Defensive Security Of Microsoft 365 – Hands On

Kurso aprašymas

Overview

We power your Microsoft 365 security capabilities through our immersive 2-day course featuring hands on labs. Learn Offensive and defensive skills to secure Microsoft 365 environments, ensuring you are equipped and ready to handle security issues from a typical cyber kill chain. Your future. Our passion. Let’s go!

This course covers Microsoft 365 security features pertaining to various Microsoft 365 subscriptions: Business, E3, E5

The event contains 3 modules:

  • Infrastructure protection — Protecting Domain Infrastructure using Microsoft 365 components.
  • Don’t pay a Ransom — Protect and recover your data from ransomware attacks.
  • Data leakage prevention — protecting corporate data from unintentional or intentional sharing

Target Audience

  • Security Professionals
  • Microsoft 365 IT Professionals
  • Anyone who has an interest in how to make their Microsoft-based organization more secure with Microsoft 365

Practical Labs- During the course students will create a trial free Microsoft 365 environment, which they will populate with data then implement the security features

 

Prerequisites

Working knowledge of Microsoft 365 technologies.

Instructors will demonstrate features throughout the event. Optional Lab exercises are available for students to complete within a delegate created free trial tenancy. Microsoft require a valid credit card to create 30 day free tenancies which must be cancelled within 30 days to avoid incurring charges. QA have no control over the Microsoft 365 trial tenancy signup or billing process.

Delegates will learn how to

Delegates will learn and deploy both offensive/defensive methods to secure Microsoft 365 deployments. This course covers Microsoft 365 security features pertaining to various Microsoft 365 subscriptions; Business, E3, E5.

The event contains 3 modules:

  • Infrastructure protection — Protecting Domain Infrastructure using Microsoft 365 components.
  • Don’t pay a Ransom — Protect and recover your data from ransomware attacks.
  • Data leakage prevention — Protecting corporate data from unintentional or intentional sharing

 

Outline

Module 1 – Infrastructure Protection

  • Introduction to Microsoft 365
  • Demo: From Phishing to Domain Admins
  • Demo: Getting Root in Linux
  • Preventing Overpass-the-Hash attack
  • Configuring Windows Defender Credentials Guard
  • Performing and Preventing Pass-the-Ticket attack
  • Detecting Active Directory attacks with User Behavior Analytics
  • Comparing Microsoft ATA and Azure ATP
  • Configuring Azure ATP
  • Advanced Endpoint Protection from the Cloud
  • Configuring Windows Defender ATP

      Lab 1.1. Exploring Azure ATP
      Lab 1.2. Configuring Windows Defender ATP
      (Optional) Lab 1.3. Cybersecurity challenge

Module 2 – Don’t pay Ransom

  • Demo: Ransomware attack
  • Stop phishing using Office 365 ATP
  • Mastering whitelisting with AppLocker
  • Whitelisting on steroids
  • Attack Surface Reduction rules
  • Docs protection with Controlled Folder Access
  • Windows Defender Application Guard – Rock-solid Browser
  • OneDrive for Business. Complete Recovery
  • Tuning Windows Defender Antivirus

      Lab 2.1. Configuring and testing Office 365 Advanced Threat Protection with sample ransomware
      Lab 2.2. Configuring Windows Defender Controlled Folder Access

Module 3 – Data leakage prevention

  • Endpoint Attacks with Physical Access
  • Device Protection. Configuring Bitlocker
  • Attacks on Mobile Devices
  • Mobile devices protection using Microsoft Intune
  • Protect data in the Cloud with Conditional Access & Cloud App Security
  • User’s documents protection with Azure Information Protection

      Lab 3.1 Configuring Azure AD Conditional Access
      Lab 3.2 Exploring Cloud App Security