Implement and Manage Threat Protection - Questions Flashcards Preview

MS-500 M365 Security Administrator Associate > Implement and Manage Threat Protection - Questions > Flashcards

Flashcards in Implement and Manage Threat Protection - Questions Deck (8)
Loading flashcards...
1

Office 365 ATP Plan 1 comes with ___.
Office 365 ATP Plan 2 comes with ___.

O365 ATP Plan 1 comes with real-time detections.
O365 ATP Plan 2 comes with the Threat Mgmt Explorer.

2

What are the Threat Trackers and what license is required?

Widgets that can provide more information on global threats to keep admin informed about what is happening across cyber security.
-> Required O365 ATP Plan 2

3

How do you access O365 ATP incidents?

Security & Compliance Portal
-> Threat Management
-> Review
-> Incidents

4

What license is required for using Attack Simulator? What 3 tools are included?

Required O365 ATP Plan2
->3 tools
1. Spear Phishing
2. Brute-force password attack (dictionary attack)
3. Password Spray Attack
MFA is required for your account before launching any attacks

5

How do you access the Attack Simulator?

in Security & Compliance at protection.office.com
-> choose Threat Mgmt
-> Attack Simulator

6

What is Azure Sentinel?

It is a next-generation SIEM because it includes the ability to respond automatically to events using Playbooks, bringing Security Orchestration Automated Response (SOAR)

7

What is needed to implement Azure Sentinel?

-> An Active Azure Subscription
-> A Log Analytics Workspace
-> At least Contributor permissions to the Azure Subscription
-> At least Contributor or Reader permissions on the Resource group to which Workspace belongs

8

How do you access Azure Sentinel?

Azure Portal portal.azure.com
-> in Search field type "Azure Sentinel"
-> select Add
-> select or create Workspace
-> select Add Azure Sentinel
-> click Data Connectors
-> select Data Connectors
-> click Open Connector Page to configure Connector