MS 900 Flashcards
Add-on USLs
are for on-premises software customers who want to add Microsoft 365 cloud products & services.
Full USLs
are new customers who haven’t previously purchased Microsoft products & services.
From SA USLs
are for on-premises Software Assurance customers that want to transition to the cloud.
Step Up USLs
are for customers who want to upgrade the level of their service.
FastTrack
is a service provided by Microsoft that helps customers onboard Microsoft Cloud solutions and drive user adoption. Customers with eligible subscriptions to Microsoft 365, Azure or Dynamics 365 can use FastTrack at no extra cost for the life of their subscription.
Pre-sales
is a support service provided to help the company with understanding more about Microsoft 365 services before the purchase is made.
Community-based support
a free support service provided by members of the community.
Microsoft Unified support
24/7 as-needed technical support, an assigned Customer Success Account Manager, advisory support, cloud assistance, technical training & more.
The Cloud Solution Provider pricing model
a Microsoft 365 partner providing technical and billing services
Microsoft Online Service Program aka The Web Direct Pricing Model
pay-as-you-go billing that offers convenience and flexibility.
Microsoft Teams Admin Center
must be a global administrator or teams administrator,
- add, edit, archive, restore deleted teams, renew an expiring team.
- add or remove members, owners, channels.
- change team and group settings
- change team name, description, privacy, sensitivity label, member permissions, guest permissions, and set whether team members can use giphys, stickers, and memes.
SharePoint admin center
- view SharePoint communication sites, channel sites and sites that belong to Microsoft 365 groups
- sort, filter, search and create new sites
- all site types expect channel sites, you can add or remove site admins and change the primary admin. For group-connected team sites, you can add and remove group owners.
- change a site’s hub association
- view site details
- view site activity such as the # of files stored and storage usage.
Exchange Admin Center (EAC)
- reports for mail flow; migration; and priority monitoring.
- Azure cloud shell support
- mailbox management
- create and manage 4 types of groups: Microsoft 365 Groups, Distribution lists, Mail-enabled security groups, and Dynamic distribution lists.
- supports cross-tenant migrations for Merger & Acquistion scenarios, and automation Google Workspace (G-Suite) migrations.
Microsoft 365 Admin Center
- View invoices and past billing statements.
- Modify the current payment method.
- Update the email notification for billings
- Add users and assign licenses at the same time, Delete or restore users, or reset a user’s password.
- See detailed reports on email use, Microsoft 365 activations
Create or manage a Microsoft 365 group, distribution group, security group, or shared mailbox.
Identities (Zero Trust Model)
may be users, services, or devices. When an identity attempts to access a resource, it must be verified with strong authentication, and follow least privilege access principles.
Devices (Zero Trust Model)
create a large attack surface as data flows from devices to on-premises workloads and the cloud. Monitoring devices for health and compliance is an important aspect of security.
Applications
(Zero Trust Model)
are the way that data is consumed. Includes discovering all applications being used, called Shadow IT because not all applications are managed centrally. Manages permissions and access.
Data (Zero Trust Model)
should be classified, labeled, and encrypted based on its attributes. Security efforts are about protecting data, and ensuring it remains safe when it leaves devices, applications, infrastructure, and networks that the organization controls.
Infrastructure (Zero Trust Model)
whether on-premises or cloud based, represents a threat vector. To improve security, you assess for version, configuration, and JIT access, and use telemetry to detect attacks and anomalies. This allows you to automatically block or flag risky behavior and take protective actions.
Networks (Zero Trust Model)
should be segmented, including deeper in-network micro segmentation. Also, real-time threat protection, end-to-end encryption, monitoring, and analytics should be employed.
Azure Virtual Desktop
the ability to share the desktop compute resources across multiple users, optimizes the management of user profiles by using the FSLogix container technology, and minimizes the maintenance overhead.
Bookings
integrates with Outlook, provides automated email and SMS notifications about upcoming appointments, and supports buffer times that automatically adjust staff schedules to account for activities required to prepare for meetings with customers.
SaaS
the ability to use software without the need for development of custom software-based solutions or managing the underlying networking, storage, and compute services.
IaaS
consists of infrastructure services (such as networking and storage) and compute offerings that provide full access to the OS running in cloud-hosted virtual machines but imposes extra management and maintenance overhead.
PaaS – For developers
Focus on the deployment & management of your apps. Don’t worry about provisioning, configuring or understanding the hardware or OS.
Ex: Heroku, Redhat Openshift, Apprenda, Google App Engine.
Microsoft Purview compliance Portal
a portal for organizations to manage their compliance needs using integrated solutions for information protection, data lifecycle management, insider risk management, auditing, and more.
Service Trust Portal
how Microsoft cloud services protect company data. Whitepapers, certifications, reports, and other documents are available from the portal.
The Exchange admin Portal
manage advanced email settings, such as quarantine, encryption, and mail flow rules.
The Microsoft Defender Portal
monitor suspicious activities, mailbox attacks, and breach activities on devices.
Microsoft Defender
protect a company against cyberattacks. Each of the services protects against a specific type of attack.
Microsoft Defender for Office 365
used to protect Microsoft 365 apps
protect companies from attacks on emails, links, and other collaborative tools like Microsoft Teams, SharePoint, and OneDrive.
Microsoft Defender for Identity
leverages Active Directory events to detect cyberattacks targeting users and computers that are part of the Active Directory domain.
+ uses the Active Directory data as signals to identify suspicious activities
a cloud-based security solution that prevents, identifies, protects, and resolves advance threats and attacks against user accounts. Provides the ability to monitor suspicious behavior and patterns of users, reduce surface attacks, and investigate suspicious attacks on user accounts.
Microsoft Defender for Endpoint
protects network endpoints such as compute devices.
It provides the first line of defense in the stack, automated investigation, and remediation of breaches and network protection.
+ integrates Microsoft Defender suite, Intune and Microsoft Defender for Cloud.
Microsoft Defender for Cloud Apps
+ operates as an intermediary between the cloud user and cloud provider, mediating the requests sent to the cloud providers.
a cross SaaS security solution that combats cyberthreats across Microsoft services and third-party cloud services. Used to protect cloud-based applications, not on-premises applications that rely on Active Directory for authentication.
Secure Score
is one of the tools in the Microsoft Defender portal. Shows the company’s current security posture. The higher the Secure Score, the better the company’s security posture.
- Report on the current state of the organization’s security posture.
- Improve their security posture by providing discoverability, visibility, guidance, and control.
- Compare with benchmarks and establish key performance indicators (KPIs).
Federated Authentication
Microsoft Entra ID hands off the authentication process to a separate trusted authentication system such as on-premises Active Directory Federation Services (AD FS) to validate the user’s password. Provides third-party multifactor authentication.
Active Directory Federation Service (AD FS)
an identity access solution that provides client computers (internal or external to your network) with seamless SSO access to protected Internet-facing applications or services, even when the user accounts and applications are located in completely different networks or organizations.
Password hash synchronization
enables users to sign in to on-premises and cloud applications using the same password. This ensures that the user’s authentication takes place in Microsoft Entra ID rather than the company’s on-premises Active Directory
Pass-through authentication
enables users to sign in to on-premises and cloud applications using the same password. This authentication type validates the user’s password against the company’s on-premises Active Directory, not Microsoft Entra ID.
Microsoft 365
- a subscription-based service and provides Microsoft apps for employees to use online and offline.
- offers integration with Microsoft Graph 365.
- minimized management overhead
- access to the latest features of its productivity apps.
- Both Office Pro Plus 2019 and Microsoft 365 offer the ability to run Office apps while offline.
- uses Microsoft Entra ID to control access to its resources.
Cloud computing
provides high availability of resources.
Provides geo-distribution, which gives the ability to deploy apps and other resources across regions. The service provider has control of the data center, not the company. In cloud computing, data does not reside locally.
Productivity score report
provides specific recommendations that help organizations to use Microsoft 365 products more efficiently.
Usage report
helps understand how people in the organization use Microsoft 365 services.
Endpoint Manager Admin Center
offers insights regarding the Endpoint Manager functionality, allowing for identifying status of devices used by people within the organization.
Teams admin center
offers insights regarding the Teams status, including user activity and device usage reports.
Viva Personal Insights
Provides the daily briefing email functionality, which includes outstanding commitments and pending follow-ups to emails from other employees as well as documents related to meetings scheduled on that day.
Viva Advanced Insights
provides functionality similar to Organizational Insights, but includes advanced data analytics tools, allowing for customizing scope and focus on its view.
Viva Organizational Insights
provides additional information intended for business leaders, including a comprehensive view of collaboration efforts across the entire organization.
Viva Manager Insights
provides information intended for managers to facilitate management of their teams, helping them, for example, to track the work patterns of their team members.
Endpoint Manager admin center
shows Intune reports about device compliance, health, and trends.
Microsoft Entra ID
reports show sign-in activity and audit logs.
Long-Term Servicing Channel
Designed for specialist systems and devices that don’t run Office apps such as medical equipment or ATMs. These devices typically perform a single task and don’t need frequent updates compared to other devices in the organization. Receives new features every 2 or 3 years.
Viva Connections
Provides access to content curated for individual worker roles within the organization and supports a feed capability for delivery of personalized content through integration with Yammer and Stream.
