Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
Welcome back. Cybersecurity Sudbury Ins to the M s 3 65 Security Administration. Course
00:07
I'm Your Stronger Jim Daniels were a Model three. Invest 3 65. Threat Protection Lesson one. Security within industry 65. Part two
00:18
Invest 3 65 Advanced Threat Protection
00:21
In this lesson, we will undoubtably cover
00:25
standard email protection
00:28
E o p Staines Along protection,
00:30
the composition of M s 3 65 80 p Advanced threat protection
00:35
and the benefits of the secure score to an organization
00:40
exchange on protection. E O T
00:43
E O P WITH Microsoft 3 65 80 p.
00:47
Acronyms Right
00:49
technology
00:50
You can't escape back or names.
00:52
GOP provides protection against spoofing efficient attacks. Span an hour.
00:58
Uses a combination of I P in your oral reputation
01:02
domain reputation span and now we're filtering content. Build train in connection filtering.
01:07
You can be extended by enabling invest 3 65 80 p
01:11
within the tenant
01:14
exchange Online on comes with GOP included,
01:18
So the very basic bare minimum
01:21
once your organization goes to exchange on you, will have e a p. There.
01:26
You won't have the advanced features that come with 3 65 80 p or Invest rate 65 80. You won't have those advanced features, however.
01:34
You'll have a lot of foundational features with the A P
01:38
in this 3. 65 is a collection. It's a collective of features designed to combat advanced targeted threats.
01:48
M s 3 65 80 p is comprised of safe attachments,
01:53
safe links, spoof intelligence quarantine and anti fishing
02:00
Cloud AB. Security is a comprehensive cross SAS solution. Bring you visibility data controls and enhance threat protection to your cloud. APS.
02:09
With the service, you gain visibility in the shadow I t.
02:13
By discovering cloud apps that your users Youlus
02:16
has includes representation,
02:19
discovering insights and hands control.
02:23
If you have the license for cast and you're not using a shame when you
02:27
cloud up, security is a wonderful tool.
02:30
Quiz
02:30
exchange. Online protection comes standard with exchange online,
02:36
and it provides protection against spoofing
02:38
fishing span. And now, where true
02:43
we're faults.
02:44
What do you think?
02:47
That's true.
02:50
Our friend Cosmo just pointed that help
02:52
that is true.
02:53
Secure score.
02:55
It's based on system config,
02:58
user behavior and other security related measurements.
03:01
Some of the benefits of secure score
03:04
donuts
03:05
walking organization do to mitigate risk
03:07
comparison.
03:09
Compare your organization with what other organizations are doing
03:14
Sliding bar
03:15
so you can actually set a target. And it will tell you what needs to be done to achieve that target.
03:22
Dashboard
03:23
dashboards. The high level view
03:25
that you can export. You give access to take screenshots off to give to your SI SOS security managers stakeholders
03:35
a p I.
03:37
You can extend it with flexible A p I
03:39
encouragement.
03:42
As humans, we want to see
03:44
accomplishments. It's is about nature.
03:46
That's why I s m I says, Hey,
03:50
I'm gonna write a list of things to do. However,
03:53
I'm gonna put two things on the list I've already done
03:55
so I can see those two items being marked now.
04:00
It gives you motivation. The same thing was to hear score. Once you make a change and it's reflected and secure score, you can actually see it go up. You can see it increase. That encourages you and your team
04:12
to continue working for that goal of a more secure environment.
04:16
AP I can be fully integrated in with a Microsoft graph.
04:20
Some of the benefits of quite and secure scored data through the graph
04:25
Say you want to monitor and report when you're secure scoring and downstream reporting tools.
04:30
In other words, you want to take a crystal report where you want to take
04:32
something. Third party.
04:34
Maybe you want to do a power bi our report and great the FBI into it.
04:39
You want track your configuration baseline.
04:42
You were integrated that into compliance or cyber security instruments, applications.
04:46
A lot of times,
04:48
when we get that security insurance, they want to see proof of our environment. They want to see when we make it better. They want to see proof of that. So secure score through a P. I can allow that
05:00
you integrate your data into your security incident and of imagine, you're seem
05:04
or your casby solution.
05:06
This way you can drive a hybrid or multi cloud framework so you can see the total picture.
05:13
You have your secure score with any mystery 65. But you also have your seen whether be as your senator or something else that has your firewall snapshot.
05:23
Maybe it has different configuration.
05:25
All of that can roll into one
05:28
buzzword. Single pane of glass.
05:32
You're secure. Scored dashboard.
05:35
It analyzes your in Miss Trixie five Security based on security settings across the tennis
05:42
to secure score framework is based on score relative toe. What features you have enabled
05:47
what features are available to enable and want to risk was like either for
05:53
enabling those features, configuring them the way they are configured or ignoring those features and not enabling
06:00
On this screen shot, we can see that
06:01
85 out of 364.
06:04
It's probably not the best for
06:06
we, but we can see how it's compared to other ones
06:10
and we can actually see. Hey, maybe you're off to a good start.
06:14
While the dashboard provides a snapshot of the current security posture,
06:17
the analyzer could be used to manage the risk over time.
06:23
The animal, either Tan, provides a historical graph
06:26
that shows the score over the past 30 60 90 days. So if your security team is really working on improving the secure score,
06:33
this is a tangible graph you can show
06:36
to desist. Ah, or just a cold for say, Hey, this is our improvement.
06:42
This is something reported
06:45
a K T. I performance indicator, the Microsoft Secure score that shows we're heading in the right direction for organization
06:53
once you've used the secure score tool to determine the state of your security. Next steps to analyze your findings and plan how to improve conditions
07:02
during planning,
07:04
you should consider your potential forest
07:08
again. Wash your appetite for risk washer organizations. Security posture. What's their stance?
07:15
How difficult the provides solutions are to implement
07:17
timeframes. How long it's gonna take an impact to your rating based on East Action.
07:25
Every organization is different.
07:28
Most organizations go with the low hanging fruit
07:30
so they can go ahead and check a few items off the list and see a positive improvement
07:35
you want to look at. Is the juice worth the squeeze?
07:40
Some organizations if the implementation, is going to cost $100,000 a year,
07:45
but the end result of a materialization of that risk is only gonna be 5000. They're not even going to implement that. Control
07:53
doesn't make financial sense.
07:55
Each organization is different.
07:57
If you're consultant,
07:59
each one of these analysis is totally different. It's all dependent on that organization.
08:05
So to recap the lesson, invest 3 65 includes several security solutions that can help you protect your users. Resource is, and that including exchange alarm protection.
08:16
Oh, through C C five advanced threat protection and cloud APP Security.
08:20
The Microsoft secure score provides a numerical summary or rating of your security postural within an S 3 65.
08:28
This writing is based on assistant configurations.
08:31
Why you configured what you have available to configure and you haven't
08:35
use your behavior and other security related in measurements.
08:41
Thank you for joining me in this video. I hope to see you next time. Take care.

Up Next

MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By

Instructor Profile Image
Jim Daniels
IT Architect
Instructor