Welcome to Gitbit

One day, I had a customer ask me to find unused licenses in Microsoft 365. After a few weeks of manual digging, we uncovered over 200 accounts that were licensed but hadn't signed on, or were simply disabled. So I thought, there has to be a better way.

Then, I realized I could grab all the information I needed through Microsoft Graph. That's when Gitbit was born.

Go to https://www.gitbit.org to get started discovering inactive users and reclaim wasted licenses in minutes. No complications, no guesswork.

Not ready to get started. Read up on Microsoft at Gitbit Docs Want to stay informed about Microsoft subscribe

Lessons

• Is the MS-500 worth it?
• Creating a free Microsoft 365 tenant for practice
• Managing the Microsoft 365 tenant - Introduction to the admin centers
• Managing Microsoft 365 through PowerShell
• How to create users in Microsoft 365 Cloud Only
• Creating and managing admins through roles
• What's AD Connect
• Time limited admin roles in Microsoft 365
• Protecting Passwords in Microsoft 365
• Creating and managing users through groups
• Securing and implementing enterprise applications
• What's a conditional access policy?
• The many ways to implement multi-factor authentication (MFA) in Microsoft 365
• Implement Self-service password reset in Microsoft 365
• Locking down your Microsoft 365 tenant from Microsoft engineers
• Implementing intelligent security using risk policies in Microsoft 365
• Automating Access Review in Microsoft 365
• Just in time, approval and notification for admin roles in Microsoft 365
• What's Microsoft 365 Defender?
• What's Microsoft Defender for identity?
• What's Microsoft Defender for Office 365?
• Protect your email and Office environment from malicious actors
• Protecting email against phishing attacks
• Simulating attacks with Microsoft 365
• Protecting Windows 10 and other devices with Microsoft Defender for Endpoint
• Implement and manage Microsoft Defender for Cloud Apps
• Collect, detect, investigate, and respond to security threats using Microsoft Sentinel
• Auditing sign-ins and other actions in Microsoft 365
• How to classify data using labels in Microsoft 365
• Creating and managing data retention to conform to compliance
• Preventing accidental and malicious data loss with DLP policies
• Everything you need to know about securing SharePoint Online for the MS-500
• Introduction to Intune
• Setting up Android Devices
• Setting up Apple / iOS devices in Intune
• Setting up Windows 10 devices in Intune
• How to manage devices using Intune
• Understanding compliance policies
• Restricting and managing apps on user devices

