Scribd
Upload
54 views43 pages

MD 100t00 Enu Powerpoint m09

The document provides an overview of malware and threat protection, Microsoft Defender, device encryption features, and connection security rules in Windows. It contains modules that explain these topics in detail and includes knowledge checks to test understanding.

Uploaded by

Aresha Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
54 views43 pages

MD 100t00 Enu Powerpoint m09

The document provides an overview of malware and threat protection, Microsoft Defender, device encryption features, and connection security rules in Windows. It contains modules that explain these topics in detail and includes knowledge checks to test understanding.

Uploaded by

Aresha Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 43

MD-100 Windows Client

Learning Path 8 : Configure


threat protection

© Copyright Microsoft Corporation. All rights reserved.


Explore malware and threat protection

Explore Microsoft Defender

Learning
Path Explore device encryption features

Agenda
Explore connection security rules

Explore advanced protection methods

© Copyright Microsoft Corporation. All rights reserved.


Module 1: Explore malware and threat
protection

© Copyright Microsoft Corporation. All rights reserved.


Module 1: Explore malware and threat protection
• Explain malware
• Determine possible mitigations for malware threats
• Understand phishing scams
• Explain common network-related security threats
• Determine mitigations for network-related security threats

© Copyright Microsoft Corporation. All rights reserved.


Explain malware

• Forms of malware include the


following:
• Computer viruses
• Computer worms
• Trojan horses
• Ransomware
• Spyware

© Copyright Microsoft Corporation. All rights reserved.


Determine possible mitigations for malware threats
• Ensure that you apply all software and operating system updates to your devices.
• Ensure that you install and activate anti-malware software on your devices.
• Ensure that anti-malware definitions are current.
• Avoid risky behavior, such as consuming pirated software or media.
• Avoid opening suspicious email attachments, even if they are from senders that you trust.

© Copyright Microsoft Corporation. All rights reserved.


Understand phishing scams
• Common tricks that cybercriminals use:
• Fake websites
• Fake threats or warnings
• Spoofing companies or people you know

© Copyright Microsoft Corporation. All rights reserved.


Explain common network-related security threats
• Eavesdropping
• Denial of service (DoS) attack
• Port scanning
• Man-in-the-middle (MITM) attack

© Copyright Microsoft Corporation. All rights reserved.


Determine mitigations for network-related security threats

It is important to implement a comprehensive


approach to network security to ensure that
one loophole or omission does not result in
another

© Copyright Microsoft Corporation. All rights reserved.


Knowledge
Check

© Copyright Microsoft Corporation. All rights reserved.


Module 2: Explore Microsoft Defender

© Copyright Microsoft Corporation. All rights reserved.


Module 2: Explore Microsoft Defender
• Explain Microsoft Defender Antivirus
• Understand Firewalls
• Explain Windows Defender Firewall
• Examine network location profiles
• Explain Windows Defender Firewall with Advanced Security

© Copyright Microsoft Corporation. All rights reserved.


Explain Microsoft Defender Antivirus

© Copyright Microsoft Corporation. All rights reserved.


Understand Firewalls

© Copyright Microsoft Corporation. All rights reserved.


Explain Windows Defender Firewall

© Copyright Microsoft Corporation. All rights reserved.


Examine network location profiles

• Windows uses network location


awareness to identify connected
networks uniquely

• Networks can be classified as one of


three network location types:
• Domain
• Public
• Private

© Copyright Microsoft Corporation. All rights reserved.


Explain Windows Defender Firewall with Advanced Security

© Copyright Microsoft Corporation. All rights reserved.


Knowledge
Check

© Copyright Microsoft Corporation. All rights reserved.


Module 3: Explore device encryption features

© Copyright Microsoft Corporation. All rights reserved.


Module 3: Explore device encryption features
• Examine BitLocker
• Evaluate BitLocker and TPMs
• Recover a BitLocker-encrypted drive
• Assess Encrypting Files System

© Copyright Microsoft Corporation. All rights reserved.


Examine BitLocker
BitLocker encrypts the data that is stored on the operating system and
other volumes by:
• Providing offline data protection
• Protecting all data stored on the encrypted volume
• Verifying the integrity of early startup components and boot configuration data
• Ensuring integrity of the startup process

BitLocker To Go allows encryption of removable media such as USB


thumb drives

© Copyright Microsoft Corporation. All rights reserved.


Evaluate BitLocker and TPMs
• TPM mode:
‒ Locks the normal startup process until a user optionally supplies a personal PIN and/or inserts a USB
drive that contains a BitLocker startup key
‒ Performs system-integrity verification on startup components

• Non-TPM mode:
‒ Uses Group Policy to allow BitLocker to work without a TPM
‒ Locks the startup process similar to TPM mode, but the BitLocker startup key must be stored on a
USB drive
‒ Alternatively use a password

© Copyright Microsoft Corporation. All rights reserved.


