This is a two-day workshop, which is divided over 4 morning sessions from 8:00 AM - 12:00 PM (AST)
This workshop is for auditors and security teams responsible for security and compliance of their Microsoft 365 and Azure Active Directory (AzureAD) environments. This course will provide students with knowledge and practical skills to audit Microsoft 365 (M365) tenants, and to improve security of Microsoft 365 configuration and monitoring capabilities.
This course is designed with real world scenarios in mind to provide practical, effective approaches for asking and answering compliance questions, auditing M365 after solution
adoption; to present practitioner approach to continuous audit, monitoring, and creating additional security and compliance visibility.
At the end of the course student will be able to effectively audit Microsoft 365
configuration and organization compliance, understand and improve security of the environment, and implement basic continuous audit and monitoring of the organization Microsoft 365 tenant.
This course is intended for IT professional, managers, system administrators, cybersecurity teams and auditors responsible for managing, securing and auditing Microsoft 365 environments (tenants).
At course completion students will be able to:
- Develop practical audit plan for Microsoft 365 environment
- Develop practical risk management plans/strategies to manage and improve Microsoft 365 security and compliance (continuous monitoring/audit)
- Answer questions and describe how Microsoft 365 complies with various regulatory frameworks and data protection standards
- Audit Microsoft 365 configuration using graphical user interface (GUI) – Azure Active Directory
- (AzureAD), Microsoft 365 Security & Compliance centers (e.g. DLP, Anti-phishing, anti-malware
- policies, alerts), Cloud App Security (shadow IT discovery), Microsoft 365 Admin center, Exchange, SharePoint, Teams, Microsoft Endpoint Management (MEM / Intune)
- Audit specific Microsoft 365 elements that require use of PowerShell
- Understand and use Microsoft Security Center (and Secure Score), Microsoft Compliance Center
- (and Compliance Score), and Security & Compliance Center for periodic audits, for continuous
- security improvements, audit and monitoring.
- Understand Microsoft Defender Security ATP Center (MDATP) role and capabilities in protecting the organization, and its relationship to Microsoft Secure Score.
- Understand how Azure security tools can enhance organization security and compliance, by
- integrating data from multiple computing platforms and environments
- Understand how Microsoft 365 cybersecurity strategy works and protects users, devices and data in identity-based protection model
In 2 day event we delve deeper in M365 functionalities and spent more time in demo environment to review/show e.g. DLP configuration, detail device management policies and configuration profiles, AzureAD policies, Azure Security tools and audit approaches, steps etc. – more insights and demo time.
Students will receive PDF copies of entire course, including screenshots, talking points (PowerPoint), auditing PowerShell scripts, examples of Excel templates and resources. These resources will enable students to follow practical approaches and run hands on labs after the workshop in their own/test environments.
Instructor / author:
Robert Brzezinski MBA, CISA, CHPS, CISM, M365 Security Admin, Azure Security Engineer
More information at link
- Slide deck used for demonstrating audit approaches and M365 interface associated with specific phasesa.PDF version and additional materials provided to attendees –download from SharePoint or OD4B, will need attendees email address, or distributed by organizer
- Microsoft demo environment used for navigating through M365 and Azure modules and demonstrating some of the M365 functionality and security capabilities. Optional–access to demo environment can be provided to selected attendees.
- PowerShell Exchange Online used for demonstrating some PowerShell commands used in audit.
- Participant’s questions answered during and after each day.
Slide deck modules:
- Auditing TTPs, Microsoft 365 Secure Score, Licensing, Deployment models & Security RoadmapModule
- Auditing Microsoft 365 –Admin Center, Security, Compliance, PowerShell, Exchange, SPO & OD4B, TeamsModule
- Auditing AzureAD, Microsoft 365 Enterprise Mobility & Security –Intune/Endpoint Manager, and Microsoft Defender ATPModule
- Attack example, M365 detection & layered protection, and why Azure security tools are a must. CommonattacksonM365 users –practical defenses, everyday alerts and incident response using Microsoft Defender Security Center, manual and automated incident response and remediation.
Fee: Usd 350 (Members get Usd 50 discount)
Use link below for registration
Registration_Auditing and improving of Microsoft 365 and Azure Cloud Security