Flashcards in Implement and Manage Threat Protection - Questions Deck (8)
Office 365 ATP Plan 1 comes with ___.
Office 365 ATP Plan 2 comes with ___.
O365 ATP Plan 1 comes with real-time detections.
O365 ATP Plan 2 comes with the Threat Mgmt Explorer.
What are the Threat Trackers and what license is required?
Widgets that can provide more information on global threats to keep admin informed about what is happening across cyber security.
-> Required O365 ATP Plan 2
How do you access O365 ATP incidents?
Security & Compliance Portal
-> Threat Management
What license is required for using Attack Simulator? What 3 tools are included?
Required O365 ATP Plan2
1. Spear Phishing
2. Brute-force password attack (dictionary attack)
3. Password Spray Attack
MFA is required for your account before launching any attacks
How do you access the Attack Simulator?
in Security & Compliance at protection.office.com
-> choose Threat Mgmt
-> Attack Simulator
What is Azure Sentinel?
It is a next-generation SIEM because it includes the ability to respond automatically to events using Playbooks, bringing Security Orchestration Automated Response (SOAR)
What is needed to implement Azure Sentinel?
-> An Active Azure Subscription
-> A Log Analytics Workspace
-> At least Contributor permissions to the Azure Subscription
-> At least Contributor or Reader permissions on the Resource group to which Workspace belongs