Office 365 Security & Compliance : Course Contents

1. Cloud Security Threat Landscape, Strategy & Architecture:

• Identify and understanding cloud computing concepts and definitions based on industry standards – ISO/IEC 17788 and NIST.
• Understand how security models like zero trust architecture (ZTA) relate to organisational strategies and help to drive a consistent approach to manging cloud services.
• Consider the threat landscape for cloud services and the common challenges faced by digital transformation and the modern workplace.

2. Microsoft 365 & Modern Workplace (Office 365, EMS, E3 & E5):

• Understand the productivity features of Microsoft 365 including identity, user, device & data management.
• Cover the key licensing differences across the Microsoft 365 suite including Office 365, Enterprise Mobility & Security, and specific security SKU’s.
• LAB: Deploy a Microsoft 365 demo environment.

3. Securing Identities & Applications (Azure AD, Azure ATP):

• Defining identity as the key control in ensuring an effective cloud security model.
• Translating organisational identity strategy into cloud-based identity management and Azure Active Directory (AD).
• Implementing baseline security controls including multi factor authentication, AD connect and legacy authentication.
• Application publishing and managing single sign on.
• Understanding guest management and B2B collaboration.
• Manage effective sharing and collaboration internally and externally using SharePoint Online & Teams.
• Implementing advanced features including Privileged Identity Management (PIM), Entitlement Manager and Access Reviews.
• Manage identity across on premise and provide comprehensive visibility using Azure ATP.

4. Email Protection (Office 365 ATP)

• Implementing email protection using Office 365 ATP.
• Deploying Anti-Phishing, Anti-Spam, DKIM, Malware protection, Safe Links, Safe Attachments and using automated investigation and response (AIR) capabilities.
• How to use Office 365 ATP for end to end email security including working with connected email services.
• Utilising Microsoft Threat Protection (MTP) for automated incident and case management in Microsoft 365.

5. Cloud Application Protection (Microsoft Cloud App Security):

• Understanding how application protection works across SaaS applications and Microsoft 365.
• Discovering cloud applications and services and conducting effective risk management of cloud services.
• Reviewing activity and creating alert rules using MCAS.

6. Data Governance & Records Management (AIP, Compliance Portal):

• Understanding data governance and data management principles and requirements.
• Demonstrate Azure Information Protection to provide data compliance in Microsoft 365
• Implement Sensitivity Labels and Retention Policies and configure auto classification.
• Understand auditing and forensic analysis using eDiscovery.
• Review different capabilities of AIP P1 & P2 licensing.
• LAB: Learn how to deploy data loss protection alert rules for compliance.

7. Device Protection & Management (Defender ATP & Intune)

• Understand the key capabilities around device management using Microsoft Endpoint Manager.
• Define a device management strategy across computing and mobile devices including the differences between mobile application management and full mobile device management.
• Configure Intune for mobile and computing device management and establish protection policies.
• Review Defender ATP and advanced endpoint protection and integration with end to end management in Microsoft 365.

8. Azure Security Overview:

• Understanding Azure services and capabilities and the relationship to Microsoft 365.
• Key concepts around role-based access control, subscription management and management groups.
• Using Azure Security Center for IaaS and PaaS and on-premises workload management and defining effective security operating models to support DevSecOps in Azure.
• Advanced security capabilities in Azure including network security configuration, WAF and Firewall capabilities.
• Using Azure Security Center for end to end compliance monitoring and reporting and integration into Microsoft 365.

9. Modern Security Operations:

• Understand security operating models and the challenges faced by managing cloud-based security operations.
• Clearly define the roles & responsibilities for an effective cloud operating model across productivity services, cloud services, development teams and security.
• Implement Azure Sentinel for log management, alerting and incident management.
• Learn how to configure data connectors, create dashboards, run queries, and create alert rules.
• Review end to end incident management using Microsoft Threat Protection (MTP) and Azure Sentinel.