Course Introduction
Planning for Device Compliance
Planning for Attack Surface Reduction
Configuring Security Baselines
Course Review
The course is part of these learning paths
See 3 moreThis course explores the suite of tools available in Microsoft Endpoint Manager for establishing and maintaining security posture in an organization. These include tools like Microsoft Intune, used for enrolling devices as well as creating and enforcing device compliance, and Microsoft Defender, used for implementing device antivirus and malware defense tools. This course will also review the activities involved in reducing attack surfaces in an organization that bad actors could use to penetrate and expose sensitive data. This sensitive data is protected through the implementation of attack surface reduction rules which are deployed through careful auditing and testing to prevent any loss of productivity. This course will also touch on the security baselines made available to organizations wishing to enact a more granular security posture and have access to tools like secure score for evaluating the effectiveness of these efforts against known best practices.
Learning Objectives
- Create a compliance policy
- Monitor enrolled devices
- Setup surface attack reduction rules
- Deploy surface attack reduction rules
- Review security baselines
- Examine Microsoft secure score
Intended Audience
This course is designed for individuals who are responsible for setting up and monitoring device compliance and security in Microsoft 365 as well as those pursuing Microsoft certifications.
Prerequisites
To get the most from this course, you should have some familiarity and experience with the Microsoft 365 security suite of tools including Microsoft Endpoint Manager.
Exploring Security Solutions in Microsoft 365. Microsoft 365 provides a host of security solutions that can help protect our organization against cyber threats, detect when a user or computer has been compromised, and monitor our organization for suspicious activities. These features include Exchange Online Protection, Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection), Microsoft 365 Threat Intelligence, Auditing and Alerts, and Advanced Security Management.
Microsoft Exchange Online Protection provides email protection against spoofing attacks, phishing attacks, spam, and malware through a combination of techniques including: IP and URL reputation, domain reputation, spam filtering, malware filtering, content filtering, and connection filtering. To enhance email security against zero-day attacks, we can extend Exchange Online Protection with Microsoft Defender for Office 365. This includes a collection of features designed to combat advanced targeted threats such as zero-day malware attacks, certain types of phishing campaigns, and malicious URLs embedded in email and documents. These features include safe attachments, safe links, spoof intelligence, quarantine and anti-phishing.
Microsoft 365 Threat Intelligence is a cloud-based service that provide organizations broad visibility into the threat landscape and delivers actionable insights as well as enables proactive cyber-defense. Its reports, alerts, and recommendations help us make data driven decisions on cybersecurity requirements. It easily integrates with other security solutions and allows us to track and respond to serious threats in real time in one place. It also stores high value data, ensures business continuity, reduces risk, proactively detects advanced attacks before they reach the organization, and allows us to gain insights from our security posture.
Microsoft Cloud App Security provides insights into suspicious activity in Microsoft 365. This information gives our organization enhanced visibility and control over our Microsoft 365 tenant and includes threat detection to identify high risk and abnormal usage, enhanced control to monitor activities by providing granular controls and policies, and discovery and insights which enable us to see which apps are being used and whether they are approved.
Steve is an experienced Solutions Architect with over 10 years of experience serving customers in the data and data engineering space. He has a proven track record of delivering solutions across a broad range of business areas that increase overall satisfaction and retention. He has worked across many industries, both public and private, and found many ways to drive the use of data and business intelligence tools to achieve business objectives. He is a persuasive communicator, presenter, and quite effective at building productive working relationships across all levels in the organization based on collegiality, transparency, and trust.