Microsoft 365 Mobility and Security โ€“ Exam Guide MS-101
eBook - ePub

Microsoft 365 Mobility and Security โ€“ Exam Guide MS-101

Explore threat management, governance, security, compliance, and device services in Microsoft 365

  1. 312 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Microsoft 365 Mobility and Security โ€“ Exam Guide MS-101

Explore threat management, governance, security, compliance, and device services in Microsoft 365

About this book

Get up to speed with planning, deploying, and managing Microsoft Office 365 services and gain the skills you need to pass the MS-101 exam

Key Features

  • Explore everything from mobile device management and compliance, through to data governance and auditing
  • Get to grips with using Azure advanced threat protection and Azure information protection
  • Learn effectively through exam-focused practice exercises and mock tests

Book Description

Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you'll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers.

You'll start by implementing mobile device management (MDM) and handling device compliance. You'll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you'll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you'll cover best practices for configuring settings across your tenant to ensure compliance and security.

By the end of this book, you'll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.

What you will learn

  • Implement modern device services
  • Discover tools for configuring audit logs and policies
  • Plan, deploy, and manage Microsoft 365 services such as MDM and DLP
  • Get up to speed with configuring eDiscovery settings and features to enhance your organization's ability to mitigate and respond to issues
  • Implement Microsoft 365 security and threat management
  • Explore best practices for effectively configuring settings

Who this book is for

This book is for IT professionals looking to pass the Microsoft 365 Mobility and Security certification exam. System administrators and network engineers interested in mobility, security, compliance, and supporting technologies will also benefit from this book. Some experience with Microsoft 365, Exchange servers, and PowerShell is necessary.

Trusted byย 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Packt Publishing
Year
2019
Print ISBN
9781838984656
Edition
1
eBook ISBN
9781838980016
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

Section 1: Modern Device Services

In this section, we will focus on implementing modern device services, which makes up 30-35% of the MS-101 exam. Here, you'll learn how to utilize the services and settings you can control as a Microsoft 365 modern device administrator.
This section includes the following chapters:
  • Chapter 1, Implementing Mobile Device Management (MDM)
  • Chapter 2, Managing Device Compliance
  • Chapter 3, Planning for Devices and Apps
  • Chapter 4, Planning Windows 10 Deployment

Implementing Mobile Device Management (MDM)

Mobile Device Management (MDM) allows you to take your organization's security, compliance requirements, and configuring your enterprise MDM settings to match so that devices accessing company resources and data are monitored and secure. MDM helps you to control who and under which circumstances users can access company data, minimizing the likelihood of data loss or unauthorized access. While there are many third-party solutions for MDM, we'll focus primarily on the Microsoft solution, Intune.
In this chapter, we'll cover the following topics, including the basics of MDM planning:
  • Planning for MDM
  • Configuring MDM integration with Azure AD
  • Setting an MDM authority
  • Setting device enrollment limits for users

Planning for MDM

When thinking of your organization's path to MDM, you'll want to consider and assess your company's unique requirements. The exam will likely focus more on the settings and configuration of MDM, so we'll focus primarily on them. When you're ready to begin implementing MDM, you can generally break it down into the following 10 steps:
  1. Configure the security groups in Active Directory (AD) or Azure AD that will allow you to easily assign policies or apply restrictions based on membership. Many of the later steps will depend on you thoughtfully creating these groups on which you'll base restrictions and permissions:
  1. Assign Intune and Office 365 licenses to users from within the Microsoft 365 admin center (admin.microsoft.com) or Azure Active Directory. Users must be assigned an Intune license to be able to enroll their device.
  1. Set your MDM authority to Intune (see the Setting an MDM authority section), and create an MDM push certificate for Apple devices (see the Device types and enrollment section).
  2. Create terms and conditions via Intune | Tenant Administration | Terms and Conditions | Create, as seen in the following screenshot:
Deploying terms and conditions is optional, but requires users to accept your company's terms of usage prior to enrolling via the company portal. This can also be configured during setup of conditional access, which we'll discuss more in Chapter 2, Managing Device Compliance:
  1. Deploy general/custom configuration policies (restrictions or allowances based on device types and groups). The following example of a configuration profile will block access to Game Center for iOS devices:
  1. Deploy resource profiles (Wi-Fi, email, and VPN resources that can be deployed).
  2. Deploy store or custom/line-of-business apps.
  3. Deploy compliance policies to make sure users are using approved devices (specific OS versions, not jailbroken devices, and so on). The following example policy ensures iOS devices use passwords to unlock the device with at least four characters:
  1. Enable conditional access policies that will restrict users from accessing company data if certain criteria aren't met, such as the compliance policies in step 8.
  2. Finally, enroll the devices.
Next, we will look at device types.

Device types and enrollment

MDM-enrolled devices may be completely controlled by the company (such as those running Android Enterprise dedicated or iOS supervised modes) or could be bring your own device (BYOD), such as those running the Android Enterprise work profile where users enroll personal devices to access company resources but are left with the freedom to use their device normally outside of work apps and data.
Android Enterprise modes include the following:
  • Work profile: Personal data is kept separate from corporate data.
  • Dedicated: Meant for single-use devices where most links/apps are blocked.
  • Fully managed: Corporate-owned devices fully managed by the company and intended for work only (not personal usage).
Android Device Administrator (or legacy) has been deprecated and is not encouraged since the Android Enterprise options are now available.
Furthermore, iOS supervised mode is essentially a checkbox you can mark for iOS devices during configuration in order to restrict functionality, such as renaming the device, AirPrint, AirDrop, and more. View a complete list of settings you can restrict in supervised mode at https://docs.microsoft.com/en-us/intune/configuration/device-restrictions-i...

Table of contents

  1. Title Page
  2. Copyright and Credits
  3. Dedication
  4. About Packt
  5. Contributors
  6. Preface
  7. Section 1: Modern Device Services
  8. Implementing Mobile Device Management (MDM)
  9. Managing Device Compliance
  10. Planning for Devices and Apps
  11. Planning Windows 10 Deployment
  12. Section 2: Microsoft 365 Security Threat Management
  13. Implementing Cloud App Security (CAS)
  14. Implementing Threat Management
  15. Implementing Windows Defender ATP
  16. Managing Security Reports and Alerts
  17. Section 3: Microsoft 365 Governance Compliance
  18. Configuring Data Loss Prevention (DLP)
  19. Implementing Azure Information Protection (AIP)
  20. Managing Data Governance
  21. Managing Auditing
  22. Managing eDiscovery
  23. Section 4: Mock Exams
  24. Mock Exam 1
  25. Mock Exam 2
  26. Assessments
  27. Another Book You May Enjoy

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, weโ€™ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere โ€” even offline. Perfect for commutes or when youโ€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Microsoft 365 Mobility and Security โ€“ Exam Guide MS-101 by Nate Chamberlain in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over 1.5 million books available in our catalogue for you to explore.