I. If you selected Apply or remove encryption, you can choose from Remove encryption if the file or calendar event is encrypted or Configure encryption settings. Removing encryption ends the encryption portion of the wizard, but the latter configure option presents additional options: i. Assign permissions now or let users decide has two options for […]
Category: Microsoft Certifications
Auto-applying a label– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
The challenge with the manual application of labels is that it requires interaction from the end user. If you have an M365 E5, EMS E5, or Advanced Compliance subscription, you can also use auto-application to help ensure your content is labeled. You can start the auto-application process under the Data lifecycle management | Label policies […]
Testing and editing sensitive information types– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
After you’ve created a sensitive information type, you can test its effectiveness against sample data and update it to improve its detection capability. NoteYou can test both built-in and custom sensitive information types, but you cannot edit the built-in types. To test one of the sensitive information types you’ve created, you can follow these steps: […]
Using regular expressions– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
You can use regular expressions (sometimes stylized as RegEx or regex) to detect and match content when simple keywords or strings will not suffice. Further Reading Neither this book nor the MS-102 exam focuses much on the construction of regular expressions. Regular expressions can become quite deep and complex with concepts such as look aheads, […]
Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Once you have identified devices that are impacted, you can choose how to respond. See Figure 9.51 for the potential actions: Figure 9.51 – Device remediation actions The available remediation actions on a device, shown in Figure 9.51, include the following: • Run Antivirus Scan: Initiate a Microsoft DefenderAntivirus (AV) scan (whether or not Defender […]
Tuning– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can tune the parameters for specific alerts (Alert details | Tune alert). Tuning alerts helps your security operations center ( SOC) team focus on alerts that are specifically important to your organization. While you can tune alerts at any time during an incident, you may wish to wait until after an incident has been […]
Automate– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
In addition to the manual remediation actions that you can take inside Microsoft 365 Defender, you can also configure different levels of automated responses, both integrated within Microsoft 365 Defender and other automation tools. Automated Investigation and ResponseIf you have subscribed to MDE P2 or MDB, you have native options for automated remediation. If your […]
Recommendations– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
This page lists current threats in the organization along with corresponding security recommendations. Figure 9.32 – Recommendations page Selecting an item displays a flyout with information and activities. From here, you can select individual security recommendations to view detailed information about devices or other areas that might be exposed, relevant items tracked in the Common […]
Network Filter Configuration Profile– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
MDE can inspect network traffic and report back to the Microsoft 365 Defender portal. Use the following steps to create a configuration profile that allows the network extension to perform this activity: Next, you’ll create a configuration profile to manage device notifications. Notifications Configuration Profile This configuration profile is necessary to allow Intune and MDE […]
Reviewing Assessment Results– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Once the Security baselines assessment | Profiles tab has been updated, you can check your organization’s compliance against that profile. On the Profiles tab, after the profile data has been updated, you will see how the devices in the baseline score against the baseline assessment and compliance settings chosen in the profile. Figure 9.41 displays […]