Special Notices

Please note: for Attend from Anywhere customers an additional screen is required. The additional screen must have a minimum screen size of 19 inch and minimum resolution of 1280x1024, with the vertical resolution (1024) being the most critical.

NB: Due to the dynamic nature of Microsoft Office 365 functionality the exact list of compliance features addressed in this course is subject to change.

This course is one of the unique Office 365 QA authored Mastering courses. Others within the curriculum for Office 365 are:

This is a detailed 5-day course with hands on labs. The course covers how to implement Governance Security and in Office 365. Within the course there is specific reference to GDPR*, however this course is appropriate to anyone interested in any aspect of Office 365 Governance Security and Compliance. This course covers Office 365 features pertaining to various Office 365 subscriptions: Business, E3, E5.

  • Discover— Identification, retrieval and classification of personal data.
  • Govern— Importing, processing, retention and disposal of personal data.
  • Protection — Control authentication, authorization and access control of personal data including Encryption and Data Loss Prevention
  • Report — Execute data requests, report data breaches, and proactively maintain required documentation.

*Please note this is not a GDPR course - this is course on implementing Security Governace and Compliance features within Office 365 irrespective of the compliance framework. Reference will be made to GDPR within the course for context but the course is overall agnostic to any specific compliance framework

Target Audience

  • Technical Business Decision Makers
  • Office 365 IT Professionals
  • Anyone who has a business interest in how to Implement Governance Security and Compliance for their organisation in Office 365

Practical Labs

During the course students will create their own Office 365 and have labs which populate their environment with data then implement the features learnt through the course (note due to latency of Microsoft services some labs can take several hours or more to complete) Labs are written so students can choose which labs they want to complete

An understanding of Office 365 core technologies and an interest in the business benefits of the Microsoft Office 365 Platform from a Governance Security and Compliance perspective.

Module 1 – Introducing Compliance Standards and Microsoft Commitments

  • Introduction
  • Data Breaches
  • Data Breach Statistics
  • Common Compliance Standards
  • ISO/IEC 27001:2013
  • National Institute of Standards and Technology (NIST)
  • General Data Protection Regulation (GDPR)
  • Core Principles of GDPR
  • Frequently Asked Questions About GDPR
  • The Key Changes Under GDPR
  • Microsoft’s Commitment to Compliance
  • Contractual Commitments
  • Microsoft Compliance Portals and Tools
  • The Microsoft Service Trust Portal
  • Compliance Manager
  • The Security & Compliance Center
  • New Security and Compliance Admin Centers
  • Microsoft 365 Security Center
  • Microsoft 365 Compliance Center
  • GDPR Activity Hub
  • Accessing the Security & Compliance Center
  • Security and Compliance Center Powershell
  • Office 365 Admin Roles
  • Security & Compliance Center Security
  • Microsoft’s Compliance Model
  • Office 365 Overview
  • Office 365 is Dynamic
  • Office 365 Subscription Plans
  • Compliance in Other Microsoft Cloud Services

Lab 1.1 Getting Set up - Creating a trial 365 Tenancy and Sample Users

Optional:

Lab 1.2 Using Chrome Profiles
Lab 1.3 Get over 6 Months Office 365 trial for free


Module 2 Introducing Office 365 Search Concepts

  • GDPR articles relevant to discovery of information
  • Office 365 Search Tools and Engines
  • Sharepoint Online Search
  • Discovery benefits of using Sharepoint to store content
  • Columns and Content Types
  • Sharepoint Online Managed Metadata
  • Metadata and eDiscovery
  • Sharepoint Online Search Customization
  • Microsoft Graph and Microsoft Delve
  • Delve Search, Security Trimming and Hiding
  • Hiding content from Delve
  • Azure Cognitive Search
  • Microsoft Search – AKA BingforBusiness

Lab 2.1 Content Types
Lab 2.2 Content Types Search (Optional)


