 Deployment Strategies

    -   Mobile Device Management

    IV. Intended Audience

    This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 role-based administrator certification paths.

    Job role: Administrator

    Preparation for exam: MS-101

    Features: none

    V. Prerequisites

    -   Completed a role-based administrator course such as Messaging, Teamwork, Security and Compliance, or Collaboration.

    -   A proficient understanding of DNS and basic functional experience with Microsoft 365 services.

    -   A proficient understanding of general IT practices.

    VI. Course Outline

    Module 1: Introduction to Microsoft 365 Security Metrics

    In this module, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365's security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Active Directory Identity Protection.

    Lessons

    • Threat Vectors and Data Breaches
    • The Zero Trust Model
    • Security Solutions in Microsoft 365
    • Introduction to Microsoft Secure Score
    • Privileged Identity Management
    • Introduction to Azure Active Directory Identity Protection

    Lab: Tenant Setup and PIM

    • Initialize your Microsoft 365 Tenant
    • PIM Resource Workflows
    After completing this module, students will be able to:
    • Describe several techniques hackers use to compromise user accounts through email
    • Describe techniques hackers use to gain control over resources
    • Describe techniques hackers use to compromise data
    • Describe the Zero Trust approach to security in Microsoft 365.
    • Describe the components of Zero Trust security.
    • Describe and five steps to implementing a Zero Trust model in your organization.
    • Explain Zero Trust networking
    • List the types of threats that can be avoided by using EOP and Office 365 ATP
    • Describe how Microsoft 365 Threat Intelligence can be benefit your organization
    • Monitor your organization through auditing and alerts
    • Describe how ASM enhances visibility and control over your tenant through three core areas
    • Describe the benefits of Secure Score and what kind of services can be analyzed
    • Describe how to collect data using the Secure Score API
    • Know where to identify actions that will increase your security by mitigating risks
    • Explain how to determine the threats each action will mitigate and the impact it has on use
    • Explain Privileged Identity Management (PIM) in Azure administration
    • Configure PIM for use in your organization
    • Audit PIM roles
    • Explain Microsoft Identity Manager
    • Explain Privileged Access Management in Microsoft 365
    • Describe Azure Identity Protection and what kind of identities can be protected
    • Understand how to enable Azure Identity Protection
    • Know how to identify vulnerabilities and risk events
    • Plan your investigation in protecting cloud-based identities
    • Plan how to protect your Azure Active Directory environment from security breaches

    Module 2: Managing Your Microsoft 365 Security Services

    This module examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. You will be introduced to the various reports that monitor your security health.

    Lessons

    • Introduction to Exchange Online Protection
    • Introduction to Advanced Threat Protection
    • Managing Safe Attachments
    • Managing Safe Links
    • Monitoring and Reports

    Lab: Manage Microsoft 365 Security Services

    • Implement a Safe Attachments policy
    • Implement a Safe Links policy
    After completing this module, students will be able to:
    • Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection
    • List several mechanisms used to filter spam and malware
    • Describe additional solutions to protect against phishing and spoofing
    • Describe the benefits of the Spoof Intelligence feature
    • Describe how Safe Attachments is used to block zero-day malware in email attachments and documents
    • Describe how Safe Links protect users from malicious URLs embedded in email and documents
    • Create and modify a Safe Attachments policy in the Security & Compliance Center
    • Create a Safe Attachments policy by using Windows PowerShell
    • Configure a Safe Attachments policy to take certain actions
    • Understand how a transport rule can be used to disable the Safe Attachments functionality
    • Describe the end-user experience when an email attachment is scanned and found to be malicious
    • Create and modify a Safe Links policy in the Security & Compliance Center
    • Create a Safe Links policy by using Windows PowerShell
    • Understand how a transport rule can be used to disable the Safe Links functionality
    • Describe the end-user experience when Safe Links identifies a link to a malicious website or file
    • Describe how reports provide visibility into how EOP and ATP is protecting your organization
    • Understand where to access reports generated by EOP and ATP
    • Understand how to access detailed information from reports generated by EOP and ATP

    Module 3:  Microsoft 365 Threat Intelligence

    In this module, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches.

    Lessons

    • Overview of Microsoft 365 Threat Intelligence
    • Using the Security Dashboard
    • Configuring Advanced Threat Analytics
    • Implementing Your Cloud Application Security

    Lab: Implement Threat Intelligence

    • Conduct a Spear Phishing attack using the Attack Simulator
    • Conduct Password attacks using the Attack Simulator
    • Prepare for Alert Policies
    • Implement a Mailbox Permission Alert
    • Implement a SharePoint Permission Alert
    • Test the Default eDiscovery Alert
    After completing this module, students will be able to:
    • Understand how threat intelligence is powered by the Microsoft Intelligent Security Graph
    • Describe how the threat dashboard can benefit C-level security officers
    • Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
    • Describe how the Security Dashboard displays top risks, global trends, and protection quality
    • Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it
    • Configure Advanced Threat Analytics
    • Manage the ATA services
    • Describe Cloud App Security
    • Explain how to deploy Cloud App Security
    • Control your Cloud Apps with Policies
    • Troubleshoot Cloud App Security

    Module 4: Introduction to Data Governance in Microsoft 365

    This module examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP)

    Lessons

    • Introduction to Archiving in Microsoft 365
    • Introduction to Retention in Microsoft 365
    • Introduction to Information Rights Management
    • Introduction to Secure Multipurpose Internet Mail Extension
    • Introduction to Office 365 Message Encryption
    • Introduction to Data Loss Prevention

    Lab: Implement Message Encryption and IRM

    • Configure Microsoft 365 Message Encryption
    • Validate Information Rights Management
    After completing this module, students will be able to:
    • Understand Data Governance in Microsoft 365
    • Describe the difference between In-Place Archive and Records Management
    • Explain how data is archived in Exchange
    • Recognize the benefits of In Place Records Management in SharePoint
    • Explain the difference between Message Records Management (MRM) in Exchange and Retention in SCC.
    • Understand how MRM works in Exchange
    • List the types of retention tags that can be applied to mailboxes
    • Know the different Microsoft 365 Encryption Options
    • Understand how IRM can be used in Exchange
    • Configure IRM protection for Exchange mails
    • Explain how IRM can be used in SharePoint
    • Apply IRM protection to SharePoint documents
    • Tell the differences between IRM protection and AIP classification
    • Describe the use of S/MIME
    • Explain what digital signatures are
    • Apply a digital signature to a message
    • Understand how message encryption works
    • Perform encryption on a message
    • Accomplish decryption of a message
    • Understand the co-operation of signing and encryption simultaneously
    • Tell what triple-wrapped messages are
    • Describe when you can use Office 365 Message Encryption
    • Explain how Office 365 Message Encryption works
    • Describe Data Loss Prevention (DLP)
    • Understand what sensitive information and search patterns are that DLP is using
    • Know what a DLP policy is and what it contains
    • Recognize how actions and conditions work together for DLP
    • Express how actions contain functions to send emails on matches
    • Show policy tips to the users if a DLP rule applies
    • Use policy templates to implement DLP policies for commonly used information
    • Explain document finger
    • Understand how to use DLP to protect documents in Windows Server FCI

    Module 5: Archiving and Retention in Microsoft 365

    This module delves deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center.

    Lessons

    • In-Place Records Management in SharePoint
    • Archiving and Retention in Exchange
    • Retention Policies in the SCC

    Lab: Implement Archiving and Retention

    • Initialize Compliance
    • Configure Retention Tags and Policies
    After completing this module, students will be able to:
    • Understand the process of records management
    • Create a file plan for your organization
    • Describe two methods for converting active docs to records
    • Describe the benefits of In-Place Records Management
    • Configure of In-Place Records Management for your organization
    • Enable and disable In-Place Archiving
    • Create useful retention tags
    • Create retention policies to group retention tags
    • Assign retention policies to mailboxes
    • Allocate permissions and scripts to export and import retention tags
    • Export all retention policies and tags from an organization
    • Import all retention policies and tags to an organization
    • Explain how a retention policy works
    • Create a retention policy
    • Manage retention policy settings

    Module 6: Implementing Data Governance in Microsoft 365 Intelligence

    This module examines how to implement the key aspects of data governance, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.

