**Communicating with Microsoft: A Guide to Feedback and Support**

Microsoft offers several channels for customers to communicate directly with the company, including feedback and product experiences, Windows Feedback Hub, Microsoft Tech Community, and user voice forums. These sites provide a platform for users to share their ideas and contribute to the improvement of Microsoft products and services.

**Using the Community Feedback Portal**

The community feedback portal allows users to tell Microsoft about any problems they run into while using Microsoft 365. The portal is accessible at [feedbackportal.microsoft.com](http://feedbackportal.microsoft.com) and provides a way for users to browse or vote on existing feedback from the community. Users can select which service they are interested in or have feedback for, and click into it to view posts from the community, send their own feedback, and upvote comments that match their own.

**Guidelines for Good Feedback**

When creating feedback, Microsoft recommends that users keep their title concise and descriptive, as this will help others find and upvote their feedback. Users should also include one thought per feedback, information about their device, operating system, and applications are automatically included in each reported feedback. This helps support agents to troubleshoot issues more effectively.

**The Microsoft Tech Community**

The Microsoft Tech Community is a place where users can interact with developers, end-users, and Microsoft professionals. The focus of the site initially was on Office 365 but now encompasses Azure, Enterprise Mobility, Plus security, and many other Microsoft technologies. Users can join communities that interest them by navigating to [techcommunity.microsoft.com](http://techcommunity.microsoft.com). Benefits of participating in the community include influencing Microsoft with feedback, constructive comments, and ideas, helping other members with solutions or insights on problems, learning about best practices, new features, and getting the latest information from Microsoft.

**Creating and Managing Technical Support Cases**

In the Microsoft 365 admin Center, users can create and manage technical support cases to resolve issues. To do this, users navigate to the left pane of the portal, click on "Support", then "New Service Request". The system provides a description of the problem and a list of articles that may apply to the issue or help solve it. Users can also request assistance from a support agent by clicking on the headset icon on the top and opening a support case.

When creating a new technical case, users must provide a title and description of their case, as well as a telephone number and contact email address. They must also consent to the recording of calls or not, and choose their preferred method of communication - which can be chat with a support agent, phone with a response time of within five hours, email with a response time of within one hour, or schedule a callback for a specific date and time.

Users can optionally add attachments to further assist the support agents in troubleshooting their case. After providing all necessary information, users click on the "Contact Me" button to create a new unique support case ID and receive confirmation through email to view service requests.

**Viewing and Managing Service Requests**

To view the status of existing service requests, users can browse to [support.microsoft.com](http://support.microsoft.com) and navigate to the "Support" page. This provides a list of all existing service requests as well as previous ones, and allows users to export all service requests or manage existing service requests by reviewing notes or adding new notes as a response to an action item.

Users can also track the progress of their support cases and see the full history of changes carried out while troubleshooting their issue on this page.