Module 3 Office 365 Content Search

  • Office 365 Content Search
  • Content Search Security
  • Running a Content Search via GUI and Powershell
  • Preview Content Search Results
  • Search Statistics
  • Using a CSV file to “Search by ID List” (aka Targeted Content Search)
  • Unindexed Items in Content Searches

Lab 3.1 Office 365 Content Search

Module 4 Office 365 eDiscovery

  • Office 365 eDiscovery Tasks
  • Office 365 eDiscovery Cases
  • Assign eDiscovery Permissions
  • Create and Run Content Searches
  • Exporting Content Search Reports and Results
  • Office 365 eDiscovery Holds
  • Recoverable Items folder and Preservation Hold Libraries
  • Office 365 eDiscovery Powershell

Lab 4.1 eDiscovery

Module 5 Office 365 Advanced eDiscovery

  • Advanced eDiscovery workflow
  • Creating an Advanced eDiscovery Case
  • Identification - Data Custodians
  • Communications
  • Advanced eDiscovery Communication tool
  • Required and Optional Notifications
  • Preservation - Advanced eDiscovery Holds
  • Advanced eDiscovery Case Searches
  • Review Sets
  • Viewing Data in a Review Set
  • Review Set Filters and Queries
  • Review Sets - Tagging Content
  • Analysing Advanced eDiscovery Data
  • Loading Non Office 365 Source Data for Advanced eDiscovery
  • Advanced eDiscovery Relevance Module
  • Relevance Module Data Preparation
  • Relevance Setup
  • Relevance tagging
  • Tracking Tagging Progress
  • Relevance Decision Based on Results
  • Test Relevance Analysis

Module 6 Office 365 Data import and Connectors

  • GDPR articles relevant to this module
  • Office 365 Data Governance
  • Importing Data into Office 365.
  • Importing messaging data
  • Office 365 Import Service
  • Office 365 Messaging Data Import
  • PST Import Service Requirements
  • Drive Shipping Import Service Requirements
  • Filtering Data on Import
  • Hybrid Exchange
  • Importing Data into Sharepoint and OneDrive
  • Sharepoint Online Migration Tool
  • Azure Data Box
  • Microsoft FastTrack Migration.
  • Importing Third-Party Data Sources
  • Office 365 Groups and Microsoft Teams Governance
  • Use Connectors in Office 365 Groups and Microsoft Teams

Module 7 Office 365 Data Retention and Disposal

  • Office 365 Retention Options
  • eDiscovery Holds
  • Retention Policies
  • Retention policy data behavior
  • Creating Retention Policies
  • Office 365 Group and Teams Considerations
  • Preservation Lock
  • Retention Precedence
  • Retention Labels
  • Auto-applying a Retention Label
  • Retention Labels and Folders
  • Retention Labels Records Declaration
  • Retention Label Creation
  • File Plan Descriptors
  • Retention Settings
  • Record Preservation
  • Label Publishing and Label Policies
  • Auto Apply Labels
  • Retention Label policies and locations
  • Single Retention Label per Item
  • Monitoring Retention Labels
  • Retention label Powershell
  • Inactive Mailboxes
  • Recovering or Restoring Inactive Mailboxes
  • Recovering and Restoring Inactive Mailbox Considerations
  • Deleting an Inactive Mailbox
  • Event Driven Retention
  • Exchange Online Retention Features
  • Unlimited Archiving
  • Exchange Online Legacy Compliance Features
  • Exchange Online Retention tags and policies
  • Key Point: Retention tags can be used to move items to an archive mailbox
  • Legacy Retention Functionality
  • Disposing of data
  • Modifying Exchange Online Default retention period
  • Sharepoint Online and OneDrive for Business Content Disposal
  • Microsoft Data Destruction
  • Office 365 Disposition Reviews
  • Disposition Review Considerations

Lab 7.1 Office 365 Labels
Lab 7.2 Office 365 eDiscovery Holds
Lab 7.3 Office 365 Event Driven Retention
Lab 7.4 Exchange Online Archiving
Lab 7.5 Exchange Online Retention Tags and Policies


Module 8 – Office 365 Authentication

  • GDPR Articles Covered in this Module
  • Authentication, Authorization, and Access Control
  • Software Requirements for MFA in Office 365
  • Set Up Multi-Factor Authentication in Office 365
  • MFA Authentication App
  • App Passwords
  • Additional MFA Service Settings

Lab 8.1 Multifactor Authentication

Module 9 Sharepoint Online and OneDrive Security and External Sharing

  • Sharepoint Online Authorization
  • SharePoint Online Permissions
  • Classic vs Modern Site Permission Management
  • Access Requests
  • Member Sharing options
  • Permission levels
  • Bespoke Permission Levels
  • SharePoint Groups
  • Special SharePoint Groups
  • Inheritance and Uniquely Secured Content
  • Granting Permissions
  • “Sharing” SharePoint Items
  • Permissions via PowerShell
  • Permission Models Best Practice
  • Sharepoint Online Conditional Access
  • Control access based on network location
  • SharePoint External Sharing
  • Authenticated External User sharing
  • Anonymous User external sharing
  • External Sharing Administration
  • Site Collection External Sharing Options
  • External Sharing with Identity Verification
  • OneDrive for Business External Sharing
  • External Sharing Configuration for Modern Team Sites

Lab 9.1 Sharepoint Online Permissions
Lab 9.2 Sharepoint and OneDrive External Sharing
Lab 9.3 Sharepoint Online Conditional Access

Module 10 Exchange Online RBAC

  • Exchange Online Authorization
  • Introducing Security in Exchange Online
  • Exchange Online Admin Role
  • Role Based Access Control (RBAC)
  • RBAC Role Groups
  • Creating Role Groups
  • Copying Role Groups
  • Roles
  • Role Entries
  • Management Role Scopes
  • Creating Custom Scopes
  • Office 365 Privileged access management
  • Configure and enable Office 365 Privileged access management

Lab 10.1 Exchange Online RBAC

Module 11 Multi Geo

  • Office 365 Multi-Geo
  • Sample Multi-Geo Tenant Configuration
  • Implementing Multi-Geo
  • Office 365 Multi-Geo Features for SharePoint and OneDrive

Lab 11.1 Multi Geo

Module 12 Office 365 Groups and Teams Governance

  • Office 365 Groups and Teams Security
  • Controlling Guest Access to Office 365 Groups
  • Remove guest access to group files
  • Disabling Guest Access for Office 365 Groups
  • Disabling ability for Office 365 Group Owners to invite Guest Users
  • Powershell for managing Office 365 Guest access
  • Controlling which users can create Office 365 Groups
  • Obsolete Office 365 Group Expiration and Removal
  • Finding and Archiving Obsolete Office 365 Groups
  • Office 365 Group Governance
  • Microsoft Teams Governance
  • Understanding Roles and Permissions in Microsoft Teams
  • Manage User Access to Microsoft Teams
  • Manage Guest Access to Teams
  • Manage Team Organizational Settings

Lab 12.1 Managing Office 365 Groups and Teams

Module 13 AIP and OME

  • Azure Information Protection Plans and Features
  • Activating Azure Rights Management
  • Firewall Requirements for Azure RMS
  • Rights Management Templates
  • RMS templates in Azure Portal
  • RMS Template configuration
  • Converting Templates to Labels
  • Azure Information Protection client
  • How Labels Apply Classification
  • File types supported
  • AIP Client Viewer
  • Exchange and Azure RMS Integration
  • Office 365 Message Encryption (OME)
  • OME Enhanced Recipient Experiences
  • Flexible controls for attachment encryption for recipients
  • Branding OME Encrypted messages
  • OME Integration with Data Loss Prevention (DLP)
  • OME Integration with Exchange Transport Rules
  • OME Reporting
  • Encrypted Mail Revocation
  • SharePoint/OneDrive for Business and Azure Information Protection
  • Integrating SharePoint with Azure Information Protection
  • Search Services and Azure Information Protection
  • Using Sharepoint Online Metadata to Apply AIP
  • AIP Reporting
  • Managing Personal Data for Azure Information Protection

