M365 Webinar Series Resources

Answers to questions from Enfrasys – QA session

  1. How Intune manage the hybrid Azure AD join devices? Will Intune and GPO manage the devices together?

    How To: Plan your hybrid Azure Active Directory join implementation
    https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan

    Resolve Group Policy Objects (GPO) and Microsoft Intune policy conflicts
    https://docs.microsoft.com/en-us/intune/resolve-gpo-and-microsoft-intune-policy-conflicts

    Windows 10 Group Policy vs. Intune MDM Policy who wins?
    https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins/

    Policy CSP – ControlPolicyConflict
    https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-controlpolicyconflict#controlpolicyconflict-mdmwinsovergp

  2. For AIP log analytics, it is require to install azure monitor agent to every machine? is intune able to track the location of device (iOS/Android/Windows 10)

    Central reporting for Azure Information Protection                                                            https://docs.microsoft.com/en-us/azure/information-protection/reports-aip

    Locate lost or stolen iOS devices with Intune
    https://docs.microsoft.com/en-us/intune/device-locate

  3. What is the difference between managing information protection on Azure Information Protection (Azure portal) and Microsoft Information Protection (Security and Compliance Center)? What is the best practice?

    Frequently asked questions for Azure Information Protection
    https://docs.microsoft.com/en-us/azure/information-protection/faqs

    Choose which Azure Information Protection client to use
    https://docs.microsoft.com/en-us/azure/information-protection/rms-client/use-client#choose-which-azure-information-protection-client-to-use

    How to migrate Azure Information Protection labels to Office 365 sensitivity labels
    https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-migrate-labels

  4. For Teams, is there a way to invite guest to a Teams channel? Currently the behavior the invited guest has full visibility on all teams channel. What is the best practice on this?

    Guest access in Microsoft Teams
    https://docs.microsoft.com/en-us/microsoftteams/guest-access

    How a guest joins a team
    https://docs.microsoft.com/en-us/microsoftteams/guest-joins

    Authorize guest access in Microsoft Teams
    https://docs.microsoft.com/en-us/microsoftteams/teams-dependencies

  5. In one of my M365 deployment, some of the devices are managed under M365 Admin portal MAM and some of them managed in Intune MDM, The intention is to managed mobile devices using Intune MAM, is there a way to ensure the devices managed by Intune instead of managed in M365 Admin Portal > Devices?

    Choose between MDM for Office 365 and Microsoft Intune
    https://support.office.com/en-us/article/choose-between-mdm-for-office-365-and-microsoft-intune-c93d9ab9-efb2-4349-9b93-30c30562ee22

    Migrating mobile device management to Intune in the Azure portal
    https://www.microsoft.com/en-us/itshowcase/migrating-mobile-device-management-to-intune-in-the-azure-portal

  6. Also what is the best practice for MAM? Intune or M365 portal?

    What is Microsoft Intune app management?
    https://docs.microsoft.com/en-us/intune/app-management

    Frequently asked questions about MAM and app protection
    https://docs.microsoft.com/en-us/intune/mam-faq

  7. When is the expected date for audit log 1 year retention? Sorry I missed this out during the online training session.

    SIEM server integration with Microsoft 365 services and applications (to keep audit logs)
    https://docs.microsoft.com/en-us/office365/securitycompliance/siem-server-integration

    Microsoft Increases Audit Storage Period for Office 365 E5 (But Still Struggling with a Truncation Problem)
    https://office365itpros.com/2018/10/22/longer-retention-office365-auditdata/

    https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Azure-Active-Directory-Activity-logs-in-Azure-Log-Analytics-now/ba-p/274843

    Quadrotech Radar for Security and Audit
    https://www.quadrotech-it.com/solutions/office-365-security-auditing-and-compliance/radar-for-security-audit/

  8. For Advanced eDiscovery, is OCR doable with scanned document? is there any limitation?

    Office 365 Advanced eDiscovery
    https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-advanced-ediscovery

    Prepare search results for Office 365 Advanced eDiscovery
    https://docs.microsoft.com/en-us/office365/securitycompliance/prepare-search-results-for-advanced-ediscovery

  9. Is there any Office 365 Official backup solution for Exchange (inbound and outbound mail)?

    Backing up email in Exchange Online
    https://docs.microsoft.com/en-us/exchange/back-up-email

  10. for Azure ATP Alert, how long the alert will send to administrator?

    Azure ATP Security Alerts
    https://docs.microsoft.com/en-us/azure-advanced-threat-protection/suspicious-activity-guide

    Azure ATP frequently asked questions
    https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-technical-faq

    What’s new in Azure ATP
    https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-whats-new

Answers to questions from Enfrasys

What is Mobile Threat Defense integration with Intune?
https://docs.microsoft.com/en-us/intune/mobile-threat-defense 

Super-User access after files have been protected
https://docs.microsoft.com/en-us/azure/information-protection/configure-super-users
https://www.terminalworks.com/blog/post/2018/08/02/azure-aip-super-user-access

Manage mailbox auditing
https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing

SIEM server integration with Microsoft 365 services and applications (to keep audit logs)
https://docs.microsoft.com/en-us/office365/securitycompliance/siem-server-integration

Microsoft Increases Audit Storage Period for Office 365 E5 (But Still Struggling with a Truncation Problem)
https://office365itpros.com/2018/10/22/longer-retention-office365-auditdata/

https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Azure-Active-Directory-Activity-logs-in-Azure-Log-Analytics-now/ba-p/274843

Third party solution
https://blog.hubstor.net/office-365-audit-log-archiving-why-it-matters

Module 1

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-connectors

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-whichversion

Answers to questions in Module 1

Single sign-on to applications in Azure Active Directory
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-single-sign-on

Integrating Azure Active Directory with applications getting started guide
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/plan-an-application-integration

Configure single sign-on to non-gallery applications in Azure Active Directory
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-non-gallery-applications

Module 2

Securing privileged access for hybrid and cloud deployments in Azure AD
https://docs.microsoft.com/en-au/azure/active-directory/users-groups-roles/directory-admin-roles-secure

Using Azure AD Privileged Identity Management for elevated access
https://www.microsoft.com/itshowcase/Article/Content/887/Using-Azure-AD-Privileged-Identity-Management-for-elevated-access

What is Azure AD Privileged Identity Management?
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Appendix C: Protected Accounts and Groups in Active Directory
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-c–protected-accounts-and-groups-in-active-directory

Microsoft Password Guidance
https://www.microsoft.com/en-us/research/publication/password-guidance/

NIST Special Publication 800-63B
https://pages.nist.gov/800-63-3/sp800-63b.html

5 steps to secure your identity infrastructure
https://docs.microsoft.com/en-au/azure/security/azure-ad-secure-steps

Module 3

Azure Information Protection helps you to be more secure by automatically discovering credentials
https://techcommunity.microsoft.com/t5/Azure-Information-Protection/Azure-Information-Protection-helps-you-to-be-more-secure-by/ba-p/360181

Learn more about spoof intelligence
https://docs.microsoft.com/en-us/office365/securitycompliance/learn-about-spoof-intelligence

What is Azure Advanced Threat Protection?
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/what-is-atp

Email encryption in Office 365
https://docs.microsoft.com/en-us/office365/securitycompliance/email-encryption

Module 4

Microsoft Advanced Threat Analytics Sizing tool
https://gallery.technet.microsoft.com/Advanced-Threat-Analytics-03e1339f

ATA Suspicious Activity Playbook
https://gallery.technet.microsoft.com/ATA-Playbook-ef0a8e38/view/Reviews

Advanced Threat Analytics suspicious activity guide
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide

Skeleton Key Malware Remote DC Scanner
https://gallery.technet.microsoft.com/Aorato-Skeleton-Key-24e46b73

KRBTGT Account Password Reset Scripts now available for customers
https://www.microsoft.com/security/blog/2015/02/11/krbtgt-account-password-reset-scripts-now-available-for-customers/

SAMRi10 – Hardening SAM Remote Access in Windows 10/Server 2016
https://gallery.technet.microsoft.com/SAMRi10-Hardening-Remote-48d94b5b

Pass The Hash whitepapers 1 & 2
https://www.microsoft.com/en-us/download/details.aspx?id=36036

LAPS
https://www.microsoft.com/en-us/download/details.aspx?id=46899

Module 5

Connect apps
https://docs.microsoft.com/en-us/cloud-app-security/enable-instant-visibility-protection-and-governance-actions-for-your-apps

Protect apps with Microsoft Cloud App Security Conditional Access App Control
https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aad

Deploy Conditional Access App Control for Azure AD apps
https://docs.microsoft.com/en-us/cloud-app-security/proxy-deployment-aad

Step 7. Discover shadow IT and take control of your cloud apps
https://www.microsoft.com/security/blog/2019/03/26/step-7-discover-shadow-it-and-take-control-of-your-cloud-apps-top-10-actions-to-secure-your-environment/

Step 8. Protect your documents and email
https://www.microsoft.com/security/blog/2019/04/09/step-8-protect-documents-email-top-10-actions-secure-environment/

Secure Access to your enterprise
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2Oght

Module 6

Microsoft on GDPR
https://www.microsoft.com/en-us/trustcenter/privacy/gdpr/gdpr-overview

Compliance Manager
https://servicetrust.microsoft.com/ComplianceManager

Use Compliance Manager
https://docs.microsoft.com/en-us/office365/securitycompliance/meet-data-protection-and-regulatory-reqs-using-microsoft-cloud

Service Trust Portal
https://servicetrust.microsoft.com/

Module 7 AIP

AIP Deployment Acceleration Guide
http://aka.ms/AIPDAG

AIP Webinars Recordings
https://techcommunity.microsoft.com/t5/Azure-Information-Protection/AIP-Webinar-Recordings/m-p/364014

AIP Webinars Q and A
https://techcommunity.microsoft.com/t5/Azure-Information-Protection/AIP-Webinar-Q-amp-A/m-p/368311

MIP Team Github repository
https://github.com/InfoProtectionTeam/Files

Admin Guide: File types supported by the Azure Information Protection client
https://docs.microsoft.com/en-us/azure/information-protection/rms-client/client-admin-guide-file-types

Microsoft Information Protection SDK 1.2
https://techcommunity.microsoft.com/t5/Microsoft-Information-Protection/Microsoft-Information-Protection-SDK-1-2/ba-p/447638

Create richer reports with Microsoft Information Protection and Azure AD login data
https://techcommunity.microsoft.com/t5/Azure-Information-Protection/Create-richer-reports-with-Microsoft-Information-Protection-and/ba-p/392713

After Module 7 News

Unified Labeling client released
https://techcommunity.microsoft.com/t5/Azure-Information-Protection/The-Azure-Information-Protection-unified-labeling-client-is-now/ba-p/459259

The client side of Azure Information Protection
https://docs.microsoft.com/en-us/azure/information-protection/rms-client/use-client

Module 8

Windows 10 Information Protection (WIP)
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip

Create a Windows Information Protection (WIP) policy using Microsoft Intune
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/overview-create-wip-policy

Windows Hello for Business
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-identity-verification

Announcing Windows 10 Insider Preview Build 18358 (Chrome & Firefox WDAG extensions)
https://blogs.windows.com/windowsexperience/2019/03/15/announcing-windows-10-insider-preview-build-18358/

Microsoft BitLocker Administration and Monitoring 2.5
https://docs.microsoft.com/en-us/microsoft-desktop-optimization-pack/mbam-v25/

BitLocker Group Policy settings
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings

Helping customers shift to a modern desktop
https://www.microsoft.com/en-us/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop/

Module 9

What’s new in Microsoft Intune
https://docs.microsoft.com/en-us/intune/whats-new

Windows security baseline settings for Intune
https://docs.microsoft.com/en-us/intune/security-baseline-settings-windows

What can Intune do for my company?
https://docs.microsoft.com/en-au/intune/get-started-evaluation

Azure AD Password Protection is now generally available!
https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Azure-AD-Password-Protection-is-now-generally-available/ba-p/377487

Intune device license
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-announces-device-only-subscription-for-shared/ba-p/280817

News after Module 9

Microsoft Cloud App Security @RSAC 2019
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Cloud-App-Security-RSAC-2019/ba-p/360860

Microsoft Edge on iOS and Android now supports conditional access and single sign-on
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Edge-on-iOS-and-Android-now-supports-conditional/ba-p/476091

LDAP Reconnaissance – the foundation of Active Directory attacks
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/LDAP-Reconnaissance-the-foundation-of-Active-Directory-attacks/ba-p/462973

Detecting LDAP based Kerberoasting with Azure ATP
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Detecting-LDAP-based-Kerberoasting-with-Azure-ATP/ba-p/462448

Secure your mobile email with Microsoft EMS and Microsoft Outlook for iOS and Android
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Secure-your-mobile-email-with-Microsoft-EMS-and-Microsoft/ba-p/393072

What’s new in System Center Configuration Manager and Microsoft Intune: Spring 2019 Edition
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-new-in-System-Center-Configuration-Manager-and-Microsoft/ba-p/369852

Announcing general availability for Microsoft Edge mobile app integration with Microsoft Intune
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Announcing-general-availability-for-Microsoft-Edge-mobile-app/ba-p/365620

Microsoft Intune security tasks extend Microsoft Defender ATP’s Threat & Vulnerability Management
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-security-tasks-extend-Microsoft-Defender-ATP-s/ba-p/369857

Unified SecOps Investigation for Hybrid Environments
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Unified-SecOps-Investigation-for-Hybrid-Environments/ba-p/360850

 

Module 10

Microsoft Security Compliance Manager 4.0
https://www.microsoft.com/en-us/download/details.aspx?id=53353

Microsoft Security Compliance Toolkit 1.0
https://www.microsoft.com/en-us/download/details.aspx?id=55319

Security Compliance Manager (SCM) retired; new tools and procedures
https://blogs.technet.microsoft.com/secguide/2017/06/15/security-compliance-manager-scm-retired-new-tools-and-procedures/

 

Module 1 & 2 Videos

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Module 3 Videos

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Module 5 Videos

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Module 6 Videos

Learn how Microsoft Enterprise Mobility + Security supports your GDPR compliance journey
https://channel9.msdn.com/Events/Ignite/Microsoft-Ignite-Orlando-2017/BRK2013

Advanced Security Management
https://youtu.be/gWTSTqNHgSg

Module 8 Videos

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Module 9 Videos

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Module 10 Videos