Audience Profile

Microsoft 365 Security Administration is aimed at IT Professional working with the task of a M365 security administrator role. This role collaborates with the M365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization

  Skills Gained

Skills you gain with this exam are to implement, manage, and monitor security and compliance solutions for Microsoft 365 and hybrid environments. The Microsoft 365 Security Administrator proactively secures Microsoft 365 enterprise environments, responds to threats, performs investigations, and enforces data governance. The Microsoft 365 Security Administrator collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders, and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.
This exam measures your ability to accomplish the following technical tasks: implement and manage identity and access; implement and manage threat protection; implement and manage information protection; and manage governance and compliance features in Microsoft 365."

Pre-requisites

Microsoft 365 workloads and have strong skills and experience with identity protection, information protection, threat protection, security management, and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

Module 1: Microsoft 365 Built-in Compliance

Lessons

• Compliance Manager
• Service Trust Portal
• Security and Compliance Center
• Office 365 Secure Score
• Office 365 Data Governance
• Retention policies
• Unified Labelling
• Advanced Data Governance in Office 365
  

Module 2: Advanced Compliance in Microsoft 365

Lessons

• Handling Third Party Data
• Data Loss Prevention
• Information Protection
• eDiscovery and Litigation hold
• Handling Data Subject Requests (DSR)

Module 3: Implementing Threat Protection using Microsoft Defender Solutions for Office 365 and Azure

Lessons

• Microsoft Defender for Office 365 (O365 ATP)
• Cloud App Security for Office 365 Overview

Module 4: Implementing Microsoft Cloud App Security

Lessons

• Deploying Cloud App Security
• Controlling your cloud apps with Policies
• Troubleshooting Cloud App Security
• Manage cloud app security alerts.
• Describe the risk score in Cloud App Security.
• Use the Cloud App Catalog.
• Use the Cloud Discovery DashboardCloud App Security Overview

Module 5: Implementing Endpoint security using Microsoft Intune

Lessons

• Protecting company data using application management
• Deploy Mobile Device management
• Manage Devices with MDM

Module 6: Protecting Windows 10 using Microsoft Defender for Windows

Lessons

• Device Guard
• Application Guard
• Attack Surface Reduction
• Endpoint Detection and Response

Module 7: Introduction to Azure Sentinel and Deep Dive on Correlation Rules, Threat Intelligence and KQL (Kusto Query Language)

Lessons

• Azure sentinel architecture
• Features and functionalities
• Custom connectors
• Correlation rules
• Threat Intelligence
• Kusto Query Language

Module 8: Investigating identity actions and Deep Dive into Threat Hunting

Lessons

• Identity overview
• Tackling identity with SIEM
• Out of box identity analytics
• Threat hunting process
• Building Detections
• SOC Incident Workflow
• Triage and investigate an incident

Module 9: Cloud Security Posture Management with Azure Security Center

Lessons

• Asset inventory and management tools
• Secure score in Azure Security Center
• Security Recommendations
• Security policies
• Azure security baseline
• Cross-tenant management

Module 10: Managing and Responding to Security Incidents and Alerts in Azure Security Center

Lessons

• Managing Security Incidents
• Security alerts in Azure Security Center
• Manage and respond to security alerts
• Automate Responses to Recommendations