M365 Security Administration Tutorial | MS-500 exam study guide | Joyatres
that like you will you will understand what are the things that we are going to cover over here okay so module number one we are going to talk about the users and the group management so let ask this question I think so Yas C and Abel you all have uh office account yes I have yes yeah sandip how about you uh yes I've got a trial account which is running now okay okay perfect perfect perf yeah all right so I I I want to go through this course so the first module is going to talk about the identity and access management the zero trust model and how you can plan your identity identity means like the account user account is called as the identity so we are going to talk about the accounts and the roles roles means the r back Ro based access management and then how we can manage the password so that is what we are going to talk about on on model number one which is a very simple and an introduction so then we will talk about the directory synchronization which is a very very important part so we'll be talking about the DI synchronization in which like we will we will plan to think so this is just a planning planning in the sense like you have your okay so we are on module number two so director synchronization is like you will have your on to and you will have your Cloud so we have to prepare in a way that how these accounts from the on premises is going to be migrated to the cloud that we will plan for it and we going to talk about the different type of identities the cloud identity ones identity and the synchronized identity we will talk about it and then we'll talk about the identity protection so what is the concept we will talk about about that and then model number three we'll be talking about the application management how we can manage the device access and the role based access control and also pin pin stand for stands for privileged identity management so what generally happens is like when when someone is joining a team they get access and when they are leaving the team the access is not revoked so that logic we are going to talk about say like only the right people will get the right access and also if you want to give access it has to be approved by a specific set of people so that is called as the privilege identity management okay so that is the idea of that's idea we're going to talk about on model number three then on model number four we will talk about uh say like a bit of uh Theory say like the threat vectors the security strategy the secure scope so a secure score is available on the security portal so that score is provided by Microsoft Microsoft is is rating your environment like where do you stand so that we will talk about the Microsoft secure score on model number four and then model number five is the most important one why because this is the place where you will be Act actually working on to it because as I told you that how much of customization we can do so Microsoft already has a set of a set of security layer how much of how much of additional security we can apply how much of additional security we can apply is at this particular place we'll be talking about the EOP in which we'll talk about the safe attachment safe links we'll be talking about the ATP advance to thre protection in which we'll talk about the anti- malware and then and then anti- fishing anti- spoofing so all these things will will fall into this threat protection it's called as the ATP Advanced threat protection so this is the place like majority of the security administrators work then let's talk about model number six in which we'll be talking about the security dashboard and we'll be talking about the Sentinel Azure Sentinel is a data analytics uh Analytics tool so using the using the data how we can work on it we'll talk about that and then we'll talk about the ATA and then we will talk the the lab we have it which I will ask you to do it so which is the attack simulator we'll be doing and model number seven we'll be talking about the cloud application security so there is there something called as a c Cloud application security we will talk about that and then model number eight we'll be talking about the am and MDM mobile application management and mobile device management is what we are going to talk about so anyone works on in tune work but not in depth right it also I'm learning learning is T not in depth okay good so yes uh this mobility and security it goes together so in tune we'll be talking about that in detail so we are going to configure the Azure active directory for in we'll be doing that then we'll be talking about these things which are taken from the exchange online so which are taken from the exchange concept so say like how we can how we can perform the uh Records management so uh have you seen sensitivity label so if you open your word do you see a sensitivity icon available on your word yes so we are and if you click on the if you click on that down arrow on the sensitivity do you see some entries like personal private public MH so we will talk about how this is how this is implemented so how this is implemented how these entries came up so we are going to talk about those entry those are all called as the sensitivity labels all right so this will be talking in the compliance Center then archiving retention and then say like how it is working on the M365 how does it work on the exchange side will be doing a comparison and then uh sorry to interrupt you one question quick for Jing like exchange have generally so what about here how it's the which option basically use for that so journaling in fact journaling itself is still there on office but it is there on the other features so it is still there so if you want to journal it only challenge is that you cannot not Journal it within Office 365 instead you have to redirect those emails to your on premises mailbox it won't accept it won't accept the mail from this it won't accept the mailbox from the same domain you have to journal it to a different location so in tenant if you have two so we can like don't any infrastructure on PR so we have only P only so we can have two domain that case yeah in that case yes you can read to a different tenant yes is possible different tenant or different domain different what is so different domain is that so you're saying like different domain within different t or the same T I mean I have one ten only and I don't have any on anything only one domain and I have like some mail boxes and I want to do journaling for for those mail boxes so now the challenge is that you cannot Journal it within the cloud instead we can create create an Onis environment I'll tell you how to create an Onis environment so so you can you can if that is just for a testing purpose yeah you can do that but if it is a if it is organizational one so yes you need to have an on premisis envirment that is that is expectation okay will talk about that problem okay so on module 10 we will be talking about the irm information Rights Management so this is same as the RMS Rights Management server on the active directory like restricting okay like like like restricting the uh they like access so that all those things fall into the IR so next we'll talk about the SM and then SM is for the mail and then we'll talk about the office 65 message encryption so how emails will be encrypted how you can add one more layer of encryption is all possible we going to talk that then last module is sorry 11th module is DLP so DLP is a very very important feature does anyone work work on DLP have you used DLP okay okay so no problem so we will talk about that so DLP is a very very important concept so this concept is also taken from the exchange data loss prevention the earlier concept was like data was was lost only from the email so now it is protected Across The Office 365 so we'll talk about how to create a policy how to customize it and how we can protect the document and how we can configure the policy tips we going to talk about and finally on module number 12 we will talk about the complaint center in general so this is the idea this is what we are going to cover and so we will be we'll be talking more into the security and the complaints portal is what we are going to do okay so I want to have an on promises set up on your on your laptop so so tell me uh how much of ram you have on your laptop how much RAM you have on your laptop mine is Mac 16 GB 16 GB okay so only so what is my requirement I'm looking for is that if you can uh have a machine so this is the cloud we have it over here so on this machine on this so this is going to be connected to the cloud later so we do it and what is I'm looking for is like this machine I want you to install Windows uh 2019 or 16 anything as in case if you already have ISO file it is fine and then I want you to configure ad ads so have you have you installed ad on a VM yeah yeah domain control is not that's fine okay soip yes for me yes yeah okay cool ad and ads are same both are same only so ads is the name of the role that we check okay so you have to configure ads and then uh let's let's create a common name in case if you are going to do it now so keep it as training okay wait wait wait before that I want tell you something so before you do this I want you to purchase a test domain uh test domains is like a cheap domain so for example if you go to a website called as uh hostinger.com I have you already have anyone already has it yeah yeah okay so what does it I generally do is like so I go with uh online online domain is very very cheap so I say that t something dot online so when you search with Dot online you can you can get it for a very smaller price around 75 rupees so if you just converted so it should be around 75 rupees something will come so sorry some some around 100 rupees of total including the taxes so come up so so if you have it what is the idea like so with that domain you create this one okay so what is the idea like this one this I want you to create and configure ads with your domain name okay so you you have to configure domain you have to configure your 8 with your domain name so that what will happen is like we will create users with with this uh with this domain name and then we will try to connect we will be establishing a connectivity with the cloud that is the requirement Cloud means 365 yeah exactly so for example let's say that you create you create around 10 users over here and we want to migrate these 10 users so when you want to migrate these 10 users so we will be using something called as the Azure active directory connect and then we will move it from the Onis to the cloud so which is what is through the Azure active directory connect okay which is the which is called as the identity synchronization called as a d sync directory synchronization okay yes no I mean uh so we need to configure as a non rotable local or we can do directly how want I told you the one for example in case if you have purchased a domain whatever domain name that you have purchased you configure in that name okay so for example say like 0365 learning.com so you configure in that need that is and Al also one thing this class I mean how many sessions will be there mean so if you can that also share that every week how many sessions basically within how many I mean how many weeks or how many hours we required to complete this B for the session okay so this should be completed in around say like 25 hour 25 26 hour we should be able to complete it so why because this course uh it's a 4 day course 4 day into 8 hour is like 32 hours is the is the actual course so that 32 house includes uh say like around the 10 10 to 10 to 12 hours of 10 to 12 hours of practical session as well so so now we are not I'll do the Practical and the theory par so we we should not take much time so that's what around 22 to 24 hours we we require it so if you calculate 24 heart so we can we can complete it so what is your requirement like like want want to go in a slow pace or fast track like how is it actually we don't don't want Fast Track basically we okay or we are more comfortable if we go with the two to three hours maximum because you know we fast track most probably what happen we'll lose the productivity after some time the focus will so it's good for the corporate more like corporate batches maybe but for us because here in weekend is Friday Saturday so after per if any time or Saturday at these times or anytime like we can can understand the schedule after that okay for me I think it's uh two to three hours daily will be easy for better understanding okay okay but this is what my thinking got it got it so s uh you're you from M location um I work in Dubai but uh I'm much ahead from your time soon my time is 10:30 now 10:30 p.m. based in Australia okay you are now in you are physically located in Australia it that's right yeah work for an organization in Dubai sort of a remote worker okay perf all right so you do you have Friday off um I'm flexible with Friday and Saturday Sunday it's just that uh more time you delay to start the class I will have a challenge to wake up in the morning next I understand a is like hours ear than right yeah3 4 hours is 2 and half half only should be around 8 8:30 8:30 p.m. something right okay so again uh today only like we are starting in this time so from the next class so tomorrow we are not having a class so tomorrow being a Sunday so so tomorrow we're not having but uh coming Friday so I'll just well in advance I'll tell you like when are we starting so that like we can start probably after my after my jum Nam you here is almost one to 230 or 3:00 actually we get actually after prayer I mean b almost almost 12:30 here finish your lunch and then if you are if you're ready I'll also be finishing my Nam and so here here Nam is bit late so need to be over only around 2:00 so half hour for lunch so 2:30 Max 3:00 I'll be ready on Friday 3: is okay yeah that's that's all right okay can plan that is not a problem so timing before the class actual day so we can ping we Cana on the group and come to a conclusion and then you should be able to forward sure all right so okay forgot this one so uh there are two two two modules left sorry missed so inside of thisis ta so information barriers information barriers like building an ethical wall two two departments that we will talk about and then the ecovery ecovery is like it's like a Content search it's like a multi mailbox content search is the old name for the ecovery so we will talk about that so this is the idea that we have that's what we going to talk about so we're not going to go too much into Theory so what is the whole and soul idea is like you should be able to uh understand the complete Security portal so if you know the complete Security portal it will be very easy for you to understand all right so now here what is that we are going to talk about is like first let's click on the home icon I'm on the security portal so the the URL the link for the security portal is secure. microsoft.com and
there is something called as a secure scod okay so the secure scod is set to around 19.53 so which is a very very basic score so now the question is that okay so so today what is the plan I have is like I'm going to go through the I'm going to go through the hints about it or or we can do the infrastructure prepare like like preparing Concepts today so that like because uh when we meet on Friday Saturday so it will be a continuation so today it's going to be just a just a not not too much deep into it just introduction and then we let's try to prepare the infrastructure and keep it ready okay Co so it is so what is very important in power in this Office 365 is like you should know the hyperlink so every hyperlink is very important say like admin. microsoft.com portal. office.com security. microsoft.com compliance. microsoft.com so like that all these hyperlinks are very very important so I just not it down over here here so what is the idea of a secure score is that it's a combination of your secure score is a combination of Microsoft controls and the user or admin controls so what is a Microsoft controls so for example how many policies how many different different settings that are all created by Microsoft so for example if I just Trav to this particular place called as the policy and rules and then there are bunch of policies here I click on this policy and I click on for example I click on this policy so there is a default policy so this default policy is called as the Microsoft control okay which is the default policy created by so what is the admin policy if I click on Create and if I create one policy that becomes the admin control so now Microsoft is giving us a score Microsoft is giving us a number Microsoft is giving us Microsoft is giving us some rating or a score depending upon how much of control that are predefined and how much of controls you have added so this is called as a score okay so what is that I want you to check this leg within your portal also in case if the portal is open check and tell me what is the score that you see open the portal and tell me how much is the SEC score that you see anyone got the score getting login inside okay okay when is 20 around 20 okay good is that 50 how much 49.53 okay 49.53 actually you are taking on the
compliance is it uh under 365 different secure score 49.53 yeah yeah I think this version has got uh most of the product licensed okay okay good so so we got some numbers we we we saw we heard 20 we heard around 40 so now if you think like hey my score is very low how do I improve it if that is the question you have Microsoft Is providing you the list of recommended actions over here so what is the recommended action the very very first recommended action that we see over here is MF so if if you could see over here it is saying that Ure MFA is enabled for all users in administrative role so why this is very important because like you know that the attacks are happening on the accounts which are admin account that's when they get the uh like a high level of access so admin accounts are targeted high so that's why Microsoft is recommending to enable it and the second is if you enable MFA for your users so in total if you notice you get a 15 percentage for applying MFA for your admins 14 percentage for applying for your for your user so all together you get a 29% 29% increase in your total score so that is the recommended actions so we will be talk we'll be talking about all these not not all these recommended action let's see like how we can implement it okay so this is the idea and what is very important you should be knowing the change change process right so we should we should go with the change process and see what is applicable for your environment and you have to do it that is the idea of a just for silly question say I I'm not the 100% better of Microsoft might be my question is little bit different than others just I need to know this isore is calculating from my tenant or my laptop it's not connecting my my tenant right purely your tenant it has nothing to do your got it got it physical machine okay so let so so team feel free to ask questions so if I if I know I'll answer if I don't know I'll refer and tell you in a right way and there is no yeah just just don't worry about end of day end of this course we should be extremely comfortable with this with this portal that is that should be achieved so yeah all right cool so now I'm just going to run through this portal to see that what are all we are going to learn how we are going to cover this one so I'm I'm going to run through this so we just talk about this secure score and then we have this portal so this this I call it as a portal that that you should check it every day every day at the start of your day you should just run through this portal to see if there is anything that is a mistake so say there's anything that is alerted okay so and also not over here here there is a service help so do you all do you all monitor service Health people who are working on office to 65 so what is the service health so the service head is something which is down on the Microsoft site so now uh do you know what is the SLA now we are going with Microsoft Services right so what is the SLA what is the service level agreement how much how much percentage Microsoft says that the services will be up and running 9 okay good so so what is agreement between so what is the agreement between the organization and Microsoft is that it's a 99.9% of uptime is Promised by Microsoft so does that mean does that mean it's a 100 percentage actually no so I'll just go to one Wikipedia link so that you will get an idea so if Microsoft is telling a customer or any any any person telling to anyone thinging that hey I maintain your services for 99.9% which means like expect a downtime so the SLA is like the downtime is going to be 8.7 Hearts per year like that
2 hours per quarter 43 minutes per month 10 minutes per week so this is the expected downtime so in case due to some unavoidable situation if Microsoft services are going down Above This limit yes Microsoft will is is is going to pay the penality so not not directly like a cash probably they will they will say they will provide the licenses cost so so like that they try to compensate it so this is the availability I'll just Lo it on over here okay so service he so this uh this noes that I'm writing over here right so which I will forward to you not not I won't forward you I mean to say like I will upload it onto the same place where I upload the recordings so recordings you'll be able to access it the same place I'll upload the notes as well so that it will be there and you can access it anytime that you want it so now I have a question for you so let's say that you are on your way to office and you don't have your laptop okay you don't have your laptop now uh you have to check you want to check if there is any issue with the service basically you want to check the service heal so what is the way to do it phone also can try Okay phone also means like you will go to admin portal and then check service health is that what you're saying yeah I mean Lo portal 365 and yeah which is kind of a lengthier process there is a website called as status. office. oh yeah right yeah there is something called as status. office.com when we go to this one this will tell us like if there is any service which is down so that if there is any service which is having any kind of advisory or anything which is down yes we will be able to see it over here instead instead of logging on instead instead of logging on logging on to the portal and then browsing is a quicker way to this okay in fact like nowadays Microsoft is posting on Twitter also saying like if there's some services are down yes they are posting it onto the onto the social medias as well okay that is the idea so let's go back over here and then so we'll be talking about the alerts incidents over here and we will talk about how we can like how these alerts are generated which means that which means like these alerts are generated via the alert policy which we will okay so just I launched it that's it's taking some time so we will talk about how these alerts are generated and how we can generate our customized alert that also we will talk about okay so in which like if if you have any metrics if you have any metrics if you want to monitor that if you want an alert to be created for a metric then yes we can create an alert within the within the alert policy okay now so Advanced hunting so what is the idea of hunting is that to search for a data search for a specious data so we will talk about that and we will talk about how we can design rules for that say like again this there are default rules available which is is called as the Microsoft control and custom detection rule is like the one which you can created so that is called so that's the idea of Microsoft control and the user control so which we will talk about that in detail next is the actions and the submission so have you got a chance to submit some mails to Microsoft anyone in what ter means how submit to Microsoft means for example I I I'll just uh I'll give an example so this is your cloud and what is that you are doing is that you are Whit listing an IP address okay let's say that you are whitelisting an IP address on the cloud so technically what should happen emails from that IP address should land onto your land onto your Cloud without being quarantined or without being stopped it should land correctly but still it is not Landing so what is that we can do is like we can submit this email we can submit this email to Microsoft and they will do a research saying like why this is not successfully getting Whit listed why is that uh IP address getting a problem they will do a res so that is called as a submission okay so you can submit an email you can submit a teams message email attachment URLs user reporters all these things can be can be done which we will see how to do it okay now there is something called as threat intelligence so anywhere anywhere on the portal if you see that the word called as intelligence which means the background concept is all AI artificial intelligence okay so what is the idea of this for example uh threat intelligence is there mailbox intelligence is there have you heard of uh zap that AP have you heard of this okay so what is this I'll just give a hint onto it so let's say that one email let's say one email with some unwanted content or with some dangerous content okay is delivered to 20 people or say like it is delivered to 120 people okay and the administrator does not know that it is dangerous so what will happen is like it will be still there on the it will be still there on that person's mailbox and what happen what will happen is like that that could be a problem that could be something Danger on that okay what what is this concept called as this zap is that if there is any email which is dangerous and if it is if it is uh available on the mailbox it will quarantine it so where this will work is that this will be working on your on the user mailboxes okay so it will be continuously working on the user mailbox it will continuously scanning it for it will be continuously scanning for or the thread if it need to configure by default it is on you don't have to configure it so it is on okay so actually this is this is one of the feature for the for the anti malware it is available on the anti malware settings which you will see there okay so this is called as the zap zero hard Auto purch that is called as the Z all right which we will anyways we will just giving you a hint onto it so we will talk about these in detail much more detail so the advance something write in your note also please thank you so Advanced hunting is like what is that we are we are looking for in a detailed way so that is the advanced hunting and then so I told you about this custom detection rules also say that we can also we can also design a customize rules over here okay so as I told you about the submissions what are the content that you can submit is that you can submit emails teams messages uh email attachments URLs Etc so all these things you will be able to submit it to Microsoft and you all know that Microsoft will take their own time to take their own time to to complete it so don't expect a quicker result don't expect a quicker result when it comes to know answer from Microsoft so yeah that's an expected one okay so next is as I told you the threat intelligence over here so the threat analytics will help in terms of understanding what are all the threats that are available not only within your environment so if you could see what is the idea like what are the threads that are going through you know what are threads that are going through in the in the tenants that is the idea over here okay so just for your just for the administrators understanding that how other tenants are performing what are all the problems going on so that we could find it over here so that is the logic okay so we will talk about that and secure score we already discussed the secure score as you saw that it is is around 19 so and we also discuss that how we should be able to increase the secure score that we already discussed then the Learning Hub trials all these things are like now let me just go to the Place directly okay anyway so under the email and collaboration so we have a dedicated okay we have a dedicated one for the email and collaboration and because like security uh there are there are two places like it is done one is on the security one is on the General Security and the second is like very dedicated to emails because like males are the the males are the location where threats are happening say like some malicious content is is coming within your environment so all those things are all those things are tackled bya so many of the secur in complaints all taken from the it's all taken from the email only exchange exchange on premises and exchange online only okay that is the idea so investigations so the idea is like when you look at the portal itself like you can understand something over here you don't have any option to create something so when you when you don't have an option to create something it is all done by the Microsoft so that is the understanding but when you when you can create a control you will be able to create it okay so here we don't have an option to don't have an option to add anything so that is the way how it is designed which you will see and say like uh I'll just move on directly over here exchange message Trace so what is the idea of exchange message phras is that like tracking an email so the older name when I say the older name older name on the on premises older name on the on premises is called as tracking whereas the new name is called as tracing so on the cloud it is called as tracing on the on premises it is called as tracking that's the difference over here so we'll talk about that in detail and then this is something different or like something which is very important saying attacks simulation training so what is the idea of this attack simulation training is like there is so if you all remember like we we like your organizations conduct something called as a fire drill so there is no actual fire but we conduct a fire drill so what is idea is like whenever there is a Whenever there is a fire how to how to react onto it right that is the idea right same thing over here we are going to do something called as a attack simulation training so that when there is an attack how to react is the idea so as an administrator what is what is the possibility that you have is that you will be able to assign okay you will be able to assign this training to someone and that person will complete the training and they will be able and you'll be able to see the report so that is the idea so that like they will be able to complete the training and they will be aware of the issue so that is the idea over here that is called as the attack training so if you could click on the simulations over here you will understand the different kinds of attack say like a credential Harvest okay so if I click on this launch see this credential Hardware malware attachment so does your security team in your office do they do they do they do some testing anyone has gone through it actually we like for to run the campaign for the users just to to like to educate them abouts like as you mentioned will send some campaigns but not from the Microsoft you some third party and then they will get receive an email and then from that they will receive an attachment also then they will open and suddenly then it will one training page will open that this this supposed to be fishing or spam email and then they will tell some give the some basic training about that to prevent fure exactly so that is the idea so if we can we can assign so we should be able to assign trainings for our employees and and it will be and they they will be educated so that is the idea so yes different type of uh trainings that we have is like so credential Harvest malware attachment and Linkin attachment so like this we have different types of attacks and we have solutions for that also that is the idea and we can assign it to a user that is the logic okay coming back this here okay policies and rules so as I told you this policy and Rule is the major place or the important place like where you'll be working on and say like so multiple policies that are available they are called as the anti- fishing policy anti- fishing policy is there anti- spam policy is there anti- malware policies there all these three things fall into the ATP Advanced set protection and uh this one the safe attachment and the safe links these two fall into the EOP EOP stands for the exchange online protection so this these two falls into the evop exchange online protection so whenever an email is whenever an email is being sent what happens is like it will go through the scanning it will definitely go through the scanning uh what is that is going to scan is like it is going to scan for the attachment and it is going to stand for the link so that is the idea which we will talk about in detail so what are the options that you have it with respect to Safe attachment so what does the default policy has the detail and what are the like how we can create a policy so we'll talk about everything in detail so that is what we will do and then yeah and then we'll talk when we have this uh when we have this anti- fishing there are few tenent allo and block list are available over here which we will talk about that so so what is ideas whole and soul this whole portal this this complete portal you will you will get an idea that's the okay so now yeah so Under This Cloud apps so Under This Cloud apps over here so we'll talk about the cloud Discovery is cloud apps is a mcast solution from Microsoft it is Sir the MC yeah yeah same Microsoft Cloud app security yes C so yes it is so that is the solution it's the solution right yes yes right yeah so then we'll talk about all these policies and then we have the report we have the we have health over here as well so that is the idea okay good so let's quickly run through again I'm not going through I'm just giving you the heads up on what is that you're going to cover so I'll click on the complains one okay so as you could see that the names are changing so any idea what is the name uh for the Azure active directory the new name for Azure active directory intra ID yeah they named as inra so yeah so they are they are changing all the names so here the security is called as Defender and the compliance is called as the pure view so that is the logic over here so just a hint saying the way how we the way how we discussed about the secure score there is something called as a compliance score so when I think s or someone when when you said like 49 I I was having a doubt whether you are taking on the complains or the complains or the SEC so the the comp Lance is like 48 so what is the idea is like Microsoft has done their job in adding all the all the controls over here so what is the idea is like we have to add up more controls to increase this score so which we will do that that is see here so this the default is 48 and also if you could see like the Improvement actions that that are available over here so if you click on Improvement actions so these are the Improvement actions available so we'll be able to talk about these then we have the classifiers we have something called as a data we have something called as a data classification so which we will do it so the idea of a data classification is that on it yeah so the idea of a data classification is that how the how the how the datas which are say like there are two type of data one is called as data in transit and then data in uh data on the database okay so those are the two type of data available so how this how this data is used is the so we don't want to start in understanding all right so and if you all remember I spoke about the sensitivity label right so the sensitivity label is available at this place so when I go to the life cycle management dat ccle [Music] management see this is the work this is called as the this is called as the sensitivity label policy okay that is the idea over here so which talk about so we will also create some bunch of we will also create some bunch of sensitivity labels over so if you remember we spoke about different policies available on the we spoke about different policies that are available on the security side this is something like different policies available on the onto the compliance side so these are the policies available we have the alert policies and then we have the uh we have the DLP data law prevention policies we have it we have the retention policy so these are the policies that are available which we will so DLP is the most important one which like we will talk about how to configure it so that that that we will talk about imately and moving over here we have the audit so what are the two type of audit just a general question just try guessing it in case it you know what are two types of audit General ter internal external a no actually there are two type of audit one is called as the user audit and admin audit so whatever actions that are done by the user if we recorded it is called as a user audit and whatever actions that are performed by the administrator that is called as the admin audit so so why do we need to why do we need to monitor the administrators because there are chances that yes administrator will also make something wrong so we need to have you know we need need to have the right uh auditing in which like if the administrator is doing something wrong we should be able to catch them also so that is what is called as a zero trust model so what is a zero trust model that do not trust anyone but you check but you verify it that is the idea of a zero trust model in which like even though yes employees even though administrators everyone is from our company but still you double check it but still you you confirm if they are doing it correctly or not is the is the idea over here so that is what is called as the zero trust model so that is what is what we are telling saying like auditing yes auditing is like you check your own employees also to see if they are if they are doing anything that is wrong the idea okay so we'll talk about that auditing so what are the two type of auditing available and how we can enable it how we can stop it how we can search within that one I will so we'll talk about the idea over here okay and then as you could see that auditing is not enabled yet okay so as I told you two type of auditing one is the user audit one is admin audit so activity we can search for it and we'll be able to enable that see L cool so then we will talk about the content search so what is content search is like the way I told you something called as a multi mailbox search so you can search on any number of mail boxes for a Content which has probably escaped the filter or something like that you'll be able to do that is the idea so that is why we have this search content over here so then we have something called as a communication uh compliance so how uh say like how professional is your organization's employee communication so if you are looking to find if you're looking to say like check for any abusive words so that you can check it through the communication compli okay that is the idea of work here the most important as I told you the DP so we'll talk about the so we'll talk about the DLP and we'll create the policies now if I click on the policies DLP has got some default Microsoft credit policies but we will also create more we will also we will also continue to create more policies on the DLP we will configure it completely okay that is the right and ecovery E Discovery means like creating a case and then do it so we will do a comparison okay we will do a comparison on we'll do a comparison on what is the difference between the content search and E Discovery so that also we will we will do it as we talk about this okay so information protection I just clicked on this and I got the sensitivity labels which I which we will created it and it will be applicable for all the office documents it will be applicable for all your office MS Office documents so that like like word excel everywhere you'll be able to see that everywhere you'll be you'll be able to see that sensitivity label and the label will be a that's the logic and then the information barrier so what is the idea of information barrier is that two team team should not talk to each other something like this thing you have a HR team and you have let's say like the IT team or something and then you have Finance team H that you have Finance so what is the meaning of the information barrier or ethical wall is that this it team should be able to talk to to HR and finance but the HR and the finance team should not talk to each other they should not be able to send an email they should not be able to join the same teams meeting and they they they will not be able to technically connect that is called as the information barrier okay which we will create it okay that is the logic over here so this is called as the information barrier okay which we will created we will we will create segments okay we will create some bunch of segments and we will we will say that these two segments should not talk to each other that's what we will be doing it over here so that is the logic and then talk about The Insider risk management what is Insider risk management anyone is trying to anyone within your environment is trying to make some problem so that is called as The Insider risk okay so yeah we'll talk about everything and yeah this is the idea so could you repe inside Disk Management or what say risk management is that your internal employee is only leaking the data so we have to find like what is happening within the Eng we are we are going to keep a close watch on the internal employees only that is called as Insider risk management so there are policies we will create to manage those bunch of that is there so for example let's say like you have a doubt hey this guy is doing something this guy is is leaking some information to our competitors if that is the doubt that you have it yes we will be able to we'll be able to monitor that person using The Insider risk management so we can control few things that he doing you'll be able to control that that is point okay okay very much so the whole and so idea is like end to end you will be able to understand the compliance portal and the security portal you'll be able to understand it completely and then you'll be able to then you'll be able to yeah take take necessary actions here so that is the logic that is a concept plus I will be giving you lot of ideas on Powershell as well saying because like do does anyone of you work on Powershell yeah okay so the idea of power shell is like so the idea of oppos Al together is that you know you should be able to manage via the GUI plus you should be able to manage it via Powershell also so when you know Powershell yes you can you are like much more stronger is what I feel so right we will talk about the so we will talk about the say like they'll talk about the poers shell like how these things how these options can be you know done done by a power shell we will talk about that so because if you know power shell yes you you can you will feel that confidence so which which is very important because like this portal anyone can do it there is no big deal so you just train this to a pressure they can also do it on Powers shell but being an administrator when you need that when you when you when you say that I know I know Powershell also it will be a very very good so you just talk to your friends and see that how many of them manage via power shell very very less people so many people are scared of Aion and yeah so so if you know the idea yes you can can it will be definitely a very good addon okay so now let's uh quickly talk about the infrastructure that I wanted to create yeah so do you all have an ISO file yeah so yeah so which ISO you having is it 16 or 16 or 19 both for I have both I think you have both okay okay so you can install any one BM and then as I mentioned you can you can you can configure adds you have to install a role okay you have to install the uh active directory role called as ads and then you'll be able to configure your own domain that you have okay okay so anyone who does not don't have ISO I think Abel you said that you're most of network so you work more into Linux is it no Cisco Linux I know L I know do you have ISO yeah I have I have that I have 19 I have 16 also 19 I have MH all right okay so so install 19 so install 19 and uh and uh they know how to configure here yeah that I can do okay all right perfect then so configure your domain and uh yeah keep it ready so if you have any doubt please feel free to put your questions on the questions on the also one more question in this course also you will cover the hold also I mean which one also right will we cover what I'm not getting that word no like there's a hold option in the compliance like we can in placeold or yeah yeah we will cover that in placeold yes we will talk about that okay okay F thank you yeah so so there are differences right so there are three things that I always say as a as like three three way three differences one is called as the journaling in place hold okay so one is journaling what is this yeah litigation hold in place hold and journaling correct those are the three things that you should you should compare it okay so that is the idea so yes so yes we will talk about these three uh kind of holding we will definitely talk about okay sure thank you cool yes and uh what else has I Told You So the plan is that the full-fledged portal you will be able to do you'll be able to understand it and you'll be able to configure it and what is possible to configure and and what is what are all having the default policy so everything you will get an idea on what license are we required to have to you know get this course done E5 E5 okay because E5 is the one which has the uh ATP Advanced protection so if you can have e it will be very helpful have e sorry DP also under E5 yeah I'm already having an E license only so if if I go over here and if I click on billing and then if I click on your product see this I have this Enterprise Mobility Plus security E5 I have it so if you also have E5 it will be very so that e you will have all possible features so that is a good thing about it one or two feature is not available maybe in5 right like I forgot maybe threat prevention or something endpoint security or something is not under this yes okay so no problem so whatever you're having we can we can manage with that shouldn't be a problem don't worry get that because like now you know I I'm happy that you know you all are having like the accounts provided by your company or somehow you are having it why because like earlier you can create a trial account without a credit card now Microsoft has made it Mand that you need a credit card for sure yeah right okay so earlier it was that was not the case actually so earlier it was something like uh without trade C you can do it in just me one minute let me be on all right sorry about that so what is that I saying say something account actually regarding the credit C so earlier earlier like without a credit card also easily you can create it so now they have just connected with the credit card now that is a problem that is the idea okay so without credit card it is ises not possible to create it but good that you you don't have to do it and you can you do have an account yeah and and one more uh last question for this today actually uh regarding I have just uh this concern actually because this is which requirement I'm looking also actually is it possible to create ad delegate permissions second with u let's say I have um like a description based on or some any like I let's say I have five one one tenant I have five branches okay multi multiple branches they're accounting everything is different different but it comes under the one tenant so but when all the users comes to the tenant there's no you concept like it will be flat so all the users will appear in dashboard as all together but each branch having administrator okay so I want to give kind of permissions that they let's say one company division a it admin should able to reset password only for that division a even if he trying to reset password for division B should deny so is there any way we can create such group or I mean a group or like I mean delegate permission uh so we can restrict based on there's no you but I'm not sure what right term to use for that that division he can only I'll give you a hint you see my screen so on the on premises we have something called as OU organizational unit so that organizational unit what is that we can do we can we can apply policies for that organization unit everything is possible same way Microsoft has brought in this concept called as the administrative units M okay so if you want to if you want to create some some kind of uh group and then for that one you want to apply something you can do it see this unit lets you subdivide your organization into a unit that you want and then assign specific administrators that can only manage that unit so basically yeah so basically I need to create a one unit where I need to put all the users into that unit and then from there one of admin like something like that yeah and for that unit and that unit you will assign an administrator who will manage only that unit dedicatedly can you just click on ADD un just I want to see the option I mean if you can so you get the name of the unit I say that it help this and then I here the same like oh you you have users right at a time I can add 20 users here that but this will assign permission for all the 20 users right no okay so what is that you're going to do here for example I say Hest administrator and then I okay yeah so this is what is the role that you want it who's going to manage it you will add it over here that is the idea God yeah so on the previous one you will add up to 20 users and that who's going to manage it that that you will that that you be able to do okay yeah that is what right so we can have 200 so we can go up to 200 only users huh no no no at that time you can add add the second option upload user yeah either you can up uh add up to 200 users okay this one right oh yeah that is a limit of yes only 200 users huh only 200 Che that is that limit fa 200 or up to what they do at a time at a time only 200 like that they might haveed but why yeah correct now at a time per file one file is 200 like that okay so it will take long time okay M actually I have 10,000 users I have with one branch each 65,000 so that's why they have concern to CLI yeah, okay let's see let's see if there is any other way of doing it so because actually if you are a person who is working on this office for a long time you will know that this came in just now this administrative which just came in recently it was not there earlier because there was always a comparison saying that your on prises has OU Cloud does not have OU so like that people keep on comparing so that was that that's when Microsoft brought it over here that is the idea here I can see that 200 user bulk upload user 200 is at a time right yeah 200 is at a time 200 at a time which means 200 per file yes mhm okay got it that is a logic okay fine so team please bring in questions so few things I might have not explored so probably because you asking question yes I would be able to uh you know get things clarified I can also quickly learn and I can tell you so feel free to ask any questions so definely do that all right so now I'll just we done with the technical one I'll just stop sharing I mean stop recording
2023-10-17 04:02