Author: Sophia Lisk

  • Summary-Describe security, compliance, privacy, and trust in Microsoft 365

    Thought experiment In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find the answers to this thought experiment in the next section. Ralph is the Director of the Brooklyn datacenter at Contoso Corp. The company currently has three office buildings in the New York area with…

    Read More: Summary-Describe security, compliance, privacy, and trust in Microsoft 365
  • Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365

    Arguably, the most difficult part of the risk management planning process is trying to anticipate all the possible threats that could afflict the company’s data in the future. The three basic risk factors for the data—confidentiality, integrity, and availability—can be exploited in any number of specific ways, but the general threat categories are listed in…

    Read More: Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365
  • Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365

    The third element of the digital estate that must be considered when creating a risk management plan is the people who actually access the data. Whether deliberately or inadvertently, users are a constant vulnerability—if not an actual threat—to the organization’s data. After quantifying the organization’s information assets and their value and inventorying the hardware used…

    Read More: Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365
  • Inventorying hardware-Describe security, compliance, privacy, and trust in Microsoft 365

    Once the data sensitivity and value have been assessed, the next step of the risk-management plan design process is to consider the technology used to store, access, transmit, and process that data. This includes the servers or cloud services where the data is stored when at rest, the client systems and devices used to access…

    Read More: Inventorying hardware-Describe security, compliance, privacy, and trust in Microsoft 365
  • Identifying and valuing information assets-Describe security, compliance, privacy, and trust in Microsoft 365

    Companies often generate vast amounts of data with varying levels of sensitivity. It is usually not practical for an organization to implement the ultimate level of security over its data, so it is necessary to classify the information according to its function and value. Therefore, the risk management process should begin with an inventory of…

    Read More: Identifying and valuing information assets-Describe security, compliance, privacy, and trust in Microsoft 365
  • Priva rights requests-Describe security, compliance, privacy, and trust in Microsoft 365

    In recent years, there has been legislation passed in many countries providing citizens with the right to request that organizations disclose any personal information about them that they possess. These might seem like simple requests to the requestor, but for an organization that maintains a large data store, locating all of the requested information concerning…

    Read More: Priva rights requests-Describe security, compliance, privacy, and trust in Microsoft 365
  • Describe the capabilities and benefits of Microsoft Priva-Describe security, compliance, privacy, and trust in Microsoft 365

    As mentioned frequently in this book, an organization’s data is its most valuable commodity, and keeping that data secure is one of the primary functions of Microsoft 365. That company data frequently includes confidential information, however, and it is the responsibility of the IT department not only to keep the data secure but also to…

    Read More: Describe the capabilities and benefits of Microsoft Priva-Describe security, compliance, privacy, and trust in Microsoft 365
  • Microsoft Advanced Threat Analytics-Describe security, compliance, privacy, and trust in Microsoft 365

    Advanced Threat Analytics (ATA) is an on-premises solution that uses information gathered from a wide variety of enterprise sources to anticipate, detect, and react to security threats and attacks. ATA receives log and event information from Windows systems and also captures network traffic generated by security-related protocols, such as Kerberos and NTLM. This traffic provides…

    Read More: Microsoft Advanced Threat Analytics-Describe security, compliance, privacy, and trust in Microsoft 365
  • Microsoft Entra ID (Azure Active Directory Premium)-Describe security, compliance, privacy, and trust in Microsoft 365

    Active Directory (AD) is a directory service that has been a part of the Windows Server product since the Windows 2000 Server release. A directory service is a database of objects, including users and computers, that provides authentication and authorization services for network resources. Authentication and authorization are essentially the front gates of information protection,…

    Read More: Microsoft Entra ID (Azure Active Directory Premium)-Describe security, compliance, privacy, and trust in Microsoft 365
  • Auditing-Describe security, compliance, privacy, and trust in Microsoft 365

    Microsoft Purview includes auditing capabilities that log operations for many Microsoft 365 applications and services. Administrators can search the audit log directly from the Microsoft Purview portal, providing detailed information that can be useful during security, compliance, and legal investigations. Microsoft Purview can provide two levels of audit logging, as follows: FIGURE 3-49 The Audit…

    Read More: Auditing-Describe security, compliance, privacy, and trust in Microsoft 365

Search

Popular Posts

  • Summary-Describe security, compliance, privacy, and trust in Microsoft 365
    Summary-Describe security, compliance, privacy, and trust in Microsoft 365

    Thought experiment In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find the answers to this thought experiment in the next section. Ralph is the Director of the Brooklyn datacenter at Contoso Corp. The company currently has three office buildings in the New York area with…

  • Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365
    Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365

    Arguably, the most difficult part of the risk management planning process is trying to anticipate all the possible threats that could afflict the company’s data in the future. The three basic risk factors for the data—confidentiality, integrity, and availability—can be exploited in any number of specific ways, but the general threat categories are listed in…

  • Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365
    Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365

    The third element of the digital estate that must be considered when creating a risk management plan is the people who actually access the data. Whether deliberately or inadvertently, users are a constant vulnerability—if not an actual threat—to the organization’s data. After quantifying the organization’s information assets and their value and inventorying the hardware used…

Tags

There’s no content to show here yet.