Microsoft 365 Mobility & Security

Prerequisites

• Completed a role-based administrator course such as Messaging, Teamwork, Security and Compliance, or Collaboration.
• A proficient understanding of DNS and basic functional experience with Microsoft 365 services.
• A proficient understanding of general IT practices.

Please note: This MS101 course is aimed at delegates familiar with concepts and basic administration of Microsoft 365 technologies including Powershell. Delegates wanting a general course about administration of Office 365 and its services should consider the MS030 course instead for a technical introduction to Office 365. Also the QAOff365GOV course provides an in depth exploration of Office 365 Security Governance and Compliance. The QAMSINTUNE course will provide a hands on in depth course on Microsoft 365 Mobile Device Management.

Learning Outcomes

By actively participating in this course, you will learn about the following:

• Microsoft 365 Security Metrics
• Microsoft 365 Security Services
• Microsoft 365 Threat Intelligence
• Data Governance in Microsoft 365
• Archiving and Retention in Office 365
• Data Governance in Microsoft 365 Intelligence
• Search and Investigations
• Device Management
• Windows 10 Deployment Strategies
• Mobile Device Management

Course Outline

Module 1: Introduction to Microsoft 365 Security Metrics
In this module, you will examine all the common types of threat vectors and data breaches facing organizations today, and you will learn how Microsoft 365’s security solutions address these security threats, including the Zero Trust approach. You will be introduced to the Microsoft Secure Score, Privileged Identity Management, as well as to Azure Active Directory Identity Protection.

Lessons

• Threat Vectors and Data Breaches
• The Zero Trust Model
• Security Solutions in Microsoft 365
• Introduction to Microsoft Secure Score
• Privileged Identity Management
• Introduction to Azure Active Directory Identity Protection

Lab : Tenant Setup and PIM

• Initialize your Microsoft 365 Tenant
• PIM Resource Workflows

Module 2: Managing Your Microsoft 365 Security Services
This module examines how to manage the Microsoft 365 security services, including Exchange Online Protection, Advanced Threat Protection, Safe Attachments, and Safe Links. You will be introduced to the various reports that monitor your security health.

Lessons

• Introduction to Exchange Online Protection
• Introduction to Advanced Threat Protection
• Managing Safe Attachments
• Managing Safe Links
• Monitoring and Reports

Lab : Manage Microsoft 365 Security Services

• Implement a Safe Attachments policy
• Implement a Safe Links policy

Module 3: Microsoft 365 Threat Intelligence
In this module, you will then transition from security services to threat intelligence; specifically, using the Security Dashboard and Advanced Threat Analytics to stay ahead of potential security breaches.

Lessons

• Overview of Microsoft 365 Threat Intelligence
• Using the Security Dashboard
• Configuring Advanced Threat Analytics
• Implementing Your Cloud Application Security

Lab : Implement Threat Intelligence

• Conduct a Spear Phishing attack using the Attack Simulator
• Conduct Password attacks using the Attack Simulator
• Prepare for Alert Policies
• Implement a Mailbox Permission Alert
• Implement a SharePoint Permission Alert
• Test the Default eDiscovery Alert

Module 4: Introduction to Data Governance in Microsoft 365
This module examines the key components of Microsoft 365 Compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 message encryption, and data loss prevention (DLP).

Lessons

• Introduction to Archiving in Microsoft 365
• Introduction to Retention in Microsoft 365
• Introduction to Information Rights Management
• Introduction to Secure Multipurpose Internet Mail Extension
• Introduction to Office 365 Message Encryption
• Introduction to Data Loss Prevention

Lab : Implement Message Encryption and IRM

• Configure Microsoft 365 Message Encryption
• Validate Information Rights Management

Module 5: Archiving and Retention in Microsoft 365
This module delves deeper into archiving and retention, paying particular attention to in-place records management in SharePoint, archiving and retention in Exchange, and Retention policies in the Security and Compliance Center.

Lessons

• In-Place Records Management in SharePoint
• Archiving and Retention in Exchange
• Retention Policies in the SCC

Lab : Implement Archiving and Retention

• Initialize Compliance
• Configure Retention Tags and Policies

Module 6: Implementing Data Governance in Microsoft 365 Intelligence
This module examines how to implement the key aspects of data governance, including the building of ethical walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.

Lessons

• Evaluating Your Compliance Readiness
• Implementing Compliance Center Solutions
• Building Ethical Walls in Exchange Online
• Creating a Simple DLP Policy from a Built-in Template
• Creating a Custom DLP Policy
• Creating a DLP Policy to Protect Documents
• Working with Policy Tips

Lab : Implement DLP Policies

• Manage DLP Policies
• Test MRM and DLP Policies

Module 7: Managing Data Governance in Microsoft 365
This module focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and policy tips that fail, as well as troubleshooting sensitive data. You will then learn how to implement Azure Information Protection and Windows Information Protection.

Lessons

• Managing Retention in Email
• Troubleshooting Data Governance
• Implementing Azure Information Protection
• Implementing Advanced Features of AIP
• Implementing Windows Information Protection

Lab : Implement AIP and WIP

• Implement Azure Information Protection
• Implement Windows Information Protection

Module 8: Managing Search and Investigations
This module conclude this section on data governance by examining how to manage search and investigation, including searching for content in the Security and Compliance Center, auditing log investigations, and managing advanced eDiscovery.

Lessons

• Searching for Content in the Security and Compliance Center
• Auditing Log Investigations
• Managing Advanced eDiscovery

Lab : Manage Search and Investigations

• Implement a Data Subject Request
• Investigate Your Microsoft 365 Data

Module 9: Planning for Device Management
This module provides an in-depth examination of Microsoft 365 Device management. You will begin by planning for various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Microsoft Intune, and you will be introduced to the Microsoft Store for Business and Mobile Application Management.

Lessons

• Introduction to Co-management
• Preparing Your Windows 10 Devices for Co-management
• Transitioning from Configuration Manager to Intune
• Introduction to Microsoft Store for Business
• Planning for Mobile Application Management

Lab : Implement the Microsoft Store for Business

• Configure the Microsoft Store for Business
• Manage the Microsoft Store for Business

Module 10: Planning Your Windows 10 Deployment Strategy
This module focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Windows Analytics, and planning your Windows 10 subscription activation service.,

Lessons

• Windows 10 Deployment Scenarios
• Implementing and Managing Windows Autopilot
• Planning Your Windows 10 Subscription Activation Strategy
• Resolving Windows 10 Upgrade Errors
• Introduction to Windows Analytics

Module 11: Implementing Mobile Device Management
This module focuses on Mobile Device Management (MDM). You will learn how to deploy it, how to enroll devices to MDM, and how to manage device compliance.

Lessons

• Planning Mobile Device Management
• Deploying Mobile Device Management
• Enrolling Devices to MDM
• Managing Device Compliance

Lab : Manage Devices with Intune

• Enable Device Management
• Configure Azure AD for Intune
• Create Intune Policies
• Enroll a Windows 10 Device
• Manage and Monitor a Device in Intune