    Lessons

    • Evaluating Your Compliance Readiness
    • Implementing Compliance Center Solutions
    • Building Ethical Walls in Exchange Online
    • Creating a Simple DLP Policy from a Built-in Template
    • Creating a Custom DLP Policy
    • Creating a DLP Policy to Protect Documents
    • Working with Policy Tips

    Lab: Implement DLP Policies

    • Manage DLP Policies
    • Test MRM and DLP Policies
    After completing this module, students will be able to:
    • Describe the Microsoft 365 Compliance Center and how to access it
    • Describe the purpose and function of Compliance score
    • Explain the components of of how an organization's Compliance score is determined
    • Explain how assessments are used to formulate compliance scores
    • Explain how Microsoft 365 helps address Global Data Protection Regulation
    • Describe insider risk management functionality in Microsoft 365
    • Configure insider risk management policies
    • Configure insider risk management policies
    • Explain the communication compliance capabilities in Microsoft 365
    • Describe what an ethical wall in Exchange is and how it works
    • Explain how to create an ethical wall in Exchange
    • Identify best practices for building and working with ethical walls in Exchange
    • Understand the different built-in templates for a DLP policies
    • Determine how to choose the correct locations for a DLP policy
    • Configure the correct rules for protecting content
    • Enable and review the DLP policy correctly
    • Describe how to modify existing rules of DLP policies
    • Explain how to add and modify custom conditions and action to a DLP rule
    • Describe how to change user notifications and policy tips
    • Configure the user override option to a DLP rule
    • Explain how incident reports are sent by a DLP rule violation
    • Describe how to work with managed properties for DLP policies
    • Explain how SharePoint Online creates crawled properties from documents
    • Describe how to create a managed property from a crawled property in SharePoint Online
    • Explain how to create a DLP policy with rules that apply to managed properties via PowerShell
    • Describe the user experience when a user creates an email or site containing sensitive information
    • Explain the behavior in Office apps when a user enters sensitive information

    Module 7: Managing Data Governance in Microsoft 365

    This module focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection.

    Lessons

    • Managing Retention in Email
    • Troubleshooting Data Governance
    • Implementing Azure Information Protection
    • Implementing Advanced Features of AIP
    • Implementing Windows Information Protection

    Lab: Implement AIP and WIP

    • Implement Azure Information Protection
    • Implement Windows Information Protection
    After completing this module, students will be able to:
    • Determine when and how to use retention tags in mailboxes
    • Assign retention policy to an email folder
    • Add optional retention policies to email messages and folders
    • Remove a retention policy from an email message
    • Explain how the retention age of elements is calculated
    • Repair retention policies that do not run as expected
    • Understand how to systematically troubleshoot when a retention policy appears to fail
    • Perform policy tests in test mode with policy tips
    • Describe how to monitor DLP policies through message tracking
    • Describe the required planning steps to use AIP in your company
    • Configure and customize labels
    • Create policies to publish labels
    • Plan a Deployment of the Azure Information Protection client
    • Configure the advance AIP service settings for Rights Management Services (RMS) templates
    • Implement automatic and recommended labeling
    • Activate the Super User feature for administrative tasks
    • Create your tenant key for encryption
    • Deploy the AIP scanner for on-premises labeling
    • Plan RMS connector deployment to connect on-premises servers
    • Describe WIP and what it is used for
    • Plan a deployment of WIP policies
    • Implement WIP policies with Intune and SCCM
    • Implement WIP policies in Windows desktop apps

    Module 8: Managing Search and Investigations

    This module conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.

    Lessons

    • Searching for Content in the Security and Compliance Center
    • Auditing Log Investigations
    • Managing Advanced eDiscovery

    Lab: Manage Search and Investigations

    • Implement a Data Subject Request
    • Investigate Your Microsoft 365 Data
    After completing this module, students will be able to:
    • Describe how to use content search
    • Design your content search
    • Configure search permission filtering
    • Explain how to search for third-party data
    • Describe when to use scripts for advanced searches
    • Describe what the audit log is and the permissions that are necessary to search the Office 365 audit
    • Configure Audit Policies
    • Enter criteria for searching the audit log
    • View, sort, and filter search results
    • Export search results to a CSV file
    • Search the unified audit log by using Windows PowerShell
    • Describe Advanced eDiscovery
    • Configure permissions for users in Advanced eDiscovery
    • Create Cases in Advanced eDiscovery
    • Search and prepare data for Advanced eDiscovery

    Module 9: Planning for Device Management

    This module provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.

    Lessons

    • Introduction to Co-management
    • Preparing Your Windows 10 Devices for Co-management
    • Transitioning from Configuration Manager to Intune
    • Introduction to Microsoft Store for Business
    • Planning for Mobile Application Management

    Lab: Implement the Microsoft Store for Business

    • Configure the Microsoft Store for Business
    • Manage the Microsoft Store for Business
    After completing this module, students will be able to:
    • Describe the benefits of Co-management
    • Plan your organization's Co-management Strategy
    • Describe the main features of Configuration Manager
    • Describe how Azure Active Directory enables co-management
    • Identify the prerequisites for using Co-management
    • Configure Configuration Manager for Co-management
    • Enroll Windows 10 Devices to Intune
    • Modify your co-management settings
    • Transfer workloads to Intune
    • Monitor your co-management solution
    • Check compliance for co-managed devices
    • Describe the feature and benefits of the Microsoft Store for Business
    • Configure the Microsoft Store for Business
    • Manage settings for the Microsoft Store for Business

    Module 10: Planning Your Windows 10 Deployment Strategy

    This module focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Windows Analytics, and planning your Windows 10 subscription activation service

    Lessons

    • Windows 10 Deployment Scenarios
    • Implementing and Managing Windows Autopilot
    • Planning Your Windows 10 Subscription Activation Strategy
    • Resolving Windows 10 Upgrade Errors
    • Introduction to Windows Analytics
    After completing this module, students will be able to:
    • Plan for Windows as a Service
    • Plan a Modern Deployment
    • Plan a Dynamic Deployment
    • Plan a Traditional Deployment
    • Describe Windows Autopilot requirements
    • Configure Autopilot
    • Create and Assign an Autopilot profile
    • Deploy and validate Autopilot
    • Describe Autopilot Self-deployments, White Glove deployments, and User-drive deployments
    • Deploy BitLocker Encryption for Autopiloted Devices
    • Understand Windows 10 Enterprise E3 in CSP
    • Configure VDA for Subscription Activation
    • Deploy Windows 10 Enterprise licenses
    • Describe common fixes for Windows 10 upgrade errors
    • Use SetupDiag
    • Troubleshooting upgrade errors
    • Describe Windows error reporting
    • Understand the upgrade error codes and resolution procedure
    • Describe Windows Analytics
    • Describe Device Health
    • Describe Update Compliance
    • Determine Upgrade Readiness

    Module 11: Implementing Mobile Device Management

    This module focuses on Mobile Device Management (MDM). You will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance

    Lessons

    • Planning Mobile Device Management
    • Deploying Mobile Device Management
    • Enrolling Devices to MDM
    • Managing Device Compliance

    Lab: Manage Devices with Intune

    • Enable Device Management
    • Configure Azure AD for Intune
    • Create Intune Policies
    • Enroll a Windows 10 Device
    • Manage and Monitor a Device in Intune
    After completing this module, students will be able to:
    • Manage devices with MDM
    • Compare MDM for Office 365 and Intune
    • Understand policy settings for mobile devices
    • Control Email and Document Access
    • Activate Mobile Device Management Services
    • Deploy Mobile Device Management
    • Configure Domains for MDM
    • Configure an APNs Certificate for iOS devices
    • Manage Device Security Policies
    • Define a Corporate Device Enrollment Policy
    • Enroll devices to MDM
    • Understand the Apple Device Enrollment Program
    • Understand Enrollment Rules
    • Configure a Device Enrollment Manager Role
    • Describe Multi-factor Authentication considerations
    • Plan for device compliance
    • Configure conditional users and groups
    • Create Conditional Access policies
    • Monitor enrolled devices

    Microsoft 365 Identity Management

    Overview

    Learn about Microsoft 365 Identity Management, including how to manage user security groups and licenses for cloud identities, and how to plan and implement identity synchronization, federated identities, applications, and external access.