MS-500 Practice Tests and questions

• Control permissions and access through admin roles
  • Assign an admin role to grant a user the ability to set retention policies
  • Which admins can enable Microsoft Defender for Endpoint roles
  • Which role provides User1 with the ability to view ATP reports
  • Which admin centers could you use to view the permissions of an administrator role
  • Which role should you grant the ability to export cases
  • What role can assign Compliance Manager roles?
  • What users can configure and view the user risk and risky user policies
  • How do you assign an admin role
  • ensure that a user named Joe Gruber can perform searches and place holds on mailboxes SharePoint and OneDrive
  • Which role provides a user with the ability to view ATP reports
  • Grant ability to enable and configure Azure AD Privileged Identity Management
  • Role that will give ability to review audit logs
  • What user accounts would User2 be unable to reset passwords?
  • Grant user ability to search through mailboxes but not send from any mailbox
  • What role can assign the reports reader role
  • How to grant user Exchange management role
  • Which role should you assign to grant the ability to view Microsoft Defender for Office 365 reports
• AD Connect
  • What attribute do you edit to configure leaked credentials detection
  • Resolve the issue that generates the automated email messages to the IT team.
  • You've been tasked with protecting the VPN. What do you need to do first?
  • What event logs do you use to troubleshoot AD Connect?
  • Explain the AD Connect settings
  • What is the effect of the AD Connect synchronization settings?
  • What location can you use to troubleshoot the AD Connect sync errors?
  • Which employees can authenticate by using Azure AD? What should you do to remove the warning for pass-through authentication?
  • What User sign-in settings and Device options do you need to configure?
• Time limited admin roles, protecting passwords, and Managing users through groups
  • Where do you go to configure group expiration?
  • How many assigned groups and how many dynamic groups should be created?
  • You need to ensure that all users must change their passwords every 100 days.
  • How do you configure Microsoft 365 to meet the security requirements?
  • How are admins affected by group naming policies?
  • Which users are members of ADGroup1 and ADGroup2?
  • What changes do you need to make time limited admins?
• Conditional access policies
  • Where to check which conditional access policy is blocking the users login
  • Configure AppA so it can be reviewed in real-time
  • Create conditional access policy to enforce MFA but exclude physical locations
• Configure and manage multi-factor authentication (MFA)
  • View which users have used MFA
  • Enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present
  • You are evaluating which sales department users will be prompted for MFA.
  • What will happen when User1 and User2 log in
  • Ensure John must use MFA for all authentication requests
  • Which IP addresses should you configure in the Trusted IP list for MFA
  • You must require MFA if an authentication attempt is suspicious
  • What will happen when one of the user's signs in from an anonymous IP address
  • Ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use MFA
  • Configure an access review to meet the security requirements for the workload administrators
• Lockbox, risk policies, access review, and JIT
  • Set guest access to be reviewed every 30 days & Grant a user the ability to invite guests to the Microsoft 365 tenant
  • What settings do you need to configure to create an access review policy?
  • Where can you go to approve Customer Lockbox requests?
  • Who can approve the PIM role activation?
  • Which users will be required to change their password?
  • Which admins will receive a notification when a Microsoft engineer requests access to your organization?
  • Which Azure AD PIM setting should you re-configure to meet the security requirements.
  • What users and how many alerts will the receive?
  • What occurs when User1 and User2 sign in from an unfamiliar location?
• Defending Exchange Online
  • Which URL can users access from Microsoft Office Online
  • Phishing email messages must be quarantined if the messages are sent from a spoofed domain
  • What is a prerequisite for running an Attack simulator
  • Track user clicks on any links to gitbit.org
  • Where do suspicious emails go
  • Which threat management policy should you update from the Microsoft Defender admin center
  • Which users should you tell your boss can receive the attack simulation fake threats
  • Verify all mailboxes have mailbox intelligence enabled and working
  • What two places can you go to review the missing attachments
  • How should you reconfigure the safe attachment policy
  • reconfigure the email filter to deliver any emails that contain malware without the attachment
  • Block and track any access to the GitBit.org domain
  • Block malware.gitbit.org from being opened from within an email or any Office app
• Microsoft Defender
  • Will the IP addresses cause an alert?
  • What Azure information is required to deploy the sensors?
  • You need to integrate the VPN and Defender for Identity.
  • Implement Microsoft Defender for Identity to monitor a server
  • How long will the delay be for updates to Microsoft Defender for Identity?
  • You plan to evaluate the risk level for all the devices listed above.
  • How should you prepare Intune for Microsoft Defender for Endpoint?
  • Monitor the domain by using Defender for Identity
  • Which files with the above policy apply?
  • Give a report of everyone that's modified files
  • Which files trigger an alert?
  • Which URLs are blocked by Microsoft Defender for Endpoint?
  • You need to configure the Defender for Identity standalone sensor to detect when certain sensitive groups are updated
  • Enable delegation for the security settings of the devices in a device group
  • You've been tasked with integrating Microsoft Defender for Office 365 and Microsoft Defender for Endpoint
  • What permissions are required for each admin task in Defender for Endpoint
  • Which type of Cloud App Security policy should you create?
  • Administrators must manually approve all remediation for any of the executives
• Auditing sign-ins and Microsoft Sentinel
  • You need to view which users have used an authenticator app to access Microsoft 365
  • Manage incidents based on alerts generated by Microsoft Cloud App Security
  • Your manager asks you to enable auditing for all Microsoft Exchange Online mailboxes
  • view future sign-ins to the mailbox of a user
  • What do you need to do after you create an active rule that has the default settings?
  • Where can you go to review the location (IP address) when administrators log in to your Microsoft 365 tenant?
  • Which two roles could you assign to create and run playbooks and manage incidents
  • Where should you go to audit sign in's?
  • What Exchange PowerShell commands do you need to run to verify you can see the audit logs in the future?
• Classify data using labels
  • View which labels were applied by users manually and which labels were applied automatically
  • What groups can be used to assign sensitivity labels?
  • Assist the user so the email can be sent to the external recipient
  • Configure a new group that will be used for publishing sensitivity labels
  • To which groups can you apply Policy1?
  • Where do you go to create the label?
  • Which labels will be applied to which documents?
• Configuring and managing retention
  • Configure notifications whenever an administrator starts an eDiscovery search
  • Admin1 can view the results of Case1
  • Provide a way to review any emails sent by John Gruber to the rival
  • When can you recover a file?
  • How will the retention policy be applied?
  • Ensure that the labels will be available for manual assignment as soon as possible
• Data Loss Prevention policies (DLP)
  • How do you include a sensitive information type in Data Subject Request cases?
  • What will happen if a user sends an email that contains a credit card number?
  • Prevent any emails that contain information covered by HIPAA
  • What do you need to do to ensure CaseA returns all the documents
  • What do you need to do to receive incident reports from DLP policies?
  • What is the effect of the policy when a user attempts to send an email message that contains sensitive information?
  • Implement a DLP policy
  • Who can access the files?
  • What is the minimum number of DLP policies and rules you must create to meet the requirements?
• Securing SharePoint Online
  • Prevent users from downloading, printing, and syncing files from their unmanaged personal devices
  • Allow your users to share files from Microsoft OneDrive to specific users
  • How do you prevent users from downloading, printing, and syncing files to unmanaged devices.
  • How to block sharing invitations to any external users except users from gitbit.org
  • Review what external users can access SharePoint and OneDrive files
• Protecting user devices using Intune
  • Which devices will be marked compliant?
  • What policies will apply to which devices?
  • Only Windows security data is sent to Microsoft
  • Users must be prevented from backing up the app data to iCloud
  • Which apps apply to which devices
  • What devices can you turn on auto-unlock or BitLocker to Go?
  • Prevent private details in the telemetry data from being sent to Microsoft
  • Ensure that unmanaged mobile devices are quarantined
  • Enable Windows Defender Exploit Guard on the devices
  • Set up the Microsoft 365 tenant so users can only join 5 devices to the tenant
  • Create the app protection policies in the Microsoft Endpoint Manager
  • Create an attack surface reduction policy
  • How to setup app-enforced restrictions
  • What devices will be marked compliant?

MS-500 Blog articles

• Zero Trust Explained
• How to send emails through Microsoft 365 from PowerShell
• 26 cyber security careers with average pay and number of jobs available
• 9 Conditional Access Policies You'll Kick Yourