Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Microsoft 365 Mobility and Security – Exam Guide MS-101

You're reading from   Microsoft 365 Mobility and Security – Exam Guide MS-101 Explore threat management, governance, security, compliance, and device services in Microsoft 365

Arrow left icon
Product type Paperback
Published in Nov 2019
Publisher Packt
ISBN-13 9781838984656
Length 312 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Nate Chamberlain Nate Chamberlain
Author Profile Icon Nate Chamberlain
Nate Chamberlain
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Section 1: Modern Device Services FREE CHAPTER
2. Implementing Mobile Device Management (MDM) 3. Managing Device Compliance 4. Planning for Devices and Apps 5. Planning Windows 10 Deployment 6. Section 2: Microsoft 365 Security Threat Management
7. Implementing Cloud App Security (CAS) 8. Implementing Threat Management 9. Implementing Windows Defender ATP 10. Managing Security Reports and Alerts 11. Section 3: Microsoft 365 Governance Compliance
12. Configuring Data Loss Prevention (DLP) 13. Implementing Azure Information Protection (AIP) 14. Managing Data Governance 15. Managing Auditing 16. Managing eDiscovery 17. Section 4: Mock Exams
18. Mock Exam 1
19. Mock Exam 2
20. Assessments 21. Another Book You May Enjoy

Monitoring ATA incidents

ATA resides on-premises and protects you from internal threats and cyber attacks. You can deploy it by using port mirroring from your domain controllers to the ATA gateway (on its own server) or by deploying a lightweight gateway (LGW) directly on the domain controllers.

ATA can detect anomalous logins, password sharing, sensitive group changes, malicious attacks from known attack types, weak protocols, and more.

One type of attack that you may see in the exam is a pass-the-hash attack, in which the attacker uses the underlying hash behind an account's password to authenticate to computers, rather than needing the plain-text password itself. You might suspect this if you were alerted to a user authenticating to machines they wouldn't normally (anomalous behavior). To remediate this, you'd change the user's password, but any Kerberos...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image