This page lists current threats in the organization along with corresponding security recommendations. Figure 9.32 – Recommendations page Selecting an item displays a flyout with information and activities. From here, you can select individual security recommendations to view detailed information about devices or other areas that might be exposed, relevant items tracked in the Common […]
Category: Microsoft MS-102 Exam
Event Timeline– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
The Event timeline page displays vulnerabilities in the order they were discovered or affected your environment. See Figure 9.38 for an example timeline: Figure 9.38 – Event timeline page Selecting an item on the timeline will display the corresponding CVE information as well as links to any security recommendations. Clicking on the associated security recommendation […]
Network Filter Configuration Profile– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
MDE can inspect network traffic and report back to the Microsoft 365 Defender portal. Use the following steps to create a configuration profile that allows the network extension to perform this activity: Next, you’ll create a configuration profile to manage device notifications. Notifications Configuration Profile This configuration profile is necessary to allow Intune and MDE […]
Onboarding macOS Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Similar to Windows devices, Defender for Endpoint can be deployed to macOS devices using Intune, local scripts and commands, third-party software deployment tools that leverage the Microsoft-provided packaging, or direct user download and activation. The deployment method for MDE will depend largely on what technologies are currently in use to manage devices. For devices that […]
Reviewing Assessment Results– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Once the Security baselines assessment | Profiles tab has been updated, you can check your organization’s compliance against that profile. On the Profiles tab, after the profile data has been updated, you will see how the devices in the baseline score against the baseline assessment and compliance settings chosen in the profile. Figure 9.41 displays […]
Configuring a Conditional Access Policy– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can leverage device health and compliance data as part of a Conditional Access policy. In Figure 9.13, you can see that the Require device to be marked as compliant checkbox has been selected as a Grant access control: Figure 9.13 – Enabling device compliance as a requirement for Conditional Access policy Devices are marked […]
Inventories– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
The Inventories page catalogs discovered items, as shown in Figure 9.36: Figure 9.36 – Inventories page Each tab displays different categories of information. You must have a Plan 2 license, however, to see data on the Browser extensions, Certificates, and Hardware & Firmware tabs. The Software tab is used to show a high-level overview of […]
Onboarding iOS Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
iOS devices (such as iPhones and iPads) can run in two modes—the normal user mode (also referred to as unsupervised) and supervised mode—a special enterprise configuration that allows more controlover organization-managed devices. Out of ScopeIntune and Defender for Endpoint can be deployed to devices in either normal (unsupervised) or supervised mode. Supervised mode requires additional […]
Extensions Configuration Profile– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
This profile enables settings for macOS 11 (Big Sur) and later. Earlier versions, such as macOS 10 (HighSierra), will ignore these settings. To create the configuration profile follow these steps: Bundle Identifier Team Identifiercom.microsoft.wdav.epsext UBF8T346G9com.microsoft.wdav.netext UBF8T346G9 Table 9.2 – Extension configuration settings Figure 9.23 – Extension configuration settings Next, you’ll configure settings for disk access. […]
Endpoint Detection and Response (EDR) Policy– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can also create an EDR policy to enable MDE settings. To configure an EDR policy, use the following procedure: Figure 9.16 – Creating an EDR policy After Intune has refreshed the policy against the devices in scope, the onboarding package will be deployed. You can view your devices’ statuses in the Microsoft 365 Defender […]