Planning a O365 Implementation and Implementing Networking Security Flashcards
What things should you take into consideration with proxy server?
• Most proxy servers have some form of authentication setup with them as default and often time this is usually enabled.
• You’ll need to do one of two thing to enable them to communicate with O365.
○ Disable all authentication
Disable O365 authentication
What tools can be used to measure bandwidth that will be consumed by clients as they access O365?
- Microsoft Message Analyer
- Microsoft Remote connectivity analyser
- Microsoft Support and Recovery Assistant for O365
- Skype for Business Synchronization Calculator
- Exchange Client Network Bandwidth
What is RMS?
Windows Right managements services provide an extra level of security to documents.
Encryption to limit who can access a doc or web page and what can be done with it.
What is Azure Right management services?
A policy- based enterprise solution used to protect your valuable information by controlling who you share it with and what access they get to it.
Two component:
• Information Rights Management (IRM) capabilities
○ Protects emails against unauthorized access
○ Enhances security in SharePoint libraries
○ Protects online and offline information
§ Even if you have a document in O365 and download it to your client machine, the restrictions will stay with it.
○ Integrates with office documents
○ Applied using templates
• Message Encryption
○ Safely share files in email or OneDrive
○ Contains company brand
○ Integrate with exchange transport rules
○ Provides clean user interface
○ Helps protect entire email conversation
How can azure rights management be activated?
• Can be activated using GUI (Graphical User Interface)
○ Azure admin center
• Activate using PowerShell (requires:)
○ 64 -bit Microsoft Online Services Sign-in Assistant
○ 64-bit Azure AD module
○ Install Azure Rights management admin tool
○ Run Connect-AadrmService
§ This will connect to the azure right management service.
○ Run command Enable-Aadrm (To disable it use the Disable-Aadrm command.)
§ This is what actually activates it.
What is the super user roll on rights management?
Full control usage right.
○ Reads files of employees who have left the company
○ Modify current protection policy
○ Manage exchange mailboxes
○ Bulk decrypt files for auditing for legal reasons
○ Recover Documents and protect files
§ PowerShell
§ Download and install the RMS protection tool module
§ Unprotect-RMSFile
§ Protect-RMSFile
Is the superuser roll enable by default?
No.
How do you enable the superuser roll using powershell?
○ Enable-AadrmSuperUserFeature § Enables the feature ○ Add-AadrmSuperUser § Add users to the roll ○ Set-AadrmSuperUseGroup § Allows you to add users to the new roll ○ Add-AadrmRoleBasedAdministrator § Adds users to the azure rights management administrator roll
What 7 things should you take into consideration when planning O365 for On-premise infrastructure.
- Networking
- Identity
- Windows 10 enterprise
- Office 365 Pro Plus
- Office 365 Workloads like EXO, SPO, OD4BO, Teams
- Mobile Device Management
- Information Protection.
How should you check the connectivity of each office before enabling O365 services?
Check the connectivity from each office, use Ping, TraceRT, PSPING & Telnet command to check the connectivity and network performance.
• Ensure users are connecting to Office 365 egress endpoints on their region. Ping command to respective service urls can help you identify it. For example – Ping Outlook.Office365.com for Exchange Online.
How should you prepare for Windows 10 Enterprise?
Microsoft recommends to add and verify the domain that your users are going to use to access Office 365 service, could be UPN or primary email address domain. User addition to Office 365 & assigning license is optional at this time and install Office 365 Pro Plus.
Do an in place upgrade for Windows 7 and 8.1 using SCCM and for the new devices use Windows Auto Pilot Deployment.
• Monitor the device health and ensure it is secure by having Windows Defender.
How can O365 Pro plus be deployed?
Office 365 Pro plus deployment can be done either via SCCM or Office Deployment Tool, we need to consider office updates channels and the frequency.
• Deployment can be through SCCM, ODT from Cloud, ODT from local Source or directly from Office Portal.
Whats an important thing to consider when implementing O365 pro plus?
The update channel that will be used.
Whats an important thing to consider if you deploy O365 using Office Deployment tools?
It has setup file and the configuration information xml to control what needs to be installed on machines.
What does Channel= “Monthly” mean?
Monthly Update Channel