"WEBVTTKind: captionsLanguage: enhey this is Andrew Brown your Cloud instructor in exam Pro and I'm bringing you another complete study course and this time it's the Microsoft 365 fundamentals course made available to you here by freecocab so this course is designed to help you pass and achieve the MS 900 Microsoft 365 fundamental certification and the way that we're going to do that is by going through lots of lecture content and doing follow alongs in your own account we've got a full free practice exam so you can simulate the real exam and we've got cheat sheets on the day of the exam that you can use and cram that last minute knowledge so you pass the exam take that certification and prove on your resume or LinkedIn you have that Microsoft 365 knowledge and get that job or promotion you've been looking for just a bit about myself I was previously the CTO of multiple Ed tech companies with 15 years industry experience five years specializing in the cloud I'm in a WS Community hero I've published many many free Cloud certification courses just like this one and I love Star Trek and coconut water I just want to take a moment attack viewers like you for making these free courses possible because the two who buy our additional study material that allow us to produce these free courses if you're looking for more ways of supporting more free courses just like this one the best way is to sign up on exampro.com and in particular for this certification it's ms-900 to get that additional study material there you can get study notes flash cards quizlets downloadable lecture notes which are the slides to all the lecture videos downloadable cheat sheets practice exams you can ask questions and get learning support and more and just by signing up for free you're going to get that free practice exam and cheat sheets with no credit card required and no trial limit so if there are updates of this course the best way is to look on the YouTube and to see if there has been an update you'll click that and that's where you're going to see things like Corrections additions and modifications to make sure you are using the latest version of this course and to keep up to date for upcoming courses the best way is to follow me on Twitter at Andrew Brown and if you do pass the exam or you'd like to know or would like to suggest what course to be produced Next you can go tell me that on Twitter Andrew Brown from exam Pro and we're at the start of our journey asking the most important question first which is what is the ms-900 Microsoft 365 fundamentals so the Microsoft 365 fundamentals is an entry-level Microsoft certification it has absolutely no prerequisites so you don't need to have any prior cloud or SAS knowledge to learn this specific course the course teaches the cloud fundamentals such as Cloud Concepts types of cloud computing and the benefits of migrating to a cloud environment compared to an on-premises infrastructure the core Microsoft 365 services and Concepts we'll be going through the Microsoft 365 solutions that improve productivity facilitate collaboration and optimize Communications such as SharePoint online Microsoft Viva and Microsoft teams we'll cover topics related to the endpoint and deployment options in Microsoft 365 like Microsoft endpoint manager Azure virtual desktop and windows as a service security compliance privacy and Trust in Microsoft 365 like multi-factor education and Defender 365 and we'll cover the Microsoft 365 pricing of subscriptions licenses and support offerings for services here's a simple definition of what Microsoft 365 is so Microsoft 365 formerly Office 365 is the line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line it's a superset of Office 365 with Windows 10 Enterprise licenses and other cloud-based security and device management products so who is this certification for well you should be considering the Microsoft 365 fundamental certification if you are new to cloud and want to learn the fundamentals and benefits of adopting cloud services in general and the software as a service Cloud Model specifically you are a business user administrator or IT professional you want to understand the capabilities of Microsoft 365 and how to build basic Solutions and deploy cloud services in your organization you are a senior Cloud engineer or Microsoft 360 C5 administrator who needs to reset or refresh their knowledge after working for multiple years so now let's take a look at the Microsoft 365 certification roadmap to see where we would go after the Microsoft 365 fundamentals and what kind of roles would be associated with those certifications so at the start you get your Microsoft 365 fundamentals which is at the fundamental level after that we have the associate level certifications such as the modern desktop administrator teams administrator developer or Security administrator it's really up to you to choose which field you're interested in a common route would be something like taking the modern desktop administrator at the associate level then moving to the Enterprise administrator at the expert level it's also common for people to take multiple of these associate level certifications it doesn't have to be just one this is to ensure they have a wide range of knowledge on all of these areas for possible career openings also if you find the cloud to be really cool and interesting you have options such as Azure administrator and Azure developer from there you you could possibly take the Azure Solutions architect or devops engineer at the expert level so you see there are several options for you to choose from and these are not all the ones on the list once again it's up to you to decide what you want to specialize in and there is no perfect route but these are just a few suggestions for you to decide on your own so how long is it going to take to pass this certification well it's going to really depend on your background but if we had to generalize it we can look at it as kind of a scale and so if you are at the beginner level you're looking at roughly 15 hours and when we say beginner we're saying someone that has never used Microsoft 365 or Office Products like OneDrive teams SharePoint purview Etc someone that has never used Microsoft Azure or any cloud provider or someone that has no Tech background or experience and when we're looking at the other side of the Spectrum which is someone that is experienced we're looking at somebody who can watch this at 1.5 to 2 times speed and are able to absorb this information very quickly so they have practical working experience with Microsoft 365 and is very familiar with using them they have experience with Microsoft Azure or any cloud provider like a WS or gcp so they can easily translate that knowledge or they have a strong background in technology where they've worked in the industry for many years and so you know their study time is going to be a lot shorter at five hours or less and so on average most people are going to take about 10 hours to study for this course and when we talk about the kind of stuff you'll be doing it's going to be 50 lecture in labs and we call them follow-ons where the idea is you follow along in your own account and then 50 is the practice exams so if you look at the length of the content which is around four hours then you know you should spend as much time doing practice exams to pass and the recommended time to study is about one to two hours a day for roughly eight days so what kind of effort are we going to have to put in to pass the exam well you have the watch the lecture videos and memorize key information you'll need to do Hands-On labs and follow along with your own account although as a fundamental certification the certification is not very heavy on hands on material but it will still provide a much greater understanding of the topics you'll need to know for the exam and you will need paid online practice exams that simulate the real exam and the last two here were things that I used to never suggest because you could literally just watch the videos and pass however Microsoft has recently updated this exam so it's more difficult and so for these last two points you do have to do these two things for the paid online practice exams that can be hard for some people so I've made it easier for you by providing you with a full free practice exam on exampro.co ms-900 and so you just have to sign up with no credit card required and you'll get a full set of questions that simulate the real exam so for the contents of the exam it is composed of four domains and each domain has its own weighting which determines how many questions in a domain that will appear so for domain one which is cloud Concepts we're looking at 10 to 15 percent for domain two core Microsoft 365 services and concept tips we should expect 50 to 55 percent of the questions from there this is where the most amount of questions are from for domain three security compliance privacy and Trust in Microsoft 365 we're sitting at around 15 to 20 percent of the questions and for domain four Microsoft 365 pricing and support we have roughly 10 to 15 percent of the questions so just to emphasize for domain two you will need to know a wide range of the core Microsoft 365 services but you also need to know in depth about the core services so where do you take the exam well at an in-person test center or online from the convenience of your own home Microsoft has partnered with the test center Network Pearson View and it offers in person or online and these exams are proctored meaning there is somebody watching you to ensure that you are not cheating in order to pass the exam you have to score 700 points out of a thousand and so 700 generally equates to 70 percent but it's around 70 percent because Microsoft uses scaled soaring meaning that they could adjust it based on how many people are passing or failing so always aim to get higher than 70 percent the exam contains 43 to 50 questions so you can afford to get roughly 10 to 12 questions wrong there is no penalty for wrong questions like minus one so you should always choose an answer and the questions come in a few formats multiple choice multiple answer drag and drop and yes or no questions the duration of the exam is one hour or 60 minutes so you have a little more than one minute per question the exam time is 60 minutes but the seat time is 90 minutes see time refers to the amount of time to review instructions Show online Proctor your workspace read and accept NDA and complete the exam and provide feedback and when you do pass the exam the exam is valid forever Microsoft's fundamental level exams do not expire and you do not need to do a recertification so that about covers the introduction of the course foreign hey this is Andrew Brown from exam Pro and we'll be going through an exam guide breakdown of the Microsoft 365 fundamental certification so the first thing you want to do is to go to this link here docs.microsoft.com and dash us slash certifications slash exams slash ms-900 and once you're here you want to navigate to this link called Ms 900 study guide this will open a neatly organized study guide that Microsoft has prepared for us for the Microsoft 365 fundamentals exam we've already covered a general overview on what the exam is who the exam is for and a brief overview on the topics but we'll need to cover the exam breakdown in more detail this is the section we're looking for the objective domain skills the exam measures so we already covered the four main domains describe Cloud Concepts describe core Microsoft 365 services and concepts with the emphasis of 50 to 55 percent describe security compliance privacy and Trust in Microsoft 365 disc Microsoft 365 pricing and support I won't be going through the entire list because it's quite long but I'll point out the ones I know for sure will be on the exam starting with Microsoft SAS iOS and pass offerings the differences between Office 365 Microsoft 365 and Windows 365 you'll need to know public private and hybrid scenarios and compare advantages of cloud-based Services versus on-premises services for the core Microsoft 365 services and Concepts you'll definitely need to know all of these Services listed you'll need to know a brief description of what it is when it's used for some of its key features how does it improve productivity or collaboration Etc I'll just point out the ones I saw mentioned a lot on the exam so Microsoft Outlook and Microsoft Exchange Microsoft 365 apps in OneDrive Microsoft teams SharePoint the ever and Microsoft Viva there will definitely be some questions on Microsoft endpoint manager Windows 365 Cloud PC and Azure virtual desktop deployment and release models for Windows as a service including deployment Rings Viva insights and you'll definitely see Microsoft 365 admin Center and Microsoft 365 user portal for the security compliance privacy and Trust in Microsoft 365 section you'll definitely see principle of least privileged access identity and access management capabilities in Microsoft 365 including Azure active directory and Azure identity multi-factor authentication conditional access Microsoft 365 Defender Defender for endpoint Defender for Office 365 Defender for identity and the Microsoft Defender portal Microsoft secure score Azure Sentinel service trust portal and compliance manager DLP compliance scores and you'll see a bit of auditing and e-discovery solutions for the Microsoft 365 pricing and support domain pricing model for Microsoft cloud services including Enterprise agreements Cloud solution providers Direct filling available base licensing and management options there were definitely some questions on private public preview and general availability options Microsoft 365 roadmap portal you'll need to know how to create a support request for Microsoft 365 services and you'll need to know the service level agreements once again there's a lot on the list so I couldn't name all of them so name the ones I thought were the most important but throughout the course we'll definitely cover all of the material in great detail foreign hey this is Andrew Brown from exam Pro and we're starting at the beginning of our journey asking the most fundamental question what is cloud computing so looking into the dictionary cloud computing is described as the practice of using a network of remote servers hosted on the internet to store manage and process data rather than a local server or a personal computer so when we're talking about local we describe this as being on premise so being your own office or your own Data Center and this is where you own the servers you hire the IT people you pay the rent or the real estate you take all the risk whereas with a cloud provider if you're utilizing them it's someone else who owns the servers someone else who hires the IT people someone else who pays or rents the real estate and you are only left would be responsible for configuring your cloud services and code and someone else takes care of the rest sounds great doesn't it so now what I want to do is just give you a quick overview of how servers have evolved what we describe is cloud computing from a technical perspective and we'll probably dive deeper into this later in the course but we're just going to get a good overview here to understand from a business perspective so way back in the day what we had was dedicated servers if you wanted a server to run your web app or your technology what you had to do is you had to go buy a single dedicated physical machine and that was for one specific business dedicated servers are still used today but there's some downsides with them they're very expensive they're high maintenance however you do get a great level of customization and you potentially can have better Security based on your use case then what came along was virtual private servers where we still had one physical machine but it was still dedicated to a single business so we figured out how to take that physical machine and virtualize it into sub machines so now we can fully utilize or better utilize that physical server with running multiple apps we didn't have to buy four different servers for four different apps we could easily run four web apps into four virtual sub machines then we had shared hosting and this made it a lot easier for anybody who was building websites or wordpresses but the idea here is that you had one physical machine and it was shared by hundreds of businesses so it wasn't a single business sharing the cost it was multiple businesses this relies on most tenants on under utilizing the resources though so if you had 100 people on a server and one person use more of the server than the others then you could all potentially suffer from that case but at the very least you are getting very very cheap servers but there are definitely some limitations so now coming down to Cloud hosting Cloud hosting gives us the best of both worlds so we have multiple physical machines that act as one system which could be described as the cloud and that system is extracted away into multiple cloud services so you get flexibility and scalability it's very secure it's very cost effective and it's highly configurable so that is where we're currently at and that is generally what cloud computing and Cloud hosting is about foreign hey this is Andrew Brown from exam Pro and we are looking at common cloud services so a cloud provider can have hundreds of cloud services that are grouped into various types of services and the four most common types of cloud services for infrastructure as a service which is a topic we will discuss about later would be compute so this is where you have a virtual computer that can run applications programs and code then you have storage so this is where you would have a virtual hard drive that you could store files then you in a virtual networking because you have these computers in storage so you need to put them in some kind of virtual Network to Define internet connections or network isolations and then you have databases so just imagine a database that is running in the cloud or if you're not familiar databases just imagine that it's excel in the cloud but it Powers your web apps one thing I want you to know about the term cloud computing is that even though it says Computing in the word at this point we just use it as a catch-all term so it could refer to all of these categories so when I say cloud computing it could be referring to compute network storage and data database but you can also say cloud storage Cloud compute Cloud databases Cloud networking and people will know what you mean this is Andrew Brown from exam Pro and we are looking at what is Microsoft so you've probably seen this logo before and Microsoft is an American multinational computer technology corporation headquartered in Redmond Washington Microsoft makes software phones tablets game consoles cloud services which is what we care about here today and they even have a search engine and we're not just limited to that list they have tons of stuff but Microsoft is best known for their operating system called a Windows and they've been around since the 1970s so they've been around for quite a while in the tech sphere so now that leads us to the question what is azure so Azure is what Microsoft calls their cloud service provider and so it's called Microsoft Azure where we commonly refer to it as just Azure so here is the logo for it and if you're wondering what is the name behind the service Azure literally means bright blue color of the cloudless sky so that's great you'll hear me say cloud service provider frequently throughout the cloud Concepts portion of the course and it is abbreviated to CSP but that's what Azure is it is a cloud service provider so there you go hey this is Andrew Brown from exam Pro and we are looking at the benefits of cloud computing so what are the benefits well we have a big list here for you starting with cost Effectiveness so you pay for what you consume there are no upfront costs you have pay as you go also abbreviated as poig and you're sharing the cost with thousands of customers so that's how you're getting that low cost another benefit is that you can go Global so you can launch workloads anywhere in the world just choose your own region and you are now in the global market another benefit is that the cloud is secure because the cloud providers take care of the physical security and cloud services can be secure by default or you have the ability to configure access down to the granular level so you have a lot of security controls that you would have and you would normally not have where you'd have to build out on premises now the cloud is also known for being reliable so you can have data backups disaster recovery and data replication and fault tolerance the cloud is also scalable you can increase or decrease your resources and services based on the demand the cloud is also elastic so so you can automate scaling during spikes and drops of the demand when there is no longer the demand for that stuff and finally it's also current so the underlying hardware and managed software is patched upgraded and replaced by the cloud provider without interruption to you and for the last point there are cases of interruption but generally fewer interruptions than you would have on premises so there you go hey this is Andrew Brown from exam Pro and we are looking at the different types of cloud computing and we have this nice pyramid on left hand side to help us understand how each type builds off the other starting at the top of our pyramid we have software as a service also known as SAS and this is a product that is run and managed by the service provider you don't have to worry about how the service is maintained and it just works and remains available so you might not be aware of this but you probably already are using a SAS product so examples of that could be Salesforce or Gmail or Office 365 so those are things that would be considered SAS and these are really for customers so it's just you wanting to use General software on your computer but in the cloud the next category we have is platform as a service abbreviated as pass and so here we focus on the development and management of your applications so you don't have to worry about provisioning configuring or understanding the hardware or operating system and this is really for people that are building apps but they don't think about any of the infrastructure services like this would be elastic Beanstalk on a WS Heroku that is very popular amongst Junior developers which is a third party service for launching web apps and then you have the Google app engine so those are three examples there and these are really for developers so platform as a service makes it easy for developers to build apps on the cloud without worrying about all the stuff underneath at the bottom finally we have infrastructure as a service abbreviated as is and this is the basic building blocks for cloud it so it provides access to networking features computers and data storage space you don't worry about the IT staff data centers and hardware and so examples of infrastructure as a service would be Microsoft Azure AWS or even Oracle cloud and so this is really intended for administrators the main focus of the course will be on Microsoft 365 which falls under the category of software as a service but you will definitely need to understand the differences of the cloud computing types for the exam so that is the three types of cloud computing okay hey this is Andrew Brown from exam Pro and we're looking at the types of cloud computing and responsibilities so we saw the three categories but we don't really understand what it is that we're responsible for and what is the cloud service provider responsible for so let's lay out our categories and we're going to include on-premises into this because technically on premises could be a private cloud and should be in the category here so we have on premises infrastructure as a service platform as a service and software as a service so when we're looking at applications it's going to be the customer's responsibility for on-prem infrastructure as a service and pass but when we have software as a service the cloud service provider is responsible for that when we are looking at the data level it's going to be the same for software as a service the cloud service provider is going to be responsible but for the rest it's going to be the customer and then on the next level for the runtime the cloud service provider will be responsible for the platform as a service and software as a service the customer will be responsible for on-premises and infrastructure as a service for middleware it's going to be the same game for the OS like the operating system that is running on the service it's going to be the same then we get to virtualization the cloud service provider is responsible for the virtualization for infrastructure as a service platform as a service and software is a service so everything except for on-prem then for servers it's the same for storage it's the same and for networking it's also the same so you can see that on premises you're responsible for everything and the farther we move up the types of cloud computing the less responsibility you have hey this is Andrew Brown from exam Pro and we are looking at azure's deployment models the first model we're going to talk about is public cloud and that's where everything is built on the cloud service provider you're not using anything on-prem or in your own data centers everything is running within Azure generally this is known as Cloud native that for some reason Azure calls it the public Cloud so that's what we're going to use in the terminology here so here I have an architectural diagram we have a network on Azure and within that Network we have a virtual machine running in a database running so that would be an example of public Cloud then we have private cloud and so this is where everything is built on the company's data also known as on premises because it's within the premises of the organization like their physical location and an organization could technically be operating their own cloud but it would be private cloud and it could be running an open source Cloud software that mimics what Azure would do such as openstack so it looks very similar but you just put an openstack and it's running a virtual machine or a server and it's also running a database and the last on our list here is how hybrid so with hybrid you are using both on-premises and the cloud service provider and they're connected together and so there's a lot of different networking services that you can use that will facilitate the connection between the two in this case we're using express route express route is a dedicated connection it's like having a fiber optic Line running from your on-premises data center to the Azure Network so it's just one of the ways you can connect and if we wanted to understand the pros and cons I have this nice little table here and we'll just quickly go through it so if you're using public Cloud it's more cost effective for security its screen controls are stronger by default but some people might not find the cloud will meet all their security requirements because of government and Regulatory reasons not because the cloud is not secure but it's just those policies for the level of configuration it's going to be limited based on what the cloud service provider exposes to you so there's a lot of configuration there it's just that if you have your own servers you obviously can do anything and everything with them for technical knowledge you don't need to have as much in-depth knowledge of the underlying infrastructure because as you're not physically setting up servers or networking and everything else now coming down to private Cloud private cloud is the most expensive option on our list so you're going to be paying a lot of money for security there is no guarantee that it is a hundred percent secure because you just don't have the same kind of visibility that you would have with a cloud service provider with all those dashboards it's just so hard to build out all that software but you can meet your security compliance requirements depending on your situation but this is becoming less and less is more governments and larger organizations move over to the cloud you can configure infrastructure exactly how you like because you literally bought the hardware and can do anything you want with it and for the technical knowledge you'll require a serious amount of technical knowledge you might even have a really hard time finding the resources to maintain all that stuff down below we have the hybrid model so this could be more cost effective based on what you offload to the cloud and also the cost of actually moving data back and forth for security you have more to secure but technically some things are easier to secure on the cloud than it is in private so you might have a boost security you're going to get the best of both worlds in terms of configuration and for technical knowledge you're going to need to know both the cloud and how to set things up on premises and that's the most work there and just one more deployment model here I just wanted to briefly touch on Cross Cloud this isn't something that is listed on the actual exam but it's something that you should understand and know and so cross cloud is when you're using multiple Cloud providers some people refer this as multi-cloud or hybrid cloud and so I just have an example here so there's a service called Azure Arc and what Azure Arc does that extends your control plane so you can run containers kubernetes containers on a different platforms and so you could have a WS on the left hand side with eks and gcp kubernetes engine and so you can be running virtual machines and they're all treated like they're on the same network so cross cloud is becoming very popular with extremely large organizations where they have very unique requirements but I definitely want you to know what that is because it just gets left out and it's definitely something that is a part of the industry hey this is Andrew Brown from exam Pro and we're looking at the concept of total cost of ownership also known as TCO so what is the difference between on-premises having your own data centers in comparison with using Azure so you'll notice above it it says capex and Opex we're going to talk about that in the next slide but for the time being we're going to focus on the total cost of ownership so to really make sense of TCO I always use this graphic here and if you're wondering what that is those are icebergs people sometimes think they look like teeth and so just to make this dry a little bit more clear I've added some penguins and a whale so there's no mistaking it and the reason we're using this as a representation is because we have the top of the iceberg which are the costs that we're generally concerned about but then we have those hidden costs those costs that we're not really thinking about underneath the water and if you know icebergs they can be really big underneath so on the left hand side the cost that we generally think of is the software license fees and then for the cloud service provider we look at the subscription fees and so when you're comparing these two sometimes the subscription fees can cost more than the software license fee so you think well we should really just use on-premises because it's more cost effective but when we take in the total cost of ownership and all the costs involved we're going to see a very different picture so on the left hand side if you are on premises you have to deal with the implementation the configuration and the training but you also have to deal with the physical security of your building you have to pay for the hardware you have to pay for the IT personnel you also have to deal with maintenance now on the right hand side on the cloud you still have to do implementation configuration and training but that's about it so there's a big difference in terms of what you have to do and you might ask okay well what is the amount of savings well generally people find that when they move from on-premises to the cloud they save about 75 percent that's a lot of money okay 75 percent of what you generally would spend and so now all this stuff on the left hand side is now azure's responsibility you don't take care of those anymore Azure is going to take care of it for you so that's total cost of of ownership hey this is Andrew Brown from exam Pro and we're looking at Capital versus operational expenditure so on the left hand side we have capex so Capital expenditures on the right hand side we have operational expenditures Opex and so looking at the left hand side capital expenditure is spending money up front on physical infrastructure so deducting the expenses from your tax bill over time a lot of companies especially larger companies are used to dealing with capital expenses and they know how to work their tax bill so that's why a lot of people are afraid to move over to the cloud because they're used to this way of operating but let's talk about some of the things that would be considered a capital expense so again it's anything that's physical and then you're buying it with money up front so computers that would be your server cost if you were to buy hard drives it'd be your storage costs if you bought routers cables or switches for your network if you're purchasing things for backup and archive costs if you had disaster recovery so like an uninterruptible power supply would be an example of that you have your data center costs so that's your rent cooling physical security you have technical Personnel so you're hiring people to do things for you and so with capital expenses you have to guess up for what you plan to spend now let's look at operational expenditure so operational expenditure is the cost Associated when an on-premises data has shifted that cost to the service provider so here in this case it's the cloud service provider and the customer only has to be concerned with non-physical costs so what are some examples of Opex costs well leasing software and customizing features training employees and cloud services paying for cloud support billing based on the cloud metrics so compute usage and storage usage and the advantage here is that operational expenses you can try a product or service without investing equipment so we have flexibility of investment and also from the previous slide covering total cost of the ownership we saw that we have a huge reduction cost so those are two really good reasons to use the cloud hey this is Andrew Brown from exam Pro and we are looking at Cloud architecture terminologies and these are very important to help you conceptualize the advantages of the cloud so we're going to go through these terms and then we're going to go through them again in more detail in further slides so at the top of our list we have availability and this is your ability to ensure a service remains available this is generally known as being highly available or high availability abbreviated to hot that's a term you should know then we have scalability so your ability to grow rapidly or unimpeded then you have elasticity so this is your ability to shrink or grow to meet the demand you have fault tolerance this is your ability to prevent a failure then you have Disaster Recovery this is your ability to recover from a failure this is generally known as being highly durable or high durability so there you go hey this is Andrew Brown from exam Pro and we are looking at the concept of high availability so high availability is the ability for your service to remain available by ensuring there is no single point of failure and or to ensure a certain level of performance so here I have a technical architectural diagram that is describing High availability so the idea behind this is that if you have a server which runs your web application if you were to run redundant versions of your server if anything happened to a single server traffic would always be routed to those other servers and that would allow your service to remain available now having multiple servers is great but what's even better is having multiple servers in multiple data centers because something could happen to a data center it could become unavailable because of the networking issue so by being able to Route traffic to those servers you're going to remain highly available running a workload across multiple availability zones and availability zones is what Azure calls their data centers and shares that if one or two data center becomes unavailable your service will remain available it's very very common to run at least three servers across three data centers now how would you distribute the traffic or manage the traffic to all three well that's where an Azure load balancer comes into play represented as a green diamond with the arrows that is the representation of a load balancer so a load balancer allows you to evenly distribute traffic to multiple servers in one or more data centers and if a data center or server becomes unavailable so in healthy the load balancer will route the traffic to only available data centers with servers so there you go that is high availability hey this is Andrew Brown from exam Pro and we're looking at the concept of high scalability and this is your ability to increase your capacity based on the increasing demand of traffic memory and computing power if you are a growing company you're going to have to scale up you're going to have to get bigger and better servers but there are different types of scaling so the first type of scaling is vertical scaling this is the most obvious one people are going to think of and it's called scaling up what we do is we just upgrade to bigger servers we need bigger stronger and faster computers for instance if your server requires more processing power vertical scaling would mean upgrading the CPUs you can also vertically scale the memory storage or network speed there's another kind of scaling called horizontal scaling and horizontal scaling is described as scaling out what you're doing is you're just adding additional servers because we saw with the high availability we have a load balancer we can distribute traffic to multiple servers and three servers can equal the same thing as one big server so horizontal scaling is when we add more servers of the same size for example if you are hosting an application on a server and find that it no longer has the capacity or capabilities to handle traffic adding a server may be your solution hey this is Andrew Brown from exam Pro and we're looking at the concept of high elasticity and this is your ability to automatically increase or decrease Your Capacity based on the current demand of traffic memory and computing power so this sounds a lot like high scalability but the key difference is that it's automatic and you can decrease the demand not just increase it so the way we would do that is that we would have a virtual machine or server and if we needed more servers we would add more servers and if we needed less servers we would remove servers or servers that are not being used and so this is going to be accomplished using horizontal scaling so when we say we're scaling out this means we're adding more servers of the same size when we're scaling in this means we're removing servers of the same size generally you're not going to use vertical scaling for a high elasticity this is because it's just extremely difficult to vertically scale for example if you have to increase your storage drive and then you decrease it you could potentially lose data so it's not a good idea or even feasible to do vertical scaling with high elasticity now how would you accomplish a list City on Azure well you'd use azure's VM scale set so scale sets automatically increase or decrease in the response to demand or based on a defined schedule and then we have SQL Server stretch database these dynamically stretch warm and cold transactional data from Microsoft SQL Server 2016 to a Microsoft Azure it's not something that we're going to cover but it's generally the same concept of what scale sets do so there you go that's high elasticity hey this is Andrew Brown from exam Pro and we're looking at the concept of being highly fault tolerant and this is the ability for your service to ensure there is no single point of failure preventing the chance of failure so when we looked at high availability we also said that there was no point of failure but when we really talk about that we're really talking about being highly fault tolerant because there's the word failure in the word and that is what being fault tolerant is so how do we prevent failure well we use the concept of failovers so failovers is when you have a plan to shift traffic to a redundant system in case a primary system fails and so I have a Graphic here that represents a primary database failing over to a secondary database so the idea is that we have a copy of our production database and we're going to call that a secondary system and every time something is written to our primary database it's going to be synced so it's going to be sent over to our secondary database so it's up to date with the latest database and then if the primary database happens to fail for whatever reason whether it's Hardware or otherwise it's going to detect that there's something wrong with the prime primary database and it's going to fail over to the secondary database and the secondary database is going to be promoted to being the primary Database The key thing to understand is that the secondary database is on standby it's not in actual use it's only in use when the failover occurs so what would you use in Azure to build out a highly fault tolerance system that's where Azure traffic manager comes into play so this works at the DNS level the idea here is that you can fail over from a primary system at the DNS level to a standby secondary system this is really great if you have Regional failures you could probably also use a load balancer but this is the case that I'm showing here so there you go hey this is Andrew Brown from exam Pro and we are looking at the concept of high durability so this is your ability to recover from a disaster and to prevent the loss of data so solutions that recover from a disaster is known as Disaster Recovery Dr you can think of durability as a measurement of how healthy and resilient your data is you want your data to be as safe and secure when you retrieve it as it was on the day you stored it so I'm just going to ask you a few questions to help you think about how to be highly durable so one question would be do you have a backup in place how fast can you restore your backup does your backup still work how do you ensure a current live data is not corrupt data loss can happen through human accident natural or man-made disaster or even malicious action out of your control whether you store data in your home office or with a cloud provider that data needs to be protected as much as possible for many event that could damage or destroy it you need to ensure that you have the questions listed to be answered with an appropriate solution to ensure high durability there are a variety of services to implement high durability so it's not just a single service so that is the concept of high durability and that is the full list of cloud architecture terminology this is Andrew Brown from exam Pro and so before we talk about Microsoft 365 let's talk about the evolution from Office 365 to Microsoft 365. so Office 365 was designed to bring together its existing online products to a continually up-to-date cloud service it combined the core productivity apps such as word excel PowerPoint Outlook Etc and the collaboration and communication tools such as exchange SharePoint and Skype for business Microsoft's Cloud productivity Services have expanded much beyond what most people think of his office in recent years resulting in Microsoft 365 therefore renaming Office 365 to Microsoft 365 reflects the extension of features and benefits beyond the core Office 365 products and services Microsoft 365 includes everything in Office 365 and more such as Windows teams and other cloud-based security and device management products and services it's designed to help people and businesses achieve more with Innovative apps intelligent cloud service is and world-class security Microsoft 365 is a subscription service that ensures you always have the most up-to-date modern productivity and collaboration tools you'll always have access to the most up-to-date features fixes and security upgrades as well as technical assistance if you already have an Office 365 subscription it automatically becomes a Microsoft 365 subscription and no action is needed from your end so that gives us a bit of background of how Microsoft 365 came to be hey this is Andrew Brown from exam Pro and we'll be talking about Windows 365. many of you are probably familiar with Windows Windows is a well-known operating system with the most recent versions being Windows 10 and 11. so what is Windows 365 Windows 365 isn't it operating system and it isn't installed on your computer in the same way that Windows is it's a subscription service for organizations that allows you to create and run PCS remotely Windows 365 is referred to as a cloud PC this is because it securely streams your personalized Windows desktop apps settings and content from the cloud to any device a cloud PC is a virtualized computer environment that allows you to stream your Windows Experience from Microsoft's Cloud to any device with a cloud pc windows evolves from a device-based operating system to hybrid personalized Computing so Windows 365 has the following capabilities it's simple to deploy and manage from a single console it uses a local profile that is stored directly on the cloud PC you can easily set up and scale Cloud PCS to fit your needs and securely support changing Workforce needs and new business scenarios it provides native integration across Azure active directory Microsoft Defender Microsoft 365 applications and Microsoft endpoint manager and it's also dedicated to a single user Windows 365 is available in two subscription offerings Windows 365 business which is made specifically for smaller organizations of up to 300 seats who want ready to use cloud PCS with simple management options Windows 365 Enterprises for larger organizations who want unlimited seats for creating Cloud PCS so that's windows 365. hey this is Andrew Brown from exam Pro and we're taking a look at the main part of the course Microsoft 365. so Microsoft 365 is a cloud-based subscription service that consists of an integrated portfolio of products like office apps teams Windows world-class security and more it helps solve today's challenges to productivity and secure work from anywhere it helps you be more productive from anywhere with the right tools you can enable your team to perform at their best with Cloud technology to improve team collaboration for many location Microsoft teams helps you connect with colleagues through chat voice and video it lets you create content with built-in office apps and use the power of artificial intelligence to improve work you can use integrated tools to simplify work and automate manual processes with Microsoft Viva you can build a culture that allows your people to achieve their best from anywhere and you can easily transition from computer to mobile devices with Innovative mobile apps enabling you to stay productive on the go so with Microsoft 365 you can secure your organization with reliable technology G it elevates and modernize your security manage risk and meet compliance standards on Microsoft's trusted Cloud it ensures only the right users have access with Azure active directory multi-factor authentication and biometric access like Windows hello with Microsoft endpoint manager you can deploy a seamless end-to-end management solution and gain Insight across all connected devices with Microsoft 365 Defender it protects your company against sophisticated cyber attacks and you can get real-time analysis of your current security posture with Microsoft secure score moving on to the cost Effectiveness and efficientness factors so you get one cost-effective solution with Microsoft 365 you consolidate into a single platform versus by numerous platforms for multiple capabilities you save out Automation and process improvements through workflows dashboards and AI it reduces your total cost of Risk by enhancing your security and compliance posture and 365 manages hardware and software more efficiently so it can focus on strategy it reduce hard cost us like real estate and travel through flexible work from anywhere you can also access Microsoft 365 through portal.office.com so that's the general overview of Microsoft 365. hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft 365 apps so Microsoft 365 apps is a suite of apps that help you stay connected and complete your tasks these apps consist of the office suite of applications such as word excel PowerPoint OneNote Outlook teams and more Microsoft 365 apps provides the benefits of the cloud giving you the flexibility to work from anywhere at any time on any device helping you be more productive so let's go over the three key features of Microsoft 365 apps Microsoft 365 apps allow you to work across multiple devices depending on your plan you can install Microsoft 365 apps on up to five PCS or Macs as well as five tablets iPad windows or Android the apps that you work with are always up to date you won't have to spend time installing updates or worrying about when new features will be introduced you and your co-workers will always be working with the latest up-to-date features Microsoft 365 apps lets you work intelligently through connected experiences it includes intelligent features also called connected experiences to help you get work done faster and create amazing content also in terms of subscriptions Microsoft 365 apps are available in both Microsoft 365 Apps for business and Microsoft 365 apps for Enterprise subscriptions so here we have a list of some of the applications included in Microsoft 365 apps we'll give a general overview of what they do and for some we'll cover in Greater detail later on in the course Microsoft teams can help you bring everyone together in one location to meet chat call and collaborate word can help you create impressive documents and improve your writing with built-in intelligent features like Microsoft editor and researcher Excel can help you simplify complex data and create easy to read spreadsheets and visualizations PowerPoint can help you easily produce polished presentations that stand out with intelligent features like presenter coach and PowerPoint designer Outlook allows you to keep track of your email calendar tasks and contacts all in one in place OneNote can help you keep track of your notes by organizing them into tabs and subsections resulting in a single digital notebook so that's the overview of Microsoft 365 apps hey this is Andrew Brown from exam Pro and we'll be going over the Work Management capabilities and tools in Microsoft 365. the first one we'll be talking about is Microsoft Project so Microsoft Project is a powerful project management tool designed for larger more complex work tasks project for the web is Microsoft's most recent offering for cloud-based work and project management it provides simple and Powerful Work Management capabilities to meet most needs and roles project managers and team members can utilize project for the web to plan and manage work that requires Dynamic scheduling subtests and or dependent tasks regardless of Team size you can take on tasks of various sizes from little projects to large initiatives so now let's go over some of the features of project so you can start a project quickly and assign tasks and schedules while keeping team members and managers on the same page project provides the smart scheduling engine which will automatically update the timeline saving you time and effort you can utilize the easy to use views such as grid views Camden style task boards and timeline Gantt charts you can integrate with Microsoft teams to improve collaboration across the project in power bi you can create attractive interactive dashboards to see every aspect of the project at a glance finally it's extensible with other platform apps and data because project is built on the Power Platform so that's Microsoft Project hey this is Andrew Brown from exam Pro and the next Work Management tool in Microsoft 365 we'll be talking about is Microsoft planner so Microsoft planner is a user-friendly collaborative task management tool for planning managing and completing task-based initiatives it provides a simple and visual way for teams to organize their work planner is a web-based application that can be accessed from anywhere and it also has a mobile version for IOS and Android so now let's go over some of the features of Microsoft planner so you can create a plan to give task-based teamwork structure and to organize the activities in your project you can assign and manage tasks on a canvan board using task cards and add those tasks to buckets task cards provide various information such as due dates status priority checklists labels and file attachments you can manage the notifications you receive to stay on top of deadlines Microsoft planner lets you keep track of your team's progress with colorful visual cues and built-in status reporting you can utilize visuals like the task board charts page page and scheduled view summarize the status of your entire plan and individual tasks you can also integrate with teams by adding a tasks by planner tab so that lets you assign tasks with admissions in Word Excel and PowerPoint and add your plans to your Outlook calendar so that's Microsoft planner hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft bookings so Microsoft bookings is a web-based appointment scheduling and management system with Microsoft bookings scheduling and managing appointments is made easier it includes a web-based booking calendar and integrates with Microsoft Outlook to optimize your staff's calendar and give your customers the flexibility to book a time that works best for them so now let's go over some of the features of Microsoft bookings so by using the web-based business facing page you can Define appointment types and details manage employee schedules set business hours services and pricing and customize how appointments are scheduled you can also allow extra time between appointments for any pre or post appointment tasks you can create a booking page where your customers and clients can make their own appointments and reschedule them you can also share the booking page with a direct link on your Facebook page or by embedding the link into your website Microsoft bookings provides automatic appointment notifications via email and SMS to ensure that customers receive proper confirmation stations and reminders you can view your appointments access customer lists and contact information and make manual bookings on the go with the business facing mobile app you can also integrate with Microsoft teams or Skype for business to support virtual appointments and bookings calendar management through the bookings app and teams so that's the list of features for Microsoft bookings hey this is Andrew Brown from exam Pro and we'll be talking about the last Work Management tool in Microsoft 365 on the list Microsoft Hadoop Microsoft to do is an intelligent task management app that makes it easy to plan and manage your day it provides a smarter more personal and intuitive way for people to stay organized and make the most out of their day to do is powered by Office 365 exchange online and can be integrated with Outlook and planner Microsoft to do is available on a variety of platforms including iOS Android windows and the web to do empowers you to complete the most important tasks you need to get done every day whether they are for work school or at home so now let's look at some of the features of Microsoft to do Microsoft to do provides a daily to-do list called my day that will help you focus and complete your most important tasks you can utilize Smart Suggestions to add tasks upcoming or overdue tasks you can get an overview of what you accomplished yesterday and tasks you didn't complete lists can be made for any occasion and shared with others to do lets you break down more complex tasks into subtests you can separate lists of tasks generated from flag dial book emails you can also schedule reminders and repeatable tasks and finally you can view your assigned tasks from planar into do so that's the list of features for Microsoft to do hey this is Andrew Brown from exam Pro and we'll be talking about business class email and calendar with Microsoft Exchange Microsoft Exchange online is a hosted messaging solution that delivers the capabilities of Microsoft Exchange Server as a cloud-based service it allows users to access email calendar contacts and tasks from PCS the web and mobile devices all in one place it integrates fully with all other Microsoft 365 workloads making Administration easy one thing you might be wondering is what's the difference between Microsoft Exchange online and Outlook well exchange is a mail server which means it's a dedicated Network Resource Management program whereas Outlook is an email client which means it's a software program installed on your desktop that is designed to send and receive emails so let's go over some of the features of Microsoft Exchange online Microsoft 365 syncs your emails calendars and contacts across all of your devices ensuring that you are always up to date no matter where you are you can create your own custom format add images and use your own domain name based on where you live you can create a public folder for shared access to provide an easy way to collect organize and share information with other people in your work group or organization you can share your calendar in exchange online to allow businesses to collaborate with other businesses and to let users share their schedules with others you can set up new users restore deleted accounts and create custom scripts and more exchange also is secure it has built an anti-spam and anti-malware protection customizable anti-spam and anti-malware policies and many more security features so that's the list of features for Microsoft Exchange online hey this is Andrew Brown from exam Pro and we're taking a look at how to create a Microsoft account so the first thing you want to do is to go to this link here called account.microsoft.com and this will take you to this page here and if you don't already have a Microsoft account you want to navigate to this button here and click on create account so this is the page where you create your Microsoft account here is where you'd enter in your email you want to register with let's go with this one example001 at gmail come and it'll ask you to create a password so let's enter that in here very quickly you'll have to enter in the country you're from as well as your date of birth so the usual things for registrations you'll get a verification code for the email you registered with and you'll have to confirm it to complete the process I have the email account already open so I can get the code here 8802 copy and paste the code into the verification you can choose to receive information tips and offers about Microsoft products and services if you're interested looks like we have to go through this puzzle to prove we're not a bot so we'll go through this very quickly okay great you've now created your Microsoft account so once you have your account created you can try Microsoft 365 for free or you can buy a subscription some of you may already have Microsoft 365 it could be provided by your company or other sources you can go to this link here called microsoft.com en-ca Microsoft Dash 365 slash Microsoft dash 365-business dash standard dash one dash month Dash trial to try Microsoft 365 for free for the purpose of the demonstration we'll sign up for the Microsoft 365 business standard trial for one month first we need to provide our email address so let's enter that in here example 001 at gmail.com then we need to set up our account so we need to provide our name surname business phone number company name company size Etc it should be fine if you don't have one or you may come up with something then we'll need to perform the verification code process again enter in the numbers you got from your phone number you can choose to create a new business email later or create a new business email with a Microsoft domain we'll need to create a new business email with a Microsoft domain let's go with Andrew Brown at example 001 dot on microsoft.com and enter in the password you want this is important because this will be how you'll sign in this is not your email like example zero zero when a gmail.com the next part is the payment process so we'll need to enter in the information required you won't be charged at all if you cancel before one month after this process you'll need to log in with the new business email we created earlier so Andrew Brown an example zero zero one dot on microsoft.com enter in the password so now we're currently at the Microsoft 365 admin Center you can install the latest office apps here such as word excel PowerPoint Outlook teams OneDrive and so much more Microsoft 365 has a ton of services and apps that'll improve your productivity and collaboration within your organization it has many analytical capabilities and its security is world class we'll be covering all these services and features in Greater detail throughout the entire course foreign hey this is Andrew Brown from exam Pro and we're taking a look at how to create a new Microsoft 365 user from within the Microsoft 365 admin Center the first thing you want to do is to open your web browser and navigate to admin.microsoft.com and log in by using your administrator credentials on the left hand navigation menu click on users then active users this will provide the list of available users on the main screen to add a single user click on the add a user button on the top of the page underneath the active users label on the setup the basics page fill in the first name last name display name username and domain for the new user also decide which check boxes to check and more specifically choose the following the first one is automatically create a password check this option if you need the Microsoft 365 admin Center to automatically allocate a new temporary password to the new user the next one is require this user to change their password when they first sign in This is highly recommended as you would normally expect that the user changed the temporary password which you initially sent to a strong password word only they will know the last one is send password and email upon completion combined with the previous checkbox this is the most secure option since you would not have to share the temporary password over any other non-secure means enter the email address to which the new password will be set in the generated text box after having filled in all required information click on next to continue on the assign product licenses page select the user location and choose whether a Microsoft 365 license will be assigned to the user by ticking the appropriate checkbox or if the user will be created without a product license we'll be providing the user with a Microsoft 365 business standard license there's also an app section where you can select specific applications that you want the user to have access to for the Microsoft 365 business standard license there's roughly 29 available once you're satisfied with the settings click on next to continue on the optional settings page you can choose whether the new user will have any additional Microsoft 365 roles such as exchange administrator Global administrator or global Global reader for this example we won't Grant the user admin access click next to continue this will lead you to the review and finish page fill in any additional user profile information if you wish to review all user information and click finish adding your new user should now appear in the Microsoft 365 admin Center active users home page hey this is Andrew Brown from exam Pro and we're taking a look at how to access all the Microsoft 365 online apps we won't be providing an overview of the functionality offered by each app because the course will provide a detailed overview of all the important ones for the exam the easiest way to navigate to your Microsoft 365 online apps is to go to the urlcultoffice.com and sign in with your credentials then on the top left corner click on the dotted Square icon and click on all apps this should provide the list of Microsoft 365 apps you have available according to your license in this case these are the apps available for the Microsoft 365 business standard license alternatively you can view the apps in a larger perspective by clicking on the explore apps button or going to the URL calledoffice.com apps you can see apps here such as bookings calendar Excel OneDrive Outlook planner and many more that will meet your business needs add-ins can be accessed as well by clicking on the top right button here at insert Microsoft 365 certified apps which are listed in the Microsoft appsource portal available at appsource.microsoft.com the add-ins integrate with Microsoft 365 apps to extend the native functionality with more granular and specialized features so that's how you can access all the M365 online apps hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft teams and its core components and the value it provides when it comes to collaboration workloads so Microsoft teams is your organization's core Center for collaboration with a chat based workplace to help everyone work more productively it's an app for people and teens to come together stay connected and get things done across work home school and on the go so the first component of Microsoft teams we are going to talk about are the teams and channels so teams are a collection of people content and tools surrounding different projects and outcomes within an organization it's designed to bring together a group of people who work closely to get things done teams can be public and open to anyone within the organization also a team has a limit of up to 10 000 simultaneous members channels are dedicated sections within a team to keep conversations organized by specific topics projects disciplines or whatever works for your team it's a place where users can discuss and get Hands-On with work there are three types of channels the first type of Channel or standard channels this can be open to all team members next we have private channels which are for selected team members the last type of channel are shared channels this can select people both inside and outside the team so the next component of Microsoft teams we'll be talking about is the chat and instant messaging so chat and instant messaging lets you work together without cluttering up your email and keeping it clear for important messages some of the advantages of using chat and instant messaging include it keeps the people informed by chatting what unwinder in groups it encourages open debate by asking questions and encouraging open discussion you can start a call or share screens to get things done faster the messages are sent in real time but it doesn't disturb your co-workers work you can use your mobile device to chat to stay in touch no matter where you are teams can be used to share useful files and store everything in one place you can host audio video and web conferences and chat with colleagues from within and outside your company so another component of Microsoft teams is called Microsoft teams phone Microsoft team's phone is a secure integrated calling service that combines traditional and modern features it can be used on your computer tablet mobile device or desk phone to stay connected with voice and video calling teams phone has updated Cloud calling features like voicemail transcription and group call pickup to elevate your experience beyond that of traditional calls with teams phone you can seamlessly transition calls from your home Wi-Fi to your cellular service while on the go and then back to your office Wi-Fi once you arrive you can also start a call from chat contact card Outlook or the calls app to save time and reduce costs so that's Microsoft teams phone and that gives us an overview of the core components of Microsoft teams and the value it provides in collaboration workloads hey this is Andrew Brown from exam Pro and we'll be going over some of the collaborative apps we can use to extend teams so a collaborative app is a solution integrated or built into teams that enables employees to work better together using the tools they already know apps for teams can be simple or complex depending on your needs it could be as simple as sending notifications to channels or users or as complex as multi-service apps incorporating conversational Bots you could Implement natural language processing or even embedded web experiences some of the ways that you can extend teams using collaborative apps are how are bi and teams can help your organization to collaborate with data to achieve better outcomes power apps can help you build apps to add directly into teams by creating a tab power automate can help you automate tasks and processes all within teens Dynamics 365 and teams integration can provide high level details of your customers ensuring that you have useful contacts that are prepared for customer interactions Tower virtual agents allows you to create chat Bots that can be integrated into teens you could also integrate with with third-party partners and services for more capabilities within teams like servicenow or Salesforce so those are some of the ways you can use collaborative apps to extend teams hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft Power Platform so Microsoft Power Platform is a line of business intelligence app development and app connectivity software applications Microsoft Power Platform is composed of four key products power apps power automate power bi which stands for business intelligence and powered virtual agents and we'll be talking about these four products in a bit more detail in the next couple slides before we talk about the four key products of Power Platform we want to talk about the cross-cutting features which enable Microsoft Power Platform to be leveraged to its full potential some of these are AI Builder which lets users and developers add AI capabilities to the workflows and power apps they create in use it adds intelligence to your workflows and apps and predict outcomes to help improve business performance without writing code Microsoft dataverse is a scalable data service and app platform which lets users securely store and manage data from multiple sources and integrate that data in business applications using a common data model to ensure days and consistency to users connectors enable you to connect apps data and devices in the cloud there are more than 600 connectors for Microsoft Power Platform enabling all your data and actions to connect cohesively so let's start talking about the key products of Power Platform starting with power apps powerapps provides a rapid low code development environment for building custom apps for business needs it has Services connectors and a scalable data service and app platform to allow simple integration and interaction with existing data some of the features of power apps include enabling the creation of web and mobile applications that run on all devices it has an easy user experience for app development with a simple interface so that every business user or Pro developer can build custom apps it provides over 200 connectors to integrate data and systems it enhances productivity with pre-built AI scenarios powerapps provides private and secure submission of information so that's powerapps the next product we'll be talking about is power automate power automate lets users create automated workflows between applications and services it helps automate repetitive business processes such as communication data Collections and decision approvals the following is a list of power automate features Tower automate allows for the creation of Enterprise grade process automation it provides a simple interface allowing every level of user to automate work tasks from beginners to season developers it provides hundreds of pre-built connectors power automate provides AI Builder it can predict outcomes to improve performance so that's power automate the next product is power bi which is a business analytics service that delivers insights for analyzing data it can share those insights through data visualizations which make up reports and dashboards to enable fast informed decisions some of the power bi features include it can scale across an organization and has built-in governance and security allowing businesses to focus on using data more than managing it it takes company data and lets you to display it in the most