April 27, 2020
MS-100: Microsoft 365 Identity and Services
#M365 #Security #M365Security #CertifiedProfessional #CloudSecurity #CloudFamily #CyberSecurity #Microsoft365 #MicrosoftCloud #Microsoft #alwaysbelearning #MS100 #EXAM #PASSED
the Microsoft 365 Identity and Services Exam. PASSED
#Microsoft #Certified #Professional
Features available to improve security with mobile devices by using encryption and a password policy when connecting to Exchange Online (O365). Anyone who has been a Active Directory Admin will by default expect to configure additional security, the same logic should apply for the Office 365 admin / Exchange Online Admin.
How to configure, start in Exchange Admin Center
Browse “Mobile” and edit the “Default”
To apply additional security settings to mobile services by default. I’ve highlighted some more restrictive settings to configure from the default.
Require an Alphanumeric Password
Min Password Length
Wipe Device on Sign-In Failures
Sign In time
Password Lifetime and Recycle Count
How to enable the feature to prompt for Multi Factor Authentication when joining a device to an Azure Active Directory domain. We would also like to limit the number of devices a user can have to 5.
Start in Azure Active Directory Admin Center
Select Azure Active Directory > Devices
Under Devices click “Device Settings”
Now you can set the max number of devices per user and enforce MFA to join devices
The support desk will require the function to reset users passwords in your environment. Their is a pre-configured role already available in Office 365. Follow these basic steps to assign the “Password Administrator” role to a user.
Open Azure Active Directory Admin Center > Select “Users”> Select a user> Click “Assigned Roles”>”Add Assignment” and Select “Password Administrator” role.
In Office 365, how do you configure external collaboration settings but restrict certain domains from collaboration.
This is all configured under Azure Active Directory Admin Center.
A few clicks and your configured
User settings> External Collaboration Settings > Set the level of restrictions and Save. This example is restricting collaboration with *.outlook.com and *.hotmail.com domains
or if security if a higher priority over flexibility, Disable Members and Guests invite and set “Allow invitations only to the specified domains” Example :
To allow another user to supervise a users outbound email, you will need to create a new policy under “Supervision”
Start by opening the “Security” center from the Microsoft Admin Center
Click “Supervision” and “Create”
Name your policy and click next
Add the users or groups. You have the option to select teams chats also. Untick if not required and click next
Select Inbound / Outbound / Internal to review
Select the % to review
Add the reviewers (Supervisors)
Review and Click Finish
To enable the admins/users to import their own PST files, the users must be given the “Mailbox Import Export” role.
This it how you configure / assign the users the role.
Login to the Microsoft 365 Admin Center and Open “Exchange” admin center.
Click “Permissions” > “Admin Roles” and “+” Add a new role
Enter details (example info), Add “Mailbox Import Export” role. Click Save
Start in Microsoft 365 Admin Centre and browse to Azure Active Directory
Browse all services and click “App Registrations”
Click “New Registration”
Enter application details and URL
To setup calendar sharing in Office 365 with another External Office 365 Exchange go to the Exchange Admin Center.
You have the option to add an individual or an organisation. See example below
For further information visit: