Microsoft 365 Security and Compliance Capabilities PDF
Document Details
Uploaded by CushyPyrope8787
Hogeschool Gent
Tags
Summary
This document is a learning path about Microsoft 365 security and compliance capabilities. It covers topics like identity, access management, threat protection, etc. It's intended for professional learners in the cybersecurity field.
Full Transcript
MS-900T01 – A Learning Path: Describe Microsoft 365 security and compliance capabilities © Copyright Microsoft Corporation. All rights reserved. Learning Path agenda Describe the function and identity types of Microsoft Entra ID Describe the access management capabilities of Microsoft Entra...
MS-900T01 – A Learning Path: Describe Microsoft 365 security and compliance capabilities © Copyright Microsoft Corporation. All rights reserved. Learning Path agenda Describe the function and identity types of Microsoft Entra ID Describe the access management capabilities of Microsoft Entra ID Describe threat protection with Microsoft 365 Defender Describe the compliance management capabilities in Microsoft Purview Describe Microsoft’s Service Trust portal and privacy capabilities © Copyright Microsoft Corporation. All rights reserved. Module 1: Describe the services and identity types of Microsoft Entra ID © Copyright Microsoft Corporation. All rights reserved. Module 1: Introduction After completing this module, you’ll be able to: 1 Describe the core functionality of Microsoft Entra ID 2 Describe the types of identities supported by Microsoft Entra ID 3 Describe the concept of hybrid identity as supported by Microsoft Entra ID © Copyright Microsoft Corporation. All rights reserved. Microsoft Entra ID Microsoft’s cloud-based identity and access management service. Organizations can enable their employees, guests, and others to sign in and access the resources they need. Provide a single identity system for their cloud and on-premises applications. Protect user identities and credentials to meet an organization’s access governance requirements. Subscribers to Azure services, Microsoft 365, or Dynamics 365 automatically have access to Microsoft Entra ID. Identity secure score. © Copyright Microsoft Corporation. All rights reserved. Identity types Human (user) identities Internal users—employees External users—guests, partners, customers, and so on Workload identities (an identity assigned to an application or service) Service principal—an identity for an application or service; the app uses Microsoft Entra ID for identity and access functions; app developers manage credentials. Managed identities—a service principal managed in Microsoft Entra ID that eliminates the need for app developers to manage credentials. Devices Microsoft Entra ID registered—support for bring your own device (BYOD). Microsoft Entra ID joined—device joined via an organizational account. Hybrid joined—devices are joined to your on-premises Active Directory and Microsoft Entra ID, requiring an organizational account to sign in. © Copyright Microsoft Corporation. All rights reserved. Hybrid identity What is a hybrid identity? A common user identity for authentication and authorization to on-premises and cloud resources. Hybrid identity is accomplished through: – Inter-directory provisioning—a user already in Active Directory is provisioned into Microsoft Entra ID. – Synchronization—making sure identity information for your on-premises users and groups matches the cloud. Microsoft Entra ID Connect cloud sync—a method for provisioning and synchronization. © Copyright Microsoft Corporation. All rights reserved. Microsoft Entra ID external identities Ways to securely interact with external users: B2B collaboration. Collaborate with external users by letting them use their preferred identity to sign in to your resources. B2B direct connect. Collaborate with other Microsoft Entra ID organizations using Microsoft Teams shared channels. Microsoft Entra External ID for customers. Make applications available to customers. Multitenant organizations. Seamless collaboration for a multitenant organization. © Copyright Microsoft Corporation. All rights reserved. Module 2: Describe the access management capabilities of Microsoft Entra © Copyright Microsoft Corporation. All rights reserved. Module 2: Introduction After completing this module, you’ll be able to: 1 Describe Conditional Access and its benefits 2 Describe Azure AD roles and role-based access control (RBAC) © Copyright Microsoft Corporation. All rights reserved. Conditional Access At their simplest, Conditional Access (CA) policies are if-then statements. Assignments determine which signals to use Access controls determine how a policy is enforced Users, groups, workload identities, directory roles Block access Cloud apps or actions Grant access—require one or more conditions to be met Sign-in and user risk detection before granting access Device or device platform Session control—enable a limited experience IP location More … © Copyright Microsoft Corporation. All rights reserved. Microsoft Entra roles and role-based access control (RBAC) Microsoft Entra ID roles control permissions to manage Microsoft Entra resources. Built-in roles Custom roles Categories of Microsoft Entra roles: – Microsoft Entra specific – Service specific – Cross-service Only grant the access users need © Copyright Microsoft Corporation. All rights reserved. Module 3: Describe threat protection with Microsoft 365 Defender © Copyright Microsoft Corporation. All rights reserved. Module 3: Introduction After completing this module, you’ll be able to: 1 Describe the Microsoft 365 Defender service 2 Describe how Microsoft 365 Defender provides integrated protection against sophisticated attacks 3 Describe and explore the Microsoft 365 Defender portal © Copyright Microsoft Corporation. All rights reserved. Microsoft 365 Defender An enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks. Microsoft Defender for Office 365 Microsoft Defender for Endpoint Microsoft Defender for Cloud Apps Microsoft Defender for Identity Microsoft Defender Vulnerability Management Microsoft Defender Threat Intelligence © Copyright Microsoft Corporation. All rights reserved. Microsoft Defender for Office 365 Seamless integration into your Office 