user-friendly way possible power bi offers a wide range of detailed and attractive visualizations as you can see on the image on the right it can access vast volumes of data from multiple sources it helps to gather analyze publish and share Excel business data power bi also enables you to perform real-time stream analytics so that's power bi finally the last product we'll be talking about is power virtual agents power virtual agents enables anyone to create powerful chat Bots using a guided no code graphical interface without the need for data scientists or developers it minimizes the it effort required to deploy and maintain a custom Solution by empowering subject matter experts to build and maintain their own conversational Solutions some of the power virtual agents features include users can enable chat Bots to perform in action by simply calling a power automate flow close help users automate activities or call back-end systems reduce costs by easily automating common inquiries and freeing human agent time to deal with more complex issues users can utilize existing flows that have been created in their powerapps environment improve customer satisfaction by allowing customers to sell help and resolve issues quickly 24 7 using Rich personalized bot conversations so that's the overview of Power Platform and its key products hey this is Andrew Brown from exam Pro and we'll be talking about what Yammer is and how Yammer helps communities connect and grow Yammer is a secure Enterprise social network internal to an organization the Amber connects and engages leaders and co-workers from any location to share ideas co-create culture coordinate on strategy and innovate it was designed to help you connect with people across your organization who you might not work with directly Yammer helps facilitate Community collaboration and idea sharing for your organization you can access yabra through your browser or install it on your desktop or mobile device the average supports both internal and external networks to help users communicate and collaborate an internal network is restricted to users inside the organization whereas an external network is open to users outside the organization's domain users and external networks must be invited so now we'll be going over some of the details on how Yammer helps connect leaders and employees to build communities share knowledge and engage everyone Yammer helps facilitate leader engagement it helps align people toward a shared vision and objectives to drive organizational change and it Fosters two-way dialogue between employees and Leaders with a leadership Community he ever modernizes employee communication it helps keep everyone informed and engaged across web and mobile and it shares news and announcements that reach users as interactive discussions in Microsoft teams and Outlook the Aver helps engage your employees to ensure that every voice within the organization is heard and it provides communities for employees to connect share and build relationships he ever encourages knowledge sharing so you can share knowledge best practices ideas and feedback across the organization you can also use questions and answers to gain Solutions highlight the best answers and up the replies finally the Amber Powers communities in Microsoft 365 you can engage in fully interactive discussions without leaving your Outlook inbox and bring the power of communities to SharePoint with the Yammer conversations web part so that's the general overview of Yammer and how it can be used to help communities connect and grow hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft Viva and its core employee experience capabilities so Microsoft Viva is an employee experience platform that empowers people and teens to be their best from anywhere Viva brings together Communications insights Knowledge Learning and resources within the flow of everyday work and collaboration it's experience through Microsoft teams and other Microsoft 365 apps that people use every day there are four different modules for viva viva connections which is used to stay engaged and informed Viva insights which helps balance productivity and well-being Viva topics which is used to connect to knowledge and experts and finally Viva learning which helps make learning a natural part of your day so we'll now be exploring each module in Greater detail starting with Viva connections so Viva connections was created to keep everyone in the workforce connected to each other and you might be wondering well we have so many tools for employee Communications and engagement in Microsoft 365 like SharePoint Yammer to teams and stream why would we need another one well what makes Viva connections unique is that it combines all of these capabilities into a company branded app it's a hub for personalized news Communications tasks people and resources for employees leaders can communicate and engage their employees while employees can access all of the tools and resources they require in one location so Viva connections provides additional functionality through three main components which are listed below first we have the dashboard the dashboard is your employees digital tool set it brings together the tools and resources your employees need enabling quick and easy access whether they are in the office or in the field next is the feed the feed delivers updates to the right people at the right time with powerful targeting and scheduling capabilities and then we have resources the resources experience enables a way to navigate across platforms so that's Viva connections the next module we'll be talking about is Viva insights so Viva insights provides privacy protected insights and actionable recommendations that help everyone in the organization station work smarter and Achieve balance it uses quantitative and qualitative data to empower individuals managers and leaders to improve organizational productivity and well-being so Viva insights categorizes their analytical insights based on personal insights manager insights and organizational insights the first one we'll talk about is personal insights as we mentioned before individuals can gain valuable insights to improve work patterns through actionable recommendations from the personalized Viva insights app in teams for example prepare for the day with a briefing email protect time for Focus work and mindfully disconnect after hours so we'll go over some of the benefits it provides personal well-being through this experience you could access this home page to tap into moments of self-reflection gratitude and breathing breaks stay connected this experience intelligently surfaces prior Communications that might require follow-up AI based task suggestions and meeting assistance make it seamless to schedule one one second to catch up with important people in your network protect time this experience audience makes it easy to schedule focused time to work uninterrupted during the day before it fills up with meetings Daily Briefing the daily briefing email from viva automatically appears in your inbox near the start of the day the email provides recommendations of documents for you to review prior to the day's meetings effective meetings meeting organizers will be able to view personalized insights and suggestions to help improve their meeting habits and feedback for their meetings so the next analytical Insider manager insights manager insights can help you build a healthy and effective team managers can easily understand current team norms and take action to achieve positive change with the Viva insights tool in teams let's look at the three key features under the my team tab for managers first we have nudges you can use intelligent nudges or reminders help you stay connected with your team it helps you keep up with managerial demands like scheduling one one second in responding to requests and emails and document mentions recognize strengths and accomplishments through send praise to increase engagement in morale next are the reflective insights these are insights that can help help influence your team culture this can help identify personal work patterns and behaviors that may be impacting team stress and feelings of burnout in Outlook you can gain insights through the briefing and digest emails lastly we have action plans this is where we can create action plans to help develop positive team standards hit prioritize team well-being by promoting healthy norms and boundaries like setting shared recurring no meeting days or quiet hours for focused and uninterrupted work next we have Viva insights organizational insights so Viva insights provide organizational views to senior Business Leaders CEOs business unit leaders and other department heads these experiences show leaders in aggregated view of work and collaboration patterns across their organizations let's look at how the visual insights in the my organization tab can benefit your company organizational resilience it helps enable work-life balance Provide one-to-one support connect across boundaries and cohesion within teams Employee Engagement it can promote coaching and development protect employee capacity Drive of employee empowerment and cohesion within teams improve agility it helps organize better meetings and connect across boundaries effective managers this lets us optimize manager meetings protect manager capacity promote coaching and development Empower employees and Foster connectivity operational effectiveness this can free up capacity improve meeting quality keep employees engaged and protect time to get work done transform meeting culture this helps us optimize Meeting hours examine recurring meetings and promote healthy meeting habits so that's the overview of Viva insights and its analytical capabilities the third module we'll be talking about is Viva topics Viva topics focuses on knowledge and expertise it uses artificial intelligence to identify knowledge and experts and then organizes them into shared topics Viva topics helps many businesses in addressing a critical business issue which is providing information to users when they need it for example new employee hires need to learn much new information quickly at encounter terms they know nothing about when reading through company information in Viva topics brings knowledge to your users in the Microsoft 365 apps they use every day so AI automatically creates a topic page for each topic the topic page gives you more details including definitions relevant people and resources from across Microsoft 365 and external sources like servicenow these topic pages are surfaced as topic cards write in apps like office SharePoint and Microsoft teams the topics are displayed to users through topics highlighted on SharePoint Pages topic answers and search results search and office applications topic Center home page so that's the overview of Viva topics the last module we'll be talking about is Viva learning Viva learning is a centralized Learning Hub in Microsoft teams that allows you to easily integrate learning and building skills into your day in Viva learning your team can discover share recommend and learn from content libraries provided by both your company and partners Viva learning Aggregates content from LinkedIn learning Microsoft learn third-party training content and internal content of your own all in one place so while providing AI aggregation and recommendations it also allows managers to assign track and report on training within and across multiple teams there are three main views in the Viva learning app tone which lets you discover new content trending content and browse learning content libraries by alerting which allows you to access your recommendations and assignments as well as bookmarked recently viewed and completed courses and manage which helps you track the progress of recommendations that you made so that's Viva learning and I know that was quite a bit to take in but we've now covered all of Microsoft viva's four modules hey this is Andrew Brown from exam Pro and we'll be talking about SharePoint and how it helps promote collaboration so SharePoint is a cloud-based service that allows companies to share and manage content knowledge and applications in order to improve teamwork you can find information quickly and seamlessly collaborate both inside and outside the company it's a rich collaboration tool for building websites publishing content and storing files some of the features that SharePoint include are building sites and Pages document libraries and lists sharing important visuals news and updates with a team or more broadly you can search and discover sites files people and news from across their organization SharePoint helps manage their business processes with flows forms and lists you can sync and store their files in the cloud so anyone can securely work with them you can catch up on News on the go with the SharePoint mobile app SharePoint also provides three main types of sites team sites or collaboration sites to connect you and your team to share content and resources communication sites are designed to Broad cast information to other teams or to an entire organization Hub sites are used to organize families of Team sites and communication sites together so that's SharePoint and all the features it provides to help promote collaboration hey this is Andrew Brown from exam Pro and we'll be talking about OneDrive and its collaboration features so OneDrive is a Microsoft 365 service that allows users to access share and collaborate files from anywhere OneDrive allows users to View files in a browser share and search content and sync that content so they can access it offline you can work with others inside or outside your organization and terminate sharing whenever you want OneDrive also empowers your organization to control secure and retain that content when necessary so let's go over some of the key features of OneDrive that help promote collaboration users can easily store access and discover individual and shared work files in Microsoft 365 including Microsoft teams from any device OneDrive provides seamless collaboration with files it helps users work faster and smarter with people inside or outside your organization users can create view edit and share files on the go with the OneDrive mobile app OneDrive provides Enterprise grade security and protection for files enabling you to meet some of the strictest compliance requirements out there you can also easily recover files from accidental deletions or malicious attacks so that's one drive and the key features to promote collaboration hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft stream on SharePoint so Microsoft stream is an Enterprise video service where people in your organization can upload View and share videos securely you can share recordings of classes meetings presentations training sessions or other videos that help your team's collaboration so the new version of stream Builds on sharepoint's Rich content management features and uses Microsoft graphs intelligence to enhance videos across Microsoft 365. the earlier version is known as Microsoft stream classic SharePoint Powers file experiences for Microsoft teams OneDrive Yammer and Outlook it provides intelligent video experiences powered by stream across this week it also provides management of video that leverages the power of SharePoint content services for permission sharing compliance governance and customizable portal experiences so that's the general overview of Microsoft stream and how it can be helpful to your team's collaboration thank you hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft endpoint manager also known as mem so your organization probably has Android and iOS mobile phones Windows and Mac OS PCS and custom devices that your employees or users bring to work but how can we configure or support all these types of devices especially with your organization well Microsoft 365 provides the tools and services you need to manage all of these devices through Microsoft endpoint manager Microsoft endpoint manager is a secure and intelligent management solution that improves productivity and collaboration with the familiar experiences users expect it provides it with the flexibility to support diverse scenarios for both bring your own device and corporate owned devices and point manager also helps you solve the challenge of device management in today's mobile and remote work environment so Microsoft and point manager includes the following service and capabilities Microsoft InTune InTune is a 100 cloud-based mobile device management and mobile application management provider for your apps and devices configuration manager configuration manager is an on-premises management solution to manage desktops servers and laptops that are on your network or internet-based tow management toe management combines your existing on-premises configuration manager investment with the cloud using InTune and other Microsoft 365 cloud services desktop analytics desktop analytics is a cloud-based service that integrates with configuration manager Windows autopilot Windows autopilot sets up and pre-configures new devices getting them ready for use Azure ID which stands for Azure active directory Azure ID is used by endpoint manager for identity of devices users groups and multi-factor authentication and point manager admin Center this admin Center is a One-Stop website to create policies and manage your devices these services are part of the Microsoft 365 stack to help secure access protect data and manage risk so that's the overview of Microsoft endpoint manager hey this is Andrew Brown from exam Pro and we'll be talking about Azure virtual desktop also known as avd so Azure virtual desktop on Microsoft Azure is a modern and secure desktop and app virtualization service that runs on the cloud Azure virtual desktop works across devices like Windows Mac iOS Android and Linux with apps that you can use to access remote desktops and apps you can use most modern browsers to access Azure virtual desktop hosted experiences Azure virtual desktop is optimized for flexibility with flexible consumption-based pricing an example of when Azure virtual desktop might be used is when security is a concern because all the data is saved on the server and cannot be left on the device of a user so Azure virtual desktop has the following capabilities you can set up a multi-session Windows client deployment that delivers a full windows experience with scalability there's seamless integration with Microsoft 365 apps for Enterprise and Microsoft teens it provides reduced costs by using eligible windows or Microsoft 365 live instances to access Windows Virtual desktop and pay only for what you use Azure virtual desktop helps keep your team running during outages by leveraging built-in Azure site recovery and Azure backup Technologies it manages the virtual desktop infrastructure for you so you can focus on users apps and Os images instead of hardware and maintenance it also uses FS logic's profile container technology so that's Azure virtual desktop and the key capabilities it provides hey this is Andrew Brown from exam Pro and we'll be talking about the deployment and release models for Windows as a service also known as Ys so Windows client is a comprehensive desktop operating system that allows you to work efficiently and securely whereas Windows as a Services Microsoft strategy of deploying updating and servicing the Windows operating system the windows as a service model is designed to make life simpler for both users and it professionals Microsoft Now updates windows on a regular basis rather than launching a new version every three to five years as it has done with previous versions of the operating system with Windows client there are two release types feature updates and quality updates feature updates are scheduled typically twice a year in March and September they include new functionalities for the operating system quality updates or monthly cumulative updates they contain security patches and other changes to make the operating system more reliable next we'll be talking about servicing channels so servicing channels are the first way to separate users into deployment groups for feature in quality updates there are three servicing channels each Channel each provides different levels of flexibility for when these updates are delivered to client computers the first servicing channel is the windows Insider program which allows businesses to test and provide feedback on features that will be released in the next feature update these features will be delivered as soon as possible during the development cycle through a process called flighting the general availability Channel provides new functionality with feature update releases annually this model is ideal for pilot deployments testing of feature updates and users such as developers who need to work with the latest features the last servicing channel is the long-term servicing Channel which is designed for specialist devices that don't run office apps like medical equipment or ATMs this channel receives new features every two or three years so that's the servicing channels now we'll be talking about the deployment rings so deployment rings are a deployment method used to separate devices into a deployment timeline they are changes that are rolled out in phases to specific groups of users or computers panty risks or development difficulties associated with Windows updates are reduced by this gradual controlled and tested deployment each ring represents a group of users or devices that receive a particular update together so a common ring structure uses three deployment groups preview is for Planning and Development the purpose of the preview ring is to evaluate the new features of the update limited is for pilot and validation the purpose of the limited ring is to validate the update on representative devices across the network broad is for wide deployment once the device is in the limited ring have had a sufficient stabilization period it's time for broad deployment across the network so that's Windows as a service and all the deployment and release models that it has load and deploy Microsoft 365 apps to your client computers so this method uses the ODT to manage your deployment and the office customization tool to create a cloud-based configuration file that specifies the Microsoft 365 apps that are installed the next method is to deploy from a local source with the office deployment tool with this method you may manage your deployment with the ODT and download and deploy office from a local Source on your network the last method is to self-install from the cloud which is probably the easiest one to perform you manage your deployment from the office portal and have your users install office on their client devices directly from the portal so those are the four different methods to deploy Microsoft 365 apps one of the benefits of Microsoft 365 apps is that Microsoft provides new and updated features for office apps regularly Microsoft provides you with something called update channels these allow you to manage how frequently new feature updates are sent to your company here are the three primary update channels for Microsoft 365 apps the first one is current Channel which receives feature updates at least once a month but there's no exact set schedule update this channel also receives security and non-security updates around two or three times a month Microsoft recommends this channel because it provides users with the newest office features as soon as they're ready the next update channel is monthly Enterprise Channel which receives feature updates once a month this monthly update can include feature security and non-security Updates this provides users with new office features once a month on a predictable release schedule and then we have semi-annual Enterprise Channel which receives feature updates every six months this update can include feature security and non-security Updates this is only for select devices in your company that need extensive testing before rolling out new office features Microsoft also provides each update Channel with two other types of updates that are released on the second Tuesday of every month there are security updates such as updates that help keep office protected from potential malicious attacks and non-security updates also known as quality updates are updates that provide stability or performance improvements for office so that's the Microsoft 365 apps update channels types hey this is Andrew Brown from exam Pro and we're taking a look at how to deploy Office 365 using the office customization tool the first thing you want to do is to go to Google and search for office deployment tool and you want to go to the link where it says office deployment tool Microsoft 365 It's usually the first one that shows up and click on it once you click on it it'll take you to the Microsoft 365 office deployment tool page where you can download the office deployment tool so you want to click on download and you can save this to any folder you prefer but for this demonstration I'll place it on the desktop okay the next thing you want to do is to go to the URL called config.office.com so you can access the office customization tool alternatively you can also access this through your Microsoft 365 admin Center in your all admin Center Page and by navigating to office configuration once you are at the office configuration page you'll want to click on go to office customization tool the next step is to click on create this is where you can customize how you want to deploy your office 365. for architecture you can choose 32-bit or 64-bit depending on your system settings for this example we'll select 64-bit for the type of office suite we have a lot of options such as Microsoft 365 apps for Enterprise Microsoft 365 apps for Business Office ltsc Professional Plus 2021 and many more for this example we'll select the Microsoft 365 Apps for business we're not interested in Vizio so we'll select none for this we're not interested in Project products we'll select none for this and we don't need any additional products for the type of update Channel we'll go with current Channel because it's recommended and it provides users with the newest office features as soon as they are ready we'll select latest for the type of version for the app sections you can select which apps you want to include or exclude we can leave this as the default selections for the languages we'll select English for the primary language we won't be needed any additional language tools or packages for the installation options we can choose from Office content delivery Network local Source or Microsoft endpoint configuration manger we can leave this as office content delivery Network in the default settings for the update and upgrade options we can also leave these as the default settings for the licensing and activation section we won't need to make any changes here in the general section it's okay to leave this blank it's not mandatory to provide your organization name and description unless your company requests it for the application preferences we don't really need to select anything here either so you can scroll down and click on finish we'll give this configuration file a simple name called configuration after reviewing all of the configuration settings you can click on download you'll need to specify the format you want as the user's default you can keep the current settings choose office open XML formats or Open document format for this example we'll select keep current settings click ok then click on download again save the XML document on the folder you prefer or the same folder where you downloaded the office deployment tool earlier so now on our desktop we have two files the office deployment tool and the configuration XML file we will need to create a new folder called Microsoft apps for business or you can name it office for short but you'll need to remember this name for the next steps we'll cut and paste the office deployment tool and the office configuration file in the Microsoft apps for business folder we created double-click on the office configuration tool file and select the box and click continue select the folder Microsoft apps for business and click OK this will extract all the files to install Microsoft apps for business into the folder the next step is to move the Microsoft apps for business folder into the local C drive then you'll need to open up command prompt as administrator you'll need to run a few simple commands to complete this process some of you should be familiar with these enter in c d c colon backslash Microsoft apps for business or the name of the folder you created this changes directory to the Microsoft apps for business folder then you run setup dot exe slash configure configuration.xml and this should install office or Microsoft apps for business based on your configuration file you created this can take a while so you'll need to wait for it to complete downloading and installing after this is done you have successfully installed office on your computer hey this is Andrew Brown from exam Pro and we'll be taking a look at the analytics capabilities of Microsoft workplace analytics so Microsoft workplace analytics provides Rich actionable insights into your organization's communication and collaboration Trends to help you make more effective business decisions it creates analysis about how your organization spends its time the Waze people Network and the effectiveness of team collaboration just a quick note as of recording this video workplace analytics is becoming or is already part of Microsoft Viva so let's look at some of the main features of workplace analytics with the workplace analytics features you can see business outcomes in their related research-based behavioral insights that show how things get done in your company use the explore the stats explore in power bi and plans options for more in-depth analysis specific to your organization's data use the templates and queries in the query designer to jump start your analysis and customize them for a more focused or in-depth analysis analyze a specific business process with the business process analysis feature compare tricks between groups with the peer analysis feature and you can select targeted change plans to improve focus collaboration well-being and sales success so that's workplace Analytics hey this is Andrew Brown from exam Pro and we'll be talking about the analytical capabilities of my analytics so my analytics is an application designed to help employees and their managers gain insight into how workers spend their time with the goal of optimizing tasks and making them more efficient the application can track data such as time spent in meetings Outlook emails productivity and time spent working late my analytics is also part of Microsoft Viva so Microsoft organizes these tasks into categories such as Meeting hours email hours Focus hours after hours work who is in a user's Network and a basic time overview the time overview can be used to provide a quick overview of how a user is spending their time the network section focuses on analyzing who a user collaborates with meetings will allow users to see their time spent in meetings and how they manage that time email will show users how much time they spend emailing others Focus hours are time spent working outside of meetings minimum at least two hours of time outside of meetings and after hours is Microsoft's way of stating how much time a user spends working after their official work day also my analytics and insights by my analytics service plans are included with the Microsoft 365 E5 plan so that's my analytics and its key analytical features hey this is Andrew Brown from exam Pro and we'll be talking about the capabilities of the Microsoft 365 admin Center in Microsoft 365 user portal so the definition of Microsoft 365 admin Center is very clear it's designed for its professionals and administrators to manage the organization's Microsoft 365 subscription the admin Center allows you to perform a variety of tasks including managing users checking reports and much more the following list describes some of the main tasks that are done in the admin Center manage users by adding deleting or restoring users manage licenses by adding and removing license manage a Microsoft 365 Group by creating a group deleting a group and editing the name or description manage billing view or create service requests manage global settings for apps view activity reports and view service health so that's the general overview of the Microsoft 365 admin Center next let's talk about the Microsoft 365 user portal so the Microsoft 365 user portal is designed for users to access their email calendar and documents through Microsoft 365 apps like office teams Outlook and more users can sign in with their email account and password through www.office.com only the apps for which the user has a license will be shown the portal allows you to quickly and easily View and edit files that are saved in OneDrive now let's talk about the reports in the Microsoft 365 admin Center so the Microsoft 365 admin Center has reports that can help gather Insight security and how employees are utilizing Microsoft 365 products and services to access these types of reports you must have administrator permissions to access the admin Center go to admin.microsoft.com and sign in with your admin account the following list describes the two types of reports available in the admin Center first we have the productivity score this type of report measures the work done in your company to the work done in similar companies it provides metrics and insights and recommended actions you can take to help your organization use Microsoft 365 products and services efficiently then we have usage you can view these reports to understand how people in your organization are using the products and services you can go further into each product report to get more detailed insights about the activities within each product so here we have an image of the Microsoft 365 admin Center at the reports section displaying the productivity score here we can see the organization score which is currently at one percent or three out of 400 points it provides a summary for section of the people's experiences and categories such as Communication in meetings it will also provide suggestions to improve in these areas and so on next we'll be talking about reports and other admin centers so the Microsoft 365 admin Center also gives you access to other admin centers for specific products and services such as exchange teams and more the following list describes some of the other admin centers and the reports available first we have Azure active directory the reports available here provide a comprehensive view of activity in your environment then we have employ manager Microsoft InTune reporting allows you to proactively monitor the health and activity of endpoints across your organization next we have exchange view reports of email flow within your organization and mailbox migration batches created for your organization there's security and compliance view reports about security Trends and track the protection of your identities data devices apps and infrastructure then we have SharePoint the reports available are about data access governance and help you maintain the security and compliance of your data in SharePoint and we also have teams user activity and device usage reports are available so you can gain insights into the Microsoft teams activity in your organization so here we have an image of the Microsoft 365 admin Center at the all admin centers section as we mentioned before we can see that there's a variety of admin centers listed such as Azure active directory Azure TP compliance and point manager exchange and so on they also provide a brief description on what you can configure and manage so that's Microsoft 365 admin Center and the different types of reports it provides hey this is Andrew Brown from exam Pro and we're taking a look at how to access all the Microsoft 365 admin centers we'll also provide a brief overview of the functionality available in each admin Center Microsoft 365 provides the following admin centers we have the Microsoft 365 main admin Center the main admin Center allows you to manage most aspects of Microsoft 365 Administration including users teams and groups roles resources billing support settings reports and health monitoring the main admin Center can be reached at admin.microsoft.com let's navigate to the all admin centers page to view the full list of admin centers first we have Azure active directory Azure active directory allows you to control identity and access management in Microsoft 365. you can enable multi-factor authentication self-service password reset and edit company branding among other available functions the Azure active directory admin Center can be reached at a ddotportal azure.com next we have the Microsoft you compliance portal which covers an important part in the exam you can use the Microsoft purview compliance portal to meet your compliance and privacy goals you will find Integrated Solutions which assist you in protecting sensitive information manage data life cycles reduce Insider risks Safeguard personal data among other features the Microsoft purview admin Center can be reached at compliance.microsoft.com next we have exchange online The Exchange online admin portal allows us MTP administrators to manage Advanced email settings such as quarantine encryption and mail flow rules among other available features The Exchange online admin Center can be reached at admin.exchange.microsoft.com next we have office configuration this admin Center allows you to manage configure and monitor deployment of Microsoft 365 apps for your organization the office configuration portal allows you to graphically create Office 365 app configuration files XML to be used as input in the office deployment tool which can automate Office 365 deployments and upgrades the office configuration admin Center can be reached at config.office.com we have power apps you can use the Power Platform admin Center to manage activity licenses and policies for user generated power apps which can connect to your data and work across web and mobile power automate manage the automation of repetitive and time-consuming tasks in the Power Platform admin Center where you can set up connections to web services files or cloud-based data and put them to work both the powerapps and power automate admin Center can be reached at admin.powerplatform dot microsoft.com next we have search and intelligence manage Microsoft search settings including services and content that are available for people in your organization make finding internal tools documents and people just as easy as searching the web and Bing let's take a look at security so the security portal is now renamed to Microsoft 365 Defender admin Center use the Microsoft 365 Defender admin Center for visibility into threats to your network and your security posture respond to incidents proactively hunt for threats track your assets and deploy policies to secure your identities devices Office 365 workspaces apps among other features the Microsoft 365 Defender admin Center can be reached at security.microsoft.com next we have SharePoint online the SharePoint online admin Center allows you to manage sites sharing policies storage and all other available features of SharePoint online in OneDrive for business you could also use this admin Center to streamline your data migration to SharePoint online sites in OneDrive for business the SharePoint online admin Center can be reached a tenant name Dash admin dot sharepoint.com next we have stream use the Microsoft stream admin Center to manage video upload settings and organize your corporate video portal the stream admin Center can be reached at web.microsoftstream.com admin we have teams you can use the Microsoft team James admin Center to configure presence messaging conferencing and external communication options for your users as well as any kind of Microsoft teams policy which can be applied to your organization and to your teams and groups the team's admin Center can be reached at admin.teams.microsoft.com finally we have Yammer this admin Center allows you to manage your Yammer social network set a usage policy control external network settings and enable features like translation the Yammer admin Center can be reached at yaber.com tenantbusinessname slash admin there are more admin centers in total but these are the ones available for the specific Microsoft 365 business standard license hey this is Andrew Brown from exam Pro and we'll begin covering the security concepts of Microsoft 365 starting with the zero trust methodologies or the zero trust model in particular this is super important because it really lays the foundation of the way we should be thinking about all the security that we're going to be doing within Microsoft 365 Azure or in any cloud service provider because the zero trust model is really what is being adopted today and we'll talk about why that is so the zero trust model operates on the principles of trust no one and verify everything so nowadays you can potentially encounter malicious actors and they're able to bypass conventional access controls this demonstrates that traditional security measures are no longer sufficient we need to come up with a new way to protect ourselves and so that's where Microsoft has come up with their version of a zero trust model called the Microsoft zero trust model and this is based on three principles and six foundational pillars so in the three principles we have verify explicitly least privileged access and assume breach for the six found foundational pillars we have identities and endpoints an easier way of thinking about endpoints is just thinking of them as devices then we have apps data infrastructure and networks and I would say that if you wanted to put an emphasis on anything it's going to be identities because when an identity attempts to access a resource it must be verified with strong authentication and follow these privileged access principles the zero trust model is not unique to Microsoft gcp has its own zero trust model AWS has its own zero trust model but the one here is just going to really work for Microsoft so let's go in more detail on the three principles that are in the Microsoft zero trust model the first principle is verify explicitly and so this always authenticates and authorizes based on all the available data points including user identity location device service or workload data classification and anomalies the next principle is least privileged access so you limit user access with just in time and just enough access risk-based adaptive policies and data protection to protect both data and productivity then we have assumed breach so we need to minimize blast radius and axis should be segmented by Network user device and application we must also verify end-to-end encryption and use analytics to gain visibility Drive threat detection and improve security so that's Microsoft's version of the zero trust model and the three guiding principles this is Andrew Brown from exam Pro and we'll be talking about the six foundational pillars for the Microsoft zero trust model in Greater detail starting with the most important one so identities verifies and secures each identity with strong authentication across your entire digital estate for each of these pillars we're going to talk about some of the related Services I'm not going to describe too much of what they do because we're definitely going to be covering the important ones in this course in great detail but I want you to get some exposure so you see all these names over and over again so the first one is identity access and management or I am the next one is azure active directory and this one gets a lot of attention due to all its identity and access management capabilities we have single site on multi-factor authentication or MFA passwordless authentication which is a subset of MFA risk-based policies and we have identity secure score and you'll see a few different types of secure score like Microsoft secure score and compliance score in this course so it's something that's very useful throughout Microsoft 365 and azure measure next we have endpoints and it's easy to think of these as devices because their endpoints are used to gain visibility into devices accessing the network ensuring compliance and health status before granting access the endpoint is what grants access for this for this we have Azure ID device manager to register our devices with our identity provider generally the controls underneath which is the mobile device management and mobile application management is managed by Microsoft InTune and this service is now actually a part of Microsoft endpoint manager and if we want to get protection around our endpoints then we have Microsoft Defender for endpoint but we have Defender for a lot features in Microsoft and you'll see that soon enough then you have dlps data loss prevention policies so that we do not lose our data so that it does not get disclosed and we can keep our sensitive data protected so for apps we have discovered Shadow I.T so ensure appropriate in-app permissions gate access based on real-time analytics and monitor control user actions so for this we have policy-based access controls we can use the Microsoft soft Cloud app security Azure ID application proxy e-discovery and we have just in time virtual machine access so on to the last three pillars we have data so use intelligence to classify and label data encrypt and restrict access based on organizational policies so we move from perimeter-based data protection to data-driven protection so here we can use sensitivity labels Microsoft information protection data classification Azure information protection scatter so AIP scanner does decision-based policies and data loss prevention policies all of this stuff listed in the data pillar is in the Microsoft 365 compliance Center this is where all this stuff comes into play which we'll see later on next we have infrastructure so use Telemetry to detect attacks and anomalies automatically Block in flag risk behaviors and employ at least privilege access principles so here we can use the Azure security Center Azure ID managed identities user and resource segmentation vnets hearing rules privileged identity management network security groups application security groups Azure firewall Microsoft Defender for endpoint Microsoft Defender for identity and Azure Sentinel these last three we'll be talking about in Greater detail the last pillar here is Network so ensure devices and users are not trusted just because they're on an internal Network encrypt all internal Communications limit access by policy and employee micro segmentation and real-time threat detection so here we can do Network segmentation Azure DDOS Protection Service Azure firewall Azure web application firewall also known as Waf Azure VPN Azure ad proxy Azure Bastion and SSL TLS so that's the zero trust model six foundational pillars and some of the related services that are associated with each pillar hey this is Andrew Brown from exam Pro and we're taking a look at defense and depth so defense in depth uses a layered approach to security rather than relying on a single perimeter a defense and depth strategy uses a series of mechanisms to slow the advance of an attack there are seven layers of security that Microsoft wants you to know it's kind of similar to the shared responsibility Model A lot of times we see these things when organizations or providers are talking about their security centers like the actual data centers and how they're secured but this is more General it doesn't necessarily have to apply to a data center but let's go and work our way through inside out at the core we have data so access to business and customer data and encryption to protect data then we have application so applications are secure and free of security vulnerabilities then you have compute so access to VMS ports on premises and cloudin then Network so limit communication between resources using segmentation and access controls then you have perimeter so distributed denial of service protection to filter large-scale attacks before they can cause a denial of service for users identity and access so controlling access to infrastructure and change controls and then you have physical security so limiting access to a data center to only authorize Personnel so the idea is that if you really want to get to the data you've got to go through all the steps here these are all the layers of defense and so I just want to give extra emphasis to Identity and access because this one's the most outer one besides the physical security so they would say something like the modern perimeter is defined based on your identity another thing I want to mention is that even though the perimeter layer says it provides distributed denial of service protection to filter large-scale attacks and so on this is actually a bit misleading the DDOS protection standard provides multi-layered protection when deployed with a web application firewall it should protect both of the network layer and at the application layer emphasizing especially on the network layer so here's an architecture of DDOS protection standard being used you can see that it will always be placed in the network layer so it's applied to the virtual Network work subnets network security groups and so on a lot of people get it confused with perimeter layer when it should be the network layer so that's defense and depth hey this is Andrew Brown from exam Pro and we're taking a look at Azure active directory also known as Azure ID and it's Microsoft's cloud-based identity and access management service which helps your employees sign in and access resources it's going to help us both externally and with internal resources so on the external side we're looking at Microsoft 365 the Azure portal and SAS applications and for internal resources we have applications that reside within your internal Network and access to workstations that may reside on premise one of the best features of azure ID is single side on that's what a lot of companies want it for in terms of what types of azure active directory there are it's broken down to four editions with each subsequent tier having all the features of the previous tier and so we have the free tier where you get multi-factor authentication single side on basic security and usage reports and user management we have Office 365 apps so that will give you a company branding service level agreement to sync between on-premises and cloud and the last two I I want you to take note of because we do mention some of the features in this course for these two tiers is premium one and premium two also commonly abbreviated to P1 and P2 so you have hybrid architecture Advanced group access and conditional access and for premium 2 you have identity protection identity governance so again as we move up the tier each of the previous tier has all the features of the prior one so premium 2 has all the features of Premium One in terms of the use case for Azure ID it's for authorizing and authenticating to multiple sources so you can authorize and authenticate to your on-premises active directory to your web application it allows users to log in with their identity provider IDP like Facebook or Google and you can connect to Microsoft 365 or Microsoft Azure Azure ID takes care of all this stuff and so when we're looking at hybrid connections we're talking about Azure dconnect when we're looking at integrating our applications we're doing this through app registrations where we have the b2c service and then you have external identities so that's going to be for your identity any providers and you can also easily integrate with Cloud applications there's no particular service or sub service for that Azure ID naturally does that for you so let's look at the comparison between active directory versus Azure active directory because they're not the same thing so active directory has been around for quite a long time Microsoft introduced active directory domain services in Windows 2000 to give organizations the ability to manage multiple on-premises infrastructure components and systems using a single identity per user and so Azure D takes this approach to the next level by providing organizations with an identity as a service solution for their apps across cloud and on premises so both versions are still used to this day so there's active directory which is used for on-premises and there's Azure ID which is the cloud version and so we see a lot of companies might want to migrate over to Azure D or they might have a particular Legacy licensing that makes it more cost effective or there might be certain security compliances and that's why they're not using Azure ID so both of these are still valid product products just different use cases hey this is Andrew Brown from exam Pro and we're taking a look at Cloud identity models so Microsoft 365 uses Azure active directory a cloud-based user identity and authentication Service that's included with your Microsoft 365 subscription to manage identities and authentication for Microsoft 365. it's very important to set up your identity infrastructure properly if you want to manage Microsoft 365 user access and permissions for your company so there are two identity models available in Microsoft 365. the first one is cloud only identity this is where you maintain your organization's identities only in the cloud and the Azure d-tenant for your Microsoft 365 subscription performs the authentication with the cloud identity account the second one is hybrid identity this is where you maintain your on-premises active directory domain Services identities and use them for authentication when users access Microsoft 365 cloud services and the Azure d-tenant for your Microsoft 365 subscription handles the authentication process or redirects the user to another identity provider we'll talk more about the two identity models in Greater detail later hey this is Andrew Brown from exam Pro and we're taking a closer look at the cloud only identity model so a cloud only identity uses user accounts that exist only in Azure ID it's typically used by small organizations that do not have on-premises servers or do not use a DDS to manage local identities both on premises and remote users use their Azure ID user accounts and passwords to access Microsoft 365 cloud services Azure a de-authenticates user credentials based on its stored user accounts and passwords in terms of administration you manage Cloud identities with tools such as the Microsoft 365 admin Center and windows Powershell because user accounts are only stored in Azure ID and so this is best for organizations that do not have or needed on premises of DDS and their greatest benefit would be that it's simple to use and it requires no extra directory tools or servers so looking at the visual here within your organization you have your on-premises users and your remote users and both of them can access Microsoft 365 with Azure ID using their user accounts all on the cloud so that's the cloud only identity model hey this is Andrew Brown from exam Pro and we're taking a more in-depth look at the Hybrid identity model so hybrid identity uses accounts that originate in an on-premises a DDS and have a copy in the Azure a detented of a Microsoft 365 subscription any changes that you make to a DDS user accounts are synchronized to their copy in Azure ID except for specific account attributes Azure a dconnect provides the ongoing account synchronization so this runs on an on-premises server checks for changes in the DDS and forwards those changes to Azure ID Azure dconnect provides the ability to filter which accounts are synchronized and whether to synchronize a hash version of user passwords known as password hash synchronization Azure a d password hash synchronization is the simplest way to enable authentication for on-premises directory objects in Azure ID continuing out with hybrid identity your on-premises of DDS is the authoritative source for account information when you implement hybrid identity the Azure d-tenant has a copy of the DDS accounts both on premises and remote users accessing Microsoft 36 65 cloud services authenticate against Azure ID so hybrid identity is best for organizations using a DDS or another identity provider and its greatest benefit is that users can use the same credentials when accessing on-premises or cloud-based resources so it's very convenient to use looking at the visual here you have your active directory domain Services accounts and you have servers running Azure dconnect to synchronize and copy the accounts to Azure ID through this both on premises and remote users can access Microsoft 365 to utilize all its apps in cloud services so that's the hybrid identity model hey this is Andrew Brown from exam Pro and we'll be taking a look at multifactor authentication also known as MFA and that's how we'll refer to it throughout the entire course so NFA is a security control that provides an extra level of security where after you fill in your email and password you have to use a second device such as a phone to confirm that you are the owner of the account to log in MFA protects against people who have stolen your password when you're dealing with the verification method it must be based on something you have with you that isn't easily duplicated such as a phone like we mentioned before it could also be something uniquely and biologically have such as your fingerprints face or other biometric attribute by default both Microsoft 365 and Office 365 support MFA for user accounts using a text message sent to a phone that requires the user to type a verification code a phone call and the Microsoft authenticator smartphone app so there are multiple ways you can enable MFA for Microsoft 365 in office 365. the first one is with security defaults then we have with conditional access policies and for each individual user account which is not recommended MFA is available in all Microsoft 365 plans however if you want to gain features such as security defaults or conditional access policies you'll need to get Microsoft 365 business premium or Microsoft 365 E3 there's even Microsoft 365 E5 if you want Azure identity protection so here is an example where you see my email my password and that is called one factor so I've confirmed my identity like in this one case and then you have the second Factor also known as multi-factor that's usually what we call it and in this case we are sent a verification code to our phone to confirm and that's going to let us get into the system so that's MFA hey this is Andrew Brown from exam Pro and we'll be taking a look at conditional access which provides an extra layer of security before allowing authenticated users to access data or other assets so conditional access is implemented through conditional access policies which are a set of rules that specify the conditions under which sign-ins are evaluated and allowed for example you can create a conditional access policy that states if the user account name is a member of a group for users that are assigned The Exchange user password security SharePoint or Global administrator roles require MFA before allowing access this policy allows you to require MFA based on group membership rather than trying to configure individual user accounts for MFA when they're assigned or unassigned from these administrator roles so a conditional access policy analyzes signals signal could be user and location device application real-time risk and we'll go more into detail with all the types of signals in the next slide and the idea is you need to verify every access attempt through Access Control you might have required MFA Locker access and allow access so here is a visual I got from the Microsoft documentation the idea here is you have your signal and you have your user in location application real-time risk and device and here we have to verify every access attempt to meet the conditional access policies that were set to gain access to our apps and data so let's take a closer look at signals signals is metadata associated with an identity attempting to gain access and we'll be going over the full list of signals that are possible conditional access starting with users or group membership so policies Target specific users and groups including admin roles giving admins fine grain control over access then you could have signals that are named location or IP location information so that's a range of ips used when making policy decisions so admins can opt to block or allow traffic from an entire country's IP ranges for devices users with devices of specific platforms are marked with a specific State can be used for applications users attempting to access specific applications can trigger different additional access policies real-time cited risk detection so signals integration with Azure ID identity protection allows conditional access policies to identify sign and behavior and policies can then Force users to perform password changes or multi-factor authentication to reduce the risk level or be blocked from access until administrator takes manual action then you have your Cloud apps or Cloud actions so Cloud apps or actions can include or exclude Cloud applications or user actions that will be subject to policy then there's user risks so from customers with access to Identity protection user risks can be evaluated as part of the conditional access policy user risk represents the probability that a given Identity or account is compromised let's talk about common decisions so these Define the access control that Define what level of access based on the signal information and so this is when we were talking about that verifying steps these are those common decisions so we have block access which is the most restrictive decision then you have Grant access and this is the least restrictive decision but still requires is one or more of the following options so there's require MFA required device to be marked as compliant require hybrid Azure a dejoin device require approved Client app and require app protection policy another important thing to know is that you can use conditional access policies with Microsoft 365 business premium Microsoft 365 E3 and E5 and Azure at D premium P1 and Azure D premium P2 licenses so that's the value of conditional access and how you can use conditional access policies to increase your level of security hey this is Andrew Brown from exam Pro and we're taking a look at how to enable multi-factor authentication for Microsoft 365 users in the Microsoft 365 admin Center there are a couple ways to do this but the easiest way is from the Microsoft 365 admin Center so the first thing you want to do is to go to your app store on your smartphone Android or iOS you want to search for Microsoft authenticator and once you've found it you just download it and install it onto your phone ready to enable the MFA the next section requires you to go to the Microsoft 365 admin page if you work for a business you may not have access to this so you'll need to get it from your it department or get your it support company to do this for you once you're in the Microsoft 365 admin page you need to navigate to the users and then active users along the top right pane along the top here you'll see a button called multi-factor authentication so you click on that and it'll populate the list of users so for this demonstration we'll use the demo user Sam do we created earlier so you see here it says the multi-factor Authentication station status is disabled so we select Sam do and we click on enable and click on enable multi-factor Authentication now the user Sam do is enabled for multi-factor authentication but we need to validate this change so you'll need to go the Microsoft 365 login page or Office 365 login page first we'll need to site in with another account which is Sam do I will sign in as the user Sam do with the username and password I'm just going to copy and paste these in here let's just see what happens here once we enter the password now because we've enabled it in the back end of Microsoft 365. it's asking us to enable multi-factor authentication so it's saying your organization needs more information to keep your account secure so let's click on next so now it's telling us to install Microsoft authenticator as the type of MFA there are a few other ways to set this up such as authentication phone or office phone but we're going to use mobile app for this demonstration as we've downloaded Microsoft authentication earlier so we want to receive notifications for verification so we'll click on next the next thing you want to do is go to your phone and open the Microsoft authentication app and the first thing you want to do is to click on the three dots on the top right and click on add account so we click on add account we should select worker school account and then you'll get a little prob saying scan QR code so we click on there and all we simply do now is point your phone at the computer screen and it'll scan the QR code just wait a couple of seconds and then it'll list it in your authenticator app so you click on the email address so back onto your screen click on next to proceed so now we'll be able to test this out so on your device it's saying please respond to the notification and it will tell your device to approve this site on so you click on approve and it should be successful the notification has been approved and so you click on next the Microsoft authenticator app has been successfully registered so we click done since it's our first time signing on the user Sam do we'll need to create a new password for the user after that's complete the user should be able to successfully log in and the next time the user attempts to sign in you'll need to approve using the Microsoft authenticator app multi-factor authentication method again so that's how you enable multi-factor authentication on your Microsoft 365 user hey this is Andrew Brown from exam Pro and we're taking a look here at Microsoft 365 Defender which is a unified pre and post breach Enterprise defense Suite that natively coordinates responses such as detection prevention and investigation across endpoints identities emails and applications to provide integrated protection against sophisticated attacks so Microsoft 365 Defender allows admins to assess threat signals from endpoints applications email and identities to determine an attack scope and impact it provides detailed Insight on how the threat occurred and what systems were affected Microsoft 365 Defender can then take automated action to prevent or stop the attack so if you're looking for where the service is you'd open up the portal at office.com and find it on the side menu and click on security that's where you'll find Microsoft 365 Defender so Microsoft 365 Defender is composed of the following Services it has Microsoft Defender for identity Microsoft Defender for endpoint Microsoft Defender for cloud apps preview obviously known as Microsoft Cloud app security then there's Microsoft Defender for Office 365 Microsoft 365 Defender portal and Microsoft secure score here's just a graphic to reiterate over those four Services the ones in Boulder the core services but we'll be going more into detail of all of them later so that's Microsoft 365 Defender this is Andrew Brown from exam Pro and we'll be talking about Microsoft Defender for endpoint So within Microsoft 365 we have endpoints and these are a set of destination IP addresses DNS domain names and URLs for Microsoft 365 traffic on the internet so to optimize performance for M365 cloud-based Services these endpoints need special handling by client browsers and the devices in your Edge Network and these devices include firewalls SSL break and inspect and packet inspection devices and data loss prevention systems here is an image showing what it looks like again it's just IP addresses and DNS domain names so endpoints are grouped into four service areas exchange online SharePoint online and OneDrive for business Skype for business online and Microsoft teams and M365 common in office online so it's just a bunch of these things here on the left hand side but it's specialized for those particular areas so now taking a look here at Microsoft Defender for endpoint is an Enterprise endpoint security platform designed to help Enterprise networks prevent detect investigate and respond to Advanced threats and so Defender for in point uses the following combination of Technologies built into Windows 10 and Microsoft cloud service so we have in point behavioral sensors which are embedded in Windows 10 the sensors collect and process behavioral signals from the operating system and send this sensor data to your private isolated Cloud instances of Microsoft Defender for endpoint then you have Cloud security analytics so this is leveraging Big Data device learning and unique Microsoft Optics across the windows ecosystem Enterprise Cloud products such as Office 365 and online assets behavioral signals are translated into insights detections and recommended responses to Advanced threats then we have threatened intelligence this is generated by Microsoft Hunter's security teams and augmented by threat intelligence providers by Partners threat intelligence enables Defender for endpoint to identify attack attacker tools techniques procedures and generate alerts when they are observed in collected sensor data so that's Microsoft 365 Defender for endpoint and all the Technologies it uses to prevent Advanced threats hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft 365 Defender for identity so Defender for identity is a cloud-based security solution that leverages your on-premise active directory data which are called signals to identify detect and investigate Advanced threats compromised identities and malicious Insider actions directed at your organization it detects Advanced attacks in hybrid environments to monitor users entity behavior and activities with learning based analytics it protects user identities and credentials stored in active directory identify and investigate suspicious user activities and advanced attacks throughout the kill chain and provide clear incident information on a simple timeline for fast triage so going into more depth with the things we just talked about for Monitor and profile user behavior and activities Defender for identity monitors and analyzes user activities and information across your network including permissions and group membership creating a behavioral Baseline for each user for protect Tech user identities and reduce the attack surface it provides insights on identity configurations and suggested security best practices and through security reports and user profile analytics it helps reduce your organizational attack surface making it harder to compromise user credentials and Advance an attack for identify suspicious activities and advanced attacks across the Cyber attack kill chain Defender for identity identifies these Advanced threats of the source throughout the entire Cyber attack kill chain reconnaissance compromise credentials lateral movements and domain dominance you can use the defender for identity attack timeline view and the intelligence of smart analytics to stay focused on what matters also you can use Defender for identity to quickly investigate threats and gain insights across the organization for users devices and network resources so Microsoft Defender for identity monitors your domain controllers by capturing and parsing Network traffic and leveraging windows events directly from your domain controllers that analyzes the data for attacks and threats so here is the architecture sure of it first we have our domain controller over here then we have Microsoft Defender for identity then it's going to go to the Microsoft Cloud app security which is now the Microsoft Defender for apps so that we can do some analysis later on you could pass it over to sim integration or Azure Sentinel for some security information or event management as well and things like that so by utilizing profiling deterministic detection machine learning behavioral algorithms Defender for identity learns about your network enables detection of for anomalies and warns you of suspicious activities and that's Defender for identity hey this is Andrew Brown from exam Pro and we'll be taking a look at Microsoft Defender for office 365. so Microsoft Defender for Office 365 protects against Advanced threats by email messages links URLs Microsoft teams SharePoint online OneDrive for business and other clients and protection is provided via reports thread investigations threat responses and threat protection policies and there's three available subscriptions we have exchange online protection the defender for Office 365 plan 1 and plan two and Office 365 security Builds on the core protections offered by EOP so EOP is present in any subscription where exchange online mailboxes can