Category: Inventorying hardware
-
Summary-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Summary-Describe security, compliance, privacy, and trust in Microsoft 365Thought experiment In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find the answers to this thought experiment in the next section. Ralph is the Director of the Brooklyn datacenter at Contoso Corp. The company currently has three office buildings in the New York area with…
-
Inventorying hardware-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Inventorying hardware-Describe security, compliance, privacy, and trust in Microsoft 365Once the data sensitivity and value have been assessed, the next step of the risk-management plan design process is to consider the technology used to store, access, transmit, and process that data. This includes the servers or cloud services where the data is stored when at rest, the client systems and devices used to access…
-
Microsoft Advanced Threat Analytics-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Microsoft Advanced Threat Analytics-Describe security, compliance, privacy, and trust in Microsoft 365Advanced Threat Analytics (ATA) is an on-premises solution that uses information gathered from a wide variety of enterprise sources to anticipate, detect, and react to security threats and attacks. ATA receives log and event information from Windows systems and also captures network traffic generated by security-related protocols, such as Kerberos and NTLM. This traffic provides…
-
Service Trust Portal-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Service Trust Portal-Describe security, compliance, privacy, and trust in Microsoft 365Microsoft is aware of these trust issues and has created a central storehouse called the Service Trust Portal (STP) for information about them. STP is a website, shown in Figure 3-43, available to everyone at http://aka.ms/stp, although some parts of the site are restricted to registered users of Microsoft 365 and other products. See Figure…
-
Network-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Network-Describe security, compliance, privacy, and trust in Microsoft 365Networks provide users with access to the data they need, but they are also a major point of vulnerability. Dividing a network into segments with access controls at each hop can prevent attackers from moving laterally through the network once they gain access. Networks in a Zero Trust environment should also use end-to-end encryption to…
-
MDM and MAM-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: MDM and MAM-Describe security, compliance, privacy, and trust in Microsoft 365Securing devices begins with their enrollment using Microsoft Intune when administrators must decide what type of management they will impose on the device. Mobile Device Management (MDM) grants the organization nearly complete control over the device, requiring the user to comply with all the enterprise policies. MDM even allows an administrator to remotely wipe the…
-
Identity-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Identity-Describe security, compliance, privacy, and trust in Microsoft 365It’s easy to build a perfectly secure house; just leave out all the windows and doors. Your possessions will be safe, but you won’t be able to get at them. In the same way, it would be easy to build a perfectly secure network by establishing a formidable perimeter around the sensitive resources and not…
-
Protecting documents-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Protecting documents-Describe security, compliance, privacy, and trust in Microsoft 365The fundamental purpose of identities is to protect documents and other data. When protecting identities, the threat of lateral penetration forces administrators to apply equal protection to all of them, regardless of their privileges. However, the security can and should be more selective when protecting documents. While an enterprise might have hundreds or thousands of…
-
Protecting endpoints-Describe security, compliance, privacy, and trust in Microsoft 365-2
Read More: Protecting endpoints-Describe security, compliance, privacy, and trust in Microsoft 365-2In Microsoft 365, UEM capability is implemented in the Microsoft 365 Enterprise and Business Premium products and in the Enterprise Mobility + Security (EMS) product. Microsoft Intune is also available as a separate product in two plans and a suite that provides a range of capabilities. The Microsoft tools relevant to the UEM effort in…
-
Describe the capabilities and benefits of Microsoft Sentinel and Microsoft 365 Lighthouse-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Describe the capabilities and benefits of Microsoft Sentinel and Microsoft 365 Lighthouse-Describe security, compliance, privacy, and trust in Microsoft 365Security Information and Event Management (SIEM) is a type of product that combines two technologies: security event management (SEM) and security information management (SIM). Together, the two technologies form a solution that can gather and analyze information about a network’s security events. SIEM tools collect information from logs and various other security mechanisms and evaluate…
Search
Popular Posts
-
Summary-Describe security, compliance, privacy, and trust in Microsoft 365
Thought experiment In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find the answers to this thought experiment in the next section. Ralph is the Director of the Brooklyn datacenter at Contoso Corp. The company currently has three office buildings in the New York area with…
-
Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365
Arguably, the most difficult part of the risk management planning process is trying to anticipate all the possible threats that could afflict the company’s data in the future. The three basic risk factors for the data—confidentiality, integrity, and availability—can be exploited in any number of specific ways, but the general threat categories are listed in…
-
Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365
The third element of the digital estate that must be considered when creating a risk management plan is the people who actually access the data. Whether deliberately or inadvertently, users are a constant vulnerability—if not an actual threat—to the organization’s data. After quantifying the organization’s information assets and their value and inventorying the hardware used…