Previous

Next

Summary and knowledge check

Completed

In this module, you learned how Microsoft 365 proactively monitors information system assets for vulnerabilities, assesses the risks associated with discovered vulnerabilities, and remediates them in a timely manner.

Now that you have completed this module, you should be able to:

• Describe Microsoft's Assume Breach strategy in the context of vulnerability management and security monitoring.
• Explain machine state scanning and the components of PAVC in Microsoft 365.
• Describe how Microsoft 365 proactively patches its systems.
• List how Microsoft 365 anti-malware tools detect and prevent malware execution.
• Explain how Microsoft 365 detects and remediates vulnerabilities and security misconfigurations.
• Describe how Microsoft 365 uses security monitoring to detect and respond to attacks at scale.
• List the attack simulation and penetration testing activities used to validate the security posture of Microsoft 365.

Check your knowledge

1.

Which of the following statements about internal penetration testing is correct?

Red Team attackers target customer tenants in Microsoft 365.

The Blue Team works to detect, prevent, and respond to Red Team attacks using the security incident response process.

The Blue Team attempts to discover and exploit vulnerabilities in Microsoft 365 to simulate attacks by real-world attackers.

2.

How often are vulnerability and configuration scans performed on Microsoft 365 endpoints?

Weekly

Daily

Monthly

3.

What methods does Microsoft 365 use to detect malware?

Signature-based scans and pattern-based scans

Pattern-based scans and vulnerability scans

Vulnerability scans and signature-based scans

You must answer all questions before checking your work.

Continue