    Duration

    02 days

    Objectives

    -  Manage user accounts and licenses in Microsoft 365

    -  Manage admin roles and security groups in Microsoft 365

    -  Plan and implement password management

    -  Manage Microsoft 365 authentication and provisioning options

    -  Plan for directory synchronization

    -  Plan and implement Azure AD Connect

    -  Manage synchronized identities

    -  Plan and implement an ADFS deployment

    -  Implement applications in Azure AD

    -  Configure Azure AD Application Proxy

    -  Design solutions for external access

    -  Manage their Microsoft 365 tenant health and services

    Intended Audience

    This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 role-based administrator certification paths.

    Job role: Administrator

    Preparation for exam: MS-100

    Features: none

    Prerequisites

    -  Completed a role-based administrator course, such as Messaging, Teamwork, Security and Compliance, or Collaboration.

    -  A proficient understanding of DNS and basic functional experience with Microsoft 365 services.

    -  A proficient understanding of general IT practices.

    Course Outline

    Module 1: Manage User Security Groups and Licenses for Cloud Identities

    Lessons

    • User Accounts and Licenses in Microsoft 365
    • Admin Roles and Security Groups in Microsoft 365
    • Password Management in Microsoft 365

    Lab: Managing your Microsoft 365 Identity environment

    • Exercise 1: Setting up your lab environment
    • Exercise 2: Managing your Microsoft 365 identity environment using the Microsoft 365 admin center
    • Exercise 3: Managing your Microsoft 365 identity environment using Windows PowerShell

    Module 2: Plan and Implement Identity Synchronization

    Lessons

    • Introduction to Identity Synchronization
    • Planning for Azure AD Connect
    • Implementing Azure AD Connect
    • Managing Synchronized Identities

    Lab: Implementing Identity Synchronization

    • Exercise 1: Setting up your organization for identity synchronization
    • Exercise 2: Implement Identity Synchronization

    Module 3:  Implementing Applications and External Access

    Lessons

    • Introduction to Federated Identities
    • Planning an AD FS Deployment
    • Implementing AD FS

    Module 4: Implementing Applications and External Access

    Lessons

    • Implementing Applications in Azure AD
    • Configuring Azure AD Application Proxy
    • Designing Solutions for External Access

    Managing Microsoft Teams

    Overview

    The Managing Microsoft Teams course is designed for persons who are aspiring to the Microsoft 365 Teams Admin role. Microsoft Teams admins configure, deploy, and manage Office 365 workloads for Microsoft Teams that focus on efficient and effective collaboration and communication in an enterprise environment. This course covers six central elements - Microsoft Teams overview, implementing governance, security and compliance for Microsoft Teams, preparing the environment for a Microsoft Teams deployment, deploying and managing teams, managing collaboration and managing communication in Microsoft Teams. In Microsoft Teams overview, you will get an overview of Microsoft Teams including Teams architecture and related Office 365 workloads. You will be provided an overview of security and compliance in Microsoft Teams and finally get an overview of how to manage Microsoft Teams. In implementing governance, security and compliance for Microsoft Teams, you will plan and configure governance for Office 365 groups including expiration and naming policies. Then you will implement security by configuring conditional access, MFA or Threat Management for Microsoft Teams. Finally, you will implement compliance for Teams by using DLP policies, eDiscovery cases or supervision policies. In preparing the environment for a Microsoft Teams deployment, you plan an upgrade from Skype for Business to Microsoft Teams by evaluating upgrade paths with coexistence and upgrade modes, manage meeting migrations and configuring coexistence and upgrade settings. Then you plan and configure network settings for Microsoft Teams, and finally you will deploy and manage Microsoft Teams endpoints. In deploying and managing teams, you will learn how to create and manage teams, manage membership and access for both, internal and external users. In managing collaboration in Microsoft Teams, you will manage chat and collaboration experiences such as team settings or private channel creation policies. Finally, you will manage settings for Teams apps such as app setup policies, Apps, bots & connectors in Microsoft Teams or publish a custom app in Microsoft Teams. This course concludes with managing communication in Microsoft Teams. You will learn how to manage Live event and meetings experiences, manage phone numbers or Phone System for Microsoft Teams and finally how to troubleshoot audio, video, and client issues.