365 subscription that provides protection against threats that arrive in email, links, attachments, or collaboration tools. Preset security policies Threat protection policies Reports Threat investigation and response Automated investigation and response © Copyright Microsoft Corporation. All rights reserved. Microsoft Defender for Endpoint Microsoft Defender for Endpoint is a platform designed to help enterprise networks protect endpoints. © Copyright Microsoft Corporation. All rights reserved. Microsoft Defender for Cloud Apps Provides rich visibility to your cloud services, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your Microsoft and third-party cloud services. Discover SaaS applications Information protection SaaS Security Posture Management (SSPM) Advanced threat protection App-to-app protection with app governance © Copyright Microsoft Corporation. All rights reserved. Microsoft Defender for Identity A cloud-based security solution that uses your on-premises Active Directory data to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions. Monitor and analyze user behavior and activities. Protect user identities and credentials stored in Active Directory. Identify suspicious activities and advanced attacks. Investigate alerts and user activities. © Copyright Microsoft Corporation. All rights reserved. Microsoft Defender Vulernability Management Delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices. © Copyright Microsoft Corporation. All rights reserved. Microsoft Defender Threat Intelligence Helps streamline security analyst triage, incident response, threat hunting, and vulnerability management workflows. Quickly scan new featured articles. Defender TI articles provide insight into threat actors, tooling, attacks, and vulnerabilities. Vulnerability Articles provide key context behind CVEs of interest. Collects, analyzes, and indexes internet data to assist in detecting and responding to threats. © Copyright Microsoft Corporation. All rights reserved. Microsoft 365 Defender portal Combines protection, detection, investigation, and response to devices, identities, endpoints, email and collaboration, and cloud apps, in a central place. © Copyright Microsoft Corporation. All rights reserved. Module 4: Describe the compliance management capabilities in Microsoft Purview © Copyright Microsoft Corporation. All rights reserved. Module 4: Introduction After completing this module, you’ll be able to: 1 Explore the Microsoft Purview compliance portal 2 Describe Compliance Manager 3 Describe the use and benefits of compliance score © Copyright Microsoft Corporation. All rights reserved. Microsoft Purview compliance portal Easy access to the data and tools you need to manage your organization’s compliance needs. A view to an organization’s compliance posture Solutions to help with compliance Customize navigation control © Copyright Microsoft Corporation. All rights reserved. Compliance Manager Compliance Manager simplifies compliance and reduces risk by providing: Prebuilt assessments based on common standards Workflow capabilities to complete risk assessments Step-by-step improvement actions Compliance score that shows overall compliance posture Key elements of Compliance Manager Controls Assessments Templates Improvement actions © Copyright Microsoft Corporation. All rights reserved. Compliance score Benefits of compliance score Helps an organization understand its current compliance posture Helps prioritize actions based on their potential to reduce risk Understand your compliance score Actions – Your improved actions – Microsoft actions Action types (and action subcategory) – Mandatory (preventive, detective, or corrective) – Discretionary (preventive, detective, or corrective) © Copyright Microsoft Corporation. All rights reserved. Module 5: Describe Microsoft’s Service Trust portal and privacy capabilities © Copyright Microsoft Corporation. All rights reserved. Module 5: Introduction After completing this module, you’ll be able to: 1 Describe the offerings of the Service Trust Portal 2 Describe Microsoft’s privacy principles 3 Describe Microsoft Priva © Copyright Microsoft Corporation. All rights reserved. Microsoft Service Trust Portal Microsoft’s site for publishing audit reports and other compliance-related information associated with Microsoft’s cloud services. Certifications, regulations, and standards Reports, white papers, and artifacts Industry and regional resources Resources for your organization © Copyright Microsoft Corporation. All rights reserved. Microsoft’s privacy principles Control: Putting you, the customer, in control of your privacy with easy-to-use tools and clear choices. Transparency: Being transparent about data collection and use so that everyone can make informed decisions. Security: Protecting the data that’s entrusted to Microsoft by using strong security and encryption. Strong legal protections: Respecting local privacy laws and fighting for legal protection of privacy as a fundamental human right. No content-based targeting: Not using email, chat, files, or other personal content to target advertising. Benefits to you: When Microsoft does collect data, it’s used to benefit you, the customer, and to make your experiences better. © Copyright Microsoft Corporation. All rights reserved. Microsoft Priva Helps organizations safeguard personal data and build a privacy-resilient workplace. Priva Privacy Risk Management Visibility into your organization’s data and policy templates to reduce risks. Priva Subject Rights Requests Automation and workflow tools to fulfil data requests. © Copyright Microsoft Corporation. All rights reserved. Learning Path summary Learned about Microsoft Entra ID and the services and identity it supports. Explored the access management capabilities of Microsoft Entra, with Conditional Access and Microsoft Entra RBAC. Learned about the threat protection with Microsoft 365 Defender. Learned about the compliance management capabilities in Microsoft Purview, including the compliance portal, Compliance Manager, and compliance score. Learned about the Service Trust Portal and privacy with Microsoft. © Copyright Microsoft Corporation. All rights reserved. © Copyright Microsoft Corporation. All rights reserved.