be found so going into more detail here for EOP it's a cloud-based filtering service that protects your organizations against spam malware and other email threats the defender for office P1 provides safe attachment which checks email attachments for malicious content safe links where the links are scanned for each clicking A Safe Link remains accessible but malicious links are blocked it provides protection for SharePoint OneDrive and Microsoft teams it identifies and blocks malicious files and team sites and document libraries anti-phishing protection so this detects attempts to impersonate your users and internal or custom domains real-time detection it's a real-time report that allows you to identify and analyze recent threats the defender for office P2 this includes all the defender office sp1 features so we have threat trackers the latest Intelligence on cyber security issues takes counter measurements before an actual threat we have threat Explorer so real-time reports that allows you to identify and analyze recent threats automated investigation and response also known as air is a set of security playbooks that can be launched automatically start an automatic investigation provide detailed reports recommend Action Security teams can approve there's a tax simulator you can run realistic attack scenarios in your organization to identify for vulnerabilities so you can see that P2 is very very good it provides a lot of great features here's a bit more detail on the EOP so once again it's a cloud-based filtering service that protects your organization from spam malware and other email threats here is a graphic displaying how it works in all the processes it undergoes and so EOP has features for anti-malware inbound anti-spam how about anti-spam connection filtering anti-fishing anti-spoofing protection 0 zero hour auto Purge for delivered malware spam and phishing messages preset security policies tenant allow in block list allow block lists for message senders directory base Edge blocking mail flow rules accepted domains message training and more another important thing to know is that Microsoft Defender for Office 365 is included in the Microsoft 365e5 Office 365 E5 and A5 and Microsoft 365 business premium subscriptions so you can see there's a lot of features and I just couldn't fit them all on the screen but I just wanted to show you how valuable exchange online protection is and this is one of the many advantages it has over Gmail hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft Defender portal so we've said before that Microsoft 365 Defender natively coordinates detection prevention investigation and response across endpoints identities email and applications to provide integrated protection against sophisticated attacks while the Microsoft 365 Defender portal brings all of those functionalities together into one place focusing on getting quick access to information and providing simple layouts to meet the needs of security teams you can view the security health of your organization through the Microsoft 365 Defender portal some of the key features of the Microsoft 365 Defender portal include incidents and alerts which create alerts when they detect a suspicious or malicious event or activity threat analytics designed to assist security teams track and respond to emerging threats the secure score which is a representation of a company's security posture and will be going more into detail about it later Learning Hub which provides official guidance from resources like Microsoft security Block in the official documentation and reports which can be a general security report and Branch into specific reports about in points email and collaboration so the Microsoft 365 Defender portal home page shows many of the common cards that security teams need the card and data composition is determined by the user's role different roles will see cards that are more relevant to their day-to-day jobs because the Microsoft 365 Defender portal uses role-based access restriction the cards fall into these categories identities monitor the identities in your organization and keep track of suspicious or risky behaviors data help track user activity that could lead to unauthorized data disclosure devices get up-to-date information on alerts for each activity and other threats on your devices apps gain insight into how Cloud apps are being used in your organization so that's Microsoft Defender portal hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft Defender for cloud apps which is a cloud access security broker that sits between the user and the cloud service provider to gatekeep access in real time to Cloud resources Microsoft Defender for cloud apps is built on a framework that follows four principles the first one is discover and control the use of Shadow it identify the cloud apps and iOS and pass Services used by your organization investigate usage patterns assess the risk levels and business Readiness of more than twenty five thousand PSIs apps against more than 80 risks then we have protect against cyber threats and anomalies detect unusual behavior across Cloud apps to identify ransomware compromised users or Rogue applications analyze high risk usage and remediate automatically to limit the risk to your organization then there's protect your sensitive information anywhere in the cloud understand classify and protect the exposure of sensitive information at rest leverage out of the box policies and automated processes to apply controls in real time across all your Cloud apps and then we have assessed the compliance of your Cloud apps assess if your Cloud apps meet relevant compliance requirements including Regulatory Compliance and Industry standards prevent data leaks to non-compliant apps and limit access to regulated data so let's look at the architecture of Defender for cloud apps and some of the functionalities Microsoft Defender for cloud apps integrates visibility with your Cloud by using Cloud Discovery to map and identify your Cloud environment and the cloud apps your organization is using sanctioning and unsanctioning apps in your Cloud using easy to deploy app connectors that take advantage of provider apis for visibility and governance of apps that you connect to using conditional access app control protection to get real-time visibility and control over access and activities within your Cloud apps helping you have continuous control by setting and then continually fine-tuning policies so that's Microsoft Defender for cloud apps hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft secure score So within Microsoft 365 Defender you get a secure score and this is a representation of your organization's security posture and your opportunity to improve it through Improvement actions this is similar to Azure defender's secure score but they have slightly different terminology to make it a little more company friendly towards people that are developers so on the right here you are given a secure score which is currently at 18.25 percent and of course the higher the score the better your protection and then you see the Improvement actions which shows you all the actions you can perform to increase your secure score to improve your organization's security posture so organizations can monitor and work on the security of their Microsoft 365 identities apps and devices from a centralized dashboard via the Microsoft 365 Defender portal secure score helps organizations report on the current state of their security posture improve their security posture by providing discoverability visibility guidance and control compare benchmarks and establish key performance indicators currently Microsoft's secure score supports recommendations for Microsoft 365 including exchange online Azure active directory Microsoft Defender for endpoint Microsoft Defender for identity Microsoft Defender Cloud apps and Microsoft teams also new recommendations are being added to secure score all the time so that's Microsoft's secure score this is Andrew Brown from exam Pro and we'll be talking about Microsoft 365 security reports So within Microsoft 365 you have security reports and these are General Security dashboards about security trends for Microsoft 365 identities device and apps information is organized into cards on the dashboard so you have identities where we'll have users at risk in global admins then you have devices so devices at risk device compliance devices with active malware types of malware on devices malware on devices devices with malware detection and users with malware detections then you have apps which have risk levels and so all of this information can be reorganized or grouped into category or topic so right now we have identities devices and apps for the topics we could have risk detection threads and configuration and health so just to kind of tell you a little bit more here imagine you have a bunch of these cards and they're broken down by all these categories here so you can have a bird's eye view of what's going on on one particular report that is interesting to show you is the Office 365 exchange which is a mail server so this provides email collaboration reports it gives you Statistics over time if you were to drill down into a particular type of report here you can kind of see things like spoof detections spam detections over time and things like that so that security reports hey this is Andrew Brown from exam Pro and we'll be talking about common threats before we talk about the common threats we need to know what our vulnerabilities so a vulnerability as a whole or a potential weakness in the application which can be a design flaw or an implementation bug that allows an attacker to infiltrate an organization or cause harm to the stakeholders of an application now that leads us to threats a threat in Cloud security is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application attackers will create threats across multiple domains like email identity and points and applications to find a point of lease resistance today's defense Solutions have been designed to protect detect and block threats for each domain separately allow the attackers to exploit the seams and threshold differences between Solutions leaving the business vulnerable to attack so now we'll be talking about the most common threats Microsoft wants to focus on credential theft is a type of cyber crime that involves stealing a victim's proof of identity examples of credential theft or mimikatz password spray or breach harvesting malware also known as malicious software is a file or code typically delivered over a network that infects explores steals or conducts virtually any Behavior an attacker wants examples of malware are viruses ransomware and adware phishing attacks use tricks or lures to get a user to reveal credentials or pay money typically by getting them to click a link to a fake website in an email that appears genuine examples of phishing attacks are email phishing and spear fishing infrastructure attacks include improperly secured virtual machines and resources in Azure examples of infrastructure attacks include dos and DDOS attacks so these are the common threats that Microsoft wants you to be familiar with there's definitely more than just four types but these are the main ones that Microsoft wants to focus on hey this is Andrew Brown from exam Pro and we'll be taking a look at how Microsoft addresses the most common threats so we'll be talking about Microsoft 365 Defender and how it protects us from potential threats and vulnerabilities this may seem like a review for you but it's great to note nonetheless Microsoft 365 Defender is an integrated cross-domain threat detection and response solution that provides organizations with the ability to prevent detect investigate and remediate sophisticated cross-domain attacks within their Microsoft 365 environments it leverages raw signal data from Individual service domains like user identity and points applications email and collaboration tools normalizing the data at the ingestion Point Microsoft 365 Defender requires no specific expertise or customization so Defenders can immediately use the integrated console and combine incident views with Microsoft 365 Defender security teams can automatically block attacks and eliminate their persistence to keep them from starting again prioritize incidents investigation in response Auto heal assets Focus unique expertise on Cross domain hunting Microsoft 365 Defender Suite protects and points with Microsoft Defender for endpoint a unified endpoint platform for preventative protection post breach detection automated investigation and response email in collaboration with Microsoft Defender for Office 365 safeguards your organization against malicious threats posed by email messages links and collaboration tools identities with Microsoft Defender for identity and Azure active directory identity protection uses active directory signals to identify detect and investigate Advanced threats compromise identities and malicious Insider actions directed at your organization applications with Microsoft Defender for cloud apps a comprehensive Crosshair solution bringing deep visibility strong data controls and enhanced threat protection to your Cloud apps so these are the main tools and services that Microsoft uses to detect and eliminate any potential threats to your Microsoft 365 environment hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft Sentinel also known as Azure Sentinel so Microsoft Sentinel is a scalable Cloud native security information and event management so Siem and security orchestration Automation and response Solutions or Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the Enterprise providing a single solution for alert and attack detection threat visibility proactive hunting and threat response so here's a big wheel that Microsoft Sentinel likes to use to describe it and what's cool about this offering is it's both a Siam and a sore so you don't have to have two separate Services starting off with collected so collect data at Cloud scale across all users devices applications and infrastructure both on premise and in multiple clouds detect previously undetected threats and minimize false positives using Microsoft's analytics and unparalleled thread intelligence investigate threats with artificial intelligence and hunt for suspicious activities at scale all tapping into years of cyber security work at Microsoft respond to incidents rapidly with built-in orchestration and automation of common tasks let's take a look at what Microsoft Sentinel can ingest from other data set sources so we have a number of connectors here such as Microsoft 365 Defender Microsoft 365 sources including Office 365 Azure ID Microsoft Defender for identity and Microsoft Defender for cloud apps you can also use common event formats such as syslog rest API Windows event logs common event format and trusted automated exchange of indicator information also known as taxii so let's take a look at workbooks and so this is a feature of azure monitor but Microsoft Sentinel allows you to create workbooks really easily after you connected your data sources to Microsoft Sentinel you can monitor the data using the Microsoft Sentinel integration with Azure monitor workbooks workbooks provide a flexible canvas for data analysis and the creation of Rich visual reports they allow you to tap into multiple data data sources and combine them into unified interactive experiences it tells a story about the performance and availability about your applications and services so here's a graph showing the performance analysis and here's another one showing the application failure analysis but the idea is that these are kind of like living documents where you can visualize and monitor specific metrics and other things about your applications and services Microsoft Sentinel allows you to create custom workbooks across your data and also comes with built-in workbook templates to allow you to quickly gain insights across your data as soon as you connect a data source a couple more points here on workbooks is that they are intended for sock engineers and analysts of all tiers to visualize data sock stands for security operations center if you didn't know while workbooks are best used for high level views of Microsoft Sentinel data and require no coding knowledge you cannot integrate workbooks with external data now let's look at the core features of Microsoft Sentinel starting with analytics so Microsoft Sentinel uses analytics to correlate alerts into incidents so over here we can see that we have list them in incidents or groups of related alerts that together create an actionable possible threat that you can investigate and resolve Microsoft Sentinel also provides machine learning rules to map your network behavior and then look for anomalies across your resources then there's Automation and orchestration so with Sentinel you have solutions that provide a highly extensible architecture that enables scalable automation as new technologies and threats emerge Sentinel is built on the foundation of azure logic apps so it's a great way of not having to use any code but you can chain things over different services and they have over 200 connectors for services such as Azure functions the connectors allow you to apply any custom logic and code servicenow jira zendesk HTTP requests Microsoft teams slack Windows Defender at TP and Defender for cloud apps so there's a lot to do there for investigations the investigation tools help you to understand the scope and find the root cause of a potential security threat you can choose an entity on the interactive graph to ask interesting questions for a specific entity and drill down into that entity and its connections to get to the root cause of the threat moving on to hunting so Microsoft sentinel's powerful hunting search and query tools is based on the miter framework which is a curated knowledge base that tracks cyber adversary tactics and techniques so this enables you to proactively hunt for security threats across your organization's data sources before an alert is triggered after you discover which hunting query provides high value insights into possible attacks you can also create custom detection rules based on your query and service those insights as alerts to your security incident responders while hunting you can create bookmarks for interesting events enabling you to return to them later share them with others and group them with other correlating events to create a compelling incident for investigation and on to our final section we'll go over the pricing models of Microsoft Sentinel so the first type is capacity reservations where you are billed a fixed fee base on the selected tier enabling a predictable total cost for Microsoft Sentinel and we have pay as you go so your bill per gigabyte for the volume of data ingested for analysis in Microsoft Sentinel and stored in the Azure monitor log analytics workspace so that's Microsoft Sentinel Andrew Brown from exam Pro and we're going through an overview of the Microsoft 365 Defender we'll be taking a look at only the key features here so in general Microsoft 365 Defender helps respond to threats and manage security across your identities data devices apps and infrastructure so starting with the incidents and alerts section there is currently no data because this is a new account and no alerts have been recorded typically there would be a list of incidents and alerts it would include the incident name a unique ID number the severity of the threat status and displays a summary of the incident and provides access to tabs with additional information one of the key features of the Microsoft 365 Defender is the secure score so the Microsoft secure score is a representation of your organization's security posture and your opportunity to improve it it's similar to how the Microsoft compliance score is designed here it displays the secure score of 28.07 percent for the organization and right next to it shows a list of actions to review it also provides a comparison of your organization's secure score to other organizations that is similarly set up or designed to other organizations with their secure score the next thing we want to do is to click on recommended actions this will populate the list of actions to review so on the list of actions to review we can sort them however we want such as according to their rank score impact points achieved status and so on and once you complete the recommended action it will increase your security score based on the score impact of the action as an example we'll select a simple one such as only invited users should be automatically admitted to teams meetings then we'll click on implementation which are the instructions or guide where to go and how to complete the action so this tells us to go to the Microsoft teams admin Center and in the meeting policies under the participants and guests section toggle automatically admit people to invited users only so we'll click on Microsoft teams admin Center first thing you'll want to do is to navigate to the on meetings pane then click on meeting policies and then on manage policies click on the add button we'll need to give this policy a name so we'll name it invite users only then we'll need to look for the policy mentioned in the implementation after finding the correct section of participants and guests under the automatically admit people will need to toggle and change it to invited users only then click save you can now see that the new policy has been added to the list so that should be completed and you should see the secure score update within 24 hours coming back to the Microsoft secure section there's a tab that displays the history of your Microsoft secure score to see the performance over a period of time if it increases or decreases you can also view metrics and Trends such as comparison Trend regression Trend and risk acceptance Trend that you may be interested in for the reports section there is the general section where you can view information about security Trends and track the protection status of your identities data devices apps and infrastructure there's also the email and collaboration reports where you review Microsoft recommended actions to help improve email and collaboration security and many more but we're not going to go through all of them the audit section should be similar to the one in the Microsoft purview compliance portal so we won't go over too much the last section we'll talk about is the health section and the main thing we want to look at here is service health so here you can view the issues and health status of all services that are available with your current subscriptions you can view info about the history of incidents and advisories that have been resolved and you can track the status of issues reported by people in your organization over the last 30 days so that's a quick overview of the Microsoft 365 Defender hey this is Andrew Brown from exam Pro and we're taking a look at Regulatory Compliance so what is compliance it's conforming to a rule such as a specification policy standard or law and Regulatory compliances and organization that takes effort to comply with relevant laws policies and regulations so Regulatory Compliance can vary at the following levels so there's Federal such as Canada there's state or provincial like Ontario political and economic Union like European union and international organization so why do we have Regulatory Compliance well governments want to protect its citizens data that is collected by companies and organizations we don't want the companies or Orcs to mishandle our data or sell our data what are compliance controls well those are internal control mechanisms that need to be in place to detect prevent incorrect compliance issues for example we have public standards and policies documented procedures training monitoring and internal audits so what are some of the measures that Regulatory Compliance can enforce well it allows citizens the right to access their data at any time citizens have the right to correct or delete data if needed it gives us control over the retention periods for the minimum or maximum time data should be stored enabling governments and Regulatory Agencies the right to access and examine data when necessary and defining rules for what data can be processed and how that should be done so that's Regulatory Compliance hey this is Andrew Brown from exam Pro and we're taking a look at compliance Solutions in Microsoft 365 which are collections of integrated capabilities you can use to help you manage end-to-end compliance scenarios a Solutions capabilities and tools might include a combination of policies alerts reports and more the solution catalog is organized into sections that contain information cards for each compliance solution available in your Microsoft 365 subscription each section contains cards for Solutions grouped by compliance area so you can see on the image here there's the information and protection area Insider risk management Discovery response and so on and within them you have the solution cards like communication compliance when you select view for a solution card you'll see detailed information about the compliance solution and how to get started so we're looking at the communication compliance section and this information includes an overview pre-configuration requirements learning resources controls that allow you to pin the car to the navigation Pane and an option to share the solution as a Link email or Microsoft teams message to view the Microsoft purview solution catalog go to compliance.microsoft.com and sign in as a global administrator compliance administrator or compliance data administrator select catalog in the navigation pane on the left side of the screen to open the catalog home page so that's the compliance Solutions in Microsoft 365. hey this is Andrew Brown from exam Pro and we'll be talking about the service trust portal so the Microsoft service trust portal provides a variety of content tools and other resources about Microsoft security privacy and compliance practices from the main menu you can access the service trust portal compliancemanager trust documents Industries and regions trust Center Resources by library and more and we'll briefly go over what each section has to offer in the next slide so the service trust portal provides a quick way to get back to the home page for the service trust portal to compliance manager directs users to compliance manager in the Microsoft purview compliance portal to access to compliance manager and other compliance management capabilities in Microsoft 365. we'll talk a bit more about this later on trust documents provides a wealth of security implementation and design information with the goal of making it easier for organizations to meet Regulatory Compliance objectives so with interest documents there are audit reports which provide a list of independent audit and assessment reports on Microsoft's cloud services is displayed data protection contains a wealth of resources such as audited controls white papers FAQs penetration tests risk assessment tools and compliance guides Azure stack contains documents that provide security and compliance Solutions and support tailored to the needs of azure stack customers Industries and regions provides access to compliance information about Microsoft cloud services organized by industry and region you can access the industry Solutions which directs users to the landing page for the financial services industry containing information such as compliance offerings FAQs and success stories and there's Regional Solutions which provide documents on Microsoft cloud services compliance with the laws of various countries regions including Australia Canada Czech Republic Denmark Germany Poland Romania Spain and the United Kingdom trust Center links you to the Microsoft trust Center which provides more information about privacy security and compliance in the Microsoft cloud resources provide links to security and compliance for Office 365 the Microsoft global data centers and FAQs and my library is a feature that lets you save documents so that you can quickly access them on your my library page taking a closer look at audit reports and so audit reports are independent audit reports for Microsoft's cloud services which provide information about compliance with data protection standards and regulatory requirements so you'll get audit reports for it International Organization for standardization service organization controls National Institute of Standards and Technology Federal risk and authorization Management program and general data protection regulation so you'll get a list of documents and PDFs that you can download you can open them up and see how Microsoft and Azure are being compliant and just taking a closer look at Regional Solutions in the industries and regions section so as we mentioned before Regional Solutions provide documents on Microsoft's compliance policies and regulations for Regions such as Australia Germany UK and many more and so here here you can select the regions that are available and in this example it's United Kingdom and here you can look at the GRC assessment reports their description and you can download them for a closer inspection so that's the service trust portal hey this is Andrew Brown from exam Pro and we're taking a look at compliance Concepts focusing on data residency and how it helps ensure Regulatory Compliance so as organizations and institutions move their data to service provider clouds with data centers all over the world government agencies and Industry groups have issued regulations to help protect and govern the use of data organizations can be accountable for meeting dozens of regulations ranging from personal and financial information to data protection and privacy so when it comes to compliance data residency regulations govern the physical locations where data can be stored as well as how and when it can be transferred processed or accessed internationally these regulations can differ significantly depending on jurisdiction it ensures customers can access diagnostic service generated and support data and can manage access to their own data Microsoft protects customer data from unauthorized access and handles challenges from government requests and other third-party orders it provides tools customers can use to restrict protect and encrypt data at rest in transit and in some cases in use it enforces strict policies and practices that Microsoft follows for the retention and deletion of customer data Microsoft also ensures compliance with privacy regulations and standards to help protect the privacy of customer data so here are some important Concepts and terms that relate to data compliance that you may need to know data sovereignty is the concept that data particularly personal data is subject to the laws and regulations of the country region in which it's physically collected held or processed this can complicate compliance because the same piece of data can be collected in one location stored in another and processed in another making it subject to laws from different countries and regions and data privacy is providing notice and being transparent about the collection processing use and sharing of personal data are fundamental principles of privacy laws and regulations personal data means any information relating to an identified or identifiable natural person privacy laws previously referenced Pi or personally identifiable info information but the laws have expanded the definition to any data that is directly linked or indirectly linkable back to a person organizations are subject to and must operate consistent with a multitude of laws regulations codes of conduct industry-specific standards and compliance standards governing data privacy so those are the compliance Concepts hey this is Andrew Brown from exam Pro and we're talking about Microsoft purview information protection also known as Microsoft information protection and this is a collection of features within Microsoft purview formerly Microsoft 365 compliance to help you discover classify and protect sensitive information wherever it lives or travels so the idea here is that we have this diagram and we have four specific domains that are information protection capabilities around our data and so the first is know your data the second is protect your data the third is prevent data loss and the fourth is govern your data so we'll be going over all these sections in the next few slides taking a look at the four domains here for the Microsoft purview information protection these are features found within Microsoft purview so the first is know your data understand your data landscape and identify important data across your hybrid environment so one feature would be sensitive information types this identifies sensitive data by using built-in or custom regular expressions or a function it provides corroborative evidence includes key words confidence levels and proximity we have built-in sensitive labels and you have custom ones as well so then there's trainable classifiers this identifies sensitive data by using examples of the data you're interested in rather than identifying elements in the item so pattern matching and you can use built-in classifiers or train a classifier with your own content say you have trainable classifiers here for data classification this is a graphical identification of items in your organization that have a sensitive label a retention label or have been classified you can also use this information to gain insights into the actions that your users are taking on these items so that's the context Explorer and the activity Explorer the second part is protect your data so apply flexible protection actions that include encryption access restrictions and visual markings say you have sensitivity labels Azure information protection unified labeling client double key encryption Office 365 message encryption service encryption with customer key SharePoint information rights manager Rights Management connector Azure information protection unified labeling scanner Microsoft Defender for cloud apps and Microsoft information protection SDK most of these you won't need to know but will definitely cover sensitivity labels then we have prevent data loss so this prevents accidental oversharing of sensitive information here you have Microsoft purview data loss prevention and point data loss prevention Microsoft compliance extension there's a Chrome extension that does compliance for you so it's built in your browser there's the Microsoft purview data loss prevention on premises scanner and protects sensitive information in Microsoft teams chat and channel messages we'll definitely take a closer look at Microsoft purview data loss prevention later next we have Microsoft purview data lifecycle management formerly Microsoft information governance which is a collection of features to govern your data for compliance or regulatory so for Microsoft purview data lifecycle management it keeps what you need and deletes what you don't we have retention policies and retention labels inactive mailboxes archive mailboxes import service for PSD files and for Microsoft purview records management it manages high value items for business legal or regulatory record-keeping requirements you have file plan retention labels for individual items retention policies if needed for Baseline retention and disposition review and proof of disposition so those are the four domains in Microsoft purview information protection govern your data is not technically part of it as it's in the data life cycle and record section but I included it anyways hey this is Andrew Brown from exam Pro and we're taking a look at the data classification capabilities so sensitive information types or classifications or categories of data by sensitivity they are pattern-based classifiers and they have set patterns that can be used to identify them so within the Microsoft purview data classification feature you can get a breakdown of the distribution of sensitive info types so here imagine you have a bunch of documents and you said hey tell me what you found in these documents and there it gives it kind of a breakdown by type these types are identified based on regular expression or a function there are hundreds of built-in information types for example credit card numbers passport or identification numbers bank account numbers Health Service numbers IP addresses Azure storage account keys and driver's license numbers so it's a huge list and so here's a list of some sensitive info types these sensitive information types are used in data loss prevention policies sensitivity labels retention labels Insider risk management communication compliance and auto labeling policies generally the first thing you're going to do with your data classification is to get your sensitive information types and you can create your own info types too so if there's something that doesn't meet your needs you'll have to write your own regular expression but you can have whatever you want another feature found in data classification within Microsoft purviewer trainable classifiers let's talk about what training is and classifiers are so a classifier is a machine learning model that can take records of data and classify or categorize by applying a label from a predetermined list of categories then you have training and this is the act of teaching a machine learning model how to learn by providing it large amounts of data that is already labeled it uses the label data to tell if its predictions are similar to the ones provided So within Microsoft purview it has two kinds of trainable classifiers three train classifiers are ready to use classifiers with five portraying classifiers we'll talk about those five in a moment you don't need to provide any data used for training and it meets many General use cases then you have custom tradable classifiers this is when you have your own kind of documents when you have specific business documents but you'll have to provide training data so the five pre-trained classifiers or resumes source code harassment profanity and threat another feature in the data classification within Microsoft purview is content Explorer so this enables administrators to gain visibility into the content that has been summarized in the overview pane it drills down to find emails or documents that have been labeled based on sensitive information types sensitivity labels or retention labels there are two roles that Grant access to content Explorer you have content Explorer list viewer and content Explorer content viewer so the idea here is you have broad categories on left hand side so you see the three categories sensitive info types sensitivity labels and retention labels and then what you'll do is Click into one and then they'll have specific actual items underneath and you click into one of those and then from there you can go on the right hand pane over here you can go and explore different documents and files to identify that kind of information the other Explorer here is the activity Explorer and this helps discover which file labels were changed and which files were modified so it monitors label activity across exchange SharePoint OneDrive and endpoint devices a few activity types that can be analyzed are file copied to removable media file copy to network share label applied and label change and admins can use more than 30 filters for data including location user sensitivity label and retention label so here is a great visual to help you get the idea so here you have filters so activity location user and the type of sensitivity label and then you can see it says label changed here in light blue and you can see these labels were applied in a darker tone of blue and files copied to the cloud in dark orange so it represents the amount of files or labels according to the visual so it helps you get an idea of what this does hey this is Andrew Brown from exam Pro and we're taking a look at sensitivity labels so sensitivity labels allow you to apply a label to your documents or emails and the most common way is through built-in drop down within Office 365 products so labels are customizable admins can create different categories specific to the organization such as personal public confidential and highly confidential they are clear text because each label is stored in clear text in the contents metadata third-party apps and services can read it and then apply their own protective actions if necessary and they're persistent when you apply a sensitivity label to content the label is stored in the email or document's metadata the label follows the content including the protection settings and this data is used to apply and enforce policies so here we have an example for Microsoft Word one for Excel and here's one from Outlook the idea is that you do your business as per usual but you have to go ahead and classify that information into a particular sensitivity so sensitivity labeling makes it easy to apply content marketing or encryption content markings would be like watermarks warnings that are applied to the header and footer of a document so notice here you can turn it on and you can say add this watermark with this customized text at this header at this footer I think you can even customize some of the colors but are very limited but it does the job the other one is encryption so apply encryption and specify which users and groups May decrypt and other fine-tuned permissions so the idea is you would turn the encryption on then you would select the users groups Etc who could do it then they have these broad categories and so this particular one is for email but here you choose which permissions are allowed so are you allowed to view the content can you save the email are you allowed to reply to the email are you allowed to forward the email so it's very fine-tuned it's not just encryption even though that's what it is so within Microsoft purview under classification you can see the distribution of sensitive labels applied to documents and emails or based on location so this gives you a visual to help you understand where these labels are located on the left hand side shows what sensitivity labels have been applied to the content and then on the right here it shows the location of where sensitivity labels are applied so sensitivity labels can be used to provide protection settings that include encryption and content markings protect content in office apps across different platforms and devices protect content in third-party apps and services protect containers extend sensitivity labels to power bi extend sensitivity labels to assets in Azure extend sensitivity labels to third-party apps and services and classify content without using any protection settings so that sensitivity labels hey this is Andrew Brown from exam Pro and we're taking a look at label policies so in order to use sensitivity labels they need to be published alongside a label policy a label policy determines who can use the label and other conditions so the idea here is you can specify which users or groups can use these labels and then here are some of the settings here so notice below users must provide justification to remove a label or lower classification requires users to apply a label to their email or document provides user with a link to a custom help page so label policies enable admins to choose the users and groups that can see labels so labels can be published of specific user's distribution groups Microsoft 365 groups and Azure ID and more apply a default label to all new emails and documents that the specified users and groups create users can always change the default label if they believe the document or email has been dislabeled required justifications for label changes so if a user wants to remove a label or replace it admins can require the user to provide a valid justification to to complete the action the user will be prompted to provide an explanation for why the label should be changed require users to apply a label so mandatory labeling ensures a label is applied before users can save their documents send emails or create new sites or groups and we have link users to custom help Pages it helps users to understand what the different labels mean and how they should be used so those are the sensitivity label policies hey this is Andrew Brown from exam Pro and we're taking a look at retention policies and labels so retention labels and policies help organizations to manage and govern information by ensuring content is kept only for a required time and then permanently deleted apply retention labels and assigning retention policies helps organizations comply proactively with industry regulations and internal policies that require content to be kept for a minimum time reduce risk when there's litigation or a security breach by permanently deleting old content that the organization is no longer required to keep and it ensures users work only with content that's current and relevant to them when content has retention settings assigned to it that content remains in its original location so retention settings work with the following different workloads SharePoint in OneDrive Microsoft teams jabber at exchange so retention labels ensures data is held for a specific duration to meet a Regulatory Compliance or industry best practices they are used to assign retention settings at an item level such as a folder document or email an email or document can have only a single retention label assigned to it at a time so here you see the retention labels applied to the which content retention policies are used to assign the same retention settings to content at a site level or mailbox level a single policy can be applied to multiple locations or to specific locations or users items inherit the retention settings from their containers specified in the retention policy and here you can see the locations where the retention labels are applied so this is similar to how the sensitivity labels work foreign hey this is Andrew Brown from exam Pro and we're talking about records management so what is records management it's an organization's process of managing an organization's information throughout its life cycle record management helps organization meeting Regulatory Compliance or legal requirements so a life cycle of a record would look something like this it begins with identifying then classifying storing securing retrieving tracking destroying and ends with preserving a record represents labeled information or content and its life cycle will be managed so Microsoft purview records management includes many features including labeling content as a record migrating and managing retention plans with file plan manager establishing retention and deletion policies within the record label triggering event-based retention reviewing and validating disposition proof of Records deletion exporting information about disposed items and setting specific permissions for record manager functions in the organization label content applies the following controls risk restrictions are put in place to block certain activities activities are logged and proof of disposition is kept at the end of the retention period so that's records management hey this is Andrew Brown from exam Pro and we're taking a look at data loss prevention so organizations need to prevent data loss by detecting risky behavior and preventing the improper sharing of sensitive information Microsoft purview data loss prevention so DLP is a way to protect sensitive information and prevent its unintentional disclosure with DLP policies admins can identify Monitor and automatically protect sensitive information across Microsoft 365 including OneDrive for business SharePoint online Microsoft teams and exchange online help users learn how compliance Works without interrupting their workflow admins can also view DLP reports showing content that matches the organization's DLP policies so DLP policies are composed of conditions that the content must match before the rule is enforced actions that the admin wants the rule to take automatically when content that matches the conditions has been found and locations where the policy will be applied so a policy can contain one or more rules and each rule consists of conditions and actions at a minimum for each rule when the conditions are met the actions are taken automatically rules can be grouped into one policy to help simplify management and Reporting so here's a diagram that shows how multiple rules each with their own conditions and actions are grouped into a single policy so we have multiple rules here rule one rule two Rule n Etc and each of them have their own conditions and actions and it's all grouped into a single policy moving on to inpoint data loss prevention so this extends the activity monitoring and protection capabilities of DLP to sensitive items that are physically stored on Windows 10 Windows 11 and Mac OS devices and point DLP enables admins to audit and manage activities that users complete on sensitive content so DLP capabilities have been extended to Microsoft teams chat and channel messages including messages in private channels and with DLP administrators can now Define policies that prevent users from sharing sensitive information in a team's chat session or Channel whether it's in a message or a file so so that's DLP hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft purview compliance portal also known as Microsoft 365 compliance Center so this provides easy access to the data and tools you need to manage to your organization's compliance needs to access the compliance portal you will need to have the following roles Global administrator compliance administrator or compliance data administrator some of the key features of compliance portal include compliance score audits activity alerts solution catalog data classification e-discovery Insider risk management and Records management you can access the compliance portal at compliance.microsoft.com so the default compliance portal home page contains several cards including the compliance manager card so this card leads you to the Microsoft purview compliance manager solution the solution catalog cards include information protection and governance these Solutions help organizations classify protect and retain your data where it lives in wherever it goes examples include data life cycle management and data loss prevention then we have privacy this helps you build a more privacy resilient workplace we have Insider risk management these Solutions help organizations identify analyze and remediate internal risks before they cause harm examples include communication compliance and Insider risk management and we have Discovery and respond so these Solutions help organizations quickly find investigate and respond with relevant data some examples are audit and e-discovery we briefly mentioned the Solutions catalog before but it's great to reinforce that knowledge and we have the active alerts card which includes a summary of the most active alerts in a link where admins can view more detailed information such as alert severity status category and more so that's the Microsoft purview compliance portal hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft purview compliance manager which is a feature in the Microsoft purview compliance portal that helps admins to manage an organization's compliance requirements compliance manager helps simplify compliance and reduce Risk by providing for built assessments based on common Regional and Industry regulations and standards including custom assessments to meet compliance needs unique to specific organizations workflow capabilities that enable admins to efficiently complete risk assessments for the organization it provides step-by-step Improvement actions that admins can take to help meet regulations and standards relevant to the organization and it provides a compliance score which is a calculation that helps an organization understand its overall compliance posture by measuring how it's progressing with Improvement actions so here you can see the important sections like Improvement actions Solutions assessments assessment templates and your compliance score which is currently at 69 percent and we'll talk more about the compliance score later so the compliance manager has four key elements that you should have a basic understanding of controls assessments templates and Improvement actions the first is control so a control is a requirement of a regulation standard or policy it defines how to access and manage system configuration organizational process and people responsible for meeting a specific requirement of Regulation standard or policy so compliance manager tracks the following types of controls Microsoft managed controls these are controls for Microsoft cloud services which Microsoft is responsible for implementing there are your controls also known as customer managed controls these are implemented and managed by the organization and share controls so this is the responsibility for implementing these controls as shared by the organization in Microsoft so the next key element are templates and templates help admins to quickly create assessments they can modify these templates to create an assessment optimized for their needs and the next one is Improvement actions this helps centralize compliance activities each Improvement action provides recommended guidance that's intended to help organizations to align with data protection regulations and standards the last key element are assessments so an assessment is a grouping of controls from a specific regulation standard or policy completing the actions within an assessment helps to meet the requirements of a standard regulation or law clicking into an assessment will give you a detailed list of actionable controls as you can see in this image so compliance manager provides many benefits including translating complicated regulations standards company policies or other control Frameworks into a simple language providing access to a large variety of out-of-the-box Assessments and custom assessments to help organizations with their unique compliance needs mapping regulatory controls against recommended Improvement actions providing step-by-step guidance on how to implement the solutions to meet regulatory requirements and helping admins and users to prioritize actions that will have the highest impact on their organizational compliance by associating a score with each action so that's compliance manager hey this is Andrew Brown from exam Pro and we're taking a look at compliance score so compliance score measures progress in completing recommended Improvement actions within controls the score helps organization to understand its current compliance posture it also helps organizations to prioritize actions based on their potential to reduce risk admins can get a breakdown of the compliance score in the compliance manager overview pane so here's a visual showing the compliance score breakdown and these are divided into categories such as protect information control access government information and manage devices so the overall compliance score is calculated using scores that are assigned to actions actions come in two types the first is your improved actions which are actions that the organization is expected to manage and the second are Microsoft actions and these are actions that Microsoft manages for the organization so actions are categorized as mandatory discretionary preventative detective or corrective the first is mandatory so these are actions that shouldn't be bypassed and we have discretionary these actions depend on the user's understanding and adhering to a policy we'll talk about the other three actions in the next slide since they're in a subcategory so organizations accumulate points for every action completed and the compliance score is shown as a percentage representing all the actions completed the visual here shows us the list of improvement actions and for each one that's completed you can gain points which would increase your overall compliance score so for this example you're seeing plus 27 points for all the Improvement actions you've completed so back to the type of actions the following are subcategories of actions that can be classified as mandatory or discretionary so preventative actions are designed to handle specific risks like using encryption to protect data at rest if there were breaches or attacks we have detective actions and these actively monitor systems to identify irregularities that could represent risks or that can be used to detect breaches or intrusions and there's corrective actions so these help admins to minimize the adverse effects of security incidents by undertaking corrective measures to reduce their immediate effect were possibly even reverse damage so that's compliance score and its benefits towards an organization hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft purview Insider risk management which is a solution that helps minimize internal risks by enabling an organization to detect investigate and act on risky and malicious activities So within an organization a broad range of internal risks could occur from unethical behavior and actions by employees and managers some of these examples include leaks of sensitive data and data spillage confidentiality violations intellectual property theft fraud insider trading and Regulatory Compliance violations so The Insider risk management is centered around four principles the first one is transparency so balance user privacy versus organization risk with privacy by Design architecture the second one is configurable so configurable policies based on industry geographical and business groups the third one is integrated so there's integrated workflow across Microsoft purview Solutions and actionable so it provides insights to enable user notifications data investigations and user are investigations so Insider risk management in Microsoft purview uses the following workflow to identify and resolve internal risk activities and compliance issues the first is policies so these are created using predefined templates and policy conditions that Define what risk indicators are examined in Microsoft 365 feature areas next we have alerts so alerts are automatically generated by risk indicators that match policy conditions and are displayed in the alerts dashboard this dashboard enables a quick view of all alerts needing review open alerts over time and alert statistics for the organization then we have triage which are new activities that need investigation automatically generate alerts that are assigned and needs review status we have investigate so cases are created for alerts that require deeper review and investigation of the details and circumstances around the policy match and the last one is action so reviewers can immediately act to resolve issues after they've been investigated or they can collaborate with other risk stakeholders in the organization actions can be as simple as sending a notification when employees accidentally violate policy conditions in more serious cases reviewers may need to share The Insider risk management case information with other reviewers in the organization so that's The Insider Risk Management Solutions to protect against internal threats hey this is Andrew Brown from exam Pro and we're taking a look at e-discovery which is a service found within Microsoft purview so e-discovery stands for electronic Discovery and this is the process of identifying and delivering electronic information that can be used as evidence in legal cases so you can use the discovery Tools in Microsoft 365 to search for content in exchange online mailboxes Microsoft 365 groups Microsoft teams SharePoint online OneDrive for business sites Skype for business conversations and jabber teams so Microsoft purview provides us with three Discovery Solutions the first one is content search which lets you run a search across content the second one is e-discovery standard also known as core Discovery is a workflow to search and Export content and the last one is e-discovery premium also known as advanced ediscovery is an end-to-end workflow to preserve collect review analyze and Export content for internal or external investigation and we'll talk more about these three solutions in the next slide sites so you Discovery standard in Microsoft 365 provides a basic e-discovery tool that organizations can use to search and Export content in Microsoft 365 in office 365. you can use the discovery standard to place an e-discovery hold on content locations such as exchange mailboxes SharePoint sites OneDrive accounts and Microsoft teams nothing is needed to deploy e-discovery standard but there are some prerequisite tasks that an IT admin and e-discovery manager have to complete before your organization can start using e-discovery standard to search export and preserve content so those requirements would be things like the initial setup you'll need to verify and assign appropriate licenses assignee Discovery permissions and create a Core e-discovery case and from there you can use the create and e-discovery hold feature search for content and Export and download search results so let's take a closer look here at content search to perform a Content search you can create a new search specify the locations and provide the keywords and conditions keep in mind that if you leave the keywords blank it will return all items with the conditions so I just want you to notice a few things here in the visuals here you can create a new search and you can search by ID list here we have our location that we can turn on or off so we have exchange Point SharePoint ad exchange you could also search within a hold so you have your keywords here you can leave that blank and they have a long list of conditions that you can choose from here moving on to e-discovery holds so a whole preserves content that might be relevant to a specific e-discovery case you can place a hold in basically the same locations we've mentioned before so exchange mailboxes OneDrive for business Microsoft teams Office 365 groups and Yammer groups the content is preserved until you remove the content location from the holder until you delete the hold and after you create an e-discovery hold it may take up to 24 hours for the hole to take effect taking a look at e-discovery premium formerly Advanced e-discovery so a discovery premium workflow Builds on the existing e-discovery standard workflow it is an end-to-end workflow to preserve collect review analyze and Export content that's relevant to your organization's internal and external investigations it also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case so the built-in workflow of e-discovery Premium aligns with the electronic Discovery reference model edrm which is a framework that outlines standards for recovery and discovery of Digital Data so the workflow would essentially look something like this add custodians to a case search custodial data sources for data relevant to the case add data to a review set review and analyze data in a review set and Export and download case data so that's the discovery and its types of solutions and capabilities hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft purview auditing Solutions so what is an audit it's the investigating of a security events forensic investigations internal investigations and compliance obligations and audit would involve capturing recording and retaining a unified audit log so Microsoft 365 has two auditing Solutions the first one is audit standard formerly known as basic audit and this is enabled by default it provides thousands of searchable audit events it has a 90-day audit record retention you can export audit records to a CSV file you can use the audit Search tool in the Microsoft compliance portal it provides access to audit logs via Office 365 management activity API you can also use it in Powershell with the search Unified audit log commandlet the second auditing solution is audit premium formerly known as advanced audit so this includes all of the audit standard features but it provides audit log retention policies it has longer retention of audit records it has as high value and crucial events and has higher bandwidth to The Office 365 management activity API so those are the Microsoft purview auditing Solutions you'll need to know hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft priva and privacy risk management so organizations must adopt a privacy by default policy to meet regulatory requirements and build customer trust Microsoft priva helps you achieve your privacy goals by addressing issues like helping employees adopt sound data handling practices and training them to spot and fix issues understanding the potential risks and the amount and type of personal data they store and share and fulfilling data subject requests or subject rights requests efficiently and on time previous capabilities are available through two solutions first we have priva privacy risk management which provides visibility into your organization's data and policy templates for reducing risks we'll talk more about this in the next slide and there's previous subject rights requests which provides Automation and workflow tools for fulfilling data requests so Microsoft priva helps you understand the data your organization stores by automating discovery of personal data assets and providing visualizations of essential information the overview dashboard provides an overall view into your organization's data in Microsoft 365 privacy administrators can monitor Trends and activities identify and investigate potential risks involving personal data and springboard into Key activities like policy management or subject rights request actions the data profile page in preva provides a snapshot view of the personal data your organization stores in Microsoft 365 and where it lives it also gives insight into the types of data you store priv evaluates your organization's data stored in the following Microsoft 365 Services exchange online SharePoint online OneDrive for business and Microsoft teams privacy risk management policies are meant to be internal guides and can help you detect over exposed personal data so that users can secure it spot and limit transfers of personal data across departments or Regional borders and help users identify and reduce the amount of unused personal data that you store so that's Microsoft private and the Privacy risk management Concepts hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft's privacy principles so Microsoft's approach to privacy is built on the following six principles the first one is control so Microsoft States we will put you in control of your privacy with easy to use tools and Clear Choices the second is transparency so we will be transparent about data collection and use so you can make informed decisions the third is security we will protect the data you entrust to us through strong security and encryption the next one is strong legal protections we will respect your local privacy laws and fight for legal protection of your privacy as a fundamental human right the fifth principle is no content-based targeting we will not use your email chat files or other personal content to Target ads to you and the last principle is benefits to you Microsoft States when we do collect data we will use it to benefit you and to make your experiences better so those are Microsoft six privacy principles briefly summarized hey this is Andrew Brown from exam Pro and we're going to take a look at an overview of Microsoft purview we'll be going through the main components of the Microsoft purview that you'll see on the exam you can reach the Microsoft purview compliance portal at compliance.microsoft.com or alternatively you can find it at the all admin Center Page in the Microsoft 365 admin Center under the name compliance so in general the Microsoft purview compliance portal is for managing compliance needs using Integrated Solutions to help protect sensitive info manage data life cycles reduce Insider risks Safeguard personal data and more one of the key components of the Microsoft purview is the compliance manager the compliance manager has a feature called compliance score which measures your progress in completing recommended actions that help reduce risks around data protection and Regulatory standards Microsoft purview calculates your compliance score based on your organization beside the compliance score the system tells you the key Improvement actions you can complete to improve the compliance score let's click into it so here we see a list of improvement actions that grant us points that improve our compliance score you can filter out regulations Solutions groups categories and more to find the Improvement action you're interested in for example we can click on enable self-service password reset so here Microsoft recommends that your organization enables self-service password reset to allow users who have either forgotten their password or whose account has been locked out as a result of malicious attempts so we'll click on assign action we'll select a user and assign the action to that user next you'll need to click on launch now now we're at the Azure active directory admin Center password reset page so we'll click on all to enable self-service password reset and save the changes to take effect the process of calculating and updating the points in compliance score may take up to 24 hours so in the data classification section the key things here would be sensitivity labels these let you classify and protect your organization's data while making sure that user productivity and their ability to collaborate isn't hindered the next thing we'll look at are reports and here you can view status and trends for the compliance of your Microsoft 365 devices data identities apps and infrastructure the next thing we'll look at is the solution catalog so here you can discover learn about and start using the intelligent compliance and Risk Management Solutions available to your organization the solution catalog is categorized into cards and further divided into subcategories based on your needs for example we have information protection and governance then there are four other subcategories such as data lifecycle management data loss prevention information protection and Records management there are a few more listed below like privacy Insider risk management and Discovery and response another important component of Microsoft purview is audit an audit can be used when you need to find out if a user deleted a document or if an admin resets someone's password you can search The Office 365 audit log to find out what the users and admins in your organization have been doing you'll be able to find activity related to email groups documents permissions directory services and much more next we have Microsoft purview e-discovery in Microsoft purview provides a basic e-discovery tool that organizations can use to search and Export content in Microsoft 365 in office 365. you can also use the discovery to place an e-discovery hold on content locations such as exchange mailboxes SharePoint sites OneDrive accounts and Microsoft teams there are three types of e-discovery standard premium and user data search next we have information protection you can Implement capabilities for Microsoft purview information protection to help you discover classify and protect sensitive information wherever it lives or travels then we have Insider risk management so this helps address risks in the modern workplace you can detect risky activity like sensitive data leaks and theft security policy violations and health record access get insights into potential Insider risks an Insider risk analytics helps quickly identify potential risks in your org and recommends policies to address them collaborate on investigations seamless workflows allowed to teams across your org to work together on reviewing and taking action on potential risks built with privacy in mind protect users privacy by pseudonymizing their names across all Insider risk features so those are some of the key important components of Microsoft purview hey this is Andrew Brown from exam Pro and we're taking a look at the pricing models for Microsoft cloud services starting with Cloud solution provider abbreviated as CSP so the CSP program helps you be more involved in your customers businesses Beyond reselling licenses and may include the following benefits deeper customer engagements so you can meet with customers on a regular basis to gain a better understanding of their business and demands you can get increased profits so increasing your support in Billing Services whether directly or through a third party source and opens up new revenue streams the CSP program adds value you'll be able to offer customers industry-specific Solutions bundled with Microsoft products and it provides managed services so you'll be well positioned to meet customer demand for managed Services the CSP program provides a pay-as-you-go subscription model with per user per month pricing that enables your business to scale up or down from month to month as your needs change so there are two models in the CSP program there's the indirect model and the direct Bill model for the indirect model you may consider this model if you want to provide more services to your customers but need some infrastructure support for services like billing the indirect model is a two-tier selling approach through indirect providers and indirect resellers and direct providers offer billing customer service and technical support during the sales cycle and post deal closing they handle a lot of the backend processes enabling the indirect reseller to focus on finding and closing deals indirect providers typically are large well-vetted companies and the indirect model your organization would likely be an indirect reseller so indirect resellers are responsible for finding customers and selling and due to the support from indirect providers you can focus on selling and growing your customer base looking at the direct model so you may consider the CSP direct model if your business already has or is intending to develop appropriate sales billing and support infrastructure in the direct model partners by Microsoft products and subscriptions directly from Microsoft and sell them to their clients through their own sales staff you should meet the following requisites you'll require an active Microsoft partner network ID for the location you're enrolling in you should have an existing customer support infrastructure you'll require an existing customer billing infrastructure and you'll need funds to invest in technical integration and support Readiness so that's the Cloud solution provider program and the two models offered indirect model and direct build model hey this is Andrew Brown from exam Pro and we're taking a look at another pricing model for Microsoft cloud services called Enterprise agreement so the Microsoft Enterprise agreement is designed for businesses looking to license software and cloud services for at least three years it provides built-in savings ranging from 15 to 45 percent and the Enterprise agreement offers the best value to organizations with 500 or more users or devices so it's really cost effective for more larger sized organizations some of the benefits of Enterprise agreement include it's manageable so it gives you the flexibility to buy cloud services and software licenses under a single organization-wide agreement you can choose from Microsoft cloud services on premises software or a mix of both and migrate on your own terms the software Assurance provides your company with 24x7 technical support planning services and user and Technical Training and Innovative Technologies and you can manage licensing throughout the life of your agreement with the help of a Microsoft certified partner or a Microsoft representative so that's the Microsoft Enterprise agreement Andrew Brown from exam Pro and we're taking a look at the billing and billing management options in Microsoft 365. so a billing account is created when you sign up to try or buy Microsoft products at Cloud settings invoices payment methods and purchases are all managed through your billing account so these are the current types of billing accounts available in the Microsoft 365 admin Center the first one is the Microsoft online services program so this billing account is created when you sign up for a Microsoft 365 subscription directly the second one is the Microsoft products and services agreement program and this Billy account is created when your organization signs an mpsa volume licensing agreement to purchase software and online services and the third one is the Microsoft customer agreement so this billing account is created when your organization works with a Microsoft representative and authorized partner or purchases independently moving on to the Bill management section so Microsoft 365 billing is managed from the Microsoft 365 admin Center you can manage the subscriptions view billing statements update payment methods change your billing frequency and more in the admin Center the following describes what can be reviewed and modified in the Microsoft 365 admin Center so you can upgrade renew reactivate or cancel subscriptions view the number of purchase licenses and how many of those licenses are assigned to individual users for each service view a bill invoice and pass billing statements you can modify payment methods like updating deleting replacing and adding other types of payment modify your billing frequency to monthly or annual billing you can buy and manage other services or features So based on your Microsoft 365 subscription you can add on things like Microsoft Defender for Office 365 Microsoft teams calling plan and more you can also manage your billing notification emails and invoice attachments like the list of email accounts of who should receive automated billing notifications so that's the billing and Bill management options for Microsoft 365. hey this is Andrew Brown from exam Pro and we're taking a look at billing profiles in Microsoft 365. so a billing profile contains a payment method built-in information and other invoice settings such as purchase order number and email invoice preference you use a billing profile to pay for the products that you buy from Microsoft a billing profile is automatically created when a user makes a self-service purchase and each billing profile is invoiced separately so here's a table listing all of the billing profile roles and describing what they do roles on billing profiles have permissions to control purchases and you can view and manage invoices so you would assign these roles to users who track organize and pay invoices for example you can assign certain members of your Finance team the role of a billing profile contributor the first role we have is billing profile owner so you can manage everything for a billing profile the second role is billing profile contributor so you can manage everything except permissions in a billing profile the third role is billing profile reader with this role you can read only view of everything in a bill billing profile and the last role is invoice manager this role lets you view and pay bills and has a read-only view of everything in a billing profile so those are the billing profiles in Microsoft 365. hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft 365 subscription plans Microsoft 365 has a lot of different subscription plans to Target the right people or organization of any size and within the subscription plans there may be different tier levels so it can be a lot to take in but we'll provide a brief overview of them so the following list describes the subscription Plans offered we have Microsoft 365 for home and this consists of Microsoft 365 personal and Microsoft 365 family personal is for a single person with multiple devices and family is for up to six people we have Microsoft 365 education and this is for educational institutions it has two subscription plans for faculty and students that include different features A1 A3 and A5 Microsoft 365 government is for government institutions and it has two subscription plans that include different features G1 G3 and G5 Microsoft 365 business is for small to medium-sized organizations that have up to 300 employees it has four subscription tiers that include different features Apps for business business basic business standard and business premium Microsoft 365 for Frontline workers is designed to empower Frontline workers and optimize Frontline impact it has three subscription tiers that include different features F1 F3 and F5 and we have Microsoft 365 Enterprise so this is for Enterprise size organizations and has four subscription tiers that include different features apps for Enterprise E3 E5 and F3 your organization can also choose from three Office 365 subscription tiers E1 E3 and E5 so those are the Microsoft 365 subscription plans currently available and we'll go over some of the important ones in Greater detail in the next sections hey this is Andrew Brown from exam Pro and we're taking a closer look at Microsoft 365 for business which is designed for small and medium-sized organizations it offers the full set of Office 365 productivity tools and includes security and device management features however it doesn't include some of the more advanced information protection compliance or analytics tools available to Enterprise subscribers it's typically designed for organizations that need up to 300 licenses and as we mentioned before there's four available plans for Microsoft 365 for business so we have apps for business business basic business standard and business premium so looking at a general overview of what each plan has to offer starting off with the lowest cost plan we have Microsoft 365 business basic and so this provides chat call meet up to 300 attendees weapon mobile versions of office apps one terabyte of cloud storage business class email Standard Security and anytime phone and web support the apps and services in this plan include Word Excel PowerPoint teams Outlook Exchange OneDrive and SharePoint the next plant is Microsoft 365 Apps for business and this has essentially everything in business basic including desktop versions of office apps with premium features but it doesn't include things like business class email it also has apps and services like access PC only and publisher Microsoft 365 business standard has everything in business basic including desktop versions of office apps with premium features easily host webinars attendee registration and Reporting tools and manage customer appointments the last plant available is Microsoft 365 business premium which is the most expensive plan and this is everything in business standard including security features like Advanced security access and data control and cyber threat protection it also has apps and services like InTune and Azure information protection so that's all the Microsoft 365 for business subscriptions available and the features each of them include hey this is Andrew Brown from exam Pro and we're taking a closer look at Microsoft 365 Enterprise subscription plans and these plans provide Enterprise class services to organizations that want a productivity solution that includes robust threat Protection security compliance and analytics features like we briefly mentioned before there are three available plans for Microsoft 365 Enterprise there's E3 E5 and F3 which is formerly F1 so the E5 plan is the most expensive plan and it includes all the same features as E3 but it also includes the latest Advanced threat Protection security and collaboration tools and the F3 is designed for first-line workers through purpose-built tools and resources that allow them to do their best work and here you can see the prices of each subscription plan in a brief summary of what they offer so here's a table listing all of the features included in each plan you can see that all the plans fully include M365 apps like PowerPoint Word and Excel email and calendar features like Outlook and exchange device and app manage management features like Windows social and internet features like SharePoint and Yammer files and content features like OneDrive in stream Work Management features like planner to do and power apps and Security Management that E3 and F3 only partially includes things like meets and voice identity and access management information protection and compliance management so that's the Microsoft 365 Enterprise plans hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft 365 licenses so what is a license well a license allows your users to use the features and services included in the subscription plan Microsoft 365 products and services are available as user subscription licenses abbreviated as usls and are licensed on a per user basis so the following list describes the options that are available the first option are full usls and these are for new customers who haven't previously purchased Microsoft products and services the second option or ad on usls and these are for on-premises software customers who want to add Microsoft 365 Cloud products and services the third option are from saus and these are for on-premises software Assurance customers that want to transition to the cloud the last option we have are step up usls and these are for customers who want to upgrade the level of their service and so each user accessing Microsoft 365 products and services is required to be assigned to USL administrators manage licenses in in the Microsoft 365 admin Center they can assign the licenses to individual user or guest accounts now taking a look at the Microsoft 365 add-on licensing options so Microsoft 365 business plans have add-ons that you can purchase for your subscriptions and these add-ons provide more capabilities to enhance your subscription there are currently two types of add-ons available the first type of add-ons are traditional add-ons and these are linked to a specific subscription and if you cancel the subscription the linked add-on is also canceled the second typer Standalone add-ons and these appear as a separate subscription on the your products page within the Microsoft 365 admin Center they have their own expiration date and are managed the same way you would any other subscription so those are the Microsoft 365 licenses and add-on options hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft 365 service life cycle so typically a product or service life cycle has three phases the first phase is private preview then the second phase is public preview and the third phase is General availability abbreviated as GA and when a product or a service retires it reaches the phase end of support so let's take a closer look at these three phases including the end of support looking at private preview so in this phase Microsoft May release a product or service to a limited number of users to test and evaluate new features or functionality this does not come with formal support and users are allowed to sign up to be members but the preview releases it made available to the public next we have public preview and in this phase Microsoft typically releases public previews of products and services before their General availability release to receive feedback from a broad range of users this phase allows users to explore and test upcoming functionality and users may also receive some limited support depending on the product or service service moving on to General availability so after the public preview is completed Microsoft releases the product or service the product or service now becomes available to all customers with formal support known as the release version the products and services in this phase have been through a full development and test life cycle to ensure stability and reliability and with Microsoft 365 new features are added to the products and services periodically taking a look at end of support So eventually older products or retired Services can no longer be supported and these products and services will reach the end of support once a product or service reaches end of support it will no longer receive updates or assisted support customers are encouraged to migrate to the latest version of the product or service so that's the Microsoft 365 service life cycle hey this is Andrew Brown from exam Pro and we're taking a look at the Modern Life Cycle policy for Microsoft 365. so Microsoft 365 is covered by the Modern Life Cycle policy and this covers products and services that are serviced and supported continuously if the following conditions are met products and services governed by the Modern Life Cycle policy will be supported the first condition states that customers are to stay current as per the servicing and system requirements published for the product or service stay current means that customers accept and apply all servicing updates for their products and services the second condition states that customers must be licensed to use the product or service and the last condition states that Microsoft must currently offer support for the product or service also under the Modern Life Cycle policy Microsoft gives a minimum of 12 months notice before ending support for products so that's a quick overview of the Modern Life Cycle policy foreign hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft 365 roadmap portal which is typically used for organizations to plan for the future Microsoft regularly includes updates for its products and services in the Microsoft 365 roadmap the roadmap is the central location for business decision makers at professionals and anyone else who's interested to see what's coming next it was created to help you plan communicate changes and take full advantage of your Microsoft 365 subscription so the visual on the right simply shows the layout of the Microsoft 365 roadmap here you can search for specific items you're interested in filter the items based on product release phase platform and More You could also view which items are currently in development the ones that are rolling out and launched so the roadmap displays feature cards that include the title status release dates product category platform and Cloud instance the roadmap also groups the features into three update phases the first update phase is called in development the second is rolling out and the last phase is lodged the following list describes what the Microsoft 365 roadmap allows you to do you can search by product keyword or feature ID filter by product release phase Cloud instance platform or new or updated sort by General availability date or newest to oldest it lets you download the current features in development as a CSV file you can view additional information about each update use the RSS feed to be notified of feature updates in real time and you can share an entire roadmap page or email a single feature to find out what features and functionality are coming navigate to microsoft.com www.microsoft 365 roadmap hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft roadmap portal we'll be looking at some of the key features and things you can find in the Microsoft roadmap portal so in general the Microsoft 365 roadmap lists updates that are currently planned for applicable subscriber and provides estimated release dates and descriptions for commercial features you can get the latest updates on their Best in Class productivity apps and intelligent cloud services so on this page you can search for a specific item that you're interested in you can filter the items below to however you want and the products filter there is a very large list of Microsoft products you can choose from such as Microsoft 365 Microsoft 365 admin Center Microsoft 365 compliance Center teams and many more you can filter based on release phase such as general availability or targeted release you can also filter based on the type of platforms such as Android desktop iOS mac and more there's also the cloud instance and new or updated ones too there's the option to filter based on ethereum development which are updates that are currently in development and testing rolling out which are updates that are beginning to roll out and are not yet available to all applicable customers or launched which are fully released updates that are now generally available for applicable customers you can filter in any sort of combination you prefer so let's look at one example here so this is called Microsoft 365 admin Center groups group driven membership management we can see that this is currently in development so you'll be given a bunch of information on this specific update this includes a description of the update the feature ID 83113 the data was added to roadmap and the data was last modified it'll provide you with the product Microsoft 365 admin Center the Cloud instances GCC High DOD GCC worldwide platform webbit and release phase General availability so there's a large list of updates here and you can narrow it down using filters according to your preferences so that's a quick overview of the Microsoft 365 roadmap portal hey this is Andrew Brown from exam Pro and we're taking a look at the Support options for Microsoft 365 services so administrators and users in your organization may have difficulty resolving issues on their own it's reassuring to know that they can get help with Microsoft 365 Services anytime they need it through a variety of Support options the support option chosen to deal with a particular issue depends on the tool or service where the issue has arisen the type of subscription your organization uses and the kind of support your organization needs so here's a list of ways your organization can get access to support the first is through community-based support this is where the Microsoft 365 Tech Community provides community-based support for your organization allowing you to collaborate with others and solve challenges then we have proactive support so your organization can install the Microsoft support and recovery assistant to help identify Problems by running tests and offer the best solution for those problems then we have web chat email and phone support So your organization can submit issues to Microsoft support for technical billing and subscription support via email online web chat or phone we have pre-sale support your organization is provided with assistance on subscription features benefits and your purchasing decision for Microsoft 365 Services then there's Fast Track This is where your organization can connect with expert Microsoft Engineers project managers and resources to help deploy Microsoft 365 services and resolve issues then we have Premier support for Microsoft 365. so your Enterprise organization can receive on-site support a dedicated technical account manager and access to advisory Services the last support option is you can get support through a Microsoft partner this is where your organization can get support directly through a certified Microsoft 365 partner so that's the Support options for Microsoft 365 services hey this is Andrew Brown from exam Pro and we're taking a look at how to create a support request so if you need help with using Microsoft 365 you can create a support request through the Microsoft 365 admin Center here is a visual showing the Microsoft 365 admin Center and here you would navigate to the support section and click on new service requests to create one the second visual here simply shows the service request history so you would click on view service requests and you can see the history of what service requests you submitted before and you can check on the status of the service requests for any replies so the following steps describe how to create a support request as an administrator the first step is to sign into the Microsoft 365 admin center with your Microsoft 365 admin account in the left navigation menu select show all to expand the rest of the options select support to expand the Support options select new service request so you've seen these steps so far from the visuals on the previous slide now on the right a support window will open where you can enter your support question and view the results that's the visual on the right here showing it and if the recommended instructions or articles don't answer your questions select on the headset iCloud at the top or select contact support at the bottom to contact technical support still in the required information like title description preferred contact method Etc and select contact me and a support agent will contact you so those are the instructions on how to create a support request hey this is Andrew Brown from exam Pro and we're taking a look at the service level agreement Concepts abbreviated as SLA in Microsoft 365. so Microsoft 365 Services guarantees level of service for your organization in a detailed legal agreement referred to as a service level agreement Microsoft details its commitment to provide and maintain agreed service levels for M365 Services through its Microsoft online services agreement your organization can also take advantage of the service level agreement with your cloud service provider note that the guarantees of service provided for Microsoft 365 services will vary between cloud service providers so Microsoft's online service level agreement introduces several Concepts the first one is incident and this is a set of events or single event that results in downtime the second one is uptime this is the total time your services are functional the next one is downtime and the definition of downtime depends on the relevant service for example with Microsoft teams any period of time where users are unable to initiate online meetings see present statuses or unable to instant messages considered downtime your downtime reduces the total time your services are functional then we have claim so a claim raises information about an incident and your organization is responsible for submitting a claim on an incident the next concept is an important one called service credit and so service credits are submitted by the organization's admin if the claim is successfully approved by Microsoft your organization will receive service credits the service credit will be the percentage of the total monthly fees your organization paid for the month where you experience downtime then we have service level and this is the performance metric set forth in the SLA that Microsoft agrees to meet in the delivery of the services and the last concept is uptime agreement and the uptime agreement is defined by the monthly uptime percentage which we'll explain a bit more in the next slide so downtime is any period of time when office applications are put into reduced functionality mode due to an issue with Office 365 activation and the monthly uptime percentage is typically calculated using the following formula but this may not apply to every service so user minutes minus downtime divided by user minutes times 100 where downtime is measured in user minutes that is for each month downtime is the sum of the length of each incident that occurs during that month multiplied by the number of users impacted by that incident the percentage of service credit your organization can receive is linked to your monthly uptime percentage for example if downtime has resulted in a monthly uptime percentage lower than 95 percent your organization could receive a 100 percent service credit and the table here describes the monthly uptime percentage and corresponding service credit so if the monthly uptime percentage is less than 99.9 percent you could get 25 service credit if the monthly uptime percentage is less than 99 you could get 50 service credit and if it's less than 95 percent you could get 100 service credit so your organization should always review all service level agreements and ask questions including the following list if you're using a cloud service provider how does it determine service levels and whether they're achieved or not who is responsible for reports how can your organization access reports are there any exceptions in the agreement what does the agreement say about both unexpected and scheduled maintenance what does the agreement say about what happens if your infrastructure goes down because of an attack what about natural disasters and other situations outside of your control does the agreement cover not Microsoft service or system failures what are the limits to the cloud service provider's liability in the agreement so that's the overview of SLA hey this is Andrew Brown from exam Pro and we're taking a look at the health status of Microsoft 365 services so the Microsoft 365 admin Center allows your organization's administrators to see the current health status of each of your Microsoft 365 services and tenants they can view the history of services that have been affected in the last 30 days and information about current outages or disruptions to Services viewing the health can help you figure out whether you're dealing with a known issue that has a solution in progress you can go to Select Health under the left navigation pane then service Health to access it so if your organization is experiencing a service issue your administrators can report it by going to reported issues select report and issue and complete a short form administrators can view specific details about service issues selecting incidents or advisories your organization can set up notifications for any new incidents or for updates to any active incidents that might affect your organization Microsoft provides two different types of notifications the first one is unplanned downtime this is where in incident has caused a service to become unresponsive or unavailable and the second one is plan maintenance where Microsoft regularly carries out service updates to the software and infrastructure that runs Services Microsoft also analyzes unplanned service incidents for you through post-incident reviews you'll receive a preliminary review within the first two days of incident resolution and a final review within five business days the final post incident reviews will detail the following information how you might have been impacted and how the user experience was impacted a date and time breakdown detailing when an incident started and when it was resolved and an analysis of the root cause and what actions are to be carried out to prevent the incident in the future so your organization can keep track of the health status of services in different ways first we have admin app this lets you view and stay up to date with the health status of the services on the go then we have Microsoft System enter which allows you to view all service Communications from within system center if your organization has the Office 365 management pack and API you can use the Office 365 service Communications API to create or use tools that can connect and monitor the service status for you in real time to protect and keep your organization's data available Microsoft does the following data storage redundancy so Microsoft stores your data through multiple levels of redundancy using data replication and secure data protection capabilities monitoring data so your databases are monitored for you and your data is monitored packet loss latencies and queries and more preventative measures so Microsoft regularly carries out checks for database consistency reviews of error logs and more so that's an overview of the health status of Microsoft 365 services hey this is Andrew Brown from exam Pro and we're taking a look at how organizations can communicate with Microsoft about product and service improvements so Microsoft has various channels for you to submit feedback about Microsoft 365 products and services for example if you're using feedback which is the community feedback web portal you can submit new feedback directly within the web portal you can participate in existing feedback by voting or commenting on existing topics and you can review feedback you've submitted it's impact and Status by viewing official responses from the Microsoft product teams so the following list describes the ways you can communicate directly with Microsoft feedback and product experiences Windows feedback Hub Microsoft Tech Community Microsoft store and user voice forums use these sites to share your ideas and contribute to the Improvement of Microsoft products and services for your company and other users around the world taking a look at feedback in Greater detail so the community feedback portal lets you tell Microsoft about any problems you run into while using Microsoft 365 Community feedback allows you to browse or vote on feedback from the community community feedback is publicly displayed within different forums and your username will be displayed by feedback you submit publicly or comments you provide looking at the visual here you can select which service you're interested in or have feedback for and click into it in this case it's Microsoft teams and so you'll see lots of posts from the community about improvements and feedback and you can send your own feedback as well navigate to feedbackportal.microsoft.com to access it taking a closer look on submitting feedback selecting a form allows you to see all feedback related to that product and you can upvote or comment on feedback that matches yours if you don't see feedback that is similar to your own you can submit new feedback through the portal itself here are some guidelines for good feedback make your title concise and descriptive this will help others find and upvote your feedback send one thought per feedback information about your device operating system and applications are automatically included in each reported feedback back taking a look at the Microsoft Tech Community which is a place to interact with it Pros developers and end users along with Microsoft the focus of the site was initially on Office 365 but now encompasses Azure Enterprise Mobility Plus security and many other Microsoft Technologies communities are for different Microsoft products and solutions members can join communities that interest them navigate to techcommunity.microsoft.com to access it here are some of the benefits of participating in the Microsoft Tech Community influence Microsoft with feedback constructive comments and ideas help other members with Solutions or insights on problems learn about best practices new features and get the latest information from Microsoft ask questions and get help from peers access content from special events like Microsoft ignite and the Microsoft tech Summit take part in online events such as ask Microsoft anything and get recognition for overall contributions to the community with member of the week or ranks like super contributor so that's how you can share feedback on Microsoft 365 services for improvements and more Andrew Brown from exam Pro and we're taking a look at how to create and manage technical support cases in the Microsoft 365 admin Center so on the left pane of the Microsoft 365 admin Center portal click on support then click on new service request on the how can we help page provide a description of your problem and the system will provide a list of Articles which could potentially apply to your issue or help solve them the autocomplete function of the search box will pop up the most relevant articles for your case or in some cases a Diagnostics wizard May pop up to further guide you through issue resolution in this example we are requesting support because we are having issues and can't install office this pops up a run diagnostic section and provides an article on how to resolve this issue it provides an explanation on the topic in a step-by-step guide on how to resolve the issue it also provides recommended articles at the end of The Help window if the article suggests it does not meet your needs if the automated help is not sufficient you can click on the headset icon on the top to request assistance from a support agent and open a support case in this case you must provide a title and description of your case you must also provide a telephone number and contact email address and consent to the recording of calls or not afterwards you should choose your preferred method of communication there are four options available chat with a support agent phone with a response time of within five hours email with a response time of within one hour or schedule a callback for a specific date and time we'll go with the option email since it's the most convenient for us you can optionally add attachments to further assist the support agents in troubleshooting your case you have Regional settings where you can provide a time zone and optionally an alternative language of communication other than English after you have provided all information for your new technical case click on the contact me button this will create a new unique support case ID and you should receive confirmation through email to view service requests to view the status of the service requests you have already created browse to support view service requests from this page it provides a list of all your existing service requests as well as your previous service requests you can export all service requests and manage existing service requests by reviewing existing notes or by adding new notes as a response to an action item which has been identified by the support agents this page is the best way to track the progress of your support cases and see the full history of changes carried out while troubleshooting your issue so that's how you can create and manage technical support cases in the Microsoft 365 admin Centerhey this is Andrew Brown your Cloud instructor in exam Pro and I'm bringing you another complete study course and this time it's the Microsoft 365 fundamentals course made available to you here by freecocab so this course is designed to help you pass and achieve the MS 900 Microsoft 365 fundamental certification and the way that we're going to do that is by going through lots of lecture content and doing follow alongs in your own account we've got a full free practice exam so you can simulate the real exam and we've got cheat sheets on the day of the exam that you can use and cram that last minute knowledge so you pass the exam take that certification and prove on your resume or LinkedIn you have that Microsoft 365 knowledge and get that job or promotion you've been looking for just a bit about myself I was previously the CTO of multiple Ed tech companies with 15 years industry experience five years specializing in the cloud I'm in a WS Community hero I've published many many free Cloud certification courses just like this one and I love Star Trek and coconut water I just want to take a moment attack viewers like you for making these free courses possible because the two who buy our additional study material that allow us to produce these free courses if you're looking for more ways of supporting more free courses just like this one the best way is to sign up on exampro.com and in particular for this certification it's ms-900 to get that additional study material there you can get study notes flash cards quizlets downloadable lecture notes which are the slides to all the lecture videos downloadable cheat sheets practice exams you can ask questions and get learning support and more and just by signing up for free you're going to get that free practice exam and cheat sheets with no credit card required and no trial limit so if there are updates of this course the best way is to look on the YouTube and to see if there has been an update you'll click that and that's where you're going to see things like Corrections additions and modifications to make sure you are using the latest version of this course and to keep up to date for upcoming courses the best way is to follow me on Twitter at Andrew Brown and if you do pass the exam or you'd like to know or would like to suggest what course to be produced Next you can go tell me that on Twitter Andrew Brown from exam Pro and we're at the start of our journey asking the most important question first which is what is the ms-900 Microsoft 365 fundamentals so the Microsoft 365 fundamentals is an entry-level Microsoft certification it has absolutely no prerequisites so you don't need to have any prior cloud or SAS knowledge to learn this specific course the course teaches the cloud fundamentals such as Cloud Concepts types of cloud computing and the benefits of migrating to a cloud environment compared to an on-premises infrastructure the core Microsoft 365 services and Concepts we'll be going through the Microsoft 365 solutions that improve productivity facilitate collaboration and optimize Communications such as SharePoint online Microsoft Viva and Microsoft teams we'll cover topics related to the endpoint and deployment options in Microsoft 365 like Microsoft endpoint manager Azure virtual desktop and windows as a service security compliance privacy and Trust in Microsoft 365 like multi-factor education and Defender 365 and we'll cover the Microsoft 365 pricing of subscriptions licenses and support offerings for services here's a simple definition of what Microsoft 365 is so Microsoft 365 formerly Office 365 is the line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line it's a superset of Office 365 with Windows 10 Enterprise licenses and other cloud-based security and device management products so who is this certification for well you should be considering the Microsoft 365 fundamental certification if you are new to cloud and want to learn the fundamentals and benefits of adopting cloud services in general and the software as a service Cloud Model specifically you are a business user administrator or IT professional you want to understand the capabilities of Microsoft 365 and how to build basic Solutions and deploy cloud services in your organization you are a senior Cloud engineer or Microsoft 360 C5 administrator who needs to reset or refresh their knowledge after working for multiple years so now let's take a look at the Microsoft 365 certification roadmap to see where we would go after the Microsoft 365 fundamentals and what kind of roles would be associated with those certifications so at the start you get your Microsoft 365 fundamentals which is at the fundamental level after that we have the associate level certifications such as the modern desktop administrator teams administrator developer or Security administrator it's really up to you to choose which field you're interested in a common route would be something like taking the modern desktop administrator at the associate level then moving to the Enterprise administrator at the expert level it's also common for people to take multiple of these associate level certifications it doesn't have to be just one this is to ensure they have a wide range of knowledge on all of these areas for possible career openings also if you find the cloud to be really cool and interesting you have options such as Azure administrator and Azure developer from there you you could possibly take the Azure Solutions architect or devops engineer at the expert level so you see there are several options for you to choose from and these are not all the ones on the list once again it's up to you to decide what you want to specialize in and there is no perfect route but these are just a few suggestions for you to decide on your own so how long is it going to take to pass this certification well it's going to really depend on your background but if we had to generalize it we can look at it as kind of a scale and so if you are at the beginner level you're looking at roughly 15 hours and when we say beginner we're saying someone that has never used Microsoft 365 or Office Products like OneDrive teams SharePoint purview Etc someone that has never used Microsoft Azure or any cloud provider or someone that has no Tech background or experience and when we're looking at the other side of the Spectrum which is someone that is experienced we're looking at somebody who can watch this at 1.5 to 2 times speed and are able to absorb this information very quickly so they have practical working experience with Microsoft 365 and is very familiar with using them they have experience with Microsoft Azure or any cloud provider like a WS or gcp so they can easily translate that knowledge or they have a strong background in technology where they've worked in the industry for many years and so you know their study time is going to be a lot shorter at five hours or less and so on average most people are going to take about 10 hours to study for this course and when we talk about the kind of stuff you'll be doing it's going to be 50 lecture in labs and we call them follow-ons where the idea is you follow along in your own account and then 50 is the practice exams so if you look at the length of the content which is around four hours then you know you should spend as much time doing practice exams to pass and the recommended time to study is about one to two hours a day for roughly eight days so what kind of effort are we going to have to put in to pass the exam well you have the watch the lecture videos and memorize key information you'll need to do Hands-On labs and follow along with your own account although as a fundamental certification the certification is not very heavy on hands on material but it will still provide a much greater understanding of the topics you'll need to know for the exam and you will need paid online practice exams that simulate the real exam and the last two here were things that I used to never suggest because you could literally just watch the videos and pass however Microsoft has recently updated this exam so it's more difficult and so for these last two points you do have to do these two things for the paid online practice exams that can be hard for some people so I've made it easier for you by providing you with a full free practice exam on exampro.co ms-900 and so you just have to sign up with no credit card required and you'll get a full set of questions that simulate the real exam so for the contents of the exam it is composed of four domains and each domain has its own weighting which determines how many questions in a domain that will appear so for domain one which is cloud Concepts we're looking at 10 to 15 percent for domain two core Microsoft 365 services and concept tips we should expect 50 to 55 percent of the questions from there this is where the most amount of questions are from for domain three security compliance privacy and Trust in Microsoft 365 we're sitting at around 15 to 20 percent of the questions and for domain four Microsoft 365 pricing and support we have roughly 10 to 15 percent of the questions so just to emphasize for domain two you will need to know a wide range of the core Microsoft 365 services but you also need to know in depth about the core services so where do you take the exam well at an in-person test center or online from the convenience of your own home Microsoft has partnered with the test center Network Pearson View and it offers in person or online and these exams are proctored meaning there is somebody watching you to ensure that you are not cheating in order to pass the exam you have to score 700 points out of a thousand and so 700 generally equates to 70 percent but it's around 70 percent because Microsoft uses scaled soaring meaning that they could adjust it based on how many people are passing or failing so always aim to get higher than 70 percent the exam contains 43 to 50 questions so you can afford to get roughly 10 to 12 questions wrong there is no penalty for wrong questions like minus one so you should always choose an answer and the questions come in a few formats multiple choice multiple answer drag and drop and yes or no questions the duration of the exam is one hour or 60 minutes so you have a little more than one minute per question the exam time is 60 minutes but the seat time is 90 minutes see time refers to the amount of time to review instructions Show online Proctor your workspace read and accept NDA and complete the exam and provide feedback and when you do pass the exam the exam is valid forever Microsoft's fundamental level exams do not expire and you do not need to do a recertification so that about covers the introduction of the course foreign hey this is Andrew Brown from exam Pro and we'll be going through an exam guide breakdown of the Microsoft 365 fundamental certification so the first thing you want to do is to go to this link here docs.microsoft.com and dash us slash certifications slash exams slash ms-900 and once you're here you want to navigate to this link called Ms 900 study guide this will open a neatly organized study guide that Microsoft has prepared for us for the Microsoft 365 fundamentals exam we've already covered a general overview on what the exam is who the exam is for and a brief overview on the topics but we'll need to cover the exam breakdown in more detail this is the section we're looking for the objective domain skills the exam measures so we already covered the four main domains describe Cloud Concepts describe core Microsoft 365 services and concepts with the emphasis of 50 to 55 percent describe security compliance privacy and Trust in Microsoft 365 disc Microsoft 365 pricing and support I won't be going through the entire list because it's quite long but I'll point out the ones I know for sure will be on the exam starting with Microsoft SAS iOS and pass offerings the differences between Office 365 Microsoft 365 and Windows 365 you'll need to know public private and hybrid scenarios and compare advantages of cloud-based Services versus on-premises services for the core Microsoft 365 services and Concepts you'll definitely need to know all of these Services listed you'll need to know a brief description of what it is when it's used for some of its key features how does it improve productivity or collaboration Etc I'll just point out the ones I saw mentioned a lot on the exam so Microsoft Outlook and Microsoft Exchange Microsoft 365 apps in OneDrive Microsoft teams SharePoint the ever and Microsoft Viva there will definitely be some questions on Microsoft endpoint manager Windows 365 Cloud PC and Azure virtual desktop deployment and release models for Windows as a service including deployment Rings Viva insights and you'll definitely see Microsoft 365 admin Center and Microsoft 365 user portal for the security compliance privacy and Trust in Microsoft 365 section you'll definitely see principle of least privileged access identity and access management capabilities in Microsoft 365 including Azure active directory and Azure identity multi-factor authentication conditional access Microsoft 365 Defender Defender for endpoint Defender for Office 365 Defender for identity and the Microsoft Defender portal Microsoft secure score Azure Sentinel service trust portal and compliance manager DLP compliance scores and you'll see a bit of auditing and e-discovery solutions for the Microsoft 365 pricing and support domain pricing model for Microsoft cloud services including Enterprise agreements Cloud solution providers Direct filling available base licensing and management options there were definitely some questions on private public preview and general availability options Microsoft 365 roadmap portal you'll need to know how to create a support request for Microsoft 365 services and you'll need to know the service level agreements once again there's a lot on the list so I couldn't name all of them so name the ones I thought were the most important but throughout the course we'll definitely cover all of the material in great detail foreign hey this is Andrew Brown from exam Pro and we're starting at the beginning of our journey asking the most fundamental question what is cloud computing so looking into the dictionary cloud computing is described as the practice of using a network of remote servers hosted on the internet to store manage and process data rather than a local server or a personal computer so when we're talking about local we describe this as being on premise so being your own office or your own Data Center and this is where you own the servers you hire the IT people you pay the rent or the real estate you take all the risk whereas with a cloud provider if you're utilizing them it's someone else who owns the servers someone else who hires the IT people someone else who pays or rents the real estate and you are only left would be responsible for configuring your cloud services and code and someone else takes care of the rest sounds great doesn't it so now what I want to do is just give you a quick overview of how servers have evolved what we describe is cloud computing from a technical perspective and we'll probably dive deeper into this later in the course but we're just going to get a good overview here to understand from a business perspective so way back in the day what we had was dedicated servers if you wanted a server to run your web app or your technology what you had to do is you had to go buy a single dedicated physical machine and that was for one specific business dedicated servers are still used today but there's some downsides with them they're very expensive they're high maintenance however you do get a great level of customization and you potentially can have better Security based on your use case then what came along was virtual private servers where we still had one physical machine but it was still dedicated to a single business so we figured out how to take that physical machine and virtualize it into sub machines so now we can fully utilize or better utilize that physical server with running multiple apps we didn't have to buy four different servers for four different apps we could easily run four web apps into four virtual sub machines then we had shared hosting and this made it a lot easier for anybody who was building websites or wordpresses but the idea here is that you had one physical machine and it was shared by hundreds of businesses so it wasn't a single business sharing the cost it was multiple businesses this relies on most tenants on under utilizing the resources though so if you had 100 people on a server and one person use more of the server than the others then you could all potentially suffer from that case but at the very least you are getting very very cheap servers but there are definitely some limitations so now coming down to Cloud hosting Cloud hosting gives us the best of both worlds so we have multiple physical machines that act as one system which could be described as the cloud and that system is extracted away into multiple cloud services so you get flexibility and scalability it's very secure it's very cost effective and it's highly configurable so that is where we're currently at and that is generally what cloud computing and Cloud hosting is about foreign hey this is Andrew Brown from exam Pro and we are looking at common cloud services so a cloud provider can have hundreds of cloud services that are grouped into various types of services and the four most common types of cloud services for infrastructure as a service which is a topic we will discuss about later would be compute so this is where you have a virtual computer that can run applications programs and code then you have storage so this is where you would have a virtual hard drive that you could store files then you in a virtual networking because you have these computers in storage so you need to put them in some kind of virtual Network to Define internet connections or network isolations and then you have databases so just imagine a database that is running in the cloud or if you're not familiar databases just imagine that it's excel in the cloud but it Powers your web apps one thing I want you to know about the term cloud computing is that even though it says Computing in the word at this point we just use it as a catch-all term so it could refer to all of these categories so when I say cloud computing it could be referring to compute network storage and data database but you can also say cloud storage Cloud compute Cloud databases Cloud networking and people will know what you mean this is Andrew Brown from exam Pro and we are looking at what is Microsoft so you've probably seen this logo before and Microsoft is an American multinational computer technology corporation headquartered in Redmond Washington Microsoft makes software phones tablets game consoles cloud services which is what we care about here today and they even have a search engine and we're not just limited to that list they have tons of stuff but Microsoft is best known for their operating system called a Windows and they've been around since the 1970s so they've been around for quite a while in the tech sphere so now that leads us to the question what is azure so Azure is what Microsoft calls their cloud service provider and so it's called Microsoft Azure where we commonly refer to it as just Azure so here is the logo for it and if you're wondering what is the name behind the service Azure literally means bright blue color of the cloudless sky so that's great you'll hear me say cloud service provider frequently throughout the cloud Concepts portion of the course and it is abbreviated to CSP but that's what Azure is it is a cloud service provider so there you go hey this is Andrew Brown from exam Pro and we are looking at the benefits of cloud computing so what are the benefits well we have a big list here for you starting with cost Effectiveness so you pay for what you consume there are no upfront costs you have pay as you go also abbreviated as poig and you're sharing the cost with thousands of customers so that's how you're getting that low cost another benefit is that you can go Global so you can launch workloads anywhere in the world just choose your own region and you are now in the global market another benefit is that the cloud is secure because the cloud providers take care of the physical security and cloud services can be secure by default or you have the ability to configure access down to the granular level so you have a lot of security controls that you would have and you would normally not have where you'd have to build out on premises now the cloud is also known for being reliable so you can have data backups disaster recovery and data replication and fault tolerance the cloud is also scalable you can increase or decrease your resources and services based on the demand the cloud is also elastic so so you can automate scaling during spikes and drops of the demand when there is no longer the demand for that stuff and finally it's also current so the underlying hardware and managed software is patched upgraded and replaced by the cloud provider without interruption to you and for the last point there are cases of interruption but generally fewer interruptions than you would have on premises so there you go hey this is Andrew Brown from exam Pro and we are looking at the different types of cloud computing and we have this nice pyramid on left hand side to help us understand how each type builds off the other starting at the top of our pyramid we have software as a service also known as SAS and this is a product that is run and managed by the service provider you don't have to worry about how the service is maintained and it just works and remains available so you might not be aware of this but you probably already are using a SAS product so examples of that could be Salesforce or Gmail or Office 365 so those are things that would be considered SAS and these are really for customers so it's just you wanting to use General software on your computer but in the cloud the next category we have is platform as a service abbreviated as pass and so here we focus on the development and management of your applications so you don't have to worry about provisioning configuring or understanding the hardware or operating system and this is really for people that are building apps but they don't think about any of the infrastructure services like this would be elastic Beanstalk on a WS Heroku that is very popular amongst Junior developers which is a third party service for launching web apps and then you have the Google app engine so those are three examples there and these are really for developers so platform as a service makes it easy for developers to build apps on the cloud without worrying about all the stuff underneath at the bottom finally we have infrastructure as a service abbreviated as is and this is the basic building blocks for cloud it so it provides access to networking features computers and data storage space you don't worry about the IT staff data centers and hardware and so examples of infrastructure as a service would be Microsoft Azure AWS or even Oracle cloud and so this is really intended for administrators the main focus of the course will be on Microsoft 365 which falls under the category of software as a service but you will definitely need to understand the differences of the cloud computing types for the exam so that is the three types of cloud computing okay hey this is Andrew Brown from exam Pro and we're looking at the types of cloud computing and responsibilities so we saw the three categories but we don't really understand what it is that we're responsible for and what is the cloud service provider responsible for so let's lay out our categories and we're going to include on-premises into this because technically on premises could be a private cloud and should be in the category here so we have on premises infrastructure as a service platform as a service and software as a service so when we're looking at applications it's going to be the customer's responsibility for on-prem infrastructure as a service and pass but when we have software as a service the cloud service provider is responsible for that when we are looking at the data level it's going to be the same for software as a service the cloud service provider is going to be responsible but for the rest it's going to be the customer and then on the next level for the runtime the cloud service provider will be responsible for the platform as a service and software as a service the customer will be responsible for on-premises and infrastructure as a service for middleware it's going to be the same game for the OS like the operating system that is running on the service it's going to be the same then we get to virtualization the cloud service provider is responsible for the virtualization for infrastructure as a service platform as a service and software is a service so everything except for on-prem then for servers it's the same for storage it's the same and for networking it's also the same so you can see that on premises you're responsible for everything and the farther we move up the types of cloud computing the less responsibility you have hey this is Andrew Brown from exam Pro and we are looking at azure's deployment models the first model we're going to talk about is public cloud and that's where everything is built on the cloud service provider you're not using anything on-prem or in your own data centers everything is running within Azure generally this is known as Cloud native that for some reason Azure calls it the public Cloud so that's what we're going to use in the terminology here so here I have an architectural diagram we have a network on Azure and within that Network we have a virtual machine running in a database running so that would be an example of public Cloud then we have private cloud and so this is where everything is built on the company's data also known as on premises because it's within the premises of the organization like their physical location and an organization could technically be operating their own cloud but it would be private cloud and it could be running an open source Cloud software that mimics what Azure would do such as openstack so it looks very similar but you just put an openstack and it's running a virtual machine or a server and it's also running a database and the last on our list here is how hybrid so with hybrid you are using both on-premises and the cloud service provider and they're connected together and so there's a lot of different networking services that you can use that will facilitate the connection between the two in this case we're using express route express route is a dedicated connection it's like having a fiber optic Line running from your on-premises data center to the Azure Network so it's just one of the ways you can connect and if we wanted to understand the pros and cons I have this nice little table here and we'll just quickly go through it so if you're using public Cloud it's more cost effective for security its screen controls are stronger by default but some people might not find the cloud will meet all their security requirements because of government and Regulatory reasons not because the cloud is not secure but it's just those policies for the level of configuration it's going to be limited based on what the cloud service provider exposes to you so there's a lot of configuration there it's just that if you have your own servers you obviously can do anything and everything with them for technical knowledge you don't need to have as much in-depth knowledge of the underlying infrastructure because as you're not physically setting up servers or networking and everything else now coming down to private Cloud private cloud is the most expensive option on our list so you're going to be paying a lot of money for security there is no guarantee that it is a hundred percent secure because you just don't have the same kind of visibility that you would have with a cloud service provider with all those dashboards it's just so hard to build out all that software but you can meet your security compliance requirements depending on your situation but this is becoming less and less is more governments and larger organizations move over to the cloud you can configure infrastructure exactly how you like because you literally bought the hardware and can do anything you want with it and for the technical knowledge you'll require a serious amount of technical knowledge you might even have a really hard time finding the resources to maintain all that stuff down below we have the hybrid model so this could be more cost effective based on what you offload to the cloud and also the cost of actually moving data back and forth for security you have more to secure but technically some things are easier to secure on the cloud than it is in private so you might have a boost security you're going to get the best of both worlds in terms of configuration and for technical knowledge you're going to need to know both the cloud and how to set things up on premises and that's the most work there and just one more deployment model here I just wanted to briefly touch on Cross Cloud this isn't something that is listed on the actual exam but it's something that you should understand and know and so cross cloud is when you're using multiple Cloud providers some people refer this as multi-cloud or hybrid cloud and so I just have an example here so there's a service called Azure Arc and what Azure Arc does that extends your control plane so you can run containers kubernetes containers on a different platforms and so you could have a WS on the left hand side with eks and gcp kubernetes engine and so you can be running virtual machines and they're all treated like they're on the same network so cross cloud is becoming very popular with extremely large organizations where they have very unique requirements but I definitely want you to know what that is because it just gets left out and it's definitely something that is a part of the industry hey this is Andrew Brown from exam Pro and we're looking at the concept of total cost of ownership also known as TCO so what is the difference between on-premises having your own data centers in comparison with using Azure so you'll notice above it it says capex and Opex we're going to talk about that in the next slide but for the time being we're going to focus on the total cost of ownership so to really make sense of TCO I always use this graphic here and if you're wondering what that is those are icebergs people sometimes think they look like teeth and so just to make this dry a little bit more clear I've added some penguins and a whale so there's no mistaking it and the reason we're using this as a representation is because we have the top of the iceberg which are the costs that we're generally concerned about but then we have those hidden costs those costs that we're not really thinking about underneath the water and if you know icebergs they can be really big underneath so on the left hand side the cost that we generally think of is the software license fees and then for the cloud service provider we look at the subscription fees and so when you're comparing these two sometimes the subscription fees can cost more than the software license fee so you think well we should really just use on-premises because it's more cost effective but when we take in the total cost of ownership and all the costs involved we're going to see a very different picture so on the left hand side if you are on premises you have to deal with the implementation the configuration and the training but you also have to deal with the physical security of your building you have to pay for the hardware you have to pay for the IT personnel you also have to deal with maintenance now on the right hand side on the cloud you still have to do implementation configuration and training but that's about it so there's a big difference in terms of what you have to do and you might ask okay well what is the amount of savings well generally people find that when they move from on-premises to the cloud they save about 75 percent that's a lot of money okay 75 percent of what you generally would spend and so now all this stuff on the left hand side is now azure's responsibility you don't take care of those anymore Azure is going to take care of it for you so that's total cost of of ownership hey this is Andrew Brown from exam Pro and we're looking at Capital versus operational expenditure so on the left hand side we have capex so Capital expenditures on the right hand side we have operational expenditures Opex and so looking at the left hand side capital expenditure is spending money up front on physical infrastructure so deducting the expenses from your tax bill over time a lot of companies especially larger companies are used to dealing with capital expenses and they know how to work their tax bill so that's why a lot of people are afraid to move over to the cloud because they're used to this way of operating but let's talk about some of the things that would be considered a capital expense so again it's anything that's physical and then you're buying it with money up front so computers that would be your server cost if you were to buy hard drives it'd be your storage costs if you bought routers cables or switches for your network if you're purchasing things for backup and archive costs if you had disaster recovery so like an uninterruptible power supply would be an example of that you have your data center costs so that's your rent cooling physical security you have technical Personnel so you're hiring people to do things for you and so with capital expenses you have to guess up for what you plan to spend now let's look at operational expenditure so operational expenditure is the cost Associated when an on-premises data has shifted that cost to the service provider so here in this case it's the cloud service provider and the customer only has to be concerned with non-physical costs so what are some examples of Opex costs well leasing software and customizing features training employees and cloud services paying for cloud support billing based on the cloud metrics so compute usage and storage usage and the advantage here is that operational expenses you can try a product or service without investing equipment so we have flexibility of investment and also from the previous slide covering total cost of the ownership we saw that we have a huge reduction cost so those are two really good reasons to use the cloud hey this is Andrew Brown from exam Pro and we are looking at Cloud architecture terminologies and these are very important to help you conceptualize the advantages of the cloud so we're going to go through these terms and then we're going to go through them again in more detail in further slides so at the top of our list we have availability and this is your ability to ensure a service remains available this is generally known as being highly available or high availability abbreviated to hot that's a term you should know then we have scalability so your ability to grow rapidly or unimpeded then you have elasticity so this is your ability to shrink or grow to meet the demand you have fault tolerance this is your ability to prevent a failure then you have Disaster Recovery this is your ability to recover from a failure this is generally known as being highly durable or high durability so there you go hey this is Andrew Brown from exam Pro and we are looking at the concept of high availability so high availability is the ability for your service to remain available by ensuring there is no single point of failure and or to ensure a certain level of performance so here I have a technical architectural diagram that is describing High availability so the idea behind this is that if you have a server which runs your web application if you were to run redundant versions of your server if anything happened to a single server traffic would always be routed to those other servers and that would allow your service to remain available now having multiple servers is great but what's even better is having multiple servers in multiple data centers because something could happen to a data center it could become unavailable because of the networking issue so by being able to Route traffic to those servers you're going to remain highly available running a workload across multiple availability zones and availability zones is what Azure calls their data centers and shares that if one or two data center becomes unavailable your service will remain available it's very very common to