Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Microsoft 365 Security Administration: MS-500 Exam Guide

You're reading from   Microsoft 365 Security Administration: MS-500 Exam Guide Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Arrow left icon
Product type Paperback
Published in Jun 2020
Publisher Packt
ISBN-13 9781838983123
Length 672 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Peter Rising Peter Rising
Author Profile Icon Peter Rising
Peter Rising
Arrow right icon
View More author details
Toc

Table of Contents (29) Chapters Close

Preface 1. Section 1: Configuring and Administering Identity and Access in Microsoft 365
2. Chapter 1: Planning for Hybrid Identity FREE CHAPTER 3. Chapter 2: Authentication and Security 4. Chapter 3: Implementing Conditional Access Policies 5. Chapter 4: Role Assignment and Privileged Identities in Microsoft 365 6. Chapter 5: Azure AD Identity Protection 7. Section 2: Implementing and Managing Threat Protection
8. Chapter 6: Configuring an Advanced Threat Protection Solution 9. Chapter 7: Configuring Microsoft Defender ATP to Protect Devices 10. Chapter 8: Message Protection in Office 365 11. Chapter 9: Threat Intelligence and Tracking 12. Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security 13. Section 3: Information Protection in Microsoft 365
14. Chapter 11: Controlling Secure Access to Information Stored in Office 365 15. Chapter 12: Azure Information Protection 16. Chapter 13: Data Loss Prevention 17. Chapter 14: Cloud App Discovery and Security 18. Section 4: Data Governance and Compliance in Microsoft 365
19. Chapter 15: Security Analytics and Auditing Capabilities 20. Chapter 16: Personal Data Protection in Microsoft 365 21. Chapter 17: Data Governance and Retention 22. Chapter 18: Search and Investigation 23. Chapter 19: Data Privacy Compliance 24. Section 5: Mock Exam and Assessment
25. Chapter 20: Mock Exam 26. Chapter 21: Mock Exam Answers 27. Chapter 22: Assessments 28. Other Books You May Enjoy

Using Azure Sentinel playbooks

Azure Sentinel includes a feature called playbooks. These can be used to create automated responses where Sentinel detects security issues. For example, should one of the workbooks we configured in the previous section detect an issue, a playbook could be configured to respond to that, either manually or automatically.

Important note

Playbooks are based on Azure Logic apps, and therefore should you wish to use them, you will need to be aware of additional charges that you will incur.

Let's look at how to create a security playbook in Azure Sentinel. Here, we will connect a playbook to the Logic Apps designer and trigger an email alert when a SharePoint list is modified. This is achieved by completing the following steps:

  1. From the Azure Sentinel portal, select Configuration | Playbooks:

    Figure 10.26 – Configuring a security playbook

  2. Click on Add Playbook:

    Figure 10.27 – Adding a playbook

  3. In this example, we will...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime