Understand Microsoft 365 security incident management

Beginner
Auditor
Privacy Manager
Risk Practitioner
Microsoft 365

Learn how Microsoft 365 investigates, manages, and responds to security concerns to protect customers and the Microsoft 365 cloud environment.

Learning objectives

Upon completion of this module, you should be able to:

  • Describe Microsoft’s Assume Breach Strategy and Defense-in-Depth approach to security.
  • Explain how Microsoft defines a Security Incident, the federated model that Microsoft uses for Security Incident Response across the organization, and how customers and Microsoft share responsibility for security in the cloud.
  • Describe how Microsoft prepares to deal with security issues through training, testing, and knowledge sharing.
  • Describe how the Security Incident Response team detects and analyzes potential security issues.
  • Describe how issues are contained, eradicated, and how recovery is handled.
  • Describe how Microsoft incorporates lessons from security incidents into our processes and procedures.
  • Explain how and when Microsoft will notify your organization in the event a Security Incident affects your tenant.

Prerequisites

None