run at least three servers across three data centers now how would you distribute the traffic or manage the traffic to all three well that's where an Azure load balancer comes into play represented as a green diamond with the arrows that is the representation of a load balancer so a load balancer allows you to evenly distribute traffic to multiple servers in one or more data centers and if a data center or server becomes unavailable so in healthy the load balancer will route the traffic to only available data centers with servers so there you go that is high availability hey this is Andrew Brown from exam Pro and we're looking at the concept of high scalability and this is your ability to increase your capacity based on the increasing demand of traffic memory and computing power if you are a growing company you're going to have to scale up you're going to have to get bigger and better servers but there are different types of scaling so the first type of scaling is vertical scaling this is the most obvious one people are going to think of and it's called scaling up what we do is we just upgrade to bigger servers we need bigger stronger and faster computers for instance if your server requires more processing power vertical scaling would mean upgrading the CPUs you can also vertically scale the memory storage or network speed there's another kind of scaling called horizontal scaling and horizontal scaling is described as scaling out what you're doing is you're just adding additional servers because we saw with the high availability we have a load balancer we can distribute traffic to multiple servers and three servers can equal the same thing as one big server so horizontal scaling is when we add more servers of the same size for example if you are hosting an application on a server and find that it no longer has the capacity or capabilities to handle traffic adding a server may be your solution hey this is Andrew Brown from exam Pro and we're looking at the concept of high elasticity and this is your ability to automatically increase or decrease Your Capacity based on the current demand of traffic memory and computing power so this sounds a lot like high scalability but the key difference is that it's automatic and you can decrease the demand not just increase it so the way we would do that is that we would have a virtual machine or server and if we needed more servers we would add more servers and if we needed less servers we would remove servers or servers that are not being used and so this is going to be accomplished using horizontal scaling so when we say we're scaling out this means we're adding more servers of the same size when we're scaling in this means we're removing servers of the same size generally you're not going to use vertical scaling for a high elasticity this is because it's just extremely difficult to vertically scale for example if you have to increase your storage drive and then you decrease it you could potentially lose data so it's not a good idea or even feasible to do vertical scaling with high elasticity now how would you accomplish a list City on Azure well you'd use azure's VM scale set so scale sets automatically increase or decrease in the response to demand or based on a defined schedule and then we have SQL Server stretch database these dynamically stretch warm and cold transactional data from Microsoft SQL Server 2016 to a Microsoft Azure it's not something that we're going to cover but it's generally the same concept of what scale sets do so there you go that's high elasticity hey this is Andrew Brown from exam Pro and we're looking at the concept of being highly fault tolerant and this is the ability for your service to ensure there is no single point of failure preventing the chance of failure so when we looked at high availability we also said that there was no point of failure but when we really talk about that we're really talking about being highly fault tolerant because there's the word failure in the word and that is what being fault tolerant is so how do we prevent failure well we use the concept of failovers so failovers is when you have a plan to shift traffic to a redundant system in case a primary system fails and so I have a Graphic here that represents a primary database failing over to a secondary database so the idea is that we have a copy of our production database and we're going to call that a secondary system and every time something is written to our primary database it's going to be synced so it's going to be sent over to our secondary database so it's up to date with the latest database and then if the primary database happens to fail for whatever reason whether it's Hardware or otherwise it's going to detect that there's something wrong with the prime primary database and it's going to fail over to the secondary database and the secondary database is going to be promoted to being the primary Database The key thing to understand is that the secondary database is on standby it's not in actual use it's only in use when the failover occurs so what would you use in Azure to build out a highly fault tolerance system that's where Azure traffic manager comes into play so this works at the DNS level the idea here is that you can fail over from a primary system at the DNS level to a standby secondary system this is really great if you have Regional failures you could probably also use a load balancer but this is the case that I'm showing here so there you go hey this is Andrew Brown from exam Pro and we are looking at the concept of high durability so this is your ability to recover from a disaster and to prevent the loss of data so solutions that recover from a disaster is known as Disaster Recovery Dr you can think of durability as a measurement of how healthy and resilient your data is you want your data to be as safe and secure when you retrieve it as it was on the day you stored it so I'm just going to ask you a few questions to help you think about how to be highly durable so one question would be do you have a backup in place how fast can you restore your backup does your backup still work how do you ensure a current live data is not corrupt data loss can happen through human accident natural or man-made disaster or even malicious action out of your control whether you store data in your home office or with a cloud provider that data needs to be protected as much as possible for many event that could damage or destroy it you need to ensure that you have the questions listed to be answered with an appropriate solution to ensure high durability there are a variety of services to implement high durability so it's not just a single service so that is the concept of high durability and that is the full list of cloud architecture terminology this is Andrew Brown from exam Pro and so before we talk about Microsoft 365 let's talk about the evolution from Office 365 to Microsoft 365. so Office 365 was designed to bring together its existing online products to a continually up-to-date cloud service it combined the core productivity apps such as word excel PowerPoint Outlook Etc and the collaboration and communication tools such as exchange SharePoint and Skype for business Microsoft's Cloud productivity Services have expanded much beyond what most people think of his office in recent years resulting in Microsoft 365 therefore renaming Office 365 to Microsoft 365 reflects the extension of features and benefits beyond the core Office 365 products and services Microsoft 365 includes everything in Office 365 and more such as Windows teams and other cloud-based security and device management products and services it's designed to help people and businesses achieve more with Innovative apps intelligent cloud service is and world-class security Microsoft 365 is a subscription service that ensures you always have the most up-to-date modern productivity and collaboration tools you'll always have access to the most up-to-date features fixes and security upgrades as well as technical assistance if you already have an Office 365 subscription it automatically becomes a Microsoft 365 subscription and no action is needed from your end so that gives us a bit of background of how Microsoft 365 came to be hey this is Andrew Brown from exam Pro and we'll be talking about Windows 365. many of you are probably familiar with Windows Windows is a well-known operating system with the most recent versions being Windows 10 and 11. so what is Windows 365 Windows 365 isn't it operating system and it isn't installed on your computer in the same way that Windows is it's a subscription service for organizations that allows you to create and run PCS remotely Windows 365 is referred to as a cloud PC this is because it securely streams your personalized Windows desktop apps settings and content from the cloud to any device a cloud PC is a virtualized computer environment that allows you to stream your Windows Experience from Microsoft's Cloud to any device with a cloud pc windows evolves from a device-based operating system to hybrid personalized Computing so Windows 365 has the following capabilities it's simple to deploy and manage from a single console it uses a local profile that is stored directly on the cloud PC you can easily set up and scale Cloud PCS to fit your needs and securely support changing Workforce needs and new business scenarios it provides native integration across Azure active directory Microsoft Defender Microsoft 365 applications and Microsoft endpoint manager and it's also dedicated to a single user Windows 365 is available in two subscription offerings Windows 365 business which is made specifically for smaller organizations of up to 300 seats who want ready to use cloud PCS with simple management options Windows 365 Enterprises for larger organizations who want unlimited seats for creating Cloud PCS so that's windows 365. hey this is Andrew Brown from exam Pro and we're taking a look at the main part of the course Microsoft 365. so Microsoft 365 is a cloud-based subscription service that consists of an integrated portfolio of products like office apps teams Windows world-class security and more it helps solve today's challenges to productivity and secure work from anywhere it helps you be more productive from anywhere with the right tools you can enable your team to perform at their best with Cloud technology to improve team collaboration for many location Microsoft teams helps you connect with colleagues through chat voice and video it lets you create content with built-in office apps and use the power of artificial intelligence to improve work you can use integrated tools to simplify work and automate manual processes with Microsoft Viva you can build a culture that allows your people to achieve their best from anywhere and you can easily transition from computer to mobile devices with Innovative mobile apps enabling you to stay productive on the go so with Microsoft 365 you can secure your organization with reliable technology G it elevates and modernize your security manage risk and meet compliance standards on Microsoft's trusted Cloud it ensures only the right users have access with Azure active directory multi-factor authentication and biometric access like Windows hello with Microsoft endpoint manager you can deploy a seamless end-to-end management solution and gain Insight across all connected devices with Microsoft 365 Defender it protects your company against sophisticated cyber attacks and you can get real-time analysis of your current security posture with Microsoft secure score moving on to the cost Effectiveness and efficientness factors so you get one cost-effective solution with Microsoft 365 you consolidate into a single platform versus by numerous platforms for multiple capabilities you save out Automation and process improvements through workflows dashboards and AI it reduces your total cost of Risk by enhancing your security and compliance posture and 365 manages hardware and software more efficiently so it can focus on strategy it reduce hard cost us like real estate and travel through flexible work from anywhere you can also access Microsoft 365 through portal.office.com so that's the general overview of Microsoft 365. hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft 365 apps so Microsoft 365 apps is a suite of apps that help you stay connected and complete your tasks these apps consist of the office suite of applications such as word excel PowerPoint OneNote Outlook teams and more Microsoft 365 apps provides the benefits of the cloud giving you the flexibility to work from anywhere at any time on any device helping you be more productive so let's go over the three key features of Microsoft 365 apps Microsoft 365 apps allow you to work across multiple devices depending on your plan you can install Microsoft 365 apps on up to five PCS or Macs as well as five tablets iPad windows or Android the apps that you work with are always up to date you won't have to spend time installing updates or worrying about when new features will be introduced you and your co-workers will always be working with the latest up-to-date features Microsoft 365 apps lets you work intelligently through connected experiences it includes intelligent features also called connected experiences to help you get work done faster and create amazing content also in terms of subscriptions Microsoft 365 apps are available in both Microsoft 365 Apps for business and Microsoft 365 apps for Enterprise subscriptions so here we have a list of some of the applications included in Microsoft 365 apps we'll give a general overview of what they do and for some we'll cover in Greater detail later on in the course Microsoft teams can help you bring everyone together in one location to meet chat call and collaborate word can help you create impressive documents and improve your writing with built-in intelligent features like Microsoft editor and researcher Excel can help you simplify complex data and create easy to read spreadsheets and visualizations PowerPoint can help you easily produce polished presentations that stand out with intelligent features like presenter coach and PowerPoint designer Outlook allows you to keep track of your email calendar tasks and contacts all in one in place OneNote can help you keep track of your notes by organizing them into tabs and subsections resulting in a single digital notebook so that's the overview of Microsoft 365 apps hey this is Andrew Brown from exam Pro and we'll be going over the Work Management capabilities and tools in Microsoft 365. the first one we'll be talking about is Microsoft Project so Microsoft Project is a powerful project management tool designed for larger more complex work tasks project for the web is Microsoft's most recent offering for cloud-based work and project management it provides simple and Powerful Work Management capabilities to meet most needs and roles project managers and team members can utilize project for the web to plan and manage work that requires Dynamic scheduling subtests and or dependent tasks regardless of Team size you can take on tasks of various sizes from little projects to large initiatives so now let's go over some of the features of project so you can start a project quickly and assign tasks and schedules while keeping team members and managers on the same page project provides the smart scheduling engine which will automatically update the timeline saving you time and effort you can utilize the easy to use views such as grid views Camden style task boards and timeline Gantt charts you can integrate with Microsoft teams to improve collaboration across the project in power bi you can create attractive interactive dashboards to see every aspect of the project at a glance finally it's extensible with other platform apps and data because project is built on the Power Platform so that's Microsoft Project hey this is Andrew Brown from exam Pro and the next Work Management tool in Microsoft 365 we'll be talking about is Microsoft planner so Microsoft planner is a user-friendly collaborative task management tool for planning managing and completing task-based initiatives it provides a simple and visual way for teams to organize their work planner is a web-based application that can be accessed from anywhere and it also has a mobile version for IOS and Android so now let's go over some of the features of Microsoft planner so you can create a plan to give task-based teamwork structure and to organize the activities in your project you can assign and manage tasks on a canvan board using task cards and add those tasks to buckets task cards provide various information such as due dates status priority checklists labels and file attachments you can manage the notifications you receive to stay on top of deadlines Microsoft planner lets you keep track of your team's progress with colorful visual cues and built-in status reporting you can utilize visuals like the task board charts page page and scheduled view summarize the status of your entire plan and individual tasks you can also integrate with teams by adding a tasks by planner tab so that lets you assign tasks with admissions in Word Excel and PowerPoint and add your plans to your Outlook calendar so that's Microsoft planner hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft bookings so Microsoft bookings is a web-based appointment scheduling and management system with Microsoft bookings scheduling and managing appointments is made easier it includes a web-based booking calendar and integrates with Microsoft Outlook to optimize your staff's calendar and give your customers the flexibility to book a time that works best for them so now let's go over some of the features of Microsoft bookings so by using the web-based business facing page you can Define appointment types and details manage employee schedules set business hours services and pricing and customize how appointments are scheduled you can also allow extra time between appointments for any pre or post appointment tasks you can create a booking page where your customers and clients can make their own appointments and reschedule them you can also share the booking page with a direct link on your Facebook page or by embedding the link into your website Microsoft bookings provides automatic appointment notifications via email and SMS to ensure that customers receive proper confirmation stations and reminders you can view your appointments access customer lists and contact information and make manual bookings on the go with the business facing mobile app you can also integrate with Microsoft teams or Skype for business to support virtual appointments and bookings calendar management through the bookings app and teams so that's the list of features for Microsoft bookings hey this is Andrew Brown from exam Pro and we'll be talking about the last Work Management tool in Microsoft 365 on the list Microsoft Hadoop Microsoft to do is an intelligent task management app that makes it easy to plan and manage your day it provides a smarter more personal and intuitive way for people to stay organized and make the most out of their day to do is powered by Office 365 exchange online and can be integrated with Outlook and planner Microsoft to do is available on a variety of platforms including iOS Android windows and the web to do empowers you to complete the most important tasks you need to get done every day whether they are for work school or at home so now let's look at some of the features of Microsoft to do Microsoft to do provides a daily to-do list called my day that will help you focus and complete your most important tasks you can utilize Smart Suggestions to add tasks upcoming or overdue tasks you can get an overview of what you accomplished yesterday and tasks you didn't complete lists can be made for any occasion and shared with others to do lets you break down more complex tasks into subtests you can separate lists of tasks generated from flag dial book emails you can also schedule reminders and repeatable tasks and finally you can view your assigned tasks from planar into do so that's the list of features for Microsoft to do hey this is Andrew Brown from exam Pro and we'll be talking about business class email and calendar with Microsoft Exchange Microsoft Exchange online is a hosted messaging solution that delivers the capabilities of Microsoft Exchange Server as a cloud-based service it allows users to access email calendar contacts and tasks from PCS the web and mobile devices all in one place it integrates fully with all other Microsoft 365 workloads making Administration easy one thing you might be wondering is what's the difference between Microsoft Exchange online and Outlook well exchange is a mail server which means it's a dedicated Network Resource Management program whereas Outlook is an email client which means it's a software program installed on your desktop that is designed to send and receive emails so let's go over some of the features of Microsoft Exchange online Microsoft 365 syncs your emails calendars and contacts across all of your devices ensuring that you are always up to date no matter where you are you can create your own custom format add images and use your own domain name based on where you live you can create a public folder for shared access to provide an easy way to collect organize and share information with other people in your work group or organization you can share your calendar in exchange online to allow businesses to collaborate with other businesses and to let users share their schedules with others you can set up new users restore deleted accounts and create custom scripts and more exchange also is secure it has built an anti-spam and anti-malware protection customizable anti-spam and anti-malware policies and many more security features so that's the list of features for Microsoft Exchange online hey this is Andrew Brown from exam Pro and we're taking a look at how to create a Microsoft account so the first thing you want to do is to go to this link here called account.microsoft.com and this will take you to this page here and if you don't already have a Microsoft account you want to navigate to this button here and click on create account so this is the page where you create your Microsoft account here is where you'd enter in your email you want to register with let's go with this one example001 at gmail come and it'll ask you to create a password so let's enter that in here very quickly you'll have to enter in the country you're from as well as your date of birth so the usual things for registrations you'll get a verification code for the email you registered with and you'll have to confirm it to complete the process I have the email account already open so I can get the code here 8802 copy and paste the code into the verification you can choose to receive information tips and offers about Microsoft products and services if you're interested looks like we have to go through this puzzle to prove we're not a bot so we'll go through this very quickly okay great you've now created your Microsoft account so once you have your account created you can try Microsoft 365 for free or you can buy a subscription some of you may already have Microsoft 365 it could be provided by your company or other sources you can go to this link here called microsoft.com en-ca Microsoft Dash 365 slash Microsoft dash 365-business dash standard dash one dash month Dash trial to try Microsoft 365 for free for the purpose of the demonstration we'll sign up for the Microsoft 365 business standard trial for one month first we need to provide our email address so let's enter that in here example 001 at gmail.com then we need to set up our account so we need to provide our name surname business phone number company name company size Etc it should be fine if you don't have one or you may come up with something then we'll need to perform the verification code process again enter in the numbers you got from your phone number you can choose to create a new business email later or create a new business email with a Microsoft domain we'll need to create a new business email with a Microsoft domain let's go with Andrew Brown at example 001 dot on microsoft.com and enter in the password you want this is important because this will be how you'll sign in this is not your email like example zero zero when a gmail.com the next part is the payment process so we'll need to enter in the information required you won't be charged at all if you cancel before one month after this process you'll need to log in with the new business email we created earlier so Andrew Brown an example zero zero one dot on microsoft.com enter in the password so now we're currently at the Microsoft 365 admin Center you can install the latest office apps here such as word excel PowerPoint Outlook teams OneDrive and so much more Microsoft 365 has a ton of services and apps that'll improve your productivity and collaboration within your organization it has many analytical capabilities and its security is world class we'll be covering all these services and features in Greater detail throughout the entire course foreign hey this is Andrew Brown from exam Pro and we're taking a look at how to create a new Microsoft 365 user from within the Microsoft 365 admin Center the first thing you want to do is to open your web browser and navigate to admin.microsoft.com and log in by using your administrator credentials on the left hand navigation menu click on users then active users this will provide the list of available users on the main screen to add a single user click on the add a user button on the top of the page underneath the active users label on the setup the basics page fill in the first name last name display name username and domain for the new user also decide which check boxes to check and more specifically choose the following the first one is automatically create a password check this option if you need the Microsoft 365 admin Center to automatically allocate a new temporary password to the new user the next one is require this user to change their password when they first sign in This is highly recommended as you would normally expect that the user changed the temporary password which you initially sent to a strong password word only they will know the last one is send password and email upon completion combined with the previous checkbox this is the most secure option since you would not have to share the temporary password over any other non-secure means enter the email address to which the new password will be set in the generated text box after having filled in all required information click on next to continue on the assign product licenses page select the user location and choose whether a Microsoft 365 license will be assigned to the user by ticking the appropriate checkbox or if the user will be created without a product license we'll be providing the user with a Microsoft 365 business standard license there's also an app section where you can select specific applications that you want the user to have access to for the Microsoft 365 business standard license there's roughly 29 available once you're satisfied with the settings click on next to continue on the optional settings page you can choose whether the new user will have any additional Microsoft 365 roles such as exchange administrator Global administrator or global Global reader for this example we won't Grant the user admin access click next to continue this will lead you to the review and finish page fill in any additional user profile information if you wish to review all user information and click finish adding your new user should now appear in the Microsoft 365 admin Center active users home page hey this is Andrew Brown from exam Pro and we're taking a look at how to access all the Microsoft 365 online apps we won't be providing an overview of the functionality offered by each app because the course will provide a detailed overview of all the important ones for the exam the easiest way to navigate to your Microsoft 365 online apps is to go to the urlcultoffice.com and sign in with your credentials then on the top left corner click on the dotted Square icon and click on all apps this should provide the list of Microsoft 365 apps you have available according to your license in this case these are the apps available for the Microsoft 365 business standard license alternatively you can view the apps in a larger perspective by clicking on the explore apps button or going to the URL calledoffice.com apps you can see apps here such as bookings calendar Excel OneDrive Outlook planner and many more that will meet your business needs add-ins can be accessed as well by clicking on the top right button here at insert Microsoft 365 certified apps which are listed in the Microsoft appsource portal available at appsource.microsoft.com the add-ins integrate with Microsoft 365 apps to extend the native functionality with more granular and specialized features so that's how you can access all the M365 online apps hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft teams and its core components and the value it provides when it comes to collaboration workloads so Microsoft teams is your organization's core Center for collaboration with a chat based workplace to help everyone work more productively it's an app for people and teens to come together stay connected and get things done across work home school and on the go so the first component of Microsoft teams we are going to talk about are the teams and channels so teams are a collection of people content and tools surrounding different projects and outcomes within an organization it's designed to bring together a group of people who work closely to get things done teams can be public and open to anyone within the organization also a team has a limit of up to 10 000 simultaneous members channels are dedicated sections within a team to keep conversations organized by specific topics projects disciplines or whatever works for your team it's a place where users can discuss and get Hands-On with work there are three types of channels the first type of Channel or standard channels this can be open to all team members next we have private channels which are for selected team members the last type of channel are shared channels this can select people both inside and outside the team so the next component of Microsoft teams we'll be talking about is the chat and instant messaging so chat and instant messaging lets you work together without cluttering up your email and keeping it clear for important messages some of the advantages of using chat and instant messaging include it keeps the people informed by chatting what unwinder in groups it encourages open debate by asking questions and encouraging open discussion you can start a call or share screens to get things done faster the messages are sent in real time but it doesn't disturb your co-workers work you can use your mobile device to chat to stay in touch no matter where you are teams can be used to share useful files and store everything in one place you can host audio video and web conferences and chat with colleagues from within and outside your company so another component of Microsoft teams is called Microsoft teams phone Microsoft team's phone is a secure integrated calling service that combines traditional and modern features it can be used on your computer tablet mobile device or desk phone to stay connected with voice and video calling teams phone has updated Cloud calling features like voicemail transcription and group call pickup to elevate your experience beyond that of traditional calls with teams phone you can seamlessly transition calls from your home Wi-Fi to your cellular service while on the go and then back to your office Wi-Fi once you arrive you can also start a call from chat contact card Outlook or the calls app to save time and reduce costs so that's Microsoft teams phone and that gives us an overview of the core components of Microsoft teams and the value it provides in collaboration workloads hey this is Andrew Brown from exam Pro and we'll be going over some of the collaborative apps we can use to extend teams so a collaborative app is a solution integrated or built into teams that enables employees to work better together using the tools they already know apps for teams can be simple or complex depending on your needs it could be as simple as sending notifications to channels or users or as complex as multi-service apps incorporating conversational Bots you could Implement natural language processing or even embedded web experiences some of the ways that you can extend teams using collaborative apps are how are bi and teams can help your organization to collaborate with data to achieve better outcomes power apps can help you build apps to add directly into teams by creating a tab power automate can help you automate tasks and processes all within teens Dynamics 365 and teams integration can provide high level details of your customers ensuring that you have useful contacts that are prepared for customer interactions Tower virtual agents allows you to create chat Bots that can be integrated into teens you could also integrate with with third-party partners and services for more capabilities within teams like servicenow or Salesforce so those are some of the ways you can use collaborative apps to extend teams hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft Power Platform so Microsoft Power Platform is a line of business intelligence app development and app connectivity software applications Microsoft Power Platform is composed of four key products power apps power automate power bi which stands for business intelligence and powered virtual agents and we'll be talking about these four products in a bit more detail in the next couple slides before we talk about the four key products of Power Platform we want to talk about the cross-cutting features which enable Microsoft Power Platform to be leveraged to its full potential some of these are AI Builder which lets users and developers add AI capabilities to the workflows and power apps they create in use it adds intelligence to your workflows and apps and predict outcomes to help improve business performance without writing code Microsoft dataverse is a scalable data service and app platform which lets users securely store and manage data from multiple sources and integrate that data in business applications using a common data model to ensure days and consistency to users connectors enable you to connect apps data and devices in the cloud there are more than 600 connectors for Microsoft Power Platform enabling all your data and actions to connect cohesively so let's start talking about the key products of Power Platform starting with power apps powerapps provides a rapid low code development environment for building custom apps for business needs it has Services connectors and a scalable data service and app platform to allow simple integration and interaction with existing data some of the features of power apps include enabling the creation of web and mobile applications that run on all devices it has an easy user experience for app development with a simple interface so that every business user or Pro developer can build custom apps it provides over 200 connectors to integrate data and systems it enhances productivity with pre-built AI scenarios powerapps provides private and secure submission of information so that's powerapps the next product we'll be talking about is power automate power automate lets users create automated workflows between applications and services it helps automate repetitive business processes such as communication data Collections and decision approvals the following is a list of power automate features Tower automate allows for the creation of Enterprise grade process automation it provides a simple interface allowing every level of user to automate work tasks from beginners to season developers it provides hundreds of pre-built connectors power automate provides AI Builder it can predict outcomes to improve performance so that's power automate the next product is power bi which is a business analytics service that delivers insights for analyzing data it can share those insights through data visualizations which make up reports and dashboards to enable fast informed decisions some of the power bi features include it can scale across an organization and has built-in governance and security allowing businesses to focus on using data more than managing it it takes company data and lets you to display it in the most user-friendly way possible power bi offers a wide range of detailed and attractive visualizations as you can see on the image on the right it can access vast volumes of data from multiple sources it helps to gather analyze publish and share Excel business data power bi also enables you to perform real-time stream analytics so that's power bi finally the last product we'll be talking about is power virtual agents power virtual agents enables anyone to create powerful chat Bots using a guided no code graphical interface without the need for data scientists or developers it minimizes the it effort required to deploy and maintain a custom Solution by empowering subject matter experts to build and maintain their own conversational Solutions some of the power virtual agents features include users can enable chat Bots to perform in action by simply calling a power automate flow close help users automate activities or call back-end systems reduce costs by easily automating common inquiries and freeing human agent time to deal with more complex issues users can utilize existing flows that have been created in their powerapps environment improve customer satisfaction by allowing customers to sell help and resolve issues quickly 24 7 using Rich personalized bot conversations so that's the overview of Power Platform and its key products hey this is Andrew Brown from exam Pro and we'll be talking about what Yammer is and how Yammer helps communities connect and grow Yammer is a secure Enterprise social network internal to an organization the Amber connects and engages leaders and co-workers from any location to share ideas co-create culture coordinate on strategy and innovate it was designed to help you connect with people across your organization who you might not work with directly Yammer helps facilitate Community collaboration and idea sharing for your organization you can access yabra through your browser or install it on your desktop or mobile device the average supports both internal and external networks to help users communicate and collaborate an internal network is restricted to users inside the organization whereas an external network is open to users outside the organization's domain users and external networks must be invited so now we'll be going over some of the details on how Yammer helps connect leaders and employees to build communities share knowledge and engage everyone Yammer helps facilitate leader engagement it helps align people toward a shared vision and objectives to drive organizational change and it Fosters two-way dialogue between employees and Leaders with a leadership Community he ever modernizes employee communication it helps keep everyone informed and engaged across web and mobile and it shares news and announcements that reach users as interactive discussions in Microsoft teams and Outlook the Aver helps engage your employees to ensure that every voice within the organization is heard and it provides communities for employees to connect share and build relationships he ever encourages knowledge sharing so you can share knowledge best practices ideas and feedback across the organization you can also use questions and answers to gain Solutions highlight the best answers and up the replies finally the Amber Powers communities in Microsoft 365 you can engage in fully interactive discussions without leaving your Outlook inbox and bring the power of communities to SharePoint with the Yammer conversations web part so that's the general overview of Yammer and how it can be used to help communities connect and grow hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft Viva and its core employee experience capabilities so Microsoft Viva is an employee experience platform that empowers people and teens to be their best from anywhere Viva brings together Communications insights Knowledge Learning and resources within the flow of everyday work and collaboration it's experience through Microsoft teams and other Microsoft 365 apps that people use every day there are four different modules for viva viva connections which is used to stay engaged and informed Viva insights which helps balance productivity and well-being Viva topics which is used to connect to knowledge and experts and finally Viva learning which helps make learning a natural part of your day so we'll now be exploring each module in Greater detail starting with Viva connections so Viva connections was created to keep everyone in the workforce connected to each other and you might be wondering well we have so many tools for employee Communications and engagement in Microsoft 365 like SharePoint Yammer to teams and stream why would we need another one well what makes Viva connections unique is that it combines all of these capabilities into a company branded app it's a hub for personalized news Communications tasks people and resources for employees leaders can communicate and engage their employees while employees can access all of the tools and resources they require in one location so Viva connections provides additional functionality through three main components which are listed below first we have the dashboard the dashboard is your employees digital tool set it brings together the tools and resources your employees need enabling quick and easy access whether they are in the office or in the field next is the feed the feed delivers updates to the right people at the right time with powerful targeting and scheduling capabilities and then we have resources the resources experience enables a way to navigate across platforms so that's Viva connections the next module we'll be talking about is Viva insights so Viva insights provides privacy protected insights and actionable recommendations that help everyone in the organization station work smarter and Achieve balance it uses quantitative and qualitative data to empower individuals managers and leaders to improve organizational productivity and well-being so Viva insights categorizes their analytical insights based on personal insights manager insights and organizational insights the first one we'll talk about is personal insights as we mentioned before individuals can gain valuable insights to improve work patterns through actionable recommendations from the personalized Viva insights app in teams for example prepare for the day with a briefing email protect time for Focus work and mindfully disconnect after hours so we'll go over some of the benefits it provides personal well-being through this experience you could access this home page to tap into moments of self-reflection gratitude and breathing breaks stay connected this experience intelligently surfaces prior Communications that might require follow-up AI based task suggestions and meeting assistance make it seamless to schedule one one second to catch up with important people in your network protect time this experience audience makes it easy to schedule focused time to work uninterrupted during the day before it fills up with meetings Daily Briefing the daily briefing email from viva automatically appears in your inbox near the start of the day the email provides recommendations of documents for you to review prior to the day's meetings effective meetings meeting organizers will be able to view personalized insights and suggestions to help improve their meeting habits and feedback for their meetings so the next analytical Insider manager insights manager insights can help you build a healthy and effective team managers can easily understand current team norms and take action to achieve positive change with the Viva insights tool in teams let's look at the three key features under the my team tab for managers first we have nudges you can use intelligent nudges or reminders help you stay connected with your team it helps you keep up with managerial demands like scheduling one one second in responding to requests and emails and document mentions recognize strengths and accomplishments through send praise to increase engagement in morale next are the reflective insights these are insights that can help help influence your team culture this can help identify personal work patterns and behaviors that may be impacting team stress and feelings of burnout in Outlook you can gain insights through the briefing and digest emails lastly we have action plans this is where we can create action plans to help develop positive team standards hit prioritize team well-being by promoting healthy norms and boundaries like setting shared recurring no meeting days or quiet hours for focused and uninterrupted work next we have Viva insights organizational insights so Viva insights provide organizational views to senior Business Leaders CEOs business unit leaders and other department heads these experiences show leaders in aggregated view of work and collaboration patterns across their organizations let's look at how the visual insights in the my organization tab can benefit your company organizational resilience it helps enable work-life balance Provide one-to-one support connect across boundaries and cohesion within teams Employee Engagement it can promote coaching and development protect employee capacity Drive of employee empowerment and cohesion within teams improve agility it helps organize better meetings and connect across boundaries effective managers this lets us optimize manager meetings protect manager capacity promote coaching and development Empower employees and Foster connectivity operational effectiveness this can free up capacity improve meeting quality keep employees engaged and protect time to get work done transform meeting culture this helps us optimize Meeting hours examine recurring meetings and promote healthy meeting habits so that's the overview of Viva insights and its analytical capabilities the third module we'll be talking about is Viva topics Viva topics focuses on knowledge and expertise it uses artificial intelligence to identify knowledge and experts and then organizes them into shared topics Viva topics helps many businesses in addressing a critical business issue which is providing information to users when they need it for example new employee hires need to learn much new information quickly at encounter terms they know nothing about when reading through company information in Viva topics brings knowledge to your users in the Microsoft 365 apps they use every day so AI automatically creates a topic page for each topic the topic page gives you more details including definitions relevant people and resources from across Microsoft 365 and external sources like servicenow these topic pages are surfaced as topic cards write in apps like office SharePoint and Microsoft teams the topics are displayed to users through topics highlighted on SharePoint Pages topic answers and search results search and office applications topic Center home page so that's the overview of Viva topics the last module we'll be talking about is Viva learning Viva learning is a centralized Learning Hub in Microsoft teams that allows you to easily integrate learning and building skills into your day in Viva learning your team can discover share recommend and learn from content libraries provided by both your company and partners Viva learning Aggregates content from LinkedIn learning Microsoft learn third-party training content and internal content of your own all in one place so while providing AI aggregation and recommendations it also allows managers to assign track and report on training within and across multiple teams there are three main views in the Viva learning app tone which lets you discover new content trending content and browse learning content libraries by alerting which allows you to access your recommendations and assignments as well as bookmarked recently viewed and completed courses and manage which helps you track the progress of recommendations that you made so that's Viva learning and I know that was quite a bit to take in but we've now covered all of Microsoft viva's four modules hey this is Andrew Brown from exam Pro and we'll be talking about SharePoint and how it helps promote collaboration so SharePoint is a cloud-based service that allows companies to share and manage content knowledge and applications in order to improve teamwork you can find information quickly and seamlessly collaborate both inside and outside the company it's a rich collaboration tool for building websites publishing content and storing files some of the features that SharePoint include are building sites and Pages document libraries and lists sharing important visuals news and updates with a team or more broadly you can search and discover sites files people and news from across their organization SharePoint helps manage their business processes with flows forms and lists you can sync and store their files in the cloud so anyone can securely work with them you can catch up on News on the go with the SharePoint mobile app SharePoint also provides three main types of sites team sites or collaboration sites to connect you and your team to share content and resources communication sites are designed to Broad cast information to other teams or to an entire organization Hub sites are used to organize families of Team sites and communication sites together so that's SharePoint and all the features it provides to help promote collaboration hey this is Andrew Brown from exam Pro and we'll be talking about OneDrive and its collaboration features so OneDrive is a Microsoft 365 service that allows users to access share and collaborate files from anywhere OneDrive allows users to View files in a browser share and search content and sync that content so they can access it offline you can work with others inside or outside your organization and terminate sharing whenever you want OneDrive also empowers your organization to control secure and retain that content when necessary so let's go over some of the key features of OneDrive that help promote collaboration users can easily store access and discover individual and shared work files in Microsoft 365 including Microsoft teams from any device OneDrive provides seamless collaboration with files it helps users work faster and smarter with people inside or outside your organization users can create view edit and share files on the go with the OneDrive mobile app OneDrive provides Enterprise grade security and protection for files enabling you to meet some of the strictest compliance requirements out there you can also easily recover files from accidental deletions or malicious attacks so that's one drive and the key features to promote collaboration hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft stream on SharePoint so Microsoft stream is an Enterprise video service where people in your organization can upload View and share videos securely you can share recordings of classes meetings presentations training sessions or other videos that help your team's collaboration so the new version of stream Builds on sharepoint's Rich content management features and uses Microsoft graphs intelligence to enhance videos across Microsoft 365. the earlier version is known as Microsoft stream classic SharePoint Powers file experiences for Microsoft teams OneDrive Yammer and Outlook it provides intelligent video experiences powered by stream across this week it also provides management of video that leverages the power of SharePoint content services for permission sharing compliance governance and customizable portal experiences so that's the general overview of Microsoft stream and how it can be helpful to your team's collaboration thank you hey this is Andrew Brown from exam Pro and we'll be talking about Microsoft endpoint manager also known as mem so your organization probably has Android and iOS mobile phones Windows and Mac OS PCS and custom devices that your employees or users bring to work but how can we configure or support all these types of devices especially with your organization well Microsoft 365 provides the tools and services you need to manage all of these devices through Microsoft endpoint manager Microsoft endpoint manager is a secure and intelligent management solution that improves productivity and collaboration with the familiar experiences users expect it provides it with the flexibility to support diverse scenarios for both bring your own device and corporate owned devices and point manager also helps you solve the challenge of device management in today's mobile and remote work environment so Microsoft and point manager includes the following service and capabilities Microsoft InTune InTune is a 100 cloud-based mobile device management and mobile application management provider for your apps and devices configuration manager configuration manager is an on-premises management solution to manage desktops servers and laptops that are on your network or internet-based tow management toe management combines your existing on-premises configuration manager investment with the cloud using InTune and other Microsoft 365 cloud services desktop analytics desktop analytics is a cloud-based service that integrates with configuration manager Windows autopilot Windows autopilot sets up and pre-configures new devices getting them ready for use Azure ID which stands for Azure active directory Azure ID is used by endpoint manager for identity of devices users groups and multi-factor authentication and point manager admin Center this admin Center is a One-Stop website to create policies and manage your devices these services are part of the Microsoft 365 stack to help secure access protect data and manage risk so that's the overview of Microsoft endpoint manager hey this is Andrew Brown from exam Pro and we'll be talking about Azure virtual desktop also known as avd so Azure virtual desktop on Microsoft Azure is a modern and secure desktop and app virtualization service that runs on the cloud Azure virtual desktop works across devices like Windows Mac iOS Android and Linux with apps that you can use to access remote desktops and apps you can use most modern browsers to access Azure virtual desktop hosted experiences Azure virtual desktop is optimized for flexibility with flexible consumption-based pricing an example of when Azure virtual desktop might be used is when security is a concern because all the data is saved on the server and cannot be left on the device of a user so Azure virtual desktop has the following capabilities you can set up a multi-session Windows client deployment that delivers a full windows experience with scalability there's seamless integration with Microsoft 365 apps for Enterprise and Microsoft teens it provides reduced costs by using eligible windows or Microsoft 365 live instances to access Windows Virtual desktop and pay only for what you use Azure virtual desktop helps keep your team running during outages by leveraging built-in Azure site recovery and Azure backup Technologies it manages the virtual desktop infrastructure for you so you can focus on users apps and Os images instead of hardware and maintenance it also uses FS logic's profile container technology so that's Azure virtual desktop and the key capabilities it provides hey this is Andrew Brown from exam Pro and we'll be talking about the deployment and release models for Windows as a service also known as Ys so Windows client is a comprehensive desktop operating system that allows you to work efficiently and securely whereas Windows as a Services Microsoft strategy of deploying updating and servicing the Windows operating system the windows as a service model is designed to make life simpler for both users and it professionals Microsoft Now updates windows on a regular basis rather than launching a new version every three to five years as it has done with previous versions of the operating system with Windows client there are two release types feature updates and quality updates feature updates are scheduled typically twice a year in March and September they include new functionalities for the operating system quality updates or monthly cumulative updates they contain security patches and other changes to make the operating system more reliable next we'll be talking about servicing channels so servicing channels are the first way to separate users into deployment groups for feature in quality updates there are three servicing channels each Channel each provides different levels of flexibility for when these updates are delivered to client computers the first servicing channel is the windows Insider program which allows businesses to test and provide feedback on features that will be released in the next feature update these features will be delivered as soon as possible during the development cycle through a process called flighting the general availability Channel provides new functionality with feature update releases annually this model is ideal for pilot deployments testing of feature updates and users such as developers who need to work with the latest features the last servicing channel is the long-term servicing Channel which is designed for specialist devices that don't run office apps like medical equipment or ATMs this channel receives new features every two or three years so that's the servicing channels now we'll be talking about the deployment rings so deployment rings are a deployment method used to separate devices into a deployment timeline they are changes that are rolled out in phases to specific groups of users or computers panty risks or development difficulties associated with Windows updates are reduced by this gradual controlled and tested deployment each ring represents a group of users or devices that receive a particular update together so a common ring structure uses three deployment groups preview is for Planning and Development the purpose of the preview ring is to evaluate the new features of the update limited is for pilot and validation the purpose of the limited ring is to validate the update on representative devices across the network broad is for wide deployment once the device is in the limited ring have had a sufficient stabilization period it's time for broad deployment across the network so that's Windows as a service and all the deployment and release models that it has load and deploy Microsoft 365 apps to your client computers so this method uses the ODT to manage your deployment and the office customization tool to create a cloud-based configuration file that specifies the Microsoft 365 apps that are installed the next method is to deploy from a local source with the office deployment tool with this method you may manage your deployment with the ODT and download and deploy office from a local Source on your network the last method is to self-install from the cloud which is probably the easiest one to perform you manage your deployment from the office portal and have your users install office on their client devices directly from the portal so those are the four different methods to deploy Microsoft 365 apps one of the benefits of Microsoft 365 apps is that Microsoft provides new and updated features for office apps regularly Microsoft provides you with something called update channels these allow you to manage how frequently new feature updates are sent to your company here are the three primary update channels for Microsoft 365 apps the first one is current Channel which receives feature updates at least once a month but there's no exact set schedule update this channel also receives security and non-security updates around two or three times a month Microsoft recommends this channel because it provides users with the newest office features as soon as they're ready the next update channel is monthly Enterprise Channel which receives feature updates once a month this monthly update can include feature security and non-security Updates this provides users with new office features once a month on a predictable release schedule and then we have semi-annual Enterprise Channel which receives feature updates every six months this update can include feature security and non-security Updates this is only for select devices in your company that need extensive testing before rolling out new office features Microsoft also provides each update Channel with two other types of updates that are released on the second Tuesday of every month there are security updates such as updates that help keep office protected from potential malicious attacks and non-security updates also known as quality updates are updates that provide stability or performance improvements for office so that's the Microsoft 365 apps update channels types hey this is Andrew Brown from exam Pro and we're taking a look at how to deploy Office 365 using the office customization tool the first thing you want to do is to go to Google and search for office deployment tool and you want to go to the link where it says office deployment tool Microsoft 365 It's usually the first one that shows up and click on it once you click on it it'll take you to the Microsoft 365 office deployment tool page where you can download the office deployment tool so you want to click on download and you can save this to any folder you prefer but for this demonstration I'll place it on the desktop okay the next thing you want to do is to go to the URL called config.office.com so you can access the office customization tool alternatively you can also access this through your Microsoft 365 admin Center in your all admin Center Page and by navigating to office configuration once you are at the office configuration page you'll want to click on go to office customization tool the next step is to click on create this is where you can customize how you want to deploy your office 365. for architecture you can choose 32-bit or 64-bit depending on your system settings for this example we'll select 64-bit for the type of office suite we have a lot of options such as Microsoft 365 apps for Enterprise Microsoft 365 apps for Business Office ltsc Professional Plus 2021 and many more for this example we'll select the Microsoft 365 Apps for business we're not interested in Vizio so we'll select none for this we're not interested in Project products we'll select none for this and we don't need any additional products for the type of update Channel we'll go with current Channel because it's recommended and it provides users with the newest office features as soon as they are ready we'll select latest for the type of version for the app sections you can select which apps you want to include or exclude we can leave this as the default selections for the languages we'll select English for the primary language we won't be needed any additional language tools or packages for the installation options we can choose from Office content delivery Network local Source or Microsoft endpoint configuration manger we can leave this as office content delivery Network in the default settings for the update and upgrade options we can also leave these as the default settings for the licensing and activation section we won't need to make any changes here in the general section it's okay to leave this blank it's not mandatory to provide your organization name and description unless your company requests it for the application preferences we don't really need to select anything here either so you can scroll down and click on finish we'll give this configuration file a simple name called configuration after reviewing all of the configuration settings you can click on download you'll need to specify the format you want as the user's default you can keep the current settings choose office open XML formats or Open document format for this example we'll select keep current settings click ok then click on download again save the XML document on the folder you prefer or the same folder where you downloaded the office deployment tool earlier so now on our desktop we have two files the office deployment tool and the configuration XML file we will need to create a new folder called Microsoft apps for business or you can name it office for short but you'll need to remember this name for the next steps we'll cut and paste the office deployment tool and the office configuration file in the Microsoft apps for business folder we created double-click on the office configuration tool file and select the box and click continue select the folder Microsoft apps for business and click OK this will extract all the files to install Microsoft apps for business into the folder the next step is to move the Microsoft apps for business folder into the local C drive then you'll need to open up command prompt as administrator you'll need to run a few simple commands to complete this process some of you should be familiar with these enter in c d c colon backslash Microsoft apps for business or the name of the folder you created this changes directory to the Microsoft apps for business folder then you run setup dot exe slash configure configuration.xml and this should install office or Microsoft apps for business based on your configuration file you created this can take a while so you'll need to wait for it to complete downloading and installing after this is done you have successfully installed office on your computer hey this is Andrew Brown from exam Pro and we'll be taking a look at the analytics capabilities of Microsoft workplace analytics so Microsoft workplace analytics provides Rich actionable insights into your organization's communication and collaboration Trends to help you make more effective business decisions it creates analysis about how your organization spends its time the Waze people Network and the effectiveness of team collaboration just a quick note as of recording this video workplace analytics is becoming or is already part of Microsoft Viva so let's look at some of the main features of workplace analytics with the workplace analytics features you can see business outcomes in their related research-based behavioral insights that show how things get done in your company use the explore the stats explore in power bi and plans options for more in-depth analysis specific to your organization's data use the templates and queries in the query designer to jump start your analysis and customize them for a more focused or in-depth analysis analyze a specific business process with the business process analysis feature compare tricks between groups with the peer analysis feature and you can select targeted change plans to improve focus collaboration well-being and sales success so that's workplace Analytics hey this is Andrew Brown from exam Pro and we'll be talking about the analytical capabilities of my analytics so my analytics is an application designed to help employees and their managers gain insight into how workers spend their time with the goal of optimizing tasks and making them more efficient the application can track data such as time spent in meetings Outlook emails productivity and time spent working late my analytics is also part of Microsoft Viva so Microsoft organizes these tasks into categories such as Meeting hours email hours Focus hours after hours work who is in a user's Network and a basic time overview the time overview can be used to provide a quick overview of how a user is spending their time the network section focuses on analyzing who a user collaborates with meetings will allow users to see their time spent in meetings and how they manage that time email will show users how much time they spend emailing others Focus hours are time spent working outside of meetings minimum at least two hours of time outside of meetings and after hours is Microsoft's way of stating how much time a user spends working after their official work day also my analytics and insights by my analytics service plans are included with the Microsoft 365 E5 plan so that's my analytics and its key analytical features hey this is Andrew Brown from exam Pro and we'll be talking about the capabilities of the Microsoft 365 admin Center in Microsoft 365 user portal so the definition of Microsoft 365 admin Center is very clear it's designed for its professionals and administrators to manage the organization's Microsoft 365 subscription the admin Center allows you to perform a variety of tasks including managing users checking reports and much more the following list describes some of the main tasks that are done in the admin Center manage users by adding deleting or restoring users manage licenses by adding and removing license manage a Microsoft 365 Group by creating a group deleting a group and editing the name or description manage billing view or create service requests manage global settings for apps view activity reports and view service health so that's the general overview of the Microsoft 365 admin Center next let's talk about the Microsoft 365 user portal so the Microsoft 365 user portal is designed for users to access their email calendar and documents through Microsoft 365 apps like office teams Outlook and more users can sign in with their email account and password through www.office.com only the apps for which the user has a license will be shown the portal allows you to quickly and easily View and edit files that are saved in OneDrive now let's talk about the reports in the Microsoft 365 admin Center so the Microsoft 365 admin Center has reports that can help gather Insight security and how employees are utilizing Microsoft 365 products and services to access these types of reports you must have administrator permissions to access the admin Center go to admin.microsoft.com and sign in with your admin account the following list describes the two types of reports available in the admin Center first we have the productivity score this type of report measures the work done in your company to the work done in similar companies it provides metrics and insights and recommended actions you can take to help your organization use Microsoft 365 products and services efficiently then we have usage you can view these reports to understand how people in your organization are using the products and services you can go further into each product report to get more detailed insights about the activities within each product so here we have an image of the Microsoft 365 admin Center at the reports section displaying the productivity score here we can see the organization score which is currently at one percent or three out of 400 points it provides a summary for section of the people's experiences and categories such as Communication in meetings it will also provide suggestions to improve in these areas and so on next we'll be talking about reports and other admin centers so the Microsoft 365 admin Center also gives you access to other admin centers for specific products and services such as exchange teams and more the following list describes some of the other admin centers and the reports available first we have Azure active directory the reports available here provide a comprehensive view of activity in your environment then we have employ manager Microsoft InTune reporting allows you to proactively monitor the health and activity of endpoints across your organization next we have exchange view reports of email flow within your organization and mailbox migration batches created for your organization there's security and compliance view reports about security Trends and track the protection of your identities data devices apps and infrastructure then we have SharePoint the reports available are about data access governance and help you maintain the security and compliance of your data in SharePoint and we also have teams user activity and device usage reports are available so you can gain insights into the Microsoft teams activity in your organization so here we have an image of the Microsoft 365 admin Center at the all admin centers section as we mentioned before we can see that there's a variety of admin centers listed such as Azure active directory Azure TP compliance and point manager exchange and so on they also provide a brief description on what you can configure and manage so that's Microsoft 365 admin Center and the different types of reports it provides hey this is Andrew Brown from exam Pro and we're taking a look at how to access all the Microsoft 365 admin centers we'll also provide a brief overview of the functionality available in each admin Center Microsoft 365 provides the following admin centers we have the Microsoft 365 main admin Center the main admin Center allows you to manage most aspects of Microsoft 365 Administration including users teams and groups roles resources billing support settings reports and health monitoring the main admin Center can be reached at admin.microsoft.com let's navigate to the all admin centers page to view the full list of admin centers first we have Azure active directory Azure active directory allows you to control identity and access management in Microsoft 365. you can enable multi-factor authentication self-service password reset and edit company branding among other available functions the Azure active directory admin Center can be reached at a ddotportal azure.com next we have the Microsoft you compliance portal which covers an important part in the exam you can use the Microsoft purview compliance portal to meet your compliance and privacy goals you will find Integrated Solutions which assist you in protecting sensitive information manage data life cycles reduce Insider risks Safeguard personal data among other features the Microsoft purview admin Center can be reached at compliance.microsoft.com next we have exchange online The Exchange online admin portal allows us MTP administrators to manage Advanced email settings such as quarantine encryption and mail flow rules among other available features The Exchange online admin Center can be reached at admin.exchange.microsoft.com next we have office configuration this admin Center allows you to manage configure and monitor deployment of Microsoft 365 apps for your organization the office configuration portal allows you to graphically create Office 365 app configuration files XML to be used as input in the office deployment tool which can automate Office 365 deployments and upgrades the office configuration admin Center can be reached at config.office.com we have power apps you can use the Power Platform admin Center to manage activity licenses and policies for user generated power apps which can connect to your data and work across web and mobile power automate manage the automation of repetitive and time-consuming tasks in the Power Platform admin Center where you can set up connections to web services files or cloud-based data and put them to work both the powerapps and power automate admin Center can be reached at admin.powerplatform dot microsoft.com next we have search and intelligence manage Microsoft search settings including services and content that are available for people in your organization make finding internal tools documents and people just as easy as searching the web and Bing let's take a look at security so the security portal is now renamed to Microsoft 365 Defender admin Center use the Microsoft 365 Defender admin Center for visibility into threats to your network and your security posture respond to incidents proactively hunt for threats track your assets and deploy policies to secure your identities devices Office 365 workspaces apps among other features the Microsoft 365 Defender admin Center can be reached at security.microsoft.com next we have SharePoint online the SharePoint online admin Center allows you to manage sites sharing policies storage and all other available features of SharePoint online in OneDrive for business you could also use this admin Center to streamline your data migration to SharePoint online sites in OneDrive for business the SharePoint online admin Center can be reached a tenant name Dash admin dot sharepoint.com next we have stream use the Microsoft stream admin Center to manage video upload settings and organize your corporate video portal the stream admin Center can be reached at web.microsoftstream.com admin we have teams you can use the Microsoft team James admin Center to configure presence messaging conferencing and external communication options for your users as well as any kind of Microsoft teams policy which can be applied to your organization and to your teams and groups the team's admin Center can be reached at admin.teams.microsoft.com finally we have Yammer this admin Center allows you to manage your Yammer social network set a usage policy control external network settings and enable features like translation the Yammer admin Center can be reached at yaber.com tenantbusinessname slash admin there are more admin centers in total but these are the ones available for the specific Microsoft 365 business standard license hey this is Andrew Brown from exam Pro and we'll begin covering the security concepts of Microsoft 365 starting with the zero trust methodologies or the zero trust model in particular this is super important because it really lays the foundation of the way we should be thinking about all the security that we're going to be doing within Microsoft 365 Azure or in any cloud service provider because the zero trust model is really what is being adopted today and we'll talk about why that is so the zero trust model operates on the principles of trust no one and verify everything so nowadays you can potentially encounter malicious actors and they're able to bypass conventional access controls this demonstrates that traditional security measures are no longer sufficient we need to come up with a new way to protect ourselves and so that's where Microsoft has come up with their version of a zero trust model called the Microsoft zero trust model and this is based on three principles and six foundational pillars so in the three principles we have verify explicitly least privileged access and assume breach for the six found foundational pillars we have identities and endpoints an easier way of thinking about endpoints is just thinking of them as devices then we have apps data infrastructure and networks and I would say that if you wanted to put an emphasis on anything it's going to be identities because when an identity attempts to access a resource it must be verified with strong authentication and follow these privileged access principles the zero trust model is not unique to Microsoft gcp has its own zero trust model AWS has its own zero trust model but the one here is just going to really work for Microsoft so let's go in more detail on the three principles that are in the Microsoft zero trust model the first principle is verify explicitly and so this always authenticates and authorizes based on all the available data points including user identity location device service or workload data classification and anomalies the next principle is least privileged access so you limit user access with just in time and just enough access risk-based adaptive policies and data protection to protect both data and productivity then we have assumed breach so we need to minimize blast radius and axis should be segmented by Network user device and application we must also verify end-to-end encryption and use analytics to gain visibility Drive threat detection and improve security so that's Microsoft's version of the zero trust model and the three guiding principles this is Andrew Brown from exam Pro and we'll be talking about the six foundational pillars for the Microsoft zero trust model in Greater detail starting with the most important one so identities verifies and secures each identity with strong authentication across your entire digital estate for each of these pillars we're going to talk about some of the related Services I'm not going to describe too much of what they do because we're definitely going to be covering the important ones in this course in great detail but I want you to get some exposure so you see all these names over and over again so the first one is identity access and management or I am the next one is azure active directory and this one gets a lot of attention due to all its identity and access management capabilities we have single site on multi-factor authentication or MFA passwordless authentication which is a subset of MFA risk-based policies and we have identity secure score and you'll see a few different types of secure score like Microsoft secure score and compliance score in this course so it's something that's very useful throughout Microsoft 365 and azure measure next we have endpoints and it's easy to think of these as devices because their endpoints are used to gain visibility into devices accessing the network ensuring compliance and health status before granting access the endpoint is what grants access for this for this we have Azure ID device manager to register our devices with our identity provider generally the controls underneath which is the mobile device management and mobile application management is managed by Microsoft InTune and this service is now actually a part of Microsoft endpoint manager and if we want to get protection around our endpoints then we have Microsoft Defender for endpoint but we have Defender for a lot features in Microsoft and you'll see that soon enough then you have dlps data loss prevention policies so that we do not lose our data so that it does not get disclosed and we can keep our sensitive data protected so for apps we have discovered Shadow I.T so ensure appropriate in-app permissions gate access based on real-time analytics and monitor control user actions so for this we have policy-based access controls we can use the Microsoft soft Cloud app security Azure ID application proxy e-discovery and we have just in time virtual machine access so on to the last three pillars we have data so use intelligence to classify and label data encrypt and restrict access based on organizational policies so we move from perimeter-based data protection to data-driven protection so here we can use sensitivity labels Microsoft information protection data classification Azure information protection scatter so AIP scanner does decision-based policies and data loss prevention policies all of this stuff listed in the data pillar is in the Microsoft 365 compliance Center this is where all this stuff comes into play which we'll see later on next we have infrastructure so use Telemetry to detect attacks and anomalies automatically Block in flag risk behaviors and employ at least privilege access principles so here we can use the Azure security Center Azure ID managed identities user and resource segmentation vnets hearing rules privileged identity management network security groups application security groups Azure firewall Microsoft Defender for endpoint Microsoft Defender for identity and Azure Sentinel these last three we'll be talking about in Greater detail the last pillar here is Network so ensure devices and users are not trusted just because they're on an internal Network encrypt all internal Communications limit access by policy and employee micro segmentation and real-time threat detection so here we can do Network segmentation Azure DDOS Protection Service Azure firewall Azure web application firewall also known as Waf Azure VPN Azure ad proxy Azure Bastion and SSL TLS so that's the zero trust model six foundational pillars and some of the related services that are associated with each pillar hey this is Andrew Brown from exam Pro and we're taking a look at defense and depth so defense in depth uses a layered approach to security rather than relying on a single perimeter a defense and depth strategy uses a series of mechanisms to slow the advance of an attack there are seven layers of security that Microsoft wants you to know it's kind of similar to the shared responsibility Model A lot of times we see these things when organizations or providers are talking about their security centers like the actual data centers and how they're secured but this is more General it doesn't necessarily have to apply to a data center but let's go and work our way through inside out at the core we have data so access to business and customer data and encryption to protect data then we have application so applications are secure and free of security vulnerabilities then you have compute so access to VMS ports on premises and cloudin then Network so limit communication between resources using segmentation and access controls then you have perimeter so distributed denial of service protection to filter large-scale attacks before they can cause a denial of service for users identity and access so controlling access to infrastructure and change controls and then you have physical security so limiting access to a data center to only authorize Personnel so the idea is that if you really want to get to the data you've got to go through all the steps here these are all the layers of defense and so I just want to give extra emphasis to Identity and access because this one's the most outer one besides the physical security so they would say something like the modern perimeter is defined based on your identity another thing I want to mention is that even though the perimeter layer says it provides distributed denial of service protection to filter large-scale attacks and so on this is actually a bit misleading the DDOS protection standard provides multi-layered protection when deployed with a web application firewall it should protect both of the network layer and at the application layer emphasizing especially on the network layer so here's an architecture of DDOS protection standard being used you can see that it will always be placed in the network layer so it's applied to the virtual Network work subnets network security groups and so on a lot of people get it confused with perimeter layer when it should be the network layer so that's defense and depth hey this is Andrew Brown from exam Pro and we're taking a look at Azure active directory also known as Azure ID and it's Microsoft's cloud-based identity and access management service which helps your employees sign in and access resources it's going to help us both externally and with internal resources so on the external side we're looking at Microsoft 365 the Azure portal and SAS applications and for internal resources we have applications that reside within your internal Network and access to workstations that may reside on premise one of the best features of azure ID is single side on that's what a lot of companies want it for in terms of what types of azure active directory there are it's broken down to four editions with each subsequent tier having all the features of the previous tier and so we have the free tier where you get multi-factor authentication single side on basic security and usage reports and user management we have Office 365 apps so that will give you a company branding service level agreement to sync between on-premises and cloud and the last two I I want you to take note of because we do mention some of the features in this course for these two tiers is premium one and premium two also commonly abbreviated to P1 and P2 so you have hybrid architecture Advanced group access and conditional access and for premium 2 you have identity protection identity governance so again as we move up the tier each of the previous tier has all the features of the prior one so premium 2 has all the features of Premium One in terms of the use case for Azure ID it's for authorizing and authenticating to multiple sources so you can authorize and authenticate to your on-premises active directory to your web application it allows users to log in with their identity provider IDP like Facebook or Google and you can connect to Microsoft 365 or Microsoft Azure Azure ID takes care of all this stuff and so when we're looking at hybrid connections we're talking about Azure dconnect when we're looking at integrating our applications we're doing this through app registrations where we have the b2c service and then you have external identities so that's going to be for your identity any providers and you can also easily integrate with Cloud applications there's no particular service or sub service for that Azure ID naturally does that for you so let's look at the comparison between active directory versus Azure active directory because they're not the same thing so active directory has been around for quite a long time Microsoft introduced active directory domain services in Windows 2000 to give organizations the ability to manage multiple on-premises infrastructure components and systems using a single identity per user and so Azure D takes this approach to the next level by providing organizations with an identity as a service solution for their apps across cloud and on premises so both versions are still used to this day so there's active directory which is used for on-premises and there's Azure ID which is the cloud version and so we see a lot of companies might want to migrate over to Azure D or they might have a particular Legacy licensing that makes it more cost effective or there might be certain security compliances and that's why they're not using Azure ID so both of these are still valid product products just different use cases hey this is Andrew Brown from exam Pro and we're taking a look at Cloud identity models so Microsoft 365 uses Azure active directory a cloud-based user identity and authentication Service that's included with your Microsoft 365 subscription to manage identities and authentication for Microsoft 365. it's very important to set up your identity infrastructure properly if you want to manage Microsoft 365 user access and permissions for your company so there are two identity models available in Microsoft 365. the first one is cloud only identity this is where you maintain your organization's identities only in the cloud and the Azure d-tenant for your Microsoft 365 subscription performs the authentication with the cloud identity account the second one is hybrid identity this is where you maintain your on-premises active directory domain Services identities and use them for authentication when users access Microsoft 365 cloud services and the Azure d-tenant for your Microsoft 365 subscription handles the authentication process or redirects the user to another identity provider we'll talk more about the two identity models in Greater detail later hey this is Andrew Brown from exam Pro and we're taking a closer look at the cloud only identity model so a cloud only identity uses user accounts that exist only in Azure ID it's typically used by small organizations that do not have on-premises servers or do not use a DDS to manage local identities both on premises and remote users use their Azure ID user accounts and passwords to access Microsoft 365 cloud services Azure a de-authenticates user credentials based on its stored user accounts and passwords in terms of administration you manage Cloud identities with tools such as the Microsoft 365 admin Center and windows Powershell because user accounts are only stored in Azure ID and so this is best for organizations that do not have or needed on premises of DDS and their greatest benefit would be that it's simple to use and it requires no extra directory tools or servers so looking at the visual here within your organization you have your on-premises users and your remote users and both of them can access Microsoft 365 with Azure ID using their user accounts all on the cloud so that's the cloud only identity model hey this is Andrew Brown from exam Pro and we're taking a more in-depth look at the Hybrid identity model so hybrid identity uses accounts that originate in an on-premises a DDS and have a copy in the Azure a detented of a Microsoft 365 subscription any changes that you make to a DDS user accounts are synchronized to their copy in Azure ID except for specific account attributes Azure a dconnect provides the ongoing account synchronization so this runs on an on-premises server checks for changes in the DDS and forwards those changes to Azure ID Azure dconnect provides the ability to filter which accounts are synchronized and whether to synchronize a hash version of user passwords known as password hash synchronization Azure a d password hash synchronization is the simplest way to enable authentication for on-premises directory objects in Azure ID continuing out with hybrid identity your on-premises of DDS is the authoritative source for account information when you implement hybrid identity the Azure d-tenant has a copy of the DDS accounts both on premises and remote users accessing Microsoft 36 65 cloud services authenticate against Azure ID so hybrid identity is best for organizations using a DDS or another identity provider and its greatest benefit is that users can use the same credentials when accessing on-premises or cloud-based resources so it's very convenient to use looking at the visual here you have your active directory domain Services accounts and you have servers running Azure dconnect to synchronize and copy the accounts to Azure ID through this both on premises and remote users can access Microsoft 365 to utilize all its apps in cloud services so that's the hybrid identity model hey this is Andrew Brown from exam Pro and we'll be taking a look at multifactor authentication also known as MFA and that's how we'll refer to it throughout the entire course so NFA is a security control that provides an extra level of security where after you fill in your email and password you have to use a second device such as a phone to confirm that you are the owner of the account to log in MFA protects against people who have stolen your password when you're dealing with the verification method it must be based on something you have with you that isn't easily duplicated such as a phone like we mentioned before it could also be something uniquely and biologically have such as your fingerprints face or other biometric attribute by default both Microsoft 365 and Office 365 support MFA for user accounts using a text message sent to a phone that requires the user to type a verification code a phone call and the Microsoft authenticator smartphone app so there are multiple ways you can enable MFA for Microsoft 365 in office 365. the first one is with security defaults then we have with conditional access policies and for each individual user account which is not recommended MFA is available in all Microsoft 365 plans however if you want to gain features such as security defaults or conditional access policies you'll need to get Microsoft 365 business premium or Microsoft 365 E3 there's even Microsoft 365 E5 if you want Azure identity protection so here is an example where you see my email my password and that is called one factor so I've confirmed my identity like in this one case and then you have the second Factor also known as multi-factor that's usually what we call it and in this case we are sent a verification code to our phone to confirm and that's going to let us get into the system so that's MFA hey this is Andrew Brown from exam Pro and we'll be taking a look at conditional access which provides an extra layer of security before allowing authenticated users to access data or other assets so conditional access is implemented through conditional access policies which are a set of rules that specify the conditions under which sign-ins are evaluated and allowed for example you can create a conditional access policy that states if the user account name is a member of a group for users that are assigned The Exchange user password security SharePoint or Global administrator roles require MFA before allowing access this policy allows you to require MFA based on group membership rather than trying to configure individual user accounts for MFA when they're assigned or unassigned from these administrator roles so a conditional access policy analyzes signals signal could be user and location device application real-time risk and we'll go more into detail with all the types of signals in the next slide and the idea is you need to verify every access attempt through Access Control you might have required MFA Locker access and allow access so here is a visual I got from the Microsoft documentation the idea here is you have your signal and you have your user in location application real-time risk and device and here we have to verify every access attempt to meet the conditional access policies that were set to gain access to our apps and data so let's take a closer look at signals signals is metadata associated with an identity attempting to gain access and we'll be going over the full list of signals that are possible conditional access starting with users or group membership so policies Target specific users and groups including admin roles giving admins fine grain control over access then you could have signals that are named location or IP location information so that's a range of ips used when making policy decisions so admins can opt to block or allow traffic from an entire country's IP ranges for devices users with devices of specific platforms are marked with a specific State can be used for applications users attempting to access specific applications can trigger different additional access policies real-time cited risk detection so signals integration with Azure ID identity protection allows conditional access policies to identify sign and behavior and policies can then Force users to perform password changes or multi-factor authentication to reduce the risk level or be blocked from access until administrator takes manual action then you have your Cloud apps or Cloud actions so Cloud apps or actions can include or exclude Cloud applications or user actions that will be subject to policy then there's user risks so from customers with access to Identity protection user risks can be evaluated as part of the conditional access policy user risk represents the probability that a given Identity or account is compromised let's talk about common decisions so these Define the access control that Define what level of access based on the signal information and so this is when we were talking about that verifying steps these are those common decisions so we have block access which is the most restrictive decision then you have Grant access and this is the least restrictive decision but still requires is one or more of the following options so there's require MFA required device to be marked as compliant require hybrid Azure a dejoin device require approved Client app and require app protection policy another important thing to know is that you can use conditional access policies with Microsoft 365 business premium Microsoft 365 E3 and E5 and Azure at D premium P1 and Azure D premium P2 licenses so that's the value of conditional access and how you can use conditional access policies to increase your level of security hey this is Andrew Brown from exam Pro and we're taking a look at how to enable multi-factor authentication for Microsoft 365 users in the Microsoft 365 admin Center there are a couple ways to do this but the easiest way is from the Microsoft 365 admin Center so the first thing you want to do is to go to your app store on your smartphone Android or iOS you want to search for Microsoft authenticator and once you've found it you just download it and install it onto your phone ready to enable the MFA the next section requires you to go to the Microsoft 365 admin page if you work for a business you may not have access to this so you'll need to get it from your it department or get your it support company to do this for you once you're in the Microsoft 365 admin page you need to navigate to the users and then active users along the top right pane along the top here you'll see a button called multi-factor authentication so you click on that and it'll populate the list of users so for this demonstration we'll use the demo user Sam do we created earlier so you see here it says the multi-factor Authentication station status is disabled so we select Sam do and we click on enable and click on enable multi-factor Authentication now the user Sam do is enabled for multi-factor authentication but we need to validate this change so you'll need to go the Microsoft 365 login page or Office 365 login page first we'll need to site in with another account which is Sam do I will sign in as the user Sam do with the username and password I'm just going to copy and paste these in here let's just see what happens here once we enter the password now because we've enabled it in the back end of Microsoft 365. it's asking us to enable multi-factor authentication so it's saying your organization needs more information to keep your account secure so let's click on next so now it's telling us to install Microsoft authenticator as the type of MFA there are a few other ways to set this up such as authentication phone or office phone but we're going to use mobile app for this demonstration as we've downloaded Microsoft authentication earlier so we want to receive notifications for verification so we'll click on next the next thing you want to do is go to your phone and open the Microsoft authentication app and the first thing you want to do is to click on the three dots on the top right and click on add account so we click on add account we should select worker school account and then you'll get a little prob saying scan QR code so we click on there and all we simply do now is point your phone at the computer screen and it'll scan the QR code just wait a couple of seconds and then it'll list it in your authenticator app so you click on the email address so back onto your screen click on next to proceed so now we'll be able to test this out so on your device it's saying please respond to the notification and it will tell your device to approve this site on so you click on approve and it should be successful the notification has been approved and so you click on next the Microsoft authenticator app has been successfully registered so we click done since it's our first time signing on the user Sam do we'll need to create a new password for the user after that's complete the user should be able to successfully log in and the next time the user attempts to sign in you'll need to approve using the Microsoft authenticator app multi-factor authentication method again so that's how you enable multi-factor authentication on your Microsoft 365 user hey this is Andrew Brown from exam Pro and we're taking a look here at Microsoft 365 Defender which is a unified pre and post breach Enterprise defense Suite that natively coordinates responses such as detection prevention and investigation across endpoints identities emails and applications to provide integrated protection against sophisticated attacks so Microsoft 365 Defender allows admins to assess threat signals from endpoints applications email and identities to determine an attack scope and impact it provides detailed Insight on how the threat occurred and what systems were affected Microsoft 365 Defender can then take automated action to prevent or stop the attack so if you're looking for where the service is you'd open up the portal at office.com and find it on the side menu and click on security that's where you'll find Microsoft 365 Defender so Microsoft 365 Defender is composed of the following Services it has Microsoft Defender for identity Microsoft Defender for endpoint Microsoft Defender for cloud apps preview obviously known as Microsoft Cloud app security then there's Microsoft Defender for Office 365 Microsoft 365 Defender portal and Microsoft secure score here's just a graphic to reiterate over those four Services the ones in Boulder the core services but we'll be going more into detail of all of them later so that's Microsoft 365 Defender this is Andrew Brown from exam Pro and we'll be talking about Microsoft Defender for endpoint So within Microsoft 365 we have endpoints and these are a set of destination IP addresses DNS domain names and URLs for Microsoft 365 traffic on the internet so to optimize performance for M365 cloud-based Services these endpoints need special handling by client browsers and the devices in your Edge Network and these devices include firewalls SSL break and inspect and packet inspection devices and data loss prevention systems here is an image showing what it looks like again it's just IP addresses and DNS domain names so endpoints are grouped into four service areas exchange online SharePoint online and OneDrive for business Skype for business online and Microsoft teams and M365 common in office online so it's just a bunch of these things here on the left hand side but it's specialized for those particular areas so now taking a look here at Microsoft Defender for endpoint is an Enterprise endpoint security platform designed to help Enterprise networks prevent detect investigate and respond to Advanced threats and so Defender for in point uses the following combination of Technologies built into Windows 10 and Microsoft cloud service so we have in point behavioral sensors which are embedded in Windows 10 the sensors collect and process behavioral signals from the operating system and send this sensor data to your private isolated Cloud instances of Microsoft Defender for endpoint then you have Cloud security analytics so this is leveraging Big Data device learning and unique Microsoft Optics across the windows ecosystem Enterprise Cloud products such as Office 365 and online assets behavioral signals are translated into insights detections and recommended responses to Advanced threats then we have threatened intelligence this is generated by Microsoft Hunter's security teams and augmented by threat intelligence providers by Partners threat intelligence enables Defender for endpoint to identify attack attacker tools techniques procedures and generate alerts when they are observed in collected sensor data so that's Microsoft 365 Defender for endpoint and all the Technologies it uses to prevent Advanced threats hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft 365 Defender for identity so Defender for identity is a cloud-based security solution that leverages your on-premise active directory data which are called signals to identify detect and investigate Advanced threats compromised identities and malicious Insider actions directed at your organization it detects Advanced attacks in hybrid environments to monitor users entity behavior and activities with learning based analytics it protects user identities and credentials stored in active directory identify and investigate suspicious user activities and advanced attacks throughout the kill chain and provide clear incident information on a simple timeline for fast triage so going into more depth with the things we just talked about for Monitor and profile user behavior and activities Defender for identity monitors and analyzes user activities and information across your network including permissions and group membership creating a behavioral Baseline for each user for protect Tech user identities and reduce the attack surface it provides insights on identity configurations and suggested security best practices and through security reports and user profile analytics it helps reduce your organizational attack surface making it harder to compromise user credentials and Advance an attack for identify suspicious activities and advanced attacks across the Cyber attack kill chain Defender for identity identifies these Advanced threats of the source throughout the entire Cyber attack kill chain reconnaissance compromise credentials lateral movements and domain dominance you can use the defender for identity attack timeline view and the intelligence of smart analytics to stay focused on what matters also you can use Defender for identity to quickly investigate threats and gain insights across the organization for users devices and network resources so Microsoft Defender for identity monitors your domain controllers by capturing and parsing Network traffic and leveraging windows events directly from your domain controllers that analyzes the data for attacks and threats so here is the architecture sure of it first we have our domain controller over here then we have Microsoft Defender for identity then it's going to go to the Microsoft Cloud app security which is now the Microsoft Defender for apps so that we can do some analysis later on you could pass it over to sim integration or Azure Sentinel for some security information or event management as well and things like that so by utilizing profiling deterministic detection machine learning behavioral algorithms Defender for identity learns about your network enables detection of for anomalies and warns you of suspicious activities and that's Defender for identity hey this is Andrew Brown from exam Pro and we'll be taking a look at Microsoft Defender for office 365. so Microsoft Defender for Office 365 protects against Advanced threats by email messages links URLs Microsoft teams SharePoint online OneDrive for business and other clients and protection is provided via reports thread investigations threat responses and threat protection policies and there's three available subscriptions we have exchange online protection the defender for Office 365 plan 1 and plan two and Office 365 security Builds on the core protections offered by EOP so EOP is present in any subscription where exchange online mailboxes can be found so going into more detail here for EOP it's a cloud-based filtering service that protects your organizations against spam malware and other email threats the defender for office P1 provides safe attachment which checks email attachments for malicious content safe links where the links are scanned for each clicking A Safe Link remains accessible but malicious links are blocked it provides protection for SharePoint OneDrive and Microsoft teams it identifies and blocks malicious files and team sites and document libraries anti-phishing protection so this detects attempts to impersonate your users and internal or custom domains real-time detection it's a real-time report that allows you to identify and analyze recent threats the defender for office P2 this includes all the defender office sp1 features so we have threat trackers the latest Intelligence on cyber security issues takes counter measurements before an actual threat we have threat Explorer so real-time reports that allows you to identify and analyze recent threats automated investigation and response also known as air is a set of security playbooks that can be launched automatically start an automatic investigation provide detailed reports recommend Action Security teams can approve there's a tax simulator you can run realistic attack scenarios in your organization to identify for vulnerabilities so you can see that P2 is very very good it provides a lot of great features here's a bit more detail on the EOP so once again it's a cloud-based filtering service that protects your organization from spam malware and other email threats here is a graphic displaying how it works in all the processes it undergoes and so EOP has features for anti-malware inbound anti-spam how about anti-spam connection filtering anti-fishing anti-spoofing protection 0 zero hour auto Purge for delivered malware spam and phishing messages preset security policies tenant allow in block list allow block lists for message senders directory base Edge blocking mail flow rules accepted domains message training and more another important thing to know is that Microsoft Defender for Office 365 is included in the Microsoft 365e5 Office 365 E5 and A5 and Microsoft 365 business premium subscriptions so you can see there's a lot of features and I just couldn't fit them all on the screen but I just wanted to show you how valuable exchange online protection is and this is one of the many advantages it has over Gmail hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft Defender portal so we've said before that Microsoft 365 Defender natively coordinates detection prevention investigation and response across endpoints identities email and applications to provide integrated protection against sophisticated attacks while the Microsoft 365 Defender portal brings all of those functionalities together into one place focusing on getting quick access to information and providing simple layouts to meet the needs of security teams you can view the security health of your organization through the Microsoft 365 Defender portal some of the key features of the Microsoft 365 Defender portal include incidents and alerts which create alerts when they detect a suspicious or malicious event or activity threat analytics designed to assist security teams track and respond to emerging threats the secure score which is a representation of a company's security posture and will be going more into detail about it later Learning Hub which provides official guidance from resources like Microsoft security Block in the official documentation and reports which can be a general security report and Branch into specific reports about in points email and collaboration so the Microsoft 365 Defender portal home page shows many of the common cards that security teams need the card and data composition is determined by the user's role different roles will see cards that are more relevant to their day-to-day jobs because the Microsoft 365 Defender portal uses role-based access restriction the cards fall into these categories identities monitor the identities in your organization and keep track of suspicious or risky behaviors data help track user activity that could lead to unauthorized data disclosure devices get up-to-date information on alerts for each activity and other threats on your devices apps gain insight into how Cloud apps are being used in your organization so that's Microsoft Defender portal hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft Defender for cloud apps which is a cloud access security broker that sits between the user and the cloud service provider to gatekeep access in real time to Cloud resources Microsoft Defender for cloud apps is built on a framework that follows four principles the first one is discover and control the use of Shadow it identify the cloud apps and iOS and pass Services used by your organization investigate usage patterns assess the risk levels and business Readiness of more than twenty five thousand PSIs apps against more than 80 risks then we have protect against cyber threats and anomalies detect unusual behavior across Cloud apps to identify ransomware compromised users or Rogue applications analyze high risk usage and remediate automatically to limit the risk to your organization then there's protect your sensitive information anywhere in the cloud understand classify and protect the exposure of sensitive information at rest leverage out of the box policies and automated processes to apply controls in real time across all your Cloud apps and then we have assessed the compliance of your Cloud apps assess if your Cloud apps meet relevant compliance requirements including Regulatory Compliance and Industry standards prevent data leaks to non-compliant apps and limit access to regulated data so let's look at the architecture of Defender for cloud apps and some of the functionalities Microsoft Defender for cloud apps integrates visibility with your Cloud by using Cloud Discovery to map and identify your Cloud environment and the cloud apps your organization is using sanctioning and unsanctioning apps in your Cloud using easy to deploy app connectors that take advantage of provider apis for visibility and governance of apps that you connect to using conditional access app control protection to get real-time visibility and control over access and activities within your Cloud apps helping you have continuous control by setting and then continually fine-tuning policies so that's Microsoft Defender for cloud apps hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft secure score So within Microsoft 365 Defender you get a secure score and this is a representation of your organization's security posture and your opportunity to improve it through Improvement actions this is similar to Azure defender's secure score but they have slightly different terminology to make it a little more company friendly towards people that are developers so on the right here you are given a secure score which is currently at 18.25 percent and of course the higher the score the better your protection and then you see the Improvement actions which shows you all the actions you can perform to increase your secure score to improve your organization's security posture so organizations can monitor and work on the security of their Microsoft 365 identities apps and devices from a centralized dashboard via the Microsoft 365 Defender portal secure score helps organizations report on the current state of their security posture improve their security posture by providing discoverability visibility guidance and control compare benchmarks and establish key performance indicators currently Microsoft's secure score supports recommendations for Microsoft 365 including exchange online Azure active directory Microsoft Defender for endpoint Microsoft Defender for identity Microsoft Defender Cloud apps and Microsoft teams also new recommendations are being added to secure score all the time so that's Microsoft's secure score this is Andrew Brown from exam Pro and we'll be talking about Microsoft 365 security reports So within Microsoft 365 you have security reports and these are General Security dashboards about security trends for Microsoft 365 identities device and apps information is organized into cards on the dashboard so you have identities where we'll have users at risk in global admins then you have devices so devices at risk device compliance devices with active malware types of malware on devices malware on devices devices with malware detection and users with malware detections then you have apps which have risk levels and so all of this information can be reorganized or grouped into category or topic so right now we have identities devices and apps for the topics we could have risk detection threads and configuration and health so just to kind of tell you a little bit more here imagine you have a bunch of these cards and they're broken down by all these categories here so you can have a bird's eye view of what's going on on one particular report that is interesting to show you is the Office 365 exchange which is a mail server so this provides email collaboration reports it gives you Statistics over time if you were to drill down into a particular type of report here you can kind of see things like spoof detections spam detections over time and things like that so that security reports hey this is Andrew Brown from exam Pro and we'll be talking about common threats before we talk about the common threats we need to know what our vulnerabilities so a vulnerability as a whole or a potential weakness in the application which can be a design flaw or an implementation bug that allows an attacker to infiltrate an organization or cause harm to the stakeholders of an application now that leads us to threats a threat in Cloud security is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application attackers will create threats across multiple domains like email identity and points and applications to find a point of lease resistance today's defense Solutions have been designed to protect detect and block threats for each domain separately allow the attackers to exploit the seams and threshold differences between Solutions leaving the business vulnerable to attack so now we'll be talking about the most common threats Microsoft wants to focus on credential theft is a type of cyber crime that involves stealing a victim's proof of identity examples of credential theft or mimikatz password spray or breach harvesting malware also known as malicious software is a file or code typically delivered over a network that infects explores steals or conducts virtually any Behavior an attacker wants examples of malware are viruses ransomware and adware phishing attacks use tricks or lures to get a user to reveal credentials or pay money typically by getting them to click a link to a fake website in an email that appears genuine examples of phishing attacks are email phishing and spear fishing infrastructure attacks include improperly secured virtual machines and resources in Azure examples of infrastructure attacks include dos and DDOS attacks so these are the common threats that Microsoft wants you to be familiar with there's definitely more than just four types but these are the main ones that Microsoft wants to focus on hey this is Andrew Brown from exam Pro and we'll be taking a look at how Microsoft addresses the most common threats so we'll be talking about Microsoft 365 Defender and how it protects us from potential threats and vulnerabilities this may seem like a review for you but it's great to note nonetheless Microsoft 365 Defender is an integrated cross-domain threat detection and response solution that provides organizations with the ability to prevent detect investigate and remediate sophisticated cross-domain attacks within their Microsoft 365 environments it leverages raw signal data from Individual service domains like user identity and points applications email and collaboration tools normalizing the data at the ingestion Point Microsoft 365 Defender requires no specific expertise or customization so Defenders can immediately use the integrated console and combine incident views with Microsoft 365 Defender security teams can automatically block attacks and eliminate their persistence to keep them from starting again prioritize incidents investigation in response Auto heal assets Focus unique expertise on Cross domain hunting Microsoft 365 Defender Suite protects and points with Microsoft Defender for endpoint a unified endpoint platform for preventative protection post breach detection automated investigation and response email in collaboration with Microsoft Defender for Office 365 safeguards your organization against malicious threats posed by email messages links and collaboration tools identities with Microsoft Defender for identity and Azure active directory identity protection uses active directory signals to identify detect and investigate Advanced threats compromise identities and malicious Insider actions directed at your organization applications with Microsoft Defender for cloud apps a comprehensive Crosshair solution bringing deep visibility strong data controls and enhanced threat protection to your Cloud apps so these are the main tools and services that Microsoft uses to detect and eliminate any potential threats to your Microsoft 365 environment hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft Sentinel also known as Azure Sentinel so Microsoft Sentinel is a scalable Cloud native security information and event management so Siem and security orchestration Automation and response Solutions or Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the Enterprise providing a single solution for alert and attack detection threat visibility proactive hunting and threat response so here's a big wheel that Microsoft Sentinel likes to use to describe it and what's cool about this offering is it's both a Siam and a sore so you don't have to have two separate Services starting off with collected so collect data at Cloud scale across all users devices applications and infrastructure both on premise and in multiple clouds detect previously undetected threats and minimize false positives using Microsoft's analytics and unparalleled thread intelligence investigate threats with artificial intelligence and hunt for suspicious activities at scale all tapping into years of cyber security work at Microsoft respond to incidents rapidly with built-in orchestration and automation of common tasks let's take a look at what Microsoft Sentinel can ingest from other data set sources so we have a number of connectors here such as Microsoft 365 Defender Microsoft 365 sources including Office 365 Azure ID Microsoft Defender for identity and Microsoft Defender for cloud apps you can also use common event formats such as syslog rest API Windows event logs common event format and trusted automated exchange of indicator information also known as taxii so let's take a look at workbooks and so this is a feature of azure monitor but Microsoft Sentinel allows you to create workbooks really easily after you connected your data sources to Microsoft Sentinel you can monitor the data using the Microsoft Sentinel integration with Azure monitor workbooks workbooks provide a flexible canvas for data analysis and the creation of Rich visual reports they allow you to tap into multiple data data sources and combine them into unified interactive experiences it tells a story about the performance and availability about your applications and services so here's a graph showing the performance analysis and here's another one showing the application failure analysis but the idea is that these are kind of like living documents where you can visualize and monitor specific metrics and other things about your applications and services Microsoft Sentinel allows you to create custom workbooks across your data and also comes with built-in workbook templates to allow you to quickly gain insights across your data as soon as you connect a data source a couple more points here on workbooks is that they are intended for sock engineers and analysts of all tiers to visualize data sock stands for security operations center if you didn't know while workbooks are best used for high level views of Microsoft Sentinel data and require no coding knowledge you cannot integrate workbooks with external data now let's look at the core features of Microsoft Sentinel starting with analytics so Microsoft Sentinel uses analytics to correlate alerts into incidents so over here we can see that we have list them in incidents or groups of related alerts that together create an actionable possible threat that you can investigate and resolve Microsoft Sentinel also provides machine learning rules to map your network behavior and then look for anomalies across your resources then there's Automation and orchestration so with Sentinel you have solutions that provide a highly extensible architecture that enables scalable automation as new technologies and threats emerge Sentinel is built on the foundation of azure logic apps so it's a great way of not having to use any code but you can chain things over different services and they have over 200 connectors for services such as Azure functions the connectors allow you to apply any custom logic and code servicenow jira zendesk HTTP requests Microsoft teams slack Windows Defender at TP and Defender for cloud apps so there's a lot to do there for investigations the investigation tools help you to understand the scope and find the root cause of a potential security threat you can choose an entity on the interactive graph to ask interesting questions for a specific entity and drill down into that entity and its connections to get to the root cause of the threat moving on to hunting so Microsoft sentinel's powerful hunting search and query tools is based on the miter framework which is a curated knowledge base that tracks cyber adversary tactics and techniques so this enables you to proactively hunt for security threats across your organization's data sources before an alert is triggered after you discover which hunting query provides high value insights into possible attacks you can also create custom detection rules based on your query and service those insights as alerts to your security incident responders while hunting you can create bookmarks for interesting events enabling you to return to them later share them with others and group them with other correlating events to create a compelling incident for investigation and on to our final section we'll go over the pricing models of Microsoft Sentinel so the first type is capacity reservations where you are billed a fixed fee base on the selected tier enabling a predictable total cost for Microsoft Sentinel and we have pay as you go so your bill per gigabyte for the volume of data ingested for analysis in Microsoft Sentinel and stored in the Azure monitor log analytics workspace so that's Microsoft Sentinel Andrew Brown from exam Pro and we're going through an overview of the Microsoft 365 Defender we'll be taking a look at only the key features here so in general Microsoft 365 Defender helps respond to threats and manage security across your identities data devices apps and infrastructure so starting with the incidents and alerts section there is currently no data because this is a new account and no alerts have been recorded typically there would be a list of incidents and alerts it would include the incident name a unique ID number the severity of the threat status and displays a summary of the incident and provides access to tabs with additional information one of the key features of the Microsoft 365 Defender is the secure score so the Microsoft secure score is a representation of your organization's security posture and your opportunity to improve it it's similar to how the Microsoft compliance score is designed here it displays the secure score of 28.07 percent for the organization and right next to it shows a list of actions to review it also provides a comparison of your organization's secure score to other organizations that is similarly set up or designed to other organizations with their secure score the next thing we want to do is to click on recommended actions this will populate the list of actions to review so on the list of actions to review we can sort them however we want such as according to their rank score impact points achieved status and so on and once you complete the recommended action it will increase your security score based on the score impact of the action as an example we'll select a simple one such as only invited users should be automatically admitted to teams meetings then we'll click on implementation which are the instructions or guide where to go and how to complete the action so this tells us to go to the Microsoft teams admin Center and in the meeting policies under the participants and guests section toggle automatically admit people to invited users only so we'll click on Microsoft teams admin Center first thing you'll want to do is to navigate to the on meetings pane then click on meeting policies and then on manage policies click on the add button we'll need to give this policy a name so we'll name it invite users only then we'll need to look for the policy mentioned in the implementation after finding the correct section of participants and guests under the automatically admit people will need to toggle and change it to invited users only then click save you can now see that the new policy has been added to the list so that should be completed and you should see the secure score update within 24 hours coming back to the Microsoft secure section there's a tab that displays the history of your Microsoft secure score to see the performance over a period of time if it increases or decreases you can also view metrics and Trends such as comparison Trend regression Trend and risk acceptance Trend that you may be interested in for the reports section there is the general section where you can view information about security Trends and track the protection status of your identities data devices apps and infrastructure there's also the email and collaboration reports where you review Microsoft recommended actions to help improve email and collaboration security and many more but we're not going to go through all of them the audit section should be similar to the one in the Microsoft purview compliance portal so we won't go over too much the last section we'll talk about is the health section and the main thing we want to look at here is service health so here you can view the issues and health status of all services that are available with your current subscriptions you can view info about the history of incidents and advisories that have been resolved and you can track the status of issues reported by people in your organization over the last 30 days so that's a quick overview of the Microsoft 365 Defender hey this is Andrew Brown from exam Pro and we're taking a look at Regulatory Compliance so what is compliance it's conforming to a rule such as a specification policy standard or law and Regulatory compliances and organization that takes effort to comply with relevant laws policies and regulations so Regulatory Compliance can vary at the following levels so there's Federal such as Canada there's state or provincial like Ontario political and economic Union like European union and international organization so why do we have Regulatory Compliance well governments want to protect its citizens data that is collected by companies and organizations we don't want the companies or Orcs to mishandle our data or sell our data what are compliance controls well those are internal control mechanisms that need to be in place to detect prevent incorrect compliance issues for example we have public standards and policies documented procedures training monitoring and internal audits so what are some of the measures that Regulatory Compliance can enforce well it allows citizens the right to access their data at any time citizens have the right to correct or delete data if needed it gives us control over the retention periods for the minimum or maximum time data should be stored enabling governments and Regulatory Agencies the right to access and examine data when necessary and defining rules for what data can be processed and how that should be done so that's Regulatory Compliance hey this is Andrew Brown from exam Pro and we're taking a look at compliance Solutions in Microsoft 365 which are collections of integrated capabilities you can use to help you manage end-to-end compliance scenarios a Solutions capabilities and tools might include a combination of policies alerts reports and more the solution catalog is organized into sections that contain information cards for each compliance solution available in your Microsoft 365 subscription each section contains cards for Solutions grouped by compliance area so you can see on the image here there's the information and protection area Insider risk management Discovery response and so on and within them you have the solution cards like communication compliance when you select view for a solution card you'll see detailed information about the compliance solution and how to get started so we're looking at the communication compliance section and this information includes an overview pre-configuration requirements learning resources controls that allow you to pin the car to the navigation Pane and an option to share the solution as a Link email or Microsoft teams message to view the Microsoft purview solution catalog go to compliance.microsoft.com and sign in as a global administrator compliance administrator or compliance data administrator select catalog in the navigation pane on the left side of the screen to open the catalog home page so that's the compliance Solutions in Microsoft 365. hey this is Andrew Brown from exam Pro and we'll be talking about the service trust portal so the Microsoft service trust portal provides a variety of content tools and other resources about Microsoft security privacy and compliance practices from the main menu you can access the service trust portal compliancemanager trust documents Industries and regions trust Center Resources by library and more and we'll briefly go over what each section has to offer in the next slide so the service trust portal provides a quick way to get back to the home page for the service trust portal to compliance manager directs users to compliance manager in the Microsoft purview compliance portal to access to compliance manager and other compliance management capabilities in Microsoft 365. we'll talk a bit more about this later on trust documents provides a wealth of security implementation and design information with the goal of making it easier for organizations to meet Regulatory Compliance objectives so with interest documents there are audit reports which provide a list of independent audit and assessment reports on Microsoft's cloud services is displayed data protection contains a wealth of resources such as audited controls white papers FAQs penetration tests risk assessment tools and compliance guides Azure stack contains documents that provide security and compliance Solutions and support tailored to the needs of azure stack customers Industries and regions provides access to compliance information about Microsoft cloud services organized by industry and region you can access the industry Solutions which directs users to the landing page for the financial services industry containing information such as compliance offerings FAQs and success stories and there's Regional Solutions which provide documents on Microsoft cloud services compliance with the laws of various countries regions including Australia Canada Czech Republic Denmark Germany Poland Romania Spain and the United Kingdom trust Center links you to the Microsoft trust Center which provides more information about privacy security and compliance in the Microsoft cloud resources provide links to security and compliance for Office 365 the Microsoft global data centers and FAQs and my library is a feature that lets you save documents so that you can quickly access them on your my library page taking a closer look at audit reports and so audit reports are independent audit reports for Microsoft's cloud services which provide information about compliance with data protection standards and regulatory requirements so you'll get audit reports for it International Organization for standardization service organization controls National Institute of Standards and Technology Federal risk and authorization Management program and general data protection regulation so you'll get a list of documents and PDFs that you can download you can open them up and see how Microsoft and Azure are being compliant and just taking a closer look at Regional Solutions in the industries and regions section so as we mentioned before Regional Solutions provide documents on Microsoft's compliance policies and regulations for Regions such as Australia Germany UK and many more and so here here you can select the regions that are available and in this example it's United Kingdom and here you can look at the GRC assessment reports their description and you can download them for a closer inspection so that's the service trust portal hey this is Andrew Brown from exam Pro and we're taking a look at compliance Concepts focusing on data residency and how it helps ensure Regulatory Compliance so as organizations and institutions move their data to service provider clouds with data centers all over the world government agencies and Industry groups have issued regulations to help protect and govern the use of data organizations can be accountable for meeting dozens of regulations ranging from personal and financial information to data protection and privacy so when it comes to compliance data residency regulations govern the physical locations where data can be stored as well as how and when it can be transferred processed or accessed internationally these regulations can differ significantly depending on jurisdiction it ensures customers can access diagnostic service generated and support data and can manage access to their own data Microsoft protects customer data from unauthorized access and handles challenges from government requests and other third-party orders it provides tools customers can use to restrict protect and encrypt data at rest in transit and in some cases in use it enforces strict policies and practices that Microsoft follows for the retention and deletion of customer data Microsoft also ensures compliance with privacy regulations and standards to help protect the privacy of customer data so here are some important Concepts and terms that relate to data compliance that you may need to know data sovereignty is the concept that data particularly personal data is subject to the laws and regulations of the country region in which it's physically collected held or processed this can complicate compliance because the same piece of data can be collected in one location stored in another and processed in another making it subject to laws from different countries and regions and data privacy is providing notice and being transparent about the collection processing use and sharing of personal data are fundamental principles of privacy laws and regulations personal data means any information relating to an identified or identifiable natural person privacy laws previously referenced Pi or personally identifiable info information but the laws have expanded the definition to any data that is directly linked or indirectly linkable back to a person organizations are subject to and must operate consistent with a multitude of laws regulations codes of conduct industry-specific standards and compliance standards governing data privacy so those are the compliance Concepts hey this is Andrew Brown from exam Pro and we're talking about Microsoft purview information protection also known as Microsoft information protection and this is a collection of features within Microsoft purview formerly Microsoft 365 compliance to help you discover classify and protect sensitive information wherever it lives or travels so the idea here is that we have this diagram and we have four specific domains that are information protection capabilities around our data and so the first is know your data the second is protect your data the third is prevent data loss and the fourth is govern your data so we'll be going over all these sections in the next few slides taking a look at the four domains here for the Microsoft purview information protection these are features found within Microsoft purview so the first is know your data understand your data landscape and identify important data across your hybrid environment so one feature would be sensitive information types this identifies sensitive data by using built-in or custom regular expressions or a function it provides corroborative evidence includes key words confidence levels and proximity we have built-in sensitive labels and you have custom ones as well so then there's trainable classifiers this identifies sensitive data by using examples of the data you're interested in rather than identifying elements in the item so pattern matching and you can use built-in classifiers or train a classifier with your own content say you have trainable classifiers here for data classification this is a graphical identification of items in your organization that have a sensitive label a retention label or have been classified you can also use this information to gain insights into the actions that your users are taking on these items so that's the context Explorer and the activity Explorer the second part is protect your data so apply flexible protection actions that include encryption access restrictions and visual markings say you have sensitivity labels Azure information protection unified labeling client double key encryption Office 365 message encryption service encryption with customer key SharePoint information rights manager Rights Management connector Azure information protection unified labeling scanner Microsoft Defender for cloud apps and Microsoft information protection SDK most of these you won't need to know but will definitely cover sensitivity labels then we have prevent data loss so this prevents accidental oversharing of sensitive information here you have Microsoft purview data loss prevention and point data loss prevention Microsoft compliance extension there's a Chrome extension that does compliance for you so it's built in your browser there's the Microsoft purview data loss prevention on premises scanner and protects sensitive information in Microsoft teams chat and channel messages we'll definitely take a closer look at Microsoft purview data loss prevention later next we have Microsoft purview data lifecycle management formerly Microsoft information governance which is a collection of features to govern your data for compliance or regulatory so for Microsoft purview data lifecycle management it keeps what you need and deletes what you don't we have retention policies and retention labels inactive mailboxes archive mailboxes import service for PSD files and for Microsoft purview records management it manages high value items for business legal or regulatory record-keeping requirements you have file plan retention labels for individual items retention policies if needed for Baseline retention and disposition review and proof of disposition so those are the four domains in Microsoft purview information protection govern your data is not technically part of it as it's in the data life cycle and record section but I included it anyways hey this is Andrew Brown from exam Pro and we're taking a look at the data classification capabilities so sensitive information types or classifications or categories of data by sensitivity they are pattern-based classifiers and they have set patterns that can be used to identify them so within the Microsoft purview data classification feature you can get a breakdown of the distribution of sensitive info types so here imagine you have a bunch of documents and you said hey tell me what you found in these documents and there it gives it kind of a breakdown by type these types are identified based on regular expression or a function there are hundreds of built-in information types for example credit card numbers passport or identification numbers bank account numbers Health Service numbers IP addresses Azure storage account keys and driver's license numbers so it's a huge list and so here's a list