Microsoft 365 Security Administration: MS-500 Exam Guide
eBook - ePub

Microsoft 365 Security Administration: MS-500 Exam Guide

Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

  1. 642 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Microsoft 365 Security Administration: MS-500 Exam Guide

Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

About this book

Get up to speed with expert tips and techniques to help you prepare effectively for the MS-500 Exam

Key Features

  • Get the right guidance and discover techniques to improve the effectiveness of your studying and prepare for the exam
  • Explore a wide variety of strategies for security and compliance
  • Gain knowledge that can be applied in real-world situations

Book Description

The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments.

This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios.

By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.

What you will learn

  • Get up to speed with implementing and managing identity and access
  • Understand how to employ and manage threat protection
  • Get to grips with managing governance and compliance features in Microsoft 365
  • Explore best practices for effective configuration and deployment
  • Implement and manage information protection
  • Prepare to pass the Microsoft exam and achieve certification with the help of self-assessment questions and a mock exam

Who this book is for

This Microsoft certification book is designed to help IT professionals, administrators, or anyone looking to pursue a career in security administration by becoming certified with Microsoft's role-based qualification. Those trying to validate their skills and improve their competitive advantage with Microsoft 365 Security Administration will also find this book to be a useful resource.

Trusted by 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Packt Publishing
Year
2020
Print ISBN
9781838983123
Edition
1
eBook ISBN
9781838981303
Topic
Computer Science
Subtopic
Certification Guides in Computer Science
Index
Computer Science

Section 1: Configuring and Administering Identity and Access in Microsoft 365

In this first section, we will be examining the principles of identity and access in Microsoft 365. 
This part of the book comprises the following chapters:
  • Chapter 1, Planning for Hybrid Identity
  • Chapter 2, Authentication and Security
  • Chapter 3, Implementing Conditional Access Policies
  • Chapter 4, Role Assignment and Privileged identities in Microsoft 365
  • Chapter 5, Azure AD Identity Protection

Chapter 1: Planning for Hybrid Identity

Configuring a Microsoft 365 hybrid environment requires an understanding of your organization's identity needs, which will enable you to plan and deploy the correct Azure Active Directory (AD) authentication and synchronization method within your environment. This chapter covers planning your identity methodology and describes the process of monitoring and understanding the events recorded by Azure AD Connect.
By the end of this chapter, you will be able to determine your business needs, analyze on-premises identity infrastructure, and develop a plan for hybrid identity. You will understand how to design and implement authentication and application management solutions, how to enhance data security through strong identity, and how to analyze events and configure alerts in Azure AD Connect.
In this chapter, we will cover the following topics:
  • Planning your hybrid environment
  • Synchronization methods with Azure AD Connect
  • Additional authentication security
  • Event monitoring and troubleshooting in Azure AD Connect

Planning your hybrid environment

Identity is key when planning and implementing a Microsoft 365 environment. While the default identity method within Microsoft 365 is cloud-only, most organizations will need to plan for deploying hybrid identities when introducing Microsoft 365 to their organization. So, what is hybrid identity? Well, in simple terms, it is the process of providing your users with an identity in the cloud that is based on their on-premises identity. There are several ways that this can be achieved, and the available methods will be explained in detail later in this chapter.
The basic principles of hybrid identity in Microsoft 365 are shown in the following diagram:
Figure 1.1 – Hybrid identity
Figure 1.1 – Hybrid identity
Let's examine how to start planning for hybrid identity in Microsoft 365.
The first step to establishing the correct identity lies in determining the business needs of your organization. It is important, at this stage, to recognize who your stakeholders will be in this process, understand their current working tools and practices, and assess how a modern and agile platform such as Microsoft 365 could be used to enable them to work more efficiently and securely.
The following are some examples of your possible stakeholders:
  • Users
  • Power users
  • IT team
  • Compliance team
  • Business owners
Each of the given stakeholders will have their own specific challenges that you will need to address. However, your users will obviously account for the highest percentage of your stakeholders and your primary focus will need to be ensuring that any transitions to new ways of working are as seamless as possible. Many users can be very wary of change and how you introduce them to new technologies and working practices is directly tied to the success or failure of your project. If your users buy in to the changes you are introducing and can realize the benefits, then the rest of your stakeholders are also more likely to follow suit.
While your main users will be focused on doing their job, the remaining stakeholders will have a deeper interest in how a Microsoft 365 hybrid environment meets the requirements of the business.
Some of the common business requirements are as follows:
  • The modernization of existing IT software
  • Providing and securing cloud (SaaS) applications
  • Reducing risk by providing a secure identity solution
Let's examine some approaches for addressing these requirements. Examining how on-premises identities are currently provided is a logical starting point that will give you a better understanding of what you need to plan and implement for identity authentication in the cloud. You need to be aware of any current on-premises synchronization solutions that may be in place, including any third-party solutions.
You will also need to consider any existing use of cloud applications in the organization. These will need to be identified and plans made for their continued use, integration, or possible replacement.
Important note
Microsoft Cloud App Discovery can be used to analyze existing SaaS app usage within your organization. Cloud App Discovery and security will be covered in a later chapter in this book.
Understanding your on-premises identity infrastructure will help you to plan for modernization. So, what is modernization considered to be in the world of IT? Well, essentially, it is based on the principle that IT users now wish and expect to be more mobile. They want quick and easy access to their emails and documents anywhere, anytime, and on any device.
This requirement creates the challenge of how to effectively secure and protect the services within the Microsoft 365 platform while ensuring that these services are highly available and accessible to the users.
So, how do we achieve this? It is not possible to wrap a firewall around Microsoft 365 in the traditional sense. Instead, we need to look at the various modern authentication security methods that are available within the Azure AD Premium licensing plans. We will address these methods later on in this chapter, but before this, we will examine the process of establishing your hybrid identity by synchronizing your on-premises AD to Microsoft 365.

Synchronization methods with Azure AD Connect

Now that you understand the concept of hybrid identity and authentication, we will turn our attention to the process that makes hyb...

Table of contents

  1. Microsoft 365 Security Administration: MS-500 Exam Guide
  2. Why subscribe?
  3. Preface
  4. Section 1: Configuring and Administering Identity and Access in Microsoft 365
  5. Chapter 1: Planning for Hybrid Identity
  6. Chapter 2: Authentication and Security
  7. Chapter 3: Implementing Conditional Access Policies
  8. Chapter 4: Role Assignment and Privileged Identities in Microsoft 365
  9. Chapter 5: Azure AD Identity Protection
  10. Section 2: Implementing and Managing Threat Protection
  11. Chapter 6: Configuring an Advanced Threat Protection Solution
  12. Chapter 7: Configuring Microsoft Defender ATP to Protect Devices
  13. Chapter 8: Message Protection in Office 365
  14. Chapter 9: Threat Intelligence and Tracking
  15. Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security
  16. Section 3: Information Protection in Microsoft 365
  17. Chapter 11: Controlling Secure Access to Information Stored in Office 365
  18. Chapter 12: Azure Information Protection
  19. Chapter 13: Data Loss Prevention
  20. Chapter 14: Cloud App Discovery and Security
  21. Section 4: Data Governance and Compliance in Microsoft 365
  22. Chapter 15: Security Analytics and Auditing Capabilities
  23. Chapter 16: Personal Data Protection in Microsoft 365
  24. Chapter 17: Data Governance and Retention
  25. Chapter 18: Search and Investigation
  26. Chapter 19: Data Privacy Compliance
  27. Section 5: Mock Exam and Assessment
  28. Chapter 20: Mock Exam
  29. Chapter 21: Mock Exam Answers
  30. Chapter 22: Assessments
  31. Other Books You May Enjoy

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Microsoft 365 Security Administration: MS-500 Exam Guide by Peter Rising in PDF and/or ePUB format, as well as other popular books in Computer Science & Certification Guides in Computer Science. We have over 1.5 million books available in our catalogue for you to explore.