In this course you will learn how to secure user access to your organization’s resources. The course covers user password protection, multi-factor authentication, how to enable Azure Identity Protection, how to setup and use Azure AD Connect, and introduces you to conditional access in Microsoft 365. You will learn about threat protection technologies that help protect your Microsoft 365 environment. Specifically, you will learn about threat vectors and Microsoft’s security solutions to mitigate threats. You will learn about Secure Score, Exchange Online protection, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, and threat management. In the course you will learn about information protection technologies that help secure your Microsoft 365 environment. The course discusses information rights managed content, message encryption, as well as labels, policies and rules that support data loss prevention and information protection. Lastly, you will learn about archiving and retention in Microsoft 365 as well as data governance and how to conduct content searches and investigations. This course covers data retention policies and tags, in-place records management for SharePoint, email retention, and how to conduct content searches that support eDiscovery investigations.
The Microsoft 365 Security administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and to ensures that the solutions comply with the policies and regulations of the organization. This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance. The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and hybrid environments. This role has strong skills and experience with identity protection, information protection, threat protection, security management and data governance.
- Basic conceptual understanding of Microsoft Azure.
- Experience with Windows 10 devices.
- Experience with Office 365.
- Basic understanding of authorization and authentication.
- Basic understanding of computer networks.
- Working knowledge of managing mobile devices.
- Administer user and group access in Microsoft 365.
- Explain and manage Azure Identity Protection.
- Plan and implement Azure AD Connect.
- Manage synchronized user identities.
- Explain and use conditional access.
- Describe cyber-attack threat vectors.
- Explain security solutions for Microsoft 365.
- Use Microsoft Secure Score to evaluate and improve your security posture.
- Configure various advanced threat protection services for Microsoft 365.
- Plan for and deploy secure mobile devices.
- Implement information rights management.
- Secure messages in Office 365.
- Configure Data Loss Prevention policies.
- Deploy and manage Cloud App Security.
- Implement Windows information protection for devices.
- Plan and deploy a data archiving and retention system.
- Create and manage an eDiscovery investigation.
- Manage GDPR data subject requests.
- Explain and use sensitivity labels.
- Identity and Access Management concepts
- The Zero Trust model
- Plan your identity and authentication solution
- User accounts and roles
- Password Management
- Set up your Microsoft 365 tenant
- Manage users and groups
- Configure Self-service password reset (SSPR) for user accounts in Azure AD
- Deploy Azure AD Smart Lockout
- Create and manage user accounts.
- Describe and use Microsoft 365 admin roles.
- Plan for password policies and authentication.
- Describe the concepts of Zero Trust security.
- Explain the Zero Trust model.
- Plan directory synchronization
- Configure and manage synchronized identities
- Azure AD Identity Protection
- Set up your organization for identity synchronization
- Explain directory synchronization.
- Plan directory synchronization.
- Describe and use Azure AD Connect.
- Configure Azure AD Connect Prerequisites.
- Manage users and groups with directory synchronization.
- Describe Active Directory federation.
- Enable Azure Identity Protection
- Application Management
- Identity Governance
- Manage device access
- Role Based Access Control (RBAC)
- Solutions for external access
- Privileged Identity Management
- MFA Authentication Pilot (require MFA for specific apps)
- MFA Conditional Access (complete an MFA roll out)
- Manage Azure resources
- Assign directory roles
- Activate and deactivate PIM roles
- Directory roles
- PIM resource workflows
- View audit history for Azure AD roles in PIM
- Describe the concept of conditional access.
- Describe and use conditional access policies.
- Plan for device compliance.
- Configure conditional users and groups.
- Configure role based access control
- Describe the concepts of identity governance
- Configure and use Privileged Identity Management
- Threat vectors and data breaches
- Security strategy and principles
- Microsoft security solutions
- Secure Score
- Improve your secure score in the Microsoft 365 Security Center
- Describe several techniques attackers use to compromise user accounts through email.
- Describe techniques attackers use to gain control over resources.
- List the types of threats that can be avoided by using EOP and Microsoft Defender for Office 365.
- Describe the benefits of Secure Score and what kind of services can be analyzed.
- Describe how to use Secure Score to identify gaps in your current Microsoft 365 security posture.
