I. If you selected Apply or remove encryption, you can choose from Remove encryption if the file or calendar event is encrypted or Configure encryption settings. Removing encryption ends the encryption portion of the wizard, but the latter configure option presents additional options: i. Assign permissions now or let users decide has two options for […]
Category: Implementing retention labels
Implementing sensitivity labels and sensitivity label policies– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
Sensitivity labels, like retention labels, are metadata that helps users and the M365 platform classify content. While retention labels are used to protect and manage the content’s data lifecycle (and consequently, its overall existence in the M365 ecosystem), sensitivity labels are used to classify, protect, and manage data from a risk or value perspective. Sensitivity […]
Implementing retention policies– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
Retention policies are rule-driven configurations that allow you to manage the lifecycle of data in the organization. Retention policies are created with three core purposes in mind: • To protect and retain data for a minimum amount of time• To ensure data doesn’t continue to persist after a specific period of time• To govern the […]
Using regular expressions– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
You can use regular expressions (sometimes stylized as RegEx or regex) to detect and match content when simple keywords or strings will not suffice. Further Reading Neither this book nor the MS-102 exam focuses much on the construction of regular expressions. Regular expressions can become quite deep and complex with concepts such as look aheads, […]
Managing sensitive information types– Implementing Microsoft Purview Information Protection and Data Lifecycle Management
You can create and manage custom sensitive information types to detect a variety of data across your organization. In this section, we’ll look at creating these classifiers. Using keywordsThe simplest configuration for sensitive information types involves using keywords. Keywords are exactly that—simply words that are used to identify content as sensitive. When using keywords to […]
Summary– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
In this chapter, you learned about the Microsoft 365 Defender for Endpoint product, including how to deploy it to a variety of platforms, configure basic protection features, and use the Vulnerability management tools to investigate and remediate risks. These tools are critical for maintaining a secure operating environment and allow organizations to confidently support a […]
Investigations– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
The Investigations tab is used to track the triggering alerts for the incident. After selecting an alert to view its details, you can select Open investigation page to get a deep insight into the event, as shown in Figure 9.47: Figure 9.47 – Triggering alert investigation The Investigations page for an alert shows details much […]
Tuning– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can tune the parameters for specific alerts (Alert details | Tune alert). Tuning alerts helps your security operations center ( SOC) team focus on alerts that are specifically important to your organization. While you can tune alerts at any time during an incident, you may wish to wait until after an incident has been […]
Automate– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
In addition to the manual remediation actions that you can take inside Microsoft 365 Defender, you can also configure different levels of automated responses, both integrated within Microsoft 365 Defender and other automation tools. Automated Investigation and ResponseIf you have subscribed to MDE P2 or MDB, you have native options for automated remediation. If your […]
Reviewing Assessment Results– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Once the Security baselines assessment | Profiles tab has been updated, you can check your organization’s compliance against that profile. On the Profiles tab, after the profile data has been updated, you will see how the devices in the baseline score against the baseline assessment and compliance settings chosen in the profile. Figure 9.41 displays […]