M365 Defender

Question 1

What is M365 Defender?

Answer 1

M365 Defender is an enterprise defence suite that protects against sophisticated cyberattacks,

Question 2

What does M365 Defender cover?

Answer 2

Applications

Identities

Endpoints

Data

Question 3

What is Microsoft Defender for Identity?

Answer 3

A cloud-based security solution that uses AD (not AAD) data (called signals) to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

Question 4

What are the key areas of Microsoft Defender for Identity?

Answer 4

Monitor and profile user behaviour and activities

Protect user identities and reduce the attack surface

Identify suspicious activities and advanced attacks across the cyberattack kill-chain

Question 5

What is the cyberattack kill chain?

Answer 5

Reconnaissance

Compromised credentials

Lateral movements

Domain Dominance

Question 6

What is Microsoft Defender for Office 365?

Answer 6

A solution that safeguards your organization against malicious threats posed by email messages, links and collaboration tools.

Question 7

What are the key areas of Microsoft Defender for Office 365?

Answer 7

Threat protection policies

Reports

Threat investigation and response capabilities

Automated investigation and response capabilities

Question 8

What are the two plans of Microsoft Defender for Office 365 and what do they include?

Answer 8

Microsoft Defender for Office 365 Plan 1 includes
- Safe attachments, links, attachments for SharePoint,
OneDrive, and Microsoft Teams
- Anti-phishing protection
- Real-time detections

Microsoft Defender for Office 365 Plan 2 includes

• Threat Trackers
• Threat explorer
• Automated investigation and response (AIR)
• Attack Simulator

Question 9

What is Microsoft Defender for Endpoint?

Answer 9

A platform designed to help enterprise networks protect endpoints.

Question 10

True or False: Microsoft Defender for Endpoint embeds technology built into Windows 10 and MSFT cloud services.

Answer 10

True.

Question 11

What does Microsoft Defender for Endpoint include?

Answer 11

Threat and vulnerability management

Attack surface reduction

Management and APIs

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft threat experts

Secure score for devices

Question 12

What is Microsoft Defender for Cloud Apps?

Answer 12

A comprehensive cross-SaaS solution taht operates as an intermediary between a cloud user and the cloud provider.

Question 13

What is a CASB?

Answer 13

A Cloud Access Security Broker (CASB) is a gatekeeper that brokers real-time access between users and the cloud resources they use.

Question 14

What capabilities does Microsoft Defender for Cloud Apps provide?

Answer 14

Discovering and controlling the use of Shadow IT

Protect your sensitive information anywhere in the cloud

Protect against cyberthreats and anomalies

Assess your cloud apps’ compliance

Question 15

What is Office 365 Cloud App Security?

Answer 15

A subset of Microsoft Defender for Cloud Apps that provides enhanced visibility and control for Office 365..