Recover a BitLocker-encrypted drive

When a BitLocker-enabled computer The BitLocker recovery key:


starts: • Is a 48-digit key that unlocks a system in
• BitLocker checks the operating system for recovery mode
conditions that indicate a security risk • Is unique to a particular BitLocker
• If a condition is detected: encryption:
‒ BitLocker enters recovery mode and keeps the ‒ Can be stored in AD DS
system drive locked ‒ If stored in AD DS, search for it by using either the
‒ The user must enter the correct recovery key to drive label or the computer’s account
continue

© Copyright Microsoft Corporation. All rights reserved.


Assess Encrypting Files System
• Encryption of files based on user
• Part of NTFS
• More Complex to Implement
• Scenarios
‒ Protecting files on shared computers
‒ Protecting files from privileged users
‒ Sharing encrypted files with specific users

© Copyright Microsoft Corporation. All rights reserved.


Knowledge
Check

© Copyright Microsoft Corporation. All rights reserved.


Module 4: Explore connection security rules

© Copyright Microsoft Corporation. All rights reserved.


Module 4: Explore connection security rules
• Explain IPSec
• Explain connection security rules
• Explore authentication options
• Monitor security policies and active connections

© Copyright Microsoft Corporation. All rights reserved.


Explain IPSec
• Is a suite of protocols that allows secure, encrypted communication between two computers
over a unsecured network
• Has two goals: packet encryption and mutual authentication between systems
• Enables sending and receiving computers to send secured data to each other
• Secures network traffic by using encryption and data signing
• Uses policies to define the type of traffic that IPsec examines, how that traffic is secured and
encrypted, and how IPsec peers are authenticated

© Copyright Microsoft Corporation. All rights reserved.


Explain connection security rules
Connection security rules involve:
‒ Authenticating two computers before they begin
communications
‒ Securing information that is sent between two computers
‒ Using key exchange, authentication, data integrity,
and data encryption (optionally)
How firewall rules and connection rules are related:
‒ Firewall rules allow traffic through, but do not secure
that traffic
‒ Connection security rules can secure the traffic,
but depend on a firewall rule to allow traffic through
the firewall

© Copyright Microsoft Corporation. All rights reserved.


Explore authentication options
When using the New Connection Security Rule Wizard to create a new rule, you use the
Requirements page to choose one of the following:

Option Description

Request authentication for inbound and Ask that all inbound/outbound traffic be authenticated, but allow
outbound connections the connection if authentication fails

Require authentication for inbound connections • Require that inbound traffic be authenticated, or it will be
and request authentication for outbound blocked
connections • Outbound traffic can be authenticated, but will be allowed if
authentication fails

Require authentication for inbound and Require that all inbound/outbound traffic be authenticated, or
outbound connections the traffic will be blocked

© Copyright Microsoft Corporation. All rights reserved.


Monitor security policies and active connections

© Copyright Microsoft Corporation. All rights reserved.


Knowledge
Check

© Copyright Microsoft Corporation. All rights reserved.


Module 5: Explore advanced protection
methods

© Copyright Microsoft Corporation. All rights reserved.


Module 5: Explore advanced protection methods
• Explore the Security Compliance Toolkit
• Use Applocker to control applications
• Use AppLocker to control Universal Windows Platform apps
• Secure data in the enterprise
• Understand Microsoft Defender for Endpoint

© Copyright Microsoft Corporation. All rights reserved.


Explore the Security Compliance Toolkit
The key features of Security Compliance Toolkit include:
• Security baseline management features to manage the security and
compliance process efficiently
• Baselines that are based on Microsoft security guide recommendations
and industry best practices
• Compare GPOs with current settings using the Policy Analyzer tool

© Copyright Microsoft Corporation. All rights reserved.


Use Applocker to control applications
• AppLocker is a security feature that enables you to specify exactly what applications are
allowed to run on user PCs and devices
• Benefits of AppLocker:
‒ Controls how users can access and run applications
‒ Ensures that user PCs and devices are running only approved, licensed software

© Copyright Microsoft Corporation. All rights reserved.


Use AppLocker to control Universal Windows Platform apps

• Configurable in Group Policy

© Copyright Microsoft Corporation. All rights reserved.


Secure data in the enterprise
• Windows Device Health Attestation
• Windows Information Protection
• VPN Profiles

© Copyright Microsoft Corporation. All rights reserved.


Understand Microsoft Defender for Endpoint
• Windows Defender Application Control
• Microsoft Defender Device Guard
• Microsoft Defender Credential Guard
• Microsoft Defender Application Guard
• Microsoft Defender Exploit Guard

© Copyright Microsoft Corporation. All rights reserved.


Knowledge
Check

© Copyright Microsoft Corporation. All rights reserved.


Practice Labs

Configuring Microsoft Configuring Firewall and Configuring and


Defender Antivirus and Connection Security Troubleshooting BitLocker
Windows Security

© Copyright Microsoft Corporation. All rights reserved.


Learning Path Review

© Copyright Microsoft Corporation. All rights reserved.


© Copyright Microsoft Corporation. All rights reserved.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy