You're reading from Microsoft 365 Security Administration: MS-500 Exam Guide Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Product type Paperback

Published in Jun 2020

Publisher Packt

ISBN-13 9781838983123

Length 672 pages

Edition 1st Edition

Languages

SQL

Tools

Azure

Concepts

IT Certification

Author (1):

Peter Rising

View More author details

Table of Contents (29) Chapters

Preface

1. Section 1: Configuring and Administering Identity and Access in Microsoft 365

2. Chapter 1: Planning for Hybrid Identity FREE CHAPTER

3. Chapter 2: Authentication and Security

4. Chapter 3: Implementing Conditional Access Policies

5. Chapter 4: Role Assignment and Privileged Identities in Microsoft 365

6. Chapter 5: Azure AD Identity Protection

7. Section 2: Implementing and Managing Threat Protection

8. Chapter 6: Configuring an Advanced Threat Protection Solution

9. Chapter 7: Configuring Microsoft Defender ATP to Protect Devices

10. Chapter 8: Message Protection in Office 365

11. Chapter 9: Threat Intelligence and Tracking

12. Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security

13. Section 3: Information Protection in Microsoft 365

14. Chapter 11: Controlling Secure Access to Information Stored in Office 365

15. Chapter 12: Azure Information Protection

16. Chapter 13: Data Loss Prevention

17. Chapter 14: Cloud App Discovery and Security

18. Section 4: Data Governance and Compliance in Microsoft 365

19. Chapter 15: Security Analytics and Auditing Capabilities

20. Chapter 16: Personal Data Protection in Microsoft 365

21. Chapter 17: Data Governance and Retention

22. Chapter 18: Search and Investigation

23. Chapter 19: Data Privacy Compliance

24. Section 5: Mock Exam and Assessment

25. Chapter 20: Mock Exam

Case Study

26. Chapter 21: Mock Exam Answers

Answers and explanations

27. Chapter 22: Assessments

28. Other Books You May Enjoy

Leave a review - let other readers know what you think

Using Azure Sentinel playbooks

Azure Sentinel includes a feature called playbooks. These can be used to create automated responses where Sentinel detects security issues. For example, should one of the workbooks we configured in the previous section detect an issue, a playbook could be configured to respond to that, either manually or automatically.

Important note

Playbooks are based on Azure Logic apps, and therefore should you wish to use them, you will need to be aware of additional charges that you will incur.

Let's look at how to create a security playbook in Azure Sentinel. Here, we will connect a playbook to the Logic Apps designer and trigger an email alert when a SharePoint list is modified. This is achieved by completing the following steps:

From the Azure Sentinel portal, select Configuration | Playbooks:
Figure 10.26 – Configuring a security playbook
Click on Add Playbook:
Figure 10.27 – Adding a playbook
In this example, we will...

The rest of the chapter is locked

You're reading from Microsoft 365 Security Administration: MS-500 Exam Guide Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Table of Contents (29) Chapters

Using Azure Sentinel playbooks

Authors (1)

Other recommended products

Personalised recommendations for you

You're reading from Microsoft 365 Security Administration: MS-500 Exam Guide Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Table of Contents (29) Chapters

Using Azure Sentinel playbooks

Unlock this book and the full library FREE for 7 days

Authors (1)

Other recommended products

Personalised recommendations for you