M365 Defender Flashcards

1
Q

What is M365 Defender?

A

Microsoft 365 Defender is an enterprise defense suite that protects against sophisticated cyberattacks. With Microsoft 365 Defender, you can natively coordinate the detection, prevention, investigation, and response to threats across endpoints, identities, email, and applications.

More info: https://docs.microsoft.com/en-gb/learn/modules/describe-threat-protection-with-microsoft-365-defender/2-describe-services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does M365 Defender cover?

A

Applications

Identities

Endpoints

Data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Microsoft Defender for Identity?

A

A cloud-based security solution that uses AD (not AAD) data (called signals) to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the key areas of Microsoft Defender for Identity?

A

Monitor and profile user behaviour and activities

Protect user identities and reduce the attack surface

Identify suspicious activities and advanced attacks across the cyberattack kill-chain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the cyberattack kill chain?

A

Reconnaissance

Compromised credentials

Lateral movements

Domain Dominance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Microsoft Defender for Office 365?

A

A solution that safeguards your organization against malicious threats posed by email messages, links and collaboration tools.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the key areas of Microsoft Defender for Office 365?

A

Threat protection policies

Reports

Threat investigation and response capabilities

Automated investigation and response capabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the two plans of Microsoft Defender for Office 365 and what do they include?

A

Microsoft Defender for Office 365 Plan 1 includes
- Safe attachments, links, attachments for SharePoint,
OneDrive, and Microsoft Teams
- Anti-phishing protection
- Real-time detections

Microsoft Defender for Office 365 Plan 2 includes

  • Threat Trackers
  • Threat explorer
  • Automated investigation and response (AIR)
  • Attack Simulator
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Microsoft Defender for Endpoint?

A

A platform designed to help enterprise networks protect endpoints.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

True or False: Microsoft Defender for Endpoint embeds technology built into Windows 10 and MSFT cloud services.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does Microsoft Defender for Endpoint include?

A

Threat and vulnerability management

Attack surface reduction

Management and APIs

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft threat experts

Secure score for devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Microsoft Defender for Cloud Apps?

A

A comprehensive cross-SaaS solution taht operates as an intermediary between a cloud user and the cloud provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a CASB?

A

A Cloud Access Security Broker (CASB) is a gatekeeper that brokers real-time access between users and the cloud resources they use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What capabilities does Microsoft Defender for Cloud Apps provide?

A

Discovering and controlling the use of Shadow IT

Protect your sensitive information anywhere in the cloud

Protect against cyberthreats and anomalies

Assess your cloud apps’ compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Office 365 Cloud App Security?

A

A subset of Microsoft Defender for Cloud Apps that provides enhanced visibility and control for Office 365..

How well did you know this?
1
Not at all
2
3
4
5
Perfectly