I. If you selected Apply or remove encryption, you can choose from Remove encryption if the file or calendar event is encrypted or Configure encryption settings. Removing encryption ends the encryption portion of the wizard, but the latter configure option presents additional options: i. Assign permissions now or let users decide has two options for […]
Category: Onboarding macOS Devices
Implementing retention label policies– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
After you’ve created a label, it’s only visible to administrators of the Microsoft Purview solution—it can’t be assigned by users. From here, there are two ways to deploy a label: publishing the label so that users can manually apply it to content or auto-applying the label based on the given content. Publishing a label In […]
Using document fingerprinting– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
Document fingerprinting is a classification method that’s used to detect data where the content matches a recognizable pattern. NoteDocument fingerprinting is not part of the MS-102 exam guide, though it’s important to be aware of the technology from a functional perspective. For more information on the document fingerprinting capabilities in Microsoft Purview, see https://learn.microsoft.com/ en […]
Managing sensitive information types– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
You can create and manage custom sensitive information types to detect a variety of data across your organization. In this section, we’ll look at creating these classifiers. Using keywordsThe simplest configuration for sensitive information types involves using keywords. Keywords are exactly that—simply words that are used to identify content as sensitive. When using keywords to […]
Reviewing and Responding to Risks– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
When threats are detected, Microsoft 365 Defender will create incidents and alerts. You can monitor and manage alerts and incidents from the Microsoft 365 Defender portal. TipMicrosoft 365 Defender provides sample files that you can use to understand how to detect and process risks. The examples in this section were generated using the automated investigation […]
Files– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can also take actions on files involved in an alert or incident. Figure 9.52 shows the actions available for files: Figure 9.52 – File actions The remediation actions listed in Figure 9.52 include the following: • Ask Defender Experts: An additional service available, Microsoft 365 Defender Experts allows you to ask Microsoft security personnel […]
Automate– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
In addition to the manual remediation actions that you can take inside Microsoft 365 Defender, you can also configure different levels of automated responses, both integrated within Microsoft 365 Defender and other automation tools. Automated Investigation and ResponseIf you have subscribed to MDE P2 or MDB, you have native options for automated remediation. If your […]
Configuring a Conditional Access Policy– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can leverage device health and compliance data as part of a Conditional Access policy. In Figure 9.13, you can see that the Require device to be marked as compliant checkbox has been selected as a Grant access control: Figure 9.13 – Enabling device compliance as a requirement for Conditional Access policy Devices are marked […]
Onboarding iOS Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
iOS devices (such as iPhones and iPads) can run in two modes—the normal user mode (also referred to as unsupervised) and supervised mode—a special enterprise configuration that allows more controlover organization-managed devices. Out of ScopeIntune and Defender for Endpoint can be deployed to devices in either normal (unsupervised) or supervised mode. Supervised mode requires additional […]
Endpoint Detection and Response (EDR) Policy– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can also create an EDR policy to enable MDE settings. To configure an EDR policy, use the following procedure: Figure 9.16 – Creating an EDR policy After Intune has refreshed the policy against the devices in scope, the onboarding package will be deployed. You can view your devices’ statuses in the Microsoft 365 Defender […]