Kurssin kesto: 1 etäpäivä
Kurssin hinta: 690 € + alv.
SA-setelit: kyllä
Toteutukset: Kysy online toteutusta
Microsoft 365 Threat Protection auttaa pysäyttämään hyökkäyksiä edistyneillä tietoturvatuotteilla. Tämä kurssi valmentaa ymmärtämään kuinka tietoturvahyökkäykset toimivat ja kuinka niitä voidaan torjua. Kurssilla opetallaan käyttämään mm. ATP-tuotteita, Security Dashboardia ja kuinka mobiililaitteet turvataan M365 ympäristössä. Tämä kurssi valmentaa osaltaan Microsoft MS-500 Security Administration -sertifiointitestiin.
Kohderyhmä
IT-asiantuntijat, tietoturvavastaavat ja päättäjät jotka
- Vastaavat tietoturvasta omassa organisaatiossaan
- Käyttävät M365 lisenssiä organisaatiossa
- Haluavat parantaa oman organisaationsa tietoturvaominaisuuksia
- Ovat kiinnostuneita tietoturvasta Microsoft 365 -ympäristössä
Valmennuksen tavoite – kurssin päätteeksi valmennettavat osaavat:
- Hahmottaa paremmin mahdollisuudet Microsoft 365 -tuotteessa
- Ottaa käyttöön tuotteet joita organisaation M365 -lisenssi tarjoaa
- Luoda turvallisemman työympäristön omassa Microsoft 365 -ympäristössä
Harjoitukset ja materiaali
Käytännön harjoitukset tehdään Microsoftin tarjoamassa koulutusympäristössä, osa tehdään kurssin aikana ja osa itseopiskeluna. Materiaali harjoituksineen jää valmennettaville käyttöön kurssin jälkeen.
Sertifioituminen
MS-500; Microsoft 500 Security Administration
Valmennuksen rakenne (Microsoft MOC-materiaalin sisältö):
Module 1: Security in Microsoft 365
This module starts by explaining the various cyber-attack threats that exist. It then introduces you to the Microsoft solutions to thwart those threats. The module finishes with an explanation of Microsoft Secure Score and how it can be used to evaluate and report your organizations security posture.
Lessons
- Threat Vectors and Data Breaches
- Security Solutions for Microsoft 365
- Microsoft Secure Score
After completing this module, students will be able to:
- Describe several techniques hackers use to compromise user accounts through email.
- Describe techniques hackers use to gain control over resources.
- List the types of threats that can be avoided by using Exhange Online Protection and Office 365 ATP.
- Describe how Microsoft 365 Threat Intelligence can be beneficial to your organization’s security officers and administrators.
- Describe the benefits of Secure Score and what kind of services can be analyzed.
- Describe how to use the tool to identify gaps between your current state and where you would like to be with regards to security.
Module 2: Advanced Threat Protection
This module explains the various threat protection technologies and services available in Microsoft 365. Specifically, the module covers message protection through Exchange Online Protection, Azure Advanced Threat Protection and Windows Defender Advanced Threat Protection.
Lessons
- Exchange Online Protection
- Office 365 Advanced Threat Protection
- Managing Safe Attachments
- Managing Safe Links
- Azure Advanced Threat Protection
- Windows Defender Advanced Threat Protection
Lab : Advanced Threat Protection
- Setting up your lab environment
- Editing an ATP Safe Links policy and creating a Safe Attachment policy
After completing this module, students will be able to:
- Describe the anti-malware pipeline as email is analyzed by Exchange Online Protection.
- Describe how Safe Attachments is used to block zero-day malware in email attachments and documents.
- Describe how Safe Links protect users from malicious URLs embedded in email and documents that point to malicious websites.
- Configure Azure Advanced Threat Protection.
- Configure Windows Defender ATP.
- Integrate Windows Defender ATP with Azure ATP.
Module 3: Threat Intelligence
This module explains Microsoft Threat Intelligence which provides you with the tools to evaluate and address cyber threats. You will learn how to use the Security Dashboard in the Microsoft 365 Security and Compliance Center. It also explains and configures Microsoft Advanced Threat Analytics.
Lessons
- Microsoft 365 Threat Intelligence
- Using the Security Dashboard
- Configuring Advanced Threat Analytics
Lab : Advanced Threat Analytics
- Enabling and installing the ATA Center
After completing this module, students will be able to:
- Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph.
- Describe how Threat Explorer can be used to investigate threats and help to protect your tenant.
- Describe how the Security Dashboard gives C-level executives insight into top risks, global trends, protection quality, and the organization’s exposure to threats.
- Describe how the Security dashboard can be used as a launching point to enable security analysts to drill down for more details by using Threat Explorer.
- Describe what Advanced Thread Analytics (ATA) is and what requirements are needed to deploy it.
- Configure Advanced Threat Analytics.
Module 4: Mobility
This module is all about securing mobile devices and applications. Students will learn about Mobile Device Management and how it works with Intune. They will also learn about how Intune and Azure AD can be used to secure mobile applications.
Lessons
- Plan for Mobile Application Management
- Plan for Mobile Device Management
- Deploy Mobile Device Management
- Enroll Devices to Mobile Device Management
After completing this module, students will be able to:
- Describe mobile application considerations.
- Use Intune to manage mobile applications.
- Manage devices with MDM.
- Compare MDM for Office 365 and Intune.
- Configure Domains for MDM.
- Manage Device Security Policies.
- Define Corporate Device Enrollment Policy.
- Enroll devices to MDM.
- Configure a Device Enrollment Manager Role.