    Duration

    04 days

    Objectives

    -  What is Microsoft Teams and how the components work together

    -  How to implement Governance, Security and Compliance for Microsoft Teams

    -  How to prepare an organizations environment for a Microsoft Teams deployment

    -  How to deploy and manage teams

    -  Ways of managing collaboration in Microsoft Teams

    -  Techniques to manage and troubleshoot communication in Microsoft Teams

    Intended Audience

    Students in this course are interested in Microsoft Teams or in passing the Microsoft Teams Administrator Associate certification exam.

    Job roleAdministrator

    Preparation for exam: MS-700

    Features: none

    Prerequisites

    -  A proficient understanding of basic functional experience with Microsoft 365 services.

    -  A proficient understanding of general IT practices, including using PowerShell.

    Course Outline

    Module 1: Microsoft Teams Overview

    In Microsoft Teams overview, you will get an overview of Microsoft Teams including Teams architecture and related Office 365 workloads. You will be provided an overview of security and compliance in Microsoft Teams and finally get an overview of how to manage Microsoft Teams.

    Lessons

    • Overview of Microsoft Teams
    • Overview of security and compliance in Microsoft Teams
    • Overview of managing Microsoft Teams

    Lab: Manage roles and create teams

    • Prepare team roles and licenses
    • Create new team

    Module 2: Implement Microsoft Teams Governance, Security and Compliance

    In implementing governance, security and compliance for Microsoft Teams, you will plan and configure governance for Office 365 groups including expiration and naming policies. Then you will implement security by configuring conditional access, MFA or Threat Management for Microsoft Teams. Finally, you will implement compliance for Teams by using DLP policies, eDiscovery cases or supervision policies.

    Lessons

    • Implement Governance and Lifecycle Management for Microsoft Teams
    • Implementing Security for Microsoft Teams
    • Implementing Compliance for Microsoft Teams

    Lab: Configure Security and Compliance for teams and content

    • Implement Governance and Lifecycle Management for Microsoft Teams
    • Implementing security for Microsoft Teams
    • Implementing compliance for Microsoft Teams

    Module 3:  Prepare the environment for a Microsoft Teams deployment

    In preparing the environment for a Microsoft Teams deployment, you plan an upgrade from Skype for Business to Microsoft Teams by evaluating upgrade paths with coexistence and upgrade modes, manage meeting migrations and configuring coexistence and upgrade settings. Then you plan and configure network settings for Microsoft Teams, and finally you will deploy and manage Microsoft Teams endpoints.

    Lessons

    • Upgrade from Skype for Business to Microsoft Teams
    • Plan and configure network settings for Microsoft Teams
    • Deploy and Manage Microsoft Teams endpoints

    Lab: Environment preparation for Teams

    • Calculate networking capabilities
    • Evaluate configuration profiles
    • Provide team resources

    Module 4: Deploy and manage teams

    In deploying and managing teams, you will learn how to create and manage teams, manage membership and access for both, internal and external users.

    Lessons

    • Create and manage teams
    • Manage membership
    • Manage access for external users

    Lab: Manage teams

    • Manage team resources
    • Manage sharing and access

    Module 5: Manage collaboration in Microsoft Teams

    In managing collaboration in Microsoft Teams, you will manage chat and collaboration experiences such as team settings or private channel creation policies. Finally, you will manage settings for Teams apps such as app setup policies, Apps, bots & connectors in Microsoft Teams or publish a custom app in Microsoft Teams.

    Lessons

    • Manage chat and collaboration experiences
    • Manage settings for Teams apps

    Lab: Modify collaboration settings for Teams

    • Configure channel and message policies
    • Manage app settings for team

    Module 6: Manage communication in Microsoft Teams

    This course concludes with managing communication in Microsoft Teams. You will learn how to manage Live event and meetings experiences, manage phone numbers or Phone System for Microsoft Teams and finally how to troubleshoot audio, video, and client issues.

    Lessons

    • Manage Live event and meetings experiences
    • Manage phone numbers
    • Manage Phone System for Microsoft Teams
    • Troubleshot audio, video, and client issues

    Lab: Modify communication settings for Teams

    • Configure meeting policies
    • Manage Phone System for Microsoft Teams
    • Troubleshooting audio, video and client issues