MS-101: Microsoft 365 Mobility and Security
MS-101: Microsoft 365 Mobility and Security MS-101: Microsoft 365 Mobility and Security

Course description

This course covers three core elements of Microsoft 365 enterprise management: Microsoft 365 security management, Microsoft 365 compliance management, and Microsoft 365 device management. In Microsoft 365 security management, you'll examine all the common types of threat vectors and data breaches facing organizations today, and you'll learn how Microsoft 365 security solutions address these security threats. You will be introduced to Microsoft Secure Score and Azure Active Directory Identity Protection. You'll then learn how to manage Microsoft 365 security services, including Exchange Online Protection, Safe Attachments, and Safe Links. Finally, you will be presented with the various reports that monitor your security status. Later, it will move from security services to threat intelligence; specifically, using Microsoft 365 Defender, Microsoft Defender for Cloud apps, and Microsoft Defender for endpoint. With your Microsoft 365 security components now firmly in place, you'll examine the key components of Microsoft 365 compliance management. It begins with an introduction to all the key aspects of data governance, including data retention and archiving. , Microsoft Purview Message Encryption, and Data Loss Prevention (DLP). Then, you'll dive deeper into archiving and retention, paying special attention to Microsoft Purview internal risk management, information barriers, and DLP policies. Then, you'll examine how to implement these compliance features through the use of sensitivity labels and data classification. You will conclude this section by learning how to manage search and investigation in the Microsoft Purview compliance portal. It will cover Microsoft Purview Audit (Standard and Premium) and Microsoft Purview eDiscovery (Standard and Premium). The course concludes with an in-depth exam on Microsoft 365 device management. You'll start by planning various aspects of device management, including preparing Windows devices for co-management, planning for mobile app management, the exam Windows client deployment scenarios, Windows Autopilot deployment models, and Windows client subscription strategy planning. Finally, you'll move from planning to implementing device management; specifically, Windows client deployment strategy, Windows Autopilot, Mobile Device Management (MDM), device enrollment in MDM, and endpoint security in Microsoft Intune.
 

 

Audience profile

This course is designed for individuals who aspire to the role of Microsoft 365 Enterprise administrator and have completed one of the role-based Microsoft 365 administrator certification paths.

 

Items in this collection

  • Examine threat vectors and data breaches (13 Unidades)
  • Explore the Zero Trust security model (7 Units)
  • Explore security solutions in Microsoft 365 (8 Units)
  • Examine Microsoft Secure Score (7 Units)
  • Examine Privileged Identity Management (8 Units)
  • Examine Azure Identity Protection (7 Units)
  • Examine Exchange Online Protection (8 Unidades)
  • Examine Microsoft Defender for Office 365 (8 Units)
  • Manage Safe Attachments (8 Unidades)
  • Manage Safe Links (8 Units)
  • Explore threat intelligence in Microsoft 365 (11 Unidades)
  • Implement app protection by using Microsoft Defender for Cloud Apps (9 Unidades)
  • Implement endpoint protection by using Microsoft Defender for Endpoint (9 Unidades)
  • Implement threat protection by using Microsoft Defender for Office 365 (7 Unidades)
  • Explore archiving in Microsoft 365 (7 Unidades)
  • Explore retention in Microsoft 365 (9 Units)
  • Explore Data Loss Prevention in Microsoft 365 (9 Unidades)
  • Create information barriers in Microsoft 365 (8 Unidades)
  • Explore sensitivity labels (7 Unidades)
  • Implement sensitivity labels (8 Unidades)
  • Search for content in the Microsoft 365 compliance center (9 Unidades)
  • MS-101: Manage content search and investigations in Microsoft 365 (5 Units)
  • MS-101: Prepare for device management in Microsoft 365 (3 Units)
  • Preparing Windows devices for co-management (9 Units)
  • Plan mobile app management in Microsoft Intune (8 Units)
  • Windows Client Deployment Scenarios Exam (8 Units)
  • Explore Windows Autopilot implementation models (10 Units)
  • Plan Windows Client Subscription Activation Strategy (6 Units)
  • Explore Mobile Device Management (7 Units)
  • Deploy Mobile Device Management (8 Units)
  • Enroll devices to Mobile Device Management (9 Unidades)
  • Manage device compliance (10 Units)
  • Implement endpoint security in Microsoft Intune (9 Unidades)

 

Course outline

Module 1: Explore Microsoft 365 security metrics

In this learning path, you'll examine all of the common types of threat vectors and data breaches that organizations face today, and learn how Microsoft 365 security solutions address these security threats, including the security approach. Zero trust. You will be introduced to Microsoft Secure Score, Privileged Identity Management, as well as Azure Active Directory Identity Protection and Microsoft Defender for Office 365.

lessons

  • Examination of threat vectors and data breaches

  • Exploring the Zero Trust Security Model

  • Explore Microsoft 365 security solutions

  • Exam the Microsoft Secure Score

  • Examen de Privileged Identity Management

  • Examen de Azure Identity Protection

Lab : Configuring Tenants and Privileged Identity Management

  • Initializing a Microsoft 365 tenant
  • PIM Resource Workflows

After completing this module, students will be able to:

  • Describe various techniques hackers use to compromise user accounts via email

  • Describe techniques hackers use to gain control over resources

  • Describe the techniques hackers use to compromise data

  • Describe the Zero Trust security approach in Microsoft 365

  • Describe the components of Zero Trust security

  • Describe five steps to implement a Zero Trust model in your organization

  • Explain the Zero Trust network

  • List the types of threats that can be prevented using EOP and Microsoft Defender for Office 365

  • Describe how Microsoft 365 threat intelligence can benefit your organization

  • Monitor your organization through audits and alerts

  • Describe how ASM improves visibility and control over your tenant through three main areas

  • Describe the benefits of Secure Score and what type of services can be analyzed

  • Describe how to collect data using the Secure Score API

  • Understand where to identify actions that will increase your security by mitigating risks

  • Explain how to determine the threats each action will mitigate and the impact it has on usage

  • Explain privileged identity management (PIM) in Azure management

  • Configure PIM for use in your organization

  • PIM Role Audit

  • Explicar Microsoft Identity Manager

  • Explicar Privileged Access Management en Microsoft 365

  • Describe Azure Identity Protection and what kind of identities can be protected

  • Understand how to enable Azure Identity Protection

  • Know how to identify vulnerabilities and risk events

  • Plan your research to protect cloud-based identities

  • Plan how to protect your Azure Active Directory environment from security breaches

Module 2: Manage Microsoft 365 security services

This learning path examines how to manage Microsoft 365 security services, including Exchange Online Protection, Microsoft Defender for Office 365, Safe Attachments, and Safe Links. You will also be introduced to the various reports that help an organization monitor its security state.

lessons

  • Examinar Exchange Online Protection

  • Review Microsoft Defender for Office 365

  • Manage safe attachments

  • Manage Safe Links

  • Explore reports in Microsoft 365 security services

Lab : Manage Microsoft 365 security services

  • Implement a safe attachments policy
  • Implement a Safe Links policy

After completing this module, students will be able to:

  • Describe the antimalware pipeline as Exchange Online Protection scans email

  • List various mechanisms used to filter spam and malware

  • Describe additional solutions to protect against phishing and phishing

  • Describe the benefits of the spoofing intelligence feature

  • Describe how Safe Attachments is used to block zero-day malware in email and document attachments

  • Describe how Safe Links protects users from malicious URLs embedded in emails and documents

  • Create and modify a safe attachments policy in the Security & Compliance Center

  • Create a safe attachments policy using Windows PowerShell

  • Configure a safe attachments policy to take certain actions

  • Understand how a transport rule can be used to disable Safe Attachments functionality

  • Describe the end-user experience when an email attachment is scanned and found to be malicious

  • Create and modify a Safe Links policy in the Security & Compliance Center

  • Create a Safe Links policy using Windows PowerShell

  • Understand how a transport rule can be used to disable Safe Links functionality

  • Describe the end-user experience when Safe Links identifies a link to a malicious website or file

  • Describe how Microsoft 365 security reports show how your organization is protected

  • Know where to access reports generated by EOP and Microsoft Defender for Office 365

