Month: April 2024

Section 16 – Implement and manage Microsoft Purview Information Barriers (IBs)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/04/2024
Posted in Azure, Compliance, Information Barriers, Insider risks, Microsoft Purview, Purview, SC-400, Security, Study guide

Plan for IBs This table summarizes the features where Information Barriers (IB) policies can restrict communication and collaboration within your organization. Feature Microsoft Teams SharePoint & OneDrive Exchange Online Communication Yes No No Searching for users Yes No No Chat…

Continue Reading Section 16 – Implement and manage Microsoft Purview Information Barriers (IBs)

Section 14 – Implement and manage Microsoft Purview Communication Compliance

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/04/2024
Posted in Azure, Compliance, Microsoft Purview, SC-400, Security, Study guide

Plan for communication compliance This tool helps you identify and address potential risks before they become problems. It can detect inappropriate messages like harassment or threats, as well as leaks of sensitive information across various communication channels, including email, Microsoft…

Continue Reading Section 14 – Implement and manage Microsoft Purview Communication Compliance

Deep Dive into Conditional Access Policies part 1

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 19/04/2024
Posted in Azure, Conditional access, Entra ID, Identity, Microsoft Graph, Security

Entra ID Conditional Access Policy Evaluation: A Breakdown Phase Description Applies To 1: Signal Collection Gathers information about the user’s access attempt.Examples: Network location (IP address), device identity (type, OS version). Applies to all enabled Conditional Access policies, including those…

Continue Reading Deep Dive into Conditional Access Policies part 1

Section 15 – Implement and manage Microsoft Purview Insider Risk Management

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 13/04/2024
Posted in Azure, Microsoft Purview, Purview, SC-400, Security, Study guide

Plan for insider risk management Insider Risk Management Roles Role Description Microsoft Entra ID Global Administrator – Has full control over all Microsoft Entra and Microsoft Purview features, including Insider Risk Management. Microsoft Entra ID Compliance Administrator – Can manage…

Continue Reading Section 15 – Implement and manage Microsoft Purview Insider Risk Management

This is why I think you should join CCPs 💯

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 13/04/2024
Posted in Azure, Compliance, Copilot, Entra ID, Identity, Microsoft Purview, Security

Imagine a giant security geek party… but way cooler! That’s kind of what the CCPs are like. Instead of just listening to someone lecture at a conference, you get to chat directly with Microsoft engineers and other security pros. It’s…

Continue Reading This is why I think you should join CCPs 💯

Graph activity logs is now generally available

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 11/04/2024
Posted in Azure, Entra ID, Microsoft Graph, Microsoft Purview, Security, Zero trust

What you do with it? Privileges To access the Microsoft Graph activity logs, you need the following privileges. What information is available? Column Type Description AadTenantId string The Azure AD tenant ID. ApiVersion string The API version of the event….

Continue Reading Graph activity logs is now generally available

Defender for Office 365 and QR-code phishing

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/04/2024
Posted in Azure, Defender, Insider risks, Microsoft Purview, Security

There is no way to tell with an human eye what those QR codes are, even in the picture above, there are two than can be read with your phone and no they are not malicious, try it for yourself….

Continue Reading Defender for Office 365 and QR-code phishing

Section 12 – Plan and manage eDiscovery and Content search

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/04/2024
Posted in Azure, Compliance, Microsoft Purview, SC-400, Security, Study guide

Choose between eDiscovery (Standard) and eDiscovery (Premium) based on an organization’s requirements Feature Content Search eDiscovery (Standard) eDiscovery (Premium) Search Capabilities Basic Basic Basic Export Results Yes Yes Yes Permissions Role-based N/A N/A Legal Features – Yes Yes Case Management…

Continue Reading Section 12 – Plan and manage eDiscovery and Content search

Copilot for Security: Your AI Partner 🤖

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/04/2024
Posted in Azure, Copilot, Identity, Insider risks, Microsoft Purview, Security

What is Copilot for Security? Microsoft Copilot for Security shatters traditional security software limitations. It leverages cutting-edge large language models (LLMs) from Open AI, along with vast security data and threat intelligence (encompassing a staggering 78 trillion daily security signals),…

Continue Reading Copilot for Security: Your AI Partner 🤖

Unify SIEM and XDR for Enhanced Threat Detection

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 04/04/2024
Posted in Azure, Defender, Microsoft Purview, Microsoft Sentinel, Security

Now when you open Defender portal (https://security.microsoft.com) you will see the above displayed, this feature is now in Public preview and let’s how the process works. Defender XDR and Sentinel: Working Together This table summarizes the key functionalities and considerations…

Continue Reading Unify SIEM and XDR for Enhanced Threat Detection