Special Notices

Please note: for Attend from Anywhere customers an additional screen is required. The additional screen must have a minimum screen size of 19 inch and minimum resolution of 1280x1024, with the vertical resolution (1024) being the most critical.

NB: Due to the dynamic nature of Microsoft Office 365 functionality the exact list of compliance features addressed in this course is subject to change.

This course is one of the unique Office 365 QA authored Mastering courses. Others within the curriculum for Office 365 are:

Overview

This is a detailed 5-day course with hands on labs. The course covers how to implement Governance Security and in Office 365. Within the course there is specific reference to GDPR*, however this course is appropriate to anyone interested in any aspect of Office 365 Governance Security and Compliance. This course covers Office 365 features pertaining to various Office 365 subscriptions: Business, E3, E5.

  • Discover— Identification, retrieval and classification of personal data.
  • Govern— Importing, processing, retention and disposal of personal data.
  • Protection — Control authentication, authorization and access control of personal data including Encryption and Data Loss Prevention
  • Report — Execute data requests, report data breaches, and proactively maintain required documentation.

*Please note this is not a GDPR course - this is course on implementing Security Governace and Compliance features within Office 365 irrespective of the compliance framework. Reference will be made to GDPR within the course for context but the course is overall agnostic to any specific compliance framework

Target Audience

  • Technical Business Decision Makers
  • Office 365 IT Professionals
  • Anyone who has a business interest in how to Implement Governance Security and Compliance for their organisation in Office 365

Practical Labs

During the course students will create their own Office 365 and have labs which populate their environment with data then implement the features learnt through the course (note due to latency of Microsoft services some labs can take several hours or more to complete) Labs are written so students can choose which labs they want to complete

Prerequisites

An understanding of Office 365 core technologies and an interest in the business benefits of the Microsoft Office 365 Platform from a Governance Security and Compliance perspective.

Course Outline

Module 1: Introducing Compliance Standards and Microsoft Commitments

  • Introduction
  • Data Breaches
  • Data Breach Statistics
  • Common Compliance Standards
  • General Data Protection Regulation (GDPR)
  • ISO/IEC 27001:2013
  • National Institute of Standards and Technology (NIST)
  • Microsoft’s Commitment to Compliance
  • Contractual Commitments
  • Microsoft Compliance Offerings
  • Microsoft Compliance Portals and Tools
  • The Microsoft Trust Center
  • The Microsoft Service Trust Portal
  • Compliance Manager/Compliance Score
  • Security and Compliance Admin Centers
  • GDPR Activity Hub
  • Security and Compliance PowerShell
  • Office 365 Admin Roles
  • Permissions in the Security & Compliance Centers
  • Microsoft’s Compliance Model
  • Microsoft 365 GDPR action plan
  • Office 365 Overview
  • Office 365 is Dynamic
  • Office 365 Subscription Plans
  • Compliance in Other Microsoft Cloud Services
  • Lab 1.1 Introduction
  • Lab 1.2 Using Chrome Profiles
  • Lab 1.3 Get over 6 Months Office 365 trial for free

Module 2: Introducing Office 365 Search Concepts

  • Introduction
  • GDPR articles relevant to this module
  • Office 365 Search Tools and Engines
  • Columns and Content Types
  • Columns
  • Content Types
  • Adding Content Types
  • Modern UI gotcha
  • Custom content types
  • Publishing Content Types via Content Type Hub
  • Term Store Groups and Permissions
  • Using Managed Metadata
  • Delve Search, Security Trimming and Hiding
  • Hiding Delve
  • Lab 2.1 Content Types
  • Lab 2.2 Content Types Search (Optional)

Module 3: Office 365 Content Search

  • Office 365 Content Search
  • Content Search Security
  • Running a Content Search
  • Preview Content Search Results
  • Search Statistics
  • Content Search PowerShell
  • Using a CSV file to “Search by ID List” (aka Targeted Content Search)
  • Export Content Search Results
  • Unindexed Items in Content Searches
  • Search Bulk Actions
  • Increase Download Speed When Exporting Content Search Results
  • Differences Between Estimated and Actual eDiscovery Search Results
  • De-duplication in eDiscovery Search Results
  • Search for and Delete Email Messages in an Office 365 Organization
  • Use Content Search to Search the Mailbox and OneDrive for Business Site for a List of Users
  • Clone a Content Search
  • Configure Security Filtering for Content Search
  • Microsoft Data Subject requests
  • Lab 3.1 Office 365 Content Search

Module 4: Office 365 eDiscovery

  • Office 365 eDiscovery Tasks
  • Office 365 eDiscovery Cases
  • Assign eDiscovery Permissions
  • eDiscovery Related Roles in the Security & Compliance Center
  • Role Groups for eDiscovery
  • Create eDiscovery cases
  • Add Users to an eDiscovery Case
  • Place Content on Legal Hold
  • Location of content on hold
  • Create and Run Content Searches
  • Prepare Search Results for Advanced eDiscovery
  • Lab 4.1 eDiscovery

Module 5: Office 365 Advanced eDiscovery and Data Investigations

  • Advanced eDiscovery and Data Investigations
  • Advanced eDiscovery workflow
  • Data Investigation Workflow
  • Creating an Advanced eDiscovery Case
  • Identification - Data Custodians
  • Communications
  • Advanced eDiscovery Communication tool
  • Required and Optional Notifications
  • Preservation - Advanced eDiscovery Holds
  • Advanced eDiscovery Case Searches
  • Review Sets
  • Viewing Data in a Review Set
  • Review Set Filters and Queries
  • Review Sets - Tagging Content
  • Analysing Advanced eDiscovery Data
  • Loading Non Office 365 Source Data for Advanced eDiscovery
  • Advanced eDiscovery Relevance Module
  • Relevance Module Data Preparation
  • Relevance Setup
  • Relevance tagging
  • Tracking Tagging Progress
  • Relevance Decision Based on Results
  • Test Relevance Analysis
  • Relevance Settings and Utilities
  • Export Case Data

Module 6: Data Import and Connectors

  • GDPR articles relevant to this module
  • Office 365 Data Governance
  • Importing Data into Office 365
  • Importing messaging data
  • Office 365 Import Service
  • Office 365 Messaging Data Import
  • PST Import Service Requirements
  • Drive Shipping Import Service Requirements
  • Filtering Data on Import
  • Hybrid Exchange
  • Importing Data into Sharepoint, OneDrive and Teams
  • Challenges to Sharepoint/Onedrive/Teams migrations
  • Microsoft Options for Sharepoint Online Migrations
  • Migration Stages
  • Stage 1 Prepare and Assess
  • SharePoint Migration Assessment Tool
  • Stage 2 – Migrating Data into Sharepoint Online
  • The Sharepoint Migration Tool
  • SPMT Advanced settings
  • Sharepoint Migration Manager
  • Migration Manager Global/Task Settings
  • Mover.io
  • Stage 3 & 4 Post Migration and Reducing Business Impact
  • Convert users to adopters
  • Third Party Migration tools
  • Customization Migrations
  • Importing Third-Party Data Sources
  • Use Connectors in Office 365 Groups and Microsoft Teams

Module 7: Office 365 Data Retention and Disposal

  • Office 365 Retention Options
  • eDiscovery Holds
  • Retention Policies
  • Retention policy data behaviour
  • Creating Retention Policies
  • Office 365 Group and Teams Considerations
  • Teams Considerations and limitations
  • Preservation Lock
  • Retention Precedence
  • Retention Labels
  • Auto-applying a Retention Label
  • Retention Labels and Folders
  • Retention Labels Records Declaration
  • Retention Label Creation
  • File Plan Descriptors
  • Retention Settings
  • Record Preservation
  • Label Publishing and Label Policies
  • Auto Apply Labels
  • Retention Label policies and locations
  • Monitoring Retention Labels
  • Retention label Powershell
  • Inactive Mailboxes
  • Recovering or Restoring Inactive Mailboxes
  • Recovering and Restoring Inactive Mailbox Considerations
  • Deleting an Inactive Mailbox
  • Event Driven Retention
  • Exchange Online Retention Features
  • Exchange Online Archiving
  • Unlimited Archiving
  • Exchange Online Legacy Compliance Features
  • Exchange Online Retention tags and policies
  • Key Point: Retention tags can be used to move items to an archive mailbox
  • Legacy Retention Functionality
  • Disposing of data
  • Modifying Exchange Online Default retention period
  • Sharepoint Online and OneDrive for Business Content Disposal
  • Microsoft Data Destruction
  • Office 365 Disposition Reviews
  • Disposition Review Considerations
  • Lab 7.1 Office 365 Labels
  • Lab 7.2 Office 365 eDiscovery Holds
  • Lab 7.3 Office 365 Event Driven Retention
  • Lab 7.4 Exchange Online Archiving
  • Lab 7.5 Exchange Online Retention Tags and Policies

Module 8: Office 365 Authentication

  • GDPR Articles Covered
  • Introduction
  • Authentication, Authorization, and Access Control
  • Multi-Factor Authentication in Office 365
  • Multi-factor authentication in Office 365
  • Software Requirements for MFA in Office 365
  • Security Defaults
  • Set Up Multi-Factor Authentication in Office 365
  • MFA with Conditional Access
  • Individual User MFA
  • MFA Settings
  • Inform Users How to Sign In Using MFA in Office 365
  • MFA Authentication App
  • App Passwords
  • Resetting MFA User settings
  • Lab 8.1 Multifactor Authentication

Module 9: Sharepoint Online Security

  • SharePoint Online Permissions
  • Classic vs Modern Site Permission Management
  • Sharepoint Modern Team Sites
  • Access Requests
  • Member Sharing options
  • Permission levels
  • Bespoke Permission Levels
  • Granting Explicit Permissions
  • SharePoint Groups
  • Sharepoint Group Best Practice
  • Recommended Sharepoint Online Group Model
  • Special SharePoint Groups
  • Permission Inheritance
  • Breaking Inheritance
  • Granting Permissions
  • Checking Permission
  • “Sharing” SharePoint Items
  • Sharing a Site
  • Sharing a Document Library/List
  • Sharing a Folder or Items
  • Modern UI folder or item sharing
  • Modifying and Removing Permissions
  • Sharepoint Online Permissions via PowerShell
  • Sharepoint Online Permissions Best Practice
  • Lab 9.1 SharePoint Online Permissions
  • Conditional Access

Module 10: Sharepoint External Sharing

  • SharePoint External Sharing
  • Authenticated External User sharing
  • Authenticated External User Link Management
  • Anonymous Access Links
  • Modern Team Sites Guest Access
  • Sharepoint Online External sharing administration
  • Tenant Level External Sharing Administration
  • Advanced settings for external sharing
  • File and Folder Links
  • Other Settings
  • Show to owners the names of people who viewed their files
  • Classic Sharing Settings
  • Site Collection External Sharing Options
  • Powershell External Sharing
  • Sharepoint Online External Sharing Alerts, Auditing and Reporting
  • Lab 10.1 SharePoint External Sharing

Module 11: Exchange Online Authorization

  • Introducing Security in Exchange Online
  • Exchange Online Admin Role
  • Role Based Access Control (RBAC)
  • RBAC Role Groups
  • Creating Role Groups
  • Copying Role Groups
  • Roles
  • Role Entries
  • Management Role Scopes
  • Creating Custom Scopes
  • Office 365 Privileged access management
  • Configure and enable Office 365 Privileged access management
  • Requesting and approving access
  • Lab 11.1 Exchange Online RBAC

Module 12: Office 365 Groups and Microsoft Teams Governance

  • Office 365 Groups and Teams Security
  • Controlling Guest Access to Office 365 Groups
  • Remove guest access to group files
  • Disabling Guest Access for Office 365 Groups
  • Disabling ability for Office 365 Group guests to access content
  • Powershell for managing Office 365 Guest access
  • Controlling which users can create Office 365 Groups
  • Obsolete Office 365 Group Expiration and Removal
  • Finding and Archiving Obsolete Office 365 Groups
  • Office 365 Group Governance
  • Microsoft Teams Governance
  • Understanding Roles and Permissions in Microsoft Teams
  • Manage User Access to Microsoft Teams
  • Manage Guest Access to Teams
  • Manage Team Organizational Settings
  • Lab 12.1 Managing Office 365 Groups and Teams

Module 13: Office 365 Multi-Geo

  • Sample Multi-Geo Tenant Configuration
  • Implementing Multi-Geo
  • Office 365 Multi-Geo Features for SharePoint and OneDrive

Module 14: Azure Information Protection

  • Azure Information Protection Plans and Features
  • AIP licensing
  • Activating Azure Rights Management
  • Firewall Requirements for Azure RMS
  • Azure RMS Super Users
  • Configuring the super user feature
  • Rights Management Templates (Deprecated)
  • RMS templates in Azure Portal
  • RMS Template configuration
  • Converting Templates to Labels
  • AIP Labels
  • AIP label creation
  • Azure Information Protection client
  • AIP Client Viewer
  • AIP Label Classification
  • Exchange and Azure RMS Integration
  • SharePoint/OneDrive for Business and Azure Information Protection
  • Sharepoint IRM Integration
  • Integrating SharePoint with IRM Protection
  • Integrating OneDrive with Azure Information Protection
  • Search Services and Azure Information Protection
  • Using Sharepoint Online Metadata to Apply AIP
  • AIP Reporting
  • Managing Personal Data for Azure Information Protection
  • Lab 14.1 Azure Information Protection

Module 15: Office 365 Message Encryption (OME)

  • OME Configuration
  • OME Enhanced Recipient Experiences
  • Flexible controls for attachment encryption for recipients
  • Decrypting Attachments
  • Read Only and Attachment Download Restrictions in Exchange Online
  • Combining OME with blocked attachment download
  • Branding OME Encrypted messages
  • Branding/Advanced Configuration is not just for Branding
  • OME Integration with Data Loss Prevention (DLP)
  • OME Integration with Exchange Transport Rules
  • Encrypted Mail Revocation
  • Lab 15.1 Office 365 Message Encryption

Module 16: Office 365 Sensitivity Labels

  • Office 365 Sensitivity Labels
  • Classification
  • Visual marking, watermarks, headers and footers
  • Protection – Encryption both inside/outside the organization
  • AIP Labels vs Sensitivity Labels
  • Sensitivity Label Client Support
  • Client ‘Quirks’
  • Sensitivity Label Support for Office Files
  • Sensitivity Label Administration
  • Sensitivity Label priority and grouping
  • Sublabels
  • Editing or deleting a sensitivity label
  • Label Policies
  • Label Analytics
  • Lab 16.1 Office 365 Sensitivity Labels

Module 17: Microsoft 365 Cloud App Security

  • Microsoft/Office 365 Cloud App Security
  • Overview
  • Background
  • Microsoft Cloud App Security vs Office 365 Cloud App Security
  • Office 365 Cloud App Security
  • Cloud App Security Licensing Options
  • Office 365 Cloud App Security
  • Microsoft Cloud App Security
  • Microsoft Cloud App Security Dashboard
  • User anonymization
  • Cloud App Catalog
  • App Sanctioning
  • Cloud App Security Activity Log
  • Files
  • Files Management Reports
  • Users and accounts
  • Governance Actions
  • Security Configuration
  • OAuth Apps
  • Deploy Conditional Access App Control
  • Cloud App Security Policy Templates
  • Policy Alerts
  • Scoping Cloud App Security
  • Cloud App Security Activity Privacy
  • Microsoft top tips for Using Cloud App Security
  • Generic SIEM integration
  • Azure Sentinel
  • Use Power BI with Cloud App Security data in Azure Sentinel
  • Lab 17.1 Cloud App Security

Module 18: Microsoft Threat Intelligence - Alerts - AIR - ATP - Secure Score

  • Microsoft Threat Intelligence
  • Microsoft Threat Intelligence Center
  • Office 365 Advanced Threat Protection
  • Threat Dashboard
  • Threat Explorer
  • Threat Management Threat Tracker
  • Threat management Reviews
  • Office 365 Automated Investigation and Response (AIR)
  • AIR Security playbooks
  • AIR Security playbooks roll out
  • AIR requirements
  • AIR Investigation initiation
  • Automated Investigations
  • Investigation Graph
  • Investigation Alert Tab
  • Investigation Email Tab
  • Investigation User Tab
  • Investigations Machine Tab
  • Investigations Entities Tab
  • Investigation (Playbook) log tab
  • Investigation (Recommended) actions tab
  • Office 365 Threat Management Policy
  • ATP anti-phishing
  • ATP Safe Attachments and Safe Links
  • ATP Safe attachments
  • ATP Safe attachments for Sharepoint, OneDrive and Teams
  • Quarantine in ATP for SharePoint Online, OneDrive for Business, and Microsoft Teams
  • ATP Safe attachments reports and alerts
  • ATP Safe Links
  • ATP Reports
  • Threat Management Anti-Spam Policies
  • Zero-Hour Auto Purge (ZAP)
  • Threat Management Anti Malware Policies
  • Threat Management DKIM settings
  • Enabling DKIM in Office 365
  • Domain-based Messaging and Reporting Compliance (DMARC)
  • Implementing DMARC in Office 365
  • Threat Management Attack Simulator
  • Communication Compliance
  • Office 365 Alerts
  • Microsoft 365 Secure Score
  • Secure Score – “Old Skool”
  • Lab 18.1 Exchange ATP
  • Lab 18.2 Office 365 Alerts
  • Lab 18.3 Office 365 AIR
  • Lab 18.4 Secure Score

Module 19: Office 365 Data Loss Prevention

  • DLP Functionality
  • Components of DLP Policies
  • Sensitive Information Types
  • Creating a Custom DLP Policy
  • Conditions/Exceptions
  • Mark Files as Sensitive by Default
  • DLP Reports
  • Lab 19.1 Data Loss Prevention


Module 20: Office 365 Encryption

  • Data in transit
  • Data at rest
  • Encryption in Office 365 Products
    • Exchange Online
    • SharePoint Online and OneDrive for Business
    • Teams/Skype for Business Online
  • Customer Encryption Controls
  • Scenario 1 – Files are saved on Windows computers
  • Scenario 2 – Customers want control over the encryption keys used to encrypt your data in Microsoft data centers
  • Scenario 3 – Files are saved on mobile devices
  • Scenario 4 – People are communicating via email
  • Scenario 5 – Users are accessing files using SharePoint Online or OneDrive for Business
  • Customer Lockbox
  • Microsoft 365 Information Protection Guides

Module 21: Office 365 Auditing, Report and Compliance Tools

  • Module Introduction
  • Microsoft 365 Usage Analytics
  • Dashboard Reports
  • Enabling Microsoft 365 Usage Analytics
  • Office 365 Auditing
  • Audit Log Permissions
  • Running an Audit Log Search
  • Viewing Audit Log Search Results
  • Filtering Audit Log Search Results
  • Exporting Audit Log Search Results
  • Advanced Audit in Microsoft 365
  • Audit log retention policies
  • Exchange Online Auditing - Deprecated
  • Compliance and Security Reports
  • Office 365 Management API
  • Microsoft Compliance Manager
  • Microsoft Service Trust Portal
  • Microsoft Trust Center
  • Microsoft 365 Secure Score
  • Compliance/Secure Score “Old Skool”
  • Microsoft Security Site
  • Lab 21.1 Office 365 Auditing

Microsoft 365 Learning Pathways

This course features in the following learning path:

= Required
= Certification
Technical Decision Maker
Office 365 General Administration
Exchange Online/Hybrid
SharePoint Online/Hybrid
Device Management, Identity and Services
Security and Compliance
Modern Desktop
Power Platform
Office 365 Development
Microsoft Teams
Key for bundle contents
= Exam Preparation
= Exam
= Practice Exam
= Exam Voucher
= Tutor Support
= Pre Course Work
*This is based on QA research

MOC

 = 

Microsoft Official Course (MOC)

 

QA Authored

 = 

QA Authored