  • Understand how to access the detailed information of generated reports

Module 3: Implement threat intelligence in Microsoft 365

In this learning path, you will perform a migration from security services to threat intelligence. Specifically, through the security panel, Microsoft Defender for Identity and Microsoft Cloud Application Security to anticipate possible security breaches.

lessons

  • Explore threat intelligence in Microsoft 365

  • Explore the security panel

  • Implementar Microsoft Defender for Identity

  • Implementar Microsoft Cloud Application Security

Lab : Deploy Threat Intelligence

  • Perform a spear phishing attack using the attack simulator

  • Perform password attacks with the attack simulator

  • Prepare alert policies

  • Implement a mailbox permission alert

  • Implement a SharePoint permission alert

  • Test the default eDiscovery alert

After completing this module, students will be able to:

  • Understand how threat intelligence uses technology from the Microsoft Intelligent Security Graph

  • Describe how the threat dashboard can benefit C-level security officers

  • Understand how Threat Explorer can be used to investigate threats and help protect your tenant

  • Describe how the security dashboard displays top risks, global trends, and quality of protection

  • Describe what Microsoft Defender for Identity is and what requirements are needed to implement it

  • Configurar Microsoft Defender for Identity

  • Manage Microsoft Defender for Identity services

  • Describir Cloud App Security

  • Explain how to implement Cloud App Security

  • Control your cloud applications with policies

  • Troubleshoot Cloud App Security

Module 4: Introduction to data governance in Microsoft 365

In this learning path, you examine the key components of managing compliance in Microsoft 365. It begins with an introduction to all the key aspects of data governance, including data retention and archiving, Information Rights Management, message encryption Office 365, on-premises records management in SharePoint, and data loss prevention (DLP).

lessons

  • Explore archiving in Microsoft 365

  • Explore retention in Microsoft 365

  • Explorar Information Rights Management

  • Explore Office 365 message encryption

  • Explore in-place records management in SharePoint

  • Explore data loss prevention in Microsoft 365

Lab : Implement data governance

  • Configure Microsoft 365 message encryption

  • Validar Information Rights Management

  • initialize compliance

  • Configure labels and retention policies

After completing this module, students will be able to:

  • Understand data governance in Microsoft 365

  • Describe the difference between local archiving and records management

  • Explain how data is archived in Exchange

  • Recognize the benefits of in-place records management in SharePoint

  • Understand how messaging records management works in Exchange

  • List the types of retention labels that can be applied to mailboxes

  • Learn about the different Microsoft 365 encryption options

  • Understand how Information Rights Management (IRM) can be used in Exchange

  • Configure IRM protection for Exchange emails

  • Explain how IRM can be used in SharePoint

  • Apply IRM protection to SharePoint documents

  • State the differences between MRI protection and AIP classification

  • Understand how message encryption works

  • Perform encryption on a message

  • manage to decipher a message

  • Understand the cooperation of signing and encryption simultaneously

  • Explain what triple encapsulated messages are

  • Describe when you can use Office 365 message encryption

  • Explain how Office 365 message encryption works

  • Describe data loss prevention (DLP)

  • Understand what sensitive information and search patterns are used by DLP

  • Know what a DLP policy is and what it contains

  • Recognize how actions and conditions work together for DLP

  • Express how actions contain functions to send emails in matches

  • Show policy tips to users if a DLP rule is applied

  • Use policy templates to implement DLP policies for commonly used information

  • Explain how to use finger in documents

  • Understand how to use DLP to protect documents on Windows Server FCI

Module 5: Implement data governance in Microsoft 365

This learning path examines how to implement key aspects of data governance, including creating information barriers in Microsoft 365 and ethics walls in Exchange Online, creating DLP policies from built-in templates, creating custom DLP policies, creating DLP policies to protect documents, and creating policy tips.

lessons

  • Assess readiness for compliance

  • Implement compliance solutions

  • Create information barriers in Microsoft 365

  • Create a DLP policy from a built-in template

  • Create a custom DLP policy

  • Create a DLP policy to protect documents

  • Implement policy tips for DLP policies

Lab : Implement DLP Policies

  • Manage DLP policies

  • Test MRM and DLP policies

After completing this module, students will be able to:

  • Describe the Microsoft 365 Compliance Center and how to access it

  • Describe the purpose and objective of the compliance score

  • Explain the components of how an organization's compliance score is determined

  • Explain how assessments are used to formulate compliance scores

  • Explain how Microsoft 365 helps address the Global Data Protection Regulation

  • Describe internal risk management functionality in Microsoft 365

  • Configure internal risk management policies

  • Configure internal risk management policies

  • Explain communication compliance capabilities in Microsoft 365

  • Describe what an ethical wall is on Exchange and how it works

  • Explain how to create information barriers in Microsoft 365

  • Identify best practices for creating and working with ethical walls

  • Understand the different built-in templates for DLP policies

  • Determine how to choose the correct locations for a DLP policy

  • Set up the right rules to protect content

  • Enable and review the DLP policy correctly

  • Describe how to modify existing DLP policy rules

  • Explain how to add and modify custom conditions and actions to a DLP rule

  • Describe how to change user notifications and boards of directors

  • Configuring the user override option to a DLP rule

  • Explain how incident reports for a DLP rule violation are submitted

  • Describe how to work with managed properties for DLP policies

  • Explain how SharePoint Online creates crawled properties from documents

  • Describe how to create a managed property from a crawled property in SharePoint Online

  • Explain how to create a DLP policy with rules that apply to properties managed through PowerShell

  • Describe the user experience when a user creates an email or a site that contains sensitive information

  • Explain the behavior in Office applications when a user enters sensitive information

Module 6: Manage data governance in Microsoft 365

This learning path focuses on managing data governance in Microsoft 365, including managing retention in email, troubleshooting retention policies and unmanageable policy tips, as well as Troubleshooting sensitive data. Next, you'll learn how to implement sensitivity labels and Windows Information Protection.

lessons

  • Manage email retention

  • Troubleshoot data governance

  • Explore sensitivity labels

  • Implement sensitivity labels

  • Implement data governance

Lab : Implement data governance

  • Implement sensitivity labels

  • Implementar Windows Information Protection

After completing this module, students will be able to:

  • Determine when and how to use retention labels on mailboxes

  • Assign retention policy to an email folder

  • Add optional retention policies to email messages and folders

  • Remove a retention policy from an email message

  • Explain how the retention age of items is calculated

  • Fix retention policies not running as expected

  • Understand how to systematically troubleshoot when a retention policy appears to be failing

  • Perform policy tests in test mode with policy hints

  • Describe how to monitor DLP policies through message tracing

  • Manage data protection through sensitivity labels

  • Describe the requirements for creating a sensitivity label

  • Develop a data classification framework for sensitivity labels

  • Create, publish and delete sensitivity labels

  • Describe WIP and what it is used for

  • Plan a WIP Policy Implementation

  • Deploy WIP policies with Intune and SCCM

  • Implement WIP policies in Windows desktop applications

Module 7: Manage content searches and investigations in Microsoft 365

This learning path concludes this section on data governance by examining how to manage search and investigation, including searching for content in the Security & Compliance Center, auditing log investigations, and managing eDiscovery. advanced.

lessons

  • Find content in the Microsoft 365 Compliance Center

  • Perform Audit Log Investigations

  • Administer Advanced eDiscovery

Lab : Managing Searches and Investigations

  • Perform a data search

  • Investigate your Microsoft 365 data

After completing this module, students will be able to:

  • Describe how to use content search

  • Design a content search

  • Configure search permission filtering

  • Explain how to search for third-party data

  • Describe when to use scripts for advanced searches

  • Describe what audit logging is and the permissions required to search for a Microsoft 365 audit

  • Configure audit policies

  • Specify criteria to search the audit log

  • View, sort, and filter search results

  • Export search results to a CSV file

  • Search the unified audit log using Windows PowerShell

  • Describe advanced eDiscovery

  • Set permissions for users in Advanced eDiscovery

  • Create cases in advanced eDiscovery

  • Find and prepare data for advanced eDiscovery

Module 8: Prepare for device management in Microsoft 365

This learning path provides a detailed examination of device management in Microsoft 365. You'll start by planning various aspects of device management, including preparing your Windows 10 devices for co-management. You will learn how to transition from Configuration Manager to Intune, and you will be introduced to the Microsoft Intune for Business and Mobile Application Management.

lessons

  • Explore Windows 10 device management

  • Prepare Windows 10 devices for collaborative management

  • Migrate from Configuration Manager to Intune

  • Review Microsoft Store for Business

  • Application management planning

Lab : Implement Microsoft Store for Business

  • Configure Microsoft StoreStore for Business

  • Manage Microsoft Store for Business

After completing this module, students will be able to:

  • Describe the benefits of co-management

  • Plan your organization's co-management strategy

  • Describe the main features of Configuration Manager

  • Describe how Azure Active Directory enables co-management

  • Identify the prerequisites for using co-management

  • Configure Configuration Manager for co-management

  • Enroll Windows 10 devices in Intune

  • Modifying co-management settings

  • Transfer workloads to Intune

  • Monitor your co-management solution

  • Compliance check for co-managed devices

  • Describe the feature and benefits of Microsoft Store for Business

  • Configure Microsoft StoreStore for Business

  • Manage Microsoft Store for Business settings

Module 9: Plan your Windows 10 deployment strategy

This learning path focuses on planning your Windows 10 deployment strategy, including how to implement Windows Autopilot and Desktop Analytics, and planning your Windows 10 subscription activation service.

lessons

  • Browse Windows 10 deployment scenarios

  • Explore Windows Autopilot deployment models

  • Plan your Windows 10 subscription activation strategy

  • Resolve Windows 10 update errors

  • Analyze Windows 10 diagnostic data using Desktop Analytics

After completing this module, students will be able to:

  • Plan to use Windows as a service

  • Plan a modern deployment

  • Plan a dynamic implementation

  • Plan a traditional deployment

  • Describe Windows Autopilot requirements

  • Configure Windows Autopilot

  • Describe Autopilot automated deployments, pre-provisioned deployments, and user-driven deployments

  • Implement BitLocker encryption for Windows Autopilot devices

  • Comprender Windows 10 Enterprise E3 en CSP

  • Configure VDA for Subscription Activation

  • Deploy Windows 10 Enterprise licenses

  • Describe common solutions for Windows 10 update errors

  • Use SetupDiag

  • Troubleshoot update errors

  • Describe Windows error reports

  • Understand update error codes and resolution procedure

  • Describe Desktop Analytics

  • Describe device status

  • Describe Update Compliance

  • Determine readiness for upgrade

Module 10: Implement device management in Microsoft 365

This learning path focuses on mobile device management (MDM). You'll learn how to implement it, how to enroll devices in MDM, and how to manage device compliance.

lessons

  • Explore mobile device management

  • Implement mobile device management

  • Register devices in mobile device management

  • Manage device compliance

Lab : Manage devices with Intune

  • Enable device management

  • Configure Azure AD for Intune

  • Create Intune policies

  • Enroll a Windows 10 device

  • Manage and monitor a device in Intune

After completing this module, students will be able to:

  • Manage devices with MDM

  • Compare MDM for Microsoft 365 and Intune

  • Understand policy settings for mobile devices

  • Control email and document access

  • Activate mobile device management services

  • Implement mobile device management

  • Configure domains for MDM

  • Configure an APNs certificate for iOS devices

  • Manage device security policies

  • Define a corporate device enrollment policy

  • Enroll devices to MDM

  • Understanding the Apple Device Enrollment Program

  • Understand the enrollment rules

  • Configure a device enrollment administrator role

  • Describe multi-factor authentication considerations

  • Plan for device compliance

  • Configure conditional users and groups

  • Create Conditional Access Policies

  • Monitor enrolled devices

 

Previous requirements

Before attending this course, students must have:

  • Completed a role-based administrator course, such as Messaging, Teamwork, Security and Compliance, or Collaboration.
  • Proficient knowledge of DNS and basic functional experience with Microsoft 365 services.
  • A competent knowledge of general IT practices.

 

Language

  • English course
  • Labs: English
€695.00