Posts

Apps – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Apps – Describe Zero Trust Principles for Microsoft 365
Audit Retention Policies Microsoft Certification Exam Microsoft MS-900 Synchronized Identity with Pass

Apps Applications provide both a method for individuals to accomplish tasks as well as an avenue for attackers. A zero-trust deployment model for applications includes the following: •   Managing application access policies: You can use Microsoft Defender for Cloud Apps to determine whether applications are performing risky behaviors (such as downloading or uploading data abnormally) ...

Read More

Document Storage – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Document Storage – Describe Zero Trust Principles for Microsoft 365
Describe Identity Concepts Describe the Zero-Trust Model Microsoft Certification Exam Microsoft MS-900

Document Storage Although documents can be accessed from almost all the services of the suite, Microsoft 365 has three primary interfaces (listed next) where users can store, share, and collaborate on files: The underlying storage component for all these interfaces is SPO. Documents stored in SPO (or any service that leverages SharePoint) are automatically indexed, ...

Read More

Sharing End User Controls – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Sharing End User Controls – Describe Zero Trust Principles for Microsoft 365
Describe the Zero-Trust Model Microsoft Certification Exam Microsoft MS-900 Synchronized Identity with Pass

Sharing End User Controls Sharing can be done by almost all clients. Supported clients include the following: Outlook sharing is particularly interesting because it allows users to attach files to email messages as cloud attachments, thus automatically sharing those files out of their OneDrive personal storage. Endusers can even configure the permissions the recipients can ...

Read More

Auditing – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Auditing – Describe Zero Trust Principles for Microsoft 365
Audit Retention Policies Describe Identity Concepts Microsoft Certification Exam Microsoft MS-900 Synchronized Identity with Pass

Auditing Auditing determines which actions were executed by which identity, and the time those actions were performed. As described earlier, Microsoft 365 allows administrators to audit actions that are performed in the service regarding file sharing and collaboration, syncing, deletion, and access. A comprehensive zero-trust policy will ensure that auditing data is captured for security ...

Read More

Infrastructure – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Infrastructure – Describe Zero Trust Principles for Microsoft 365
Audit Retention Policies Describe the Zero-Trust Model Microsoft Certification Exam Microsoft MS-900 Synchronized Identity with Pass

Infrastructure Applying zero trust principles to your infrastructure means that, as an administrator, you need to take a holistic view of everything that interacts with your organization’s data, including servers, cloud infrastructure and platforms, and development environments. You can use a tool such as Microsoft Defender for Cloud, which is a Cloud Security Posture Management ...

Read More

Encryption – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Encryption – Describe Zero Trust Principles for Microsoft 365
Audit Retention Policies Describe Identity Concepts Describe the Zero-Trust Model Microsoft Certification Exam Microsoft MS-900 Synchronized Identity with Pass

Encryption Encryption, a critical part of the zero-trust strategy, is a mechanism that protects information from unauthorized access. Data stored or transmitted in clear text can potentially be intercepted or modified by bad actors. Encryption can help protect against both unauthorized access and data alteration. Microsoft 365 implements several encryption technologies across the platform. Encryption ...

Read More

Performance – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Performance – Describe Zero Trust Principles for Microsoft 365
Audit Retention Policies Microsoft Certification Exam Microsoft MS-900

Performance Since Microsoft 365 is a cloud service, organizations should follow the best practices during the network planning phase. Customers should ensure that adequate network capacity and redundancy are available so that users have consistent and reliable connectivity to the service. Network performance planning should consider the following: As described previously, Microsoft provides a list ...

Read More

Describe Microsoft Granular Delegated Admin Privileges (GDAP) Principles – Describe Zero Trust Principles for Microsoft 365

By Lucy WeismannLeave a Comment on Describe Microsoft Granular Delegated Admin Privileges (GDAP) Principles – Describe Zero Trust Principles for Microsoft 365
Describe Identity Concepts Microsoft Certification Exam Microsoft MS-900

Describe Microsoft Granular Delegated Admin Privileges (GDAP) Principles Zero trust principles such as least privilege don’t just apply to your organization. In the context of service providers, it’s important to make sure that they are also following secure administration practices. This is whereGranular Delegated Admin Privileges (GDAP) comes into play. GDAP’s capabilities empower partners to ...

Read More

Describe the Identity and Access Management Capabilities of Microsoft 365 – Understand Identity and Access Management Solutions

By Lucy WeismannLeave a Comment on Describe the Identity and Access Management Capabilities of Microsoft 365 – Understand Identity and Access Management Solutions
Describe the Zero-Trust Model Microsoft Certification Exam Microsoft MS-900

Describe the Identity and Access Management Capabilities of Microsoft 365 Entra ID provides a full suite of identity and access management capabilities, including the provisioning, role and privilege assignment, delegation, and retirement of identity. In addition to acting as an identity store, Entra also enables policy-based access, secure authorization, auditing, and entitlement management. The key ...

Read More