of some sensitive info types these sensitive information types are used in data loss prevention policies sensitivity labels retention labels Insider risk management communication compliance and auto labeling policies generally the first thing you're going to do with your data classification is to get your sensitive information types and you can create your own info types too so if there's something that doesn't meet your needs you'll have to write your own regular expression but you can have whatever you want another feature found in data classification within Microsoft purviewer trainable classifiers let's talk about what training is and classifiers are so a classifier is a machine learning model that can take records of data and classify or categorize by applying a label from a predetermined list of categories then you have training and this is the act of teaching a machine learning model how to learn by providing it large amounts of data that is already labeled it uses the label data to tell if its predictions are similar to the ones provided So within Microsoft purview it has two kinds of trainable classifiers three train classifiers are ready to use classifiers with five portraying classifiers we'll talk about those five in a moment you don't need to provide any data used for training and it meets many General use cases then you have custom tradable classifiers this is when you have your own kind of documents when you have specific business documents but you'll have to provide training data so the five pre-trained classifiers or resumes source code harassment profanity and threat another feature in the data classification within Microsoft purview is content Explorer so this enables administrators to gain visibility into the content that has been summarized in the overview pane it drills down to find emails or documents that have been labeled based on sensitive information types sensitivity labels or retention labels there are two roles that Grant access to content Explorer you have content Explorer list viewer and content Explorer content viewer so the idea here is you have broad categories on left hand side so you see the three categories sensitive info types sensitivity labels and retention labels and then what you'll do is Click into one and then they'll have specific actual items underneath and you click into one of those and then from there you can go on the right hand pane over here you can go and explore different documents and files to identify that kind of information the other Explorer here is the activity Explorer and this helps discover which file labels were changed and which files were modified so it monitors label activity across exchange SharePoint OneDrive and endpoint devices a few activity types that can be analyzed are file copied to removable media file copy to network share label applied and label change and admins can use more than 30 filters for data including location user sensitivity label and retention label so here is a great visual to help you get the idea so here you have filters so activity location user and the type of sensitivity label and then you can see it says label changed here in light blue and you can see these labels were applied in a darker tone of blue and files copied to the cloud in dark orange so it represents the amount of files or labels according to the visual so it helps you get an idea of what this does hey this is Andrew Brown from exam Pro and we're taking a look at sensitivity labels so sensitivity labels allow you to apply a label to your documents or emails and the most common way is through built-in drop down within Office 365 products so labels are customizable admins can create different categories specific to the organization such as personal public confidential and highly confidential they are clear text because each label is stored in clear text in the contents metadata third-party apps and services can read it and then apply their own protective actions if necessary and they're persistent when you apply a sensitivity label to content the label is stored in the email or document's metadata the label follows the content including the protection settings and this data is used to apply and enforce policies so here we have an example for Microsoft Word one for Excel and here's one from Outlook the idea is that you do your business as per usual but you have to go ahead and classify that information into a particular sensitivity so sensitivity labeling makes it easy to apply content marketing or encryption content markings would be like watermarks warnings that are applied to the header and footer of a document so notice here you can turn it on and you can say add this watermark with this customized text at this header at this footer I think you can even customize some of the colors but are very limited but it does the job the other one is encryption so apply encryption and specify which users and groups May decrypt and other fine-tuned permissions so the idea is you would turn the encryption on then you would select the users groups Etc who could do it then they have these broad categories and so this particular one is for email but here you choose which permissions are allowed so are you allowed to view the content can you save the email are you allowed to reply to the email are you allowed to forward the email so it's very fine-tuned it's not just encryption even though that's what it is so within Microsoft purview under classification you can see the distribution of sensitive labels applied to documents and emails or based on location so this gives you a visual to help you understand where these labels are located on the left hand side shows what sensitivity labels have been applied to the content and then on the right here it shows the location of where sensitivity labels are applied so sensitivity labels can be used to provide protection settings that include encryption and content markings protect content in office apps across different platforms and devices protect content in third-party apps and services protect containers extend sensitivity labels to power bi extend sensitivity labels to assets in Azure extend sensitivity labels to third-party apps and services and classify content without using any protection settings so that sensitivity labels hey this is Andrew Brown from exam Pro and we're taking a look at label policies so in order to use sensitivity labels they need to be published alongside a label policy a label policy determines who can use the label and other conditions so the idea here is you can specify which users or groups can use these labels and then here are some of the settings here so notice below users must provide justification to remove a label or lower classification requires users to apply a label to their email or document provides user with a link to a custom help page so label policies enable admins to choose the users and groups that can see labels so labels can be published of specific user's distribution groups Microsoft 365 groups and Azure ID and more apply a default label to all new emails and documents that the specified users and groups create users can always change the default label if they believe the document or email has been dislabeled required justifications for label changes so if a user wants to remove a label or replace it admins can require the user to provide a valid justification to to complete the action the user will be prompted to provide an explanation for why the label should be changed require users to apply a label so mandatory labeling ensures a label is applied before users can save their documents send emails or create new sites or groups and we have link users to custom help Pages it helps users to understand what the different labels mean and how they should be used so those are the sensitivity label policies hey this is Andrew Brown from exam Pro and we're taking a look at retention policies and labels so retention labels and policies help organizations to manage and govern information by ensuring content is kept only for a required time and then permanently deleted apply retention labels and assigning retention policies helps organizations comply proactively with industry regulations and internal policies that require content to be kept for a minimum time reduce risk when there's litigation or a security breach by permanently deleting old content that the organization is no longer required to keep and it ensures users work only with content that's current and relevant to them when content has retention settings assigned to it that content remains in its original location so retention settings work with the following different workloads SharePoint in OneDrive Microsoft teams jabber at exchange so retention labels ensures data is held for a specific duration to meet a Regulatory Compliance or industry best practices they are used to assign retention settings at an item level such as a folder document or email an email or document can have only a single retention label assigned to it at a time so here you see the retention labels applied to the which content retention policies are used to assign the same retention settings to content at a site level or mailbox level a single policy can be applied to multiple locations or to specific locations or users items inherit the retention settings from their containers specified in the retention policy and here you can see the locations where the retention labels are applied so this is similar to how the sensitivity labels work foreign hey this is Andrew Brown from exam Pro and we're talking about records management so what is records management it's an organization's process of managing an organization's information throughout its life cycle record management helps organization meeting Regulatory Compliance or legal requirements so a life cycle of a record would look something like this it begins with identifying then classifying storing securing retrieving tracking destroying and ends with preserving a record represents labeled information or content and its life cycle will be managed so Microsoft purview records management includes many features including labeling content as a record migrating and managing retention plans with file plan manager establishing retention and deletion policies within the record label triggering event-based retention reviewing and validating disposition proof of Records deletion exporting information about disposed items and setting specific permissions for record manager functions in the organization label content applies the following controls risk restrictions are put in place to block certain activities activities are logged and proof of disposition is kept at the end of the retention period so that's records management hey this is Andrew Brown from exam Pro and we're taking a look at data loss prevention so organizations need to prevent data loss by detecting risky behavior and preventing the improper sharing of sensitive information Microsoft purview data loss prevention so DLP is a way to protect sensitive information and prevent its unintentional disclosure with DLP policies admins can identify Monitor and automatically protect sensitive information across Microsoft 365 including OneDrive for business SharePoint online Microsoft teams and exchange online help users learn how compliance Works without interrupting their workflow admins can also view DLP reports showing content that matches the organization's DLP policies so DLP policies are composed of conditions that the content must match before the rule is enforced actions that the admin wants the rule to take automatically when content that matches the conditions has been found and locations where the policy will be applied so a policy can contain one or more rules and each rule consists of conditions and actions at a minimum for each rule when the conditions are met the actions are taken automatically rules can be grouped into one policy to help simplify management and Reporting so here's a diagram that shows how multiple rules each with their own conditions and actions are grouped into a single policy so we have multiple rules here rule one rule two Rule n Etc and each of them have their own conditions and actions and it's all grouped into a single policy moving on to inpoint data loss prevention so this extends the activity monitoring and protection capabilities of DLP to sensitive items that are physically stored on Windows 10 Windows 11 and Mac OS devices and point DLP enables admins to audit and manage activities that users complete on sensitive content so DLP capabilities have been extended to Microsoft teams chat and channel messages including messages in private channels and with DLP administrators can now Define policies that prevent users from sharing sensitive information in a team's chat session or Channel whether it's in a message or a file so so that's DLP hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft purview compliance portal also known as Microsoft 365 compliance Center so this provides easy access to the data and tools you need to manage to your organization's compliance needs to access the compliance portal you will need to have the following roles Global administrator compliance administrator or compliance data administrator some of the key features of compliance portal include compliance score audits activity alerts solution catalog data classification e-discovery Insider risk management and Records management you can access the compliance portal at compliance.microsoft.com so the default compliance portal home page contains several cards including the compliance manager card so this card leads you to the Microsoft purview compliance manager solution the solution catalog cards include information protection and governance these Solutions help organizations classify protect and retain your data where it lives in wherever it goes examples include data life cycle management and data loss prevention then we have privacy this helps you build a more privacy resilient workplace we have Insider risk management these Solutions help organizations identify analyze and remediate internal risks before they cause harm examples include communication compliance and Insider risk management and we have Discovery and respond so these Solutions help organizations quickly find investigate and respond with relevant data some examples are audit and e-discovery we briefly mentioned the Solutions catalog before but it's great to reinforce that knowledge and we have the active alerts card which includes a summary of the most active alerts in a link where admins can view more detailed information such as alert severity status category and more so that's the Microsoft purview compliance portal hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft purview compliance manager which is a feature in the Microsoft purview compliance portal that helps admins to manage an organization's compliance requirements compliance manager helps simplify compliance and reduce Risk by providing for built assessments based on common Regional and Industry regulations and standards including custom assessments to meet compliance needs unique to specific organizations workflow capabilities that enable admins to efficiently complete risk assessments for the organization it provides step-by-step Improvement actions that admins can take to help meet regulations and standards relevant to the organization and it provides a compliance score which is a calculation that helps an organization understand its overall compliance posture by measuring how it's progressing with Improvement actions so here you can see the important sections like Improvement actions Solutions assessments assessment templates and your compliance score which is currently at 69 percent and we'll talk more about the compliance score later so the compliance manager has four key elements that you should have a basic understanding of controls assessments templates and Improvement actions the first is control so a control is a requirement of a regulation standard or policy it defines how to access and manage system configuration organizational process and people responsible for meeting a specific requirement of Regulation standard or policy so compliance manager tracks the following types of controls Microsoft managed controls these are controls for Microsoft cloud services which Microsoft is responsible for implementing there are your controls also known as customer managed controls these are implemented and managed by the organization and share controls so this is the responsibility for implementing these controls as shared by the organization in Microsoft so the next key element are templates and templates help admins to quickly create assessments they can modify these templates to create an assessment optimized for their needs and the next one is Improvement actions this helps centralize compliance activities each Improvement action provides recommended guidance that's intended to help organizations to align with data protection regulations and standards the last key element are assessments so an assessment is a grouping of controls from a specific regulation standard or policy completing the actions within an assessment helps to meet the requirements of a standard regulation or law clicking into an assessment will give you a detailed list of actionable controls as you can see in this image so compliance manager provides many benefits including translating complicated regulations standards company policies or other control Frameworks into a simple language providing access to a large variety of out-of-the-box Assessments and custom assessments to help organizations with their unique compliance needs mapping regulatory controls against recommended Improvement actions providing step-by-step guidance on how to implement the solutions to meet regulatory requirements and helping admins and users to prioritize actions that will have the highest impact on their organizational compliance by associating a score with each action so that's compliance manager hey this is Andrew Brown from exam Pro and we're taking a look at compliance score so compliance score measures progress in completing recommended Improvement actions within controls the score helps organization to understand its current compliance posture it also helps organizations to prioritize actions based on their potential to reduce risk admins can get a breakdown of the compliance score in the compliance manager overview pane so here's a visual showing the compliance score breakdown and these are divided into categories such as protect information control access government information and manage devices so the overall compliance score is calculated using scores that are assigned to actions actions come in two types the first is your improved actions which are actions that the organization is expected to manage and the second are Microsoft actions and these are actions that Microsoft manages for the organization so actions are categorized as mandatory discretionary preventative detective or corrective the first is mandatory so these are actions that shouldn't be bypassed and we have discretionary these actions depend on the user's understanding and adhering to a policy we'll talk about the other three actions in the next slide since they're in a subcategory so organizations accumulate points for every action completed and the compliance score is shown as a percentage representing all the actions completed the visual here shows us the list of improvement actions and for each one that's completed you can gain points which would increase your overall compliance score so for this example you're seeing plus 27 points for all the Improvement actions you've completed so back to the type of actions the following are subcategories of actions that can be classified as mandatory or discretionary so preventative actions are designed to handle specific risks like using encryption to protect data at rest if there were breaches or attacks we have detective actions and these actively monitor systems to identify irregularities that could represent risks or that can be used to detect breaches or intrusions and there's corrective actions so these help admins to minimize the adverse effects of security incidents by undertaking corrective measures to reduce their immediate effect were possibly even reverse damage so that's compliance score and its benefits towards an organization hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft purview Insider risk management which is a solution that helps minimize internal risks by enabling an organization to detect investigate and act on risky and malicious activities So within an organization a broad range of internal risks could occur from unethical behavior and actions by employees and managers some of these examples include leaks of sensitive data and data spillage confidentiality violations intellectual property theft fraud insider trading and Regulatory Compliance violations so The Insider risk management is centered around four principles the first one is transparency so balance user privacy versus organization risk with privacy by Design architecture the second one is configurable so configurable policies based on industry geographical and business groups the third one is integrated so there's integrated workflow across Microsoft purview Solutions and actionable so it provides insights to enable user notifications data investigations and user are investigations so Insider risk management in Microsoft purview uses the following workflow to identify and resolve internal risk activities and compliance issues the first is policies so these are created using predefined templates and policy conditions that Define what risk indicators are examined in Microsoft 365 feature areas next we have alerts so alerts are automatically generated by risk indicators that match policy conditions and are displayed in the alerts dashboard this dashboard enables a quick view of all alerts needing review open alerts over time and alert statistics for the organization then we have triage which are new activities that need investigation automatically generate alerts that are assigned and needs review status we have investigate so cases are created for alerts that require deeper review and investigation of the details and circumstances around the policy match and the last one is action so reviewers can immediately act to resolve issues after they've been investigated or they can collaborate with other risk stakeholders in the organization actions can be as simple as sending a notification when employees accidentally violate policy conditions in more serious cases reviewers may need to share The Insider risk management case information with other reviewers in the organization so that's The Insider Risk Management Solutions to protect against internal threats hey this is Andrew Brown from exam Pro and we're taking a look at e-discovery which is a service found within Microsoft purview so e-discovery stands for electronic Discovery and this is the process of identifying and delivering electronic information that can be used as evidence in legal cases so you can use the discovery Tools in Microsoft 365 to search for content in exchange online mailboxes Microsoft 365 groups Microsoft teams SharePoint online OneDrive for business sites Skype for business conversations and jabber teams so Microsoft purview provides us with three Discovery Solutions the first one is content search which lets you run a search across content the second one is e-discovery standard also known as core Discovery is a workflow to search and Export content and the last one is e-discovery premium also known as advanced ediscovery is an end-to-end workflow to preserve collect review analyze and Export content for internal or external investigation and we'll talk more about these three solutions in the next slide sites so you Discovery standard in Microsoft 365 provides a basic e-discovery tool that organizations can use to search and Export content in Microsoft 365 in office 365. you can use the discovery standard to place an e-discovery hold on content locations such as exchange mailboxes SharePoint sites OneDrive accounts and Microsoft teams nothing is needed to deploy e-discovery standard but there are some prerequisite tasks that an IT admin and e-discovery manager have to complete before your organization can start using e-discovery standard to search export and preserve content so those requirements would be things like the initial setup you'll need to verify and assign appropriate licenses assignee Discovery permissions and create a Core e-discovery case and from there you can use the create and e-discovery hold feature search for content and Export and download search results so let's take a closer look here at content search to perform a Content search you can create a new search specify the locations and provide the keywords and conditions keep in mind that if you leave the keywords blank it will return all items with the conditions so I just want you to notice a few things here in the visuals here you can create a new search and you can search by ID list here we have our location that we can turn on or off so we have exchange Point SharePoint ad exchange you could also search within a hold so you have your keywords here you can leave that blank and they have a long list of conditions that you can choose from here moving on to e-discovery holds so a whole preserves content that might be relevant to a specific e-discovery case you can place a hold in basically the same locations we've mentioned before so exchange mailboxes OneDrive for business Microsoft teams Office 365 groups and Yammer groups the content is preserved until you remove the content location from the holder until you delete the hold and after you create an e-discovery hold it may take up to 24 hours for the hole to take effect taking a look at e-discovery premium formerly Advanced e-discovery so a discovery premium workflow Builds on the existing e-discovery standard workflow it is an end-to-end workflow to preserve collect review analyze and Export content that's relevant to your organization's internal and external investigations it also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case so the built-in workflow of e-discovery Premium aligns with the electronic Discovery reference model edrm which is a framework that outlines standards for recovery and discovery of Digital Data so the workflow would essentially look something like this add custodians to a case search custodial data sources for data relevant to the case add data to a review set review and analyze data in a review set and Export and download case data so that's the discovery and its types of solutions and capabilities hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft purview auditing Solutions so what is an audit it's the investigating of a security events forensic investigations internal investigations and compliance obligations and audit would involve capturing recording and retaining a unified audit log so Microsoft 365 has two auditing Solutions the first one is audit standard formerly known as basic audit and this is enabled by default it provides thousands of searchable audit events it has a 90-day audit record retention you can export audit records to a CSV file you can use the audit Search tool in the Microsoft compliance portal it provides access to audit logs via Office 365 management activity API you can also use it in Powershell with the search Unified audit log commandlet the second auditing solution is audit premium formerly known as advanced audit so this includes all of the audit standard features but it provides audit log retention policies it has longer retention of audit records it has as high value and crucial events and has higher bandwidth to The Office 365 management activity API so those are the Microsoft purview auditing Solutions you'll need to know hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft priva and privacy risk management so organizations must adopt a privacy by default policy to meet regulatory requirements and build customer trust Microsoft priva helps you achieve your privacy goals by addressing issues like helping employees adopt sound data handling practices and training them to spot and fix issues understanding the potential risks and the amount and type of personal data they store and share and fulfilling data subject requests or subject rights requests efficiently and on time previous capabilities are available through two solutions first we have priva privacy risk management which provides visibility into your organization's data and policy templates for reducing risks we'll talk more about this in the next slide and there's previous subject rights requests which provides Automation and workflow tools for fulfilling data requests so Microsoft priva helps you understand the data your organization stores by automating discovery of personal data assets and providing visualizations of essential information the overview dashboard provides an overall view into your organization's data in Microsoft 365 privacy administrators can monitor Trends and activities identify and investigate potential risks involving personal data and springboard into Key activities like policy management or subject rights request actions the data profile page in preva provides a snapshot view of the personal data your organization stores in Microsoft 365 and where it lives it also gives insight into the types of data you store priv evaluates your organization's data stored in the following Microsoft 365 Services exchange online SharePoint online OneDrive for business and Microsoft teams privacy risk management policies are meant to be internal guides and can help you detect over exposed personal data so that users can secure it spot and limit transfers of personal data across departments or Regional borders and help users identify and reduce the amount of unused personal data that you store so that's Microsoft private and the Privacy risk management Concepts hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft's privacy principles so Microsoft's approach to privacy is built on the following six principles the first one is control so Microsoft States we will put you in control of your privacy with easy to use tools and Clear Choices the second is transparency so we will be transparent about data collection and use so you can make informed decisions the third is security we will protect the data you entrust to us through strong security and encryption the next one is strong legal protections we will respect your local privacy laws and fight for legal protection of your privacy as a fundamental human right the fifth principle is no content-based targeting we will not use your email chat files or other personal content to Target ads to you and the last principle is benefits to you Microsoft States when we do collect data we will use it to benefit you and to make your experiences better so those are Microsoft six privacy principles briefly summarized hey this is Andrew Brown from exam Pro and we're going to take a look at an overview of Microsoft purview we'll be going through the main components of the Microsoft purview that you'll see on the exam you can reach the Microsoft purview compliance portal at compliance.microsoft.com or alternatively you can find it at the all admin Center Page in the Microsoft 365 admin Center under the name compliance so in general the Microsoft purview compliance portal is for managing compliance needs using Integrated Solutions to help protect sensitive info manage data life cycles reduce Insider risks Safeguard personal data and more one of the key components of the Microsoft purview is the compliance manager the compliance manager has a feature called compliance score which measures your progress in completing recommended actions that help reduce risks around data protection and Regulatory standards Microsoft purview calculates your compliance score based on your organization beside the compliance score the system tells you the key Improvement actions you can complete to improve the compliance score let's click into it so here we see a list of improvement actions that grant us points that improve our compliance score you can filter out regulations Solutions groups categories and more to find the Improvement action you're interested in for example we can click on enable self-service password reset so here Microsoft recommends that your organization enables self-service password reset to allow users who have either forgotten their password or whose account has been locked out as a result of malicious attempts so we'll click on assign action we'll select a user and assign the action to that user next you'll need to click on launch now now we're at the Azure active directory admin Center password reset page so we'll click on all to enable self-service password reset and save the changes to take effect the process of calculating and updating the points in compliance score may take up to 24 hours so in the data classification section the key things here would be sensitivity labels these let you classify and protect your organization's data while making sure that user productivity and their ability to collaborate isn't hindered the next thing we'll look at are reports and here you can view status and trends for the compliance of your Microsoft 365 devices data identities apps and infrastructure the next thing we'll look at is the solution catalog so here you can discover learn about and start using the intelligent compliance and Risk Management Solutions available to your organization the solution catalog is categorized into cards and further divided into subcategories based on your needs for example we have information protection and governance then there are four other subcategories such as data lifecycle management data loss prevention information protection and Records management there are a few more listed below like privacy Insider risk management and Discovery and response another important component of Microsoft purview is audit an audit can be used when you need to find out if a user deleted a document or if an admin resets someone's password you can search The Office 365 audit log to find out what the users and admins in your organization have been doing you'll be able to find activity related to email groups documents permissions directory services and much more next we have Microsoft purview e-discovery in Microsoft purview provides a basic e-discovery tool that organizations can use to search and Export content in Microsoft 365 in office 365. you can also use the discovery to place an e-discovery hold on content locations such as exchange mailboxes SharePoint sites OneDrive accounts and Microsoft teams there are three types of e-discovery standard premium and user data search next we have information protection you can Implement capabilities for Microsoft purview information protection to help you discover classify and protect sensitive information wherever it lives or travels then we have Insider risk management so this helps address risks in the modern workplace you can detect risky activity like sensitive data leaks and theft security policy violations and health record access get insights into potential Insider risks an Insider risk analytics helps quickly identify potential risks in your org and recommends policies to address them collaborate on investigations seamless workflows allowed to teams across your org to work together on reviewing and taking action on potential risks built with privacy in mind protect users privacy by pseudonymizing their names across all Insider risk features so those are some of the key important components of Microsoft purview hey this is Andrew Brown from exam Pro and we're taking a look at the pricing models for Microsoft cloud services starting with Cloud solution provider abbreviated as CSP so the CSP program helps you be more involved in your customers businesses Beyond reselling licenses and may include the following benefits deeper customer engagements so you can meet with customers on a regular basis to gain a better understanding of their business and demands you can get increased profits so increasing your support in Billing Services whether directly or through a third party source and opens up new revenue streams the CSP program adds value you'll be able to offer customers industry-specific Solutions bundled with Microsoft products and it provides managed services so you'll be well positioned to meet customer demand for managed Services the CSP program provides a pay-as-you-go subscription model with per user per month pricing that enables your business to scale up or down from month to month as your needs change so there are two models in the CSP program there's the indirect model and the direct Bill model for the indirect model you may consider this model if you want to provide more services to your customers but need some infrastructure support for services like billing the indirect model is a two-tier selling approach through indirect providers and indirect resellers and direct providers offer billing customer service and technical support during the sales cycle and post deal closing they handle a lot of the backend processes enabling the indirect reseller to focus on finding and closing deals indirect providers typically are large well-vetted companies and the indirect model your organization would likely be an indirect reseller so indirect resellers are responsible for finding customers and selling and due to the support from indirect providers you can focus on selling and growing your customer base looking at the direct model so you may consider the CSP direct model if your business already has or is intending to develop appropriate sales billing and support infrastructure in the direct model partners by Microsoft products and subscriptions directly from Microsoft and sell them to their clients through their own sales staff you should meet the following requisites you'll require an active Microsoft partner network ID for the location you're enrolling in you should have an existing customer support infrastructure you'll require an existing customer billing infrastructure and you'll need funds to invest in technical integration and support Readiness so that's the Cloud solution provider program and the two models offered indirect model and direct build model hey this is Andrew Brown from exam Pro and we're taking a look at another pricing model for Microsoft cloud services called Enterprise agreement so the Microsoft Enterprise agreement is designed for businesses looking to license software and cloud services for at least three years it provides built-in savings ranging from 15 to 45 percent and the Enterprise agreement offers the best value to organizations with 500 or more users or devices so it's really cost effective for more larger sized organizations some of the benefits of Enterprise agreement include it's manageable so it gives you the flexibility to buy cloud services and software licenses under a single organization-wide agreement you can choose from Microsoft cloud services on premises software or a mix of both and migrate on your own terms the software Assurance provides your company with 24x7 technical support planning services and user and Technical Training and Innovative Technologies and you can manage licensing throughout the life of your agreement with the help of a Microsoft certified partner or a Microsoft representative so that's the Microsoft Enterprise agreement Andrew Brown from exam Pro and we're taking a look at the billing and billing management options in Microsoft 365. so a billing account is created when you sign up to try or buy Microsoft products at Cloud settings invoices payment methods and purchases are all managed through your billing account so these are the current types of billing accounts available in the Microsoft 365 admin Center the first one is the Microsoft online services program so this billing account is created when you sign up for a Microsoft 365 subscription directly the second one is the Microsoft products and services agreement program and this Billy account is created when your organization signs an mpsa volume licensing agreement to purchase software and online services and the third one is the Microsoft customer agreement so this billing account is created when your organization works with a Microsoft representative and authorized partner or purchases independently moving on to the Bill management section so Microsoft 365 billing is managed from the Microsoft 365 admin Center you can manage the subscriptions view billing statements update payment methods change your billing frequency and more in the admin Center the following describes what can be reviewed and modified in the Microsoft 365 admin Center so you can upgrade renew reactivate or cancel subscriptions view the number of purchase licenses and how many of those licenses are assigned to individual users for each service view a bill invoice and pass billing statements you can modify payment methods like updating deleting replacing and adding other types of payment modify your billing frequency to monthly or annual billing you can buy and manage other services or features So based on your Microsoft 365 subscription you can add on things like Microsoft Defender for Office 365 Microsoft teams calling plan and more you can also manage your billing notification emails and invoice attachments like the list of email accounts of who should receive automated billing notifications so that's the billing and Bill management options for Microsoft 365. hey this is Andrew Brown from exam Pro and we're taking a look at billing profiles in Microsoft 365. so a billing profile contains a payment method built-in information and other invoice settings such as purchase order number and email invoice preference you use a billing profile to pay for the products that you buy from Microsoft a billing profile is automatically created when a user makes a self-service purchase and each billing profile is invoiced separately so here's a table listing all of the billing profile roles and describing what they do roles on billing profiles have permissions to control purchases and you can view and manage invoices so you would assign these roles to users who track organize and pay invoices for example you can assign certain members of your Finance team the role of a billing profile contributor the first role we have is billing profile owner so you can manage everything for a billing profile the second role is billing profile contributor so you can manage everything except permissions in a billing profile the third role is billing profile reader with this role you can read only view of everything in a bill billing profile and the last role is invoice manager this role lets you view and pay bills and has a read-only view of everything in a billing profile so those are the billing profiles in Microsoft 365. hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft 365 subscription plans Microsoft 365 has a lot of different subscription plans to Target the right people or organization of any size and within the subscription plans there may be different tier levels so it can be a lot to take in but we'll provide a brief overview of them so the following list describes the subscription Plans offered we have Microsoft 365 for home and this consists of Microsoft 365 personal and Microsoft 365 family personal is for a single person with multiple devices and family is for up to six people we have Microsoft 365 education and this is for educational institutions it has two subscription plans for faculty and students that include different features A1 A3 and A5 Microsoft 365 government is for government institutions and it has two subscription plans that include different features G1 G3 and G5 Microsoft 365 business is for small to medium-sized organizations that have up to 300 employees it has four subscription tiers that include different features Apps for business business basic business standard and business premium Microsoft 365 for Frontline workers is designed to empower Frontline workers and optimize Frontline impact it has three subscription tiers that include different features F1 F3 and F5 and we have Microsoft 365 Enterprise so this is for Enterprise size organizations and has four subscription tiers that include different features apps for Enterprise E3 E5 and F3 your organization can also choose from three Office 365 subscription tiers E1 E3 and E5 so those are the Microsoft 365 subscription plans currently available and we'll go over some of the important ones in Greater detail in the next sections hey this is Andrew Brown from exam Pro and we're taking a closer look at Microsoft 365 for business which is designed for small and medium-sized organizations it offers the full set of Office 365 productivity tools and includes security and device management features however it doesn't include some of the more advanced information protection compliance or analytics tools available to Enterprise subscribers it's typically designed for organizations that need up to 300 licenses and as we mentioned before there's four available plans for Microsoft 365 for business so we have apps for business business basic business standard and business premium so looking at a general overview of what each plan has to offer starting off with the lowest cost plan we have Microsoft 365 business basic and so this provides chat call meet up to 300 attendees weapon mobile versions of office apps one terabyte of cloud storage business class email Standard Security and anytime phone and web support the apps and services in this plan include Word Excel PowerPoint teams Outlook Exchange OneDrive and SharePoint the next plant is Microsoft 365 Apps for business and this has essentially everything in business basic including desktop versions of office apps with premium features but it doesn't include things like business class email it also has apps and services like access PC only and publisher Microsoft 365 business standard has everything in business basic including desktop versions of office apps with premium features easily host webinars attendee registration and Reporting tools and manage customer appointments the last plant available is Microsoft 365 business premium which is the most expensive plan and this is everything in business standard including security features like Advanced security access and data control and cyber threat protection it also has apps and services like InTune and Azure information protection so that's all the Microsoft 365 for business subscriptions available and the features each of them include hey this is Andrew Brown from exam Pro and we're taking a closer look at Microsoft 365 Enterprise subscription plans and these plans provide Enterprise class services to organizations that want a productivity solution that includes robust threat Protection security compliance and analytics features like we briefly mentioned before there are three available plans for Microsoft 365 Enterprise there's E3 E5 and F3 which is formerly F1 so the E5 plan is the most expensive plan and it includes all the same features as E3 but it also includes the latest Advanced threat Protection security and collaboration tools and the F3 is designed for first-line workers through purpose-built tools and resources that allow them to do their best work and here you can see the prices of each subscription plan in a brief summary of what they offer so here's a table listing all of the features included in each plan you can see that all the plans fully include M365 apps like PowerPoint Word and Excel email and calendar features like Outlook and exchange device and app manage management features like Windows social and internet features like SharePoint and Yammer files and content features like OneDrive in stream Work Management features like planner to do and power apps and Security Management that E3 and F3 only partially includes things like meets and voice identity and access management information protection and compliance management so that's the Microsoft 365 Enterprise plans hey this is Andrew Brown from exam Pro and we're taking a look at Microsoft 365 licenses so what is a license well a license allows your users to use the features and services included in the subscription plan Microsoft 365 products and services are available as user subscription licenses abbreviated as usls and are licensed on a per user basis so the following list describes the options that are available the first option are full usls and these are for new customers who haven't previously purchased Microsoft products and services the second option or ad on usls and these are for on-premises software customers who want to add Microsoft 365 Cloud products and services the third option are from saus and these are for on-premises software Assurance customers that want to transition to the cloud the last option we have are step up usls and these are for customers who want to upgrade the level of their service and so each user accessing Microsoft 365 products and services is required to be assigned to USL administrators manage licenses in in the Microsoft 365 admin Center they can assign the licenses to individual user or guest accounts now taking a look at the Microsoft 365 add-on licensing options so Microsoft 365 business plans have add-ons that you can purchase for your subscriptions and these add-ons provide more capabilities to enhance your subscription there are currently two types of add-ons available the first type of add-ons are traditional add-ons and these are linked to a specific subscription and if you cancel the subscription the linked add-on is also canceled the second typer Standalone add-ons and these appear as a separate subscription on the your products page within the Microsoft 365 admin Center they have their own expiration date and are managed the same way you would any other subscription so those are the Microsoft 365 licenses and add-on options hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft 365 service life cycle so typically a product or service life cycle has three phases the first phase is private preview then the second phase is public preview and the third phase is General availability abbreviated as GA and when a product or a service retires it reaches the phase end of support so let's take a closer look at these three phases including the end of support looking at private preview so in this phase Microsoft May release a product or service to a limited number of users to test and evaluate new features or functionality this does not come with formal support and users are allowed to sign up to be members but the preview releases it made available to the public next we have public preview and in this phase Microsoft typically releases public previews of products and services before their General availability release to receive feedback from a broad range of users this phase allows users to explore and test upcoming functionality and users may also receive some limited support depending on the product or service service moving on to General availability so after the public preview is completed Microsoft releases the product or service the product or service now becomes available to all customers with formal support known as the release version the products and services in this phase have been through a full development and test life cycle to ensure stability and reliability and with Microsoft 365 new features are added to the products and services periodically taking a look at end of support So eventually older products or retired Services can no longer be supported and these products and services will reach the end of support once a product or service reaches end of support it will no longer receive updates or assisted support customers are encouraged to migrate to the latest version of the product or service so that's the Microsoft 365 service life cycle hey this is Andrew Brown from exam Pro and we're taking a look at the Modern Life Cycle policy for Microsoft 365. so Microsoft 365 is covered by the Modern Life Cycle policy and this covers products and services that are serviced and supported continuously if the following conditions are met products and services governed by the Modern Life Cycle policy will be supported the first condition states that customers are to stay current as per the servicing and system requirements published for the product or service stay current means that customers accept and apply all servicing updates for their products and services the second condition states that customers must be licensed to use the product or service and the last condition states that Microsoft must currently offer support for the product or service also under the Modern Life Cycle policy Microsoft gives a minimum of 12 months notice before ending support for products so that's a quick overview of the Modern Life Cycle policy foreign hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft 365 roadmap portal which is typically used for organizations to plan for the future Microsoft regularly includes updates for its products and services in the Microsoft 365 roadmap the roadmap is the central location for business decision makers at professionals and anyone else who's interested to see what's coming next it was created to help you plan communicate changes and take full advantage of your Microsoft 365 subscription so the visual on the right simply shows the layout of the Microsoft 365 roadmap here you can search for specific items you're interested in filter the items based on product release phase platform and More You could also view which items are currently in development the ones that are rolling out and launched so the roadmap displays feature cards that include the title status release dates product category platform and Cloud instance the roadmap also groups the features into three update phases the first update phase is called in development the second is rolling out and the last phase is lodged the following list describes what the Microsoft 365 roadmap allows you to do you can search by product keyword or feature ID filter by product release phase Cloud instance platform or new or updated sort by General availability date or newest to oldest it lets you download the current features in development as a CSV file you can view additional information about each update use the RSS feed to be notified of feature updates in real time and you can share an entire roadmap page or email a single feature to find out what features and functionality are coming navigate to microsoft.com www.microsoft 365 roadmap hey this is Andrew Brown from exam Pro and we're taking a look at the Microsoft roadmap portal we'll be looking at some of the key features and things you can find in the Microsoft roadmap portal so in general the Microsoft 365 roadmap lists updates that are currently planned for applicable subscriber and provides estimated release dates and descriptions for commercial features you can get the latest updates on their Best in Class productivity apps and intelligent cloud services so on this page you can search for a specific item that you're interested in you can filter the items below to however you want and the products filter there is a very large list of Microsoft products you can choose from such as Microsoft 365 Microsoft 365 admin Center Microsoft 365 compliance Center teams and many more you can filter based on release phase such as general availability or targeted release you can also filter based on the type of platforms such as Android desktop iOS mac and more there's also the cloud instance and new or updated ones too there's the option to filter based on ethereum development which are updates that are currently in development and testing rolling out which are updates that are beginning to roll out and are not yet available to all applicable customers or launched which are fully released updates that are now generally available for applicable customers you can filter in any sort of combination you prefer so let's look at one example here so this is called Microsoft 365 admin Center groups group driven membership management we can see that this is currently in development so you'll be given a bunch of information on this specific update this includes a description of the update the feature ID 83113 the data was added to roadmap and the data was last modified it'll provide you with the product Microsoft 365 admin Center the Cloud instances GCC High DOD GCC worldwide platform webbit and release phase General availability so there's a large list of updates here and you can narrow it down using filters according to your preferences so that's a quick overview of the Microsoft 365 roadmap portal hey this is Andrew Brown from exam Pro and we're taking a look at the Support options for Microsoft 365 services so administrators and users in your organization may have difficulty resolving issues on their own it's reassuring to know that they can get help with Microsoft 365 Services anytime they need it through a variety of Support options the support option chosen to deal with a particular issue depends on the tool or service where the issue has arisen the type of subscription your organization uses and the kind of support your organization needs so here's a list of ways your organization can get access to support the first is through community-based support this is where the Microsoft 365 Tech Community provides community-based support for your organization allowing you to collaborate with others and solve challenges then we have proactive support so your organization can install the Microsoft support and recovery assistant to help identify Problems by running tests and offer the best solution for those problems then we have web chat email and phone support So your organization can submit issues to Microsoft support for technical billing and subscription support via email online web chat or phone we have pre-sale support your organization is provided with assistance on subscription features benefits and your purchasing decision for Microsoft 365 Services then there's Fast Track This is where your organization can connect with expert Microsoft Engineers project managers and resources to help deploy Microsoft 365 services and resolve issues then we have Premier support for Microsoft 365. so your Enterprise organization can receive on-site support a dedicated technical account manager and access to advisory Services the last support option is you can get support through a Microsoft partner this is where your organization can get support directly through a certified Microsoft 365 partner so that's the Support options for Microsoft 365 services hey this is Andrew Brown from exam Pro and we're taking a look at how to create a support request so if you need help with using Microsoft 365 you can create a support request through the Microsoft 365 admin Center here is a visual showing the Microsoft 365 admin Center and here you would navigate to the support section and click on new service requests to create one the second visual here simply shows the service request history so you would click on view service requests and you can see the history of what service requests you submitted before and you can check on the status of the service requests for any replies so the following steps describe how to create a support request as an administrator the first step is to sign into the Microsoft 365 admin center with your Microsoft 365 admin account in the left navigation menu select show all to expand the rest of the options select support to expand the Support options select new service request so you've seen these steps so far from the visuals on the previous slide now on the right a support window will open where you can enter your support question and view the results that's the visual on the right here showing it and if the recommended instructions or articles don't answer your questions select on the headset iCloud at the top or select contact support at the bottom to contact technical support still in the required information like title description preferred contact method Etc and select contact me and a support agent will contact you so those are the instructions on how to create a support request hey this is Andrew Brown from exam Pro and we're taking a look at the service level agreement Concepts abbreviated as SLA in Microsoft 365. so Microsoft 365 Services guarantees level of service for your organization in a detailed legal agreement referred to as a service level agreement Microsoft details its commitment to provide and maintain agreed service levels for M365 Services through its Microsoft online services agreement your organization can also take advantage of the service level agreement with your cloud service provider note that the guarantees of service provided for Microsoft 365 services will vary between cloud service providers so Microsoft's online service level agreement introduces several Concepts the first one is incident and this is a set of events or single event that results in downtime the second one is uptime this is the total time your services are functional the next one is downtime and the definition of downtime depends on the relevant service for example with Microsoft teams any period of time where users are unable to initiate online meetings see present statuses or unable to instant messages considered downtime your downtime reduces the total time your services are functional then we have claim so a claim raises information about an incident and your organization is responsible for submitting a claim on an incident the next concept is an important one called service credit and so service credits are submitted by the organization's admin if the claim is successfully approved by Microsoft your organization will receive service credits the service credit will be the percentage of the total monthly fees your organization paid for the month where you experience downtime then we have service level and this is the performance metric set forth in the SLA that Microsoft agrees to meet in the delivery of the services and the last concept is uptime agreement and the uptime agreement is defined by the monthly uptime percentage which we'll explain a bit more in the next slide so downtime is any period of time when office applications are put into reduced functionality mode due to an issue with Office 365 activation and the monthly uptime percentage is typically calculated using the following formula but this may not apply to every service so user minutes minus downtime divided by user minutes times 100 where downtime is measured in user minutes that is for each month downtime is the sum of the length of each incident that occurs during that month multiplied by the number of users impacted by that incident the percentage of service credit your organization can receive is linked to your monthly uptime percentage for example if downtime has resulted in a monthly uptime percentage lower than 95 percent your organization could receive a 100 percent service credit and the table here describes the monthly uptime percentage and corresponding service credit so if the monthly uptime percentage is less than 99.9 percent you could get 25 service credit if the monthly uptime percentage is less than 99 you could get 50 service credit and if it's less than 95 percent you could get 100 service credit so your organization should always review all service level agreements and ask questions including the following list if you're using a cloud service provider how does it determine service levels and whether they're achieved or not who is responsible for reports how can your organization access reports are there any exceptions in the agreement what does the agreement say about both unexpected and scheduled maintenance what does the agreement say about what happens if your infrastructure goes down because of an attack what about natural disasters and other situations outside of your control does the agreement cover not Microsoft service or system failures what are the limits to the cloud service provider's liability in the agreement so that's the overview of SLA hey this is Andrew Brown from exam Pro and we're taking a look at the health status of Microsoft 365 services so the Microsoft 365 admin Center allows your organization's administrators to see the current health status of each of your Microsoft 365 services and tenants they can view the history of services that have been affected in the last 30 days and information about current outages or disruptions to Services viewing the health can help you figure out whether you're dealing with a known issue that has a solution in progress you can go to Select Health under the left navigation pane then service Health to access it so if your organization is experiencing a service issue your administrators can report it by going to reported issues select report and issue and complete a short form administrators can view specific details about service issues selecting incidents or advisories your organization can set up notifications for any new incidents or for updates to any active incidents that might affect your organization Microsoft provides two different types of notifications the first one is unplanned downtime this is where in incident has caused a service to become unresponsive or unavailable and the second one is plan maintenance where Microsoft regularly carries out service updates to the software and infrastructure that runs Services Microsoft also analyzes unplanned service incidents for you through post-incident reviews you'll receive a preliminary review within the first two days of incident resolution and a final review within five business days the final post incident reviews will detail the following information how you might have been impacted and how the user experience was impacted a date and time breakdown detailing when an incident started and when it was resolved and an analysis of the root cause and what actions are to be carried out to prevent the incident in the future so your organization can keep track of the health status of services in different ways first we have admin app this lets you view and stay up to date with the health status of the services on the go then we have Microsoft System enter which allows you to view all service Communications from within system center if your organization has the Office 365 management pack and API you can use the Office 365 service Communications API to create or use tools that can connect and monitor the service status for you in real time to protect and keep your organization's data available Microsoft does the following data storage redundancy so Microsoft stores your data through multiple levels of redundancy using data replication and secure data protection capabilities monitoring data so your databases are monitored for you and your data is monitored packet loss latencies and queries and more preventative measures so Microsoft regularly carries out checks for database consistency reviews of error logs and more so that's an overview of the health status of Microsoft 365 services hey this is Andrew Brown from exam Pro and we're taking a look at how organizations can communicate with Microsoft about product and service improvements so Microsoft has various channels for you to submit feedback about Microsoft 365 products and services for example if you're using feedback which is the community feedback web portal you can submit new feedback directly within the web portal you can participate in existing feedback by voting or commenting on existing topics and you can review feedback you've submitted it's impact and Status by viewing official responses from the Microsoft product teams so the following list describes the ways you can communicate directly with Microsoft feedback and product experiences Windows feedback Hub Microsoft Tech Community Microsoft store and user voice forums use these sites to share your ideas and contribute to the Improvement of Microsoft products and services for your company and other users around the world taking a look at feedback in Greater detail so the community feedback portal lets you tell Microsoft about any problems you run into while using Microsoft 365 Community feedback allows you to browse or vote on feedback from the community community feedback is publicly displayed within different forums and your username will be displayed by feedback you submit publicly or comments you provide looking at the visual here you can select which service you're interested in or have feedback for and click into it in this case it's Microsoft teams and so you'll see lots of posts from the community about improvements and feedback and you can send your own feedback as well navigate to feedbackportal.microsoft.com to access it taking a closer look on submitting feedback selecting a form allows you to see all feedback related to that product and you can upvote or comment on feedback that matches yours if you don't see feedback that is similar to your own you can submit new feedback through the portal itself here are some guidelines for good feedback make your title concise and descriptive this will help others find and upvote your feedback send one thought per feedback information about your device operating system and applications are automatically included in each reported feedback back taking a look at the Microsoft Tech Community which is a place to interact with it Pros developers and end users along with Microsoft the focus of the site was initially on Office 365 but now encompasses Azure Enterprise Mobility Plus security and many other Microsoft Technologies communities are for different Microsoft products and solutions members can join communities that interest them navigate to techcommunity.microsoft.com to access it here are some of the benefits of participating in the Microsoft Tech Community influence Microsoft with feedback constructive comments and ideas help other members with Solutions or insights on problems learn about best practices new features and get the latest information from Microsoft ask questions and get help from peers access content from special events like Microsoft ignite and the Microsoft tech Summit take part in online events such as ask Microsoft anything and get recognition for overall contributions to the community with member of the week or ranks like super contributor so that's how you can share feedback on Microsoft 365 services for improvements and more Andrew Brown from exam Pro and we're taking a look at how to create and manage technical support cases in the Microsoft 365 admin Center so on the left pane of the Microsoft 365 admin Center portal click on support then click on new service request on the how can we help page provide a description of your problem and the system will provide a list of Articles which could potentially apply to your issue or help solve them the autocomplete function of the search box will pop up the most relevant articles for your case or in some cases a Diagnostics wizard May pop up to further guide you through issue resolution in this example we are requesting support because we are having issues and can't install office this pops up a run diagnostic section and provides an article on how to resolve this issue it provides an explanation on the topic in a step-by-step guide on how to resolve the issue it also provides recommended articles at the end of The Help window if the article suggests it does not meet your needs if the automated help is not sufficient you can click on the headset icon on the top to request assistance from a support agent and open a support case in this case you must provide a title and description of your case you must also provide a telephone number and contact email address and consent to the recording of calls or not afterwards you should choose your preferred method of communication there are four options available chat with a support agent phone with a response time of within five hours email with a response time of within one hour or schedule a callback for a specific date and time we'll go with the option email since it's the most convenient for us you can optionally add attachments to further assist the support agents in troubleshooting your case you have Regional settings where you can provide a time zone and optionally an alternative language of communication other than English after you have provided all information for your new technical case click on the contact me button this will create a new unique support case ID and you should receive confirmation through email to view service requests to view the status of the service requests you have already created browse to support view service requests from this page it provides a list of all your existing service requests as well as your previous service requests you can export all service requests and manage existing service requests by reviewing existing notes or by adding new notes as a response to an action item which has been identified by the support agents this page is the best way to track the progress of your support cases and see the full history of changes carried out while troubleshooting your issue so that's how you can create and manage technical support cases in the Microsoft 365 admin Center\n"