Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you’ll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers.
You’ll start by implementing mobile device management (MDM) and handling device compliance. You’ll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you’ll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you’ll cover best practices for configuring settings across your tenant to ensure compliance and security.
By the end of this book, you’ll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.
Author(s): Nate Chamberlain
Publisher: Packt
Year: 2019
Language: English
Pages: 300
City: Mumbai
Tags: Cloud, Networking
Cover
Title Page
Copyright and Credits
Dedication
About Packt
Contributors
Table of Contents
Preface
Section 1: Modern Device Services
Chapter 1: Implementing Mobile Device Management (MDM)
Planning for MDM
Device types and enrollment
Configuring MDM integration with Azure AD
Registered versus joined devices
Setting up automatic enrollment
Setting an MDM authority
Setting device enrollment limits for users
Device type restrictions
Device limit restrictions
Summary
Questions
Further reading
Chapter 2: Managing Device Compliance
Planning for device compliance
Configuring device compliance policies
Policy options
Creating a compliance policy
Designing, creating, and managing conditional access policies
Designing conditional access policies
Assignments
Users and groups
Cloud apps or actions
Conditions
Access controls
Grant
Session
Creating conditional access policies
Managing conditional access policies
Summary
Questions
Further reading
Chapter 3: Planning for Devices and Apps
Creating and configuring Microsoft Store for Business
Creating your private store
Setting your MDM solution in Microsoft Store
Configuring synchronization in Intune and synchronizing apps
Planning app deployment
Using a management tool
Making apps available via your private store
Assigning apps directly to employees
Planning device co-management
Planning device monitoring
Planning for device profiles
Assigning profiles
Monitoring profiles
Policy conflicts
Planning for MAM
Planning mobile device security
Summary
Questions
Further reading
Chapter 4: Planning Windows 10 Deployment
Planning for WaaS
Building and deploying
Servicing
Servicing channels
Servicing tools
Planning for Windows 10 Enterprise deployment
Windows Autopilot
In-place upgrades
Analyzing Upgrade Readiness for Windows 10
Additional Windows 10 Enterprise security features
Summary
Questions
Further reading
Section 2: Microsoft 365 Security Threat Management
Chapter 5: Implementing Cloud App Security (CAS)
Setting up CAS
Integrating AIP with CAS
Configuring CAS policies
Policies
Templates
Configuring connected apps
Designing a CAS solution
Managing CAS alerts
Uploading CAS traffic logs
Manual uploads
Automatic uploads
Summary
Questions
Further reading
Chapter 6: Implementing Threat Management
Planning a threat management solution
Designing and configuring Azure ATP
Setting up a sensor
Designing and configuring Microsoft 365 ATP policies
ATP Safe Attachments
ATP Safe Links
ATP for SharePoint, OneDrive, and Microsoft Teams
ATP anti-phishing protection
Monitoring ATA incidents
Summary
Questions
Further reading
Chapter 7: Implementing Windows Defender ATP
Planning our Windows Defender ATP solution
Configuring our preferences
Secure score dashboard security controls
Microsoft Threat Experts capabilities
Implementing Windows Defender ATP policies
Enabling and configuring the security features of Windows 10 Enterprise
Attack surface reduction
Install application guard
Enable application control
Exploit protection
Network protection
Controlled folder access
Network firewall
Next-generation protection
Summary
Questions
Further reading
Chapter 8: Managing Security Reports and Alerts
Managing the Service Assurance Dashboard
Accessing the Service Assurance Dashboard
Compliance Manager
Granting access to others
Microsoft Secure Score and Azure AD Identity Secure Score
Tracing and reporting on Azure AD Identity Protection
Investigating risk events and vulnerabilities
Settings and alerts
Microsoft 365 security alerts
Azure AD Identity Protection dashboard and alerts
Automatically closing or resolving risk events
Manually closing risk events
Summary
Questions
Further reading
Section 3: Microsoft 365 Governance Compliance
Chapter 9: Configuring Data Loss Prevention (DLP)
Configuring DLP policies
Designing data retention policies in Microsoft 365
Labels
Label policies
Monitoring and managing DLP policy matches
Managing DLP exceptions
Summary
Questions
Further reading
Chapter 10: Implementing Azure Information Protection (AIP)
Planning an AIP solution
Planning for classification labeling
Deploying AIP clients
Implementing an AIP tenant key
Planning for WIP implementation
Configuring IRM for workloads
Planning for the deployment of an on-premises Rights Management connector
Implementing AIP policies
Configuring a super user
Summary
Questions
Further reading
Chapter 11: Managing Data Governance
Planning and configuring information retention
Retention period and deletion
Locations
Creating a retention policy
Planning for a Microsoft 365 backup
Planning for restoring deleted content
Exchange
SharePoint
OneDrive
Summary
Questions
Further reading
Chapter 12: Managing Auditing
Configuring audit log retention
Enabling auditing of SharePoint site activities
Enabling auditing of Exchange mailbox activities
Configuring the audit policy
Monitoring unified audit logs
Azure AD audit and sign-in logs
Summary
Questions
Further reading
Chapter 13: Managing eDiscovery
Searching content using the Security & Compliance Center
Planning for in-place and legal holds
Configuring eDiscovery
Summary
Questions
Further reading
Section 4: Mock Exams
Chapter 14: Mock Exam 1
Chapter 15: Mock Exam 2
Assessments
Another Book You May Enjoy
Index