Implement and Manage Threat Protection - Questions Flashcards Preview

MS-500 M365 Security Administrator Associate > Implement and Manage Threat Protection - Questions > Flashcards

Flashcards in Implement and Manage Threat Protection - Questions Deck (8)
Loading flashcards...

Office 365 ATP Plan 1 comes with ___.
Office 365 ATP Plan 2 comes with ___.

O365 ATP Plan 1 comes with real-time detections.
O365 ATP Plan 2 comes with the Threat Mgmt Explorer.


What are the Threat Trackers and what license is required?

Widgets that can provide more information on global threats to keep admin informed about what is happening across cyber security.
-> Required O365 ATP Plan 2


How do you access O365 ATP incidents?

Security & Compliance Portal
-> Threat Management
-> Review
-> Incidents


What license is required for using Attack Simulator? What 3 tools are included?

Required O365 ATP Plan2
->3 tools
1. Spear Phishing
2. Brute-force password attack (dictionary attack)
3. Password Spray Attack
MFA is required for your account before launching any attacks


How do you access the Attack Simulator?

in Security & Compliance at
-> choose Threat Mgmt
-> Attack Simulator


What is Azure Sentinel?

It is a next-generation SIEM because it includes the ability to respond automatically to events using Playbooks, bringing Security Orchestration Automated Response (SOAR)


What is needed to implement Azure Sentinel?

-> An Active Azure Subscription
-> A Log Analytics Workspace
-> At least Contributor permissions to the Azure Subscription
-> At least Contributor or Reader permissions on the Resource group to which Workspace belongs


How do you access Azure Sentinel?

Azure Portal
-> in Search field type "Azure Sentinel"
-> select Add
-> select or create Workspace
-> select Add Azure Sentinel
-> click Data Connectors
-> select Data Connectors
-> click Open Connector Page to configure Connector