Lab 13.1 Azure Information Protection

Module 14 Sensitivity Labels

  • Introduction to Office 365 Sensitivity Labels Concepts and Capabilities
  • AIP labels vs Sensitivity Labels
  • Creating a Sensitivity Label
  • Sensitivity Label Priority, Grouping and Sublabels
  • Editing or deleting a sensitivity label
  • Sensitivity Label Policies
  • Sensitivity label tasks

Lab 14.1 Office 365 Sensitivity Labels

Module 15 Office 365 Cloud App Security

  • Microsoft/Office 365 Cloud App Security - What’s the Difference?
  • Office 365 Cloud App Security
  • Cloud App Security Licensing Options
  • Office 365 Cloud App Security
  • Productivity App Discovery Dashboard
  • Data Protection
  • Office 365 Cloud App Security Activity Log
  • Manage OAuth Apps
  • Cloud App Security Access Policies
  • Cloud App Security Activity Policies
  • Cloud App Security OAuth App Policies
  • Cloud App Security Session Policies
  • Cloud App Security Policy Templates
  • Office 365 Cloud App Security Settings

Lab 15.1 Cloud App Security

Module 16 Office 365 DLP

  • Office 365 Data Loss Prevention
  • Components of DLP Policies
  • Default DLP Policies
  • Sensitive Information Types
  • Creating a Custom DLP Policy
  • DLP Policy recommendations

Lab 16.1 Data Loss Prevention

Module 17 Microsoft Threat Intelligence - Alerts - ATP - Secure Score

  • Microsoft Threat Intelligence
  • Microsoft Threat Intelligence Center
  • Office 365 Advanced Threat Protection
  • Threat Dashboard
  • Threat Explorer
  • Threat Management Threat Tracker
  • Threat management Reviews
  • Threat Management Policy
  • ATP anti-phishing
  • ATP Safe Attachments and Safe Links
  • ATP Safe attachments for Sharepoint, OneDrive and Teams
  • Quarantine in ATP for SharePoint Online, OneDrive for Business, and Microsoft Teams
  • ATP Safe attachments reports and alerts
  • ATP Safe Links
  • ATP Reports
  • Threat Management Anti-Spam Policies
  • Zero-Hour Auto Purge (ZAP)
  • Threat Management Anti Malware Policies
  • Threat Management DKIM settings
  • Threat Management Attack Simulator
  • Office 365 Supervision
  • Office 365 Alerts
  • Microsoft 365 Secure Score
  • Secure Score – “Old Skool”

Lab 17.1 Exchange ATP
Lab 17.2 Office 365 Alerts
Lab 17.3 Secure Score

Module 18 Office 365 MDM and Encryption

  • Office 365 Mobile Device Management
  • Managing Devices with MDM for Office 365
  • Wiping Data on Enrolled Devices via MDM for Office 365
  • MDM Powershell
  • Office 365 Encryption
  • Data in transit
  • Data at rest
  • Encryption in Office 365 Products
  • Customer Encryption Controls
  • Customer Lockbox

Module 19 Office 365 Auditing, Reporting and Compliance Tools

  • Module Introduction
  • Office 365 Adoption content pack
  • Office 365 Audit Log Search
  • Exchange Online Auditing
  • Office 365Security Reports
  • Office 365 Management API
  • Microsoft Compliance Manager
  • Microsoft Service Trust Portal
  • Microsoft Trust Center
  • Microsoft 365 Secure Score
  • Microsoft Security Incident Management Process

Lab 19.1 Office 365 Auditing
Lab 19.2 Compliance Manager