- Exchange Online Protection (EOP)
- Microsoft Defender for Office 365
- Manage Safe Attachments
- Manage Safe Links
- Microsoft Defender for Identity
- Microsoft Defender for Endpoint
- Implement Microsoft Defender Policies
- Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection.
- Describe how Safe Attachments is used to block zero-day malware in email attachments and documents.
- Describe how Safe Links protect users from malicious URLs embedded in email and documents that point
- Configure Microsoft Defender for Identity.
- Configure Microsoft Defender for Endpoint.
- Security dashboard
- Threat investigation and response
- Azure Sentinel
- Advanced Threat Analytics
- Conduct a simulated Spear phishing attack
- Conduct simulated password attacks
- Describe how Threat Explorer can be used to investigate threats and help to protect your tenant.
- Describe how the Security Dashboard gives C-level executives insight into top risks and trends.
- Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it.
- Configure Advanced Threat Analytics.
- Use the attack simulator in Microsoft 365.
- Describe how Azure Sentinel can used for Microsoft 365.
- Deploy Cloud Application Security
- Use cloud application security information
- Describe Cloud App Security.
- Explain how to deploy Cloud App Security.
- Control your Cloud Apps with Policies.
- Use the Cloud App Catalog.
- Use the Cloud Discovery dashboard.
- Manage cloud app permissions.
- Mobile Application Management (MAM)
- Mobile Device Management (MDM)
- Deploy mobile device services
- Enroll devices to Mobile Device Management
- Enable Device Management
- Configure Azure AD for Intune
- Create compliance and conditional access policies
- Describe mobile application considerations.
- Manage devices with MDM.
- Configure Domains for MDM.
- Manage Device Security Policies.
- Enroll devices to MDM.
- Configure a Device Enrollment Manager Role.
- Information protection concepts
- Governance and Records Management
- Sensitivity labels
- Archiving in Microsoft 365
- Retention in Microsoft 365
- Retention policies in the Microsoft 365 Compliance Center
- Archiving and retention in Exchange
- In-place records management in SharePoint
- Initialize compliance
- Configure retention tags and policies
- Configure sensitivity labels.
- Configure archiving and retention in Microsoft 365.
- Plan and configure Records Management
- Information Rights Management (IRM)
- Secure Multipurpose Internet Mai
- l Extension (S-MIME)
- Office 365 Message Encryption
- Configure Office 365 Message Encryption
- Validate Information Rights Management
- Describe the various Microsoft 365 Encryption Options.
- Describe the use of S/MIME.
- Describe and enable Office 365 Message Encryption.
- Data loss prevention fundamentals
- Create a DLP policy
- Customize a DLP policy
- Create a DLP policy to protect documents
- Policy tips
- Manage DLP Policies
- Test MRM and DLP Policies
- Describe Data Loss Prevention (DLP).
- Use policy templates to implement DLP policies for commonly used information.
- Configure the correct rules for protecting content.
- Describe how to modify existing rules of DLP policies.
- Configure the user override option to a DLP rule.
- Explain how SharePoint Online creates crawled properties from documents.
- Compliance center
- Describe how to use compliance score to make organizational decisions.
- Describe how assessments are used to determine compliance score.
- Insider Risk
- Privileged Access
- Information barriers
- Building ethical walls in Exchange Online
- Set up privileged access management and process a request
- Explain and configure Insider Risk Management in Microsoft 365.
- Configure and approve privileged access requests for global administrators.
- Configure and use information barriers to conform to organizational regulations.
- Build ethical walls in Exchange Online
- Configure Customer Lockbox
- Content Search
- Audit Log Investigations
- Advanced eDiscovery
- Investigate your Microsoft 365 Data
- Conduct a Data Subject Request
- Conduct content searches in Microsoft 365
- Perform and audit log investigation.
- Configure Microsoft 365 for audit logging.
- Use Advanced eDiscovery
Please note that whilst this course is aligned to the equivalent Microsoft Exam it may not contain all information required to pass the exam. As per Microsoft guidance, further self study and hands on experience is recommended in addition to attendance of this course.
Microsoft 365 learning pathways
Frequently asked questionsSee all of our FAQs
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
Learn more about our Virtual Classrooms.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
Learn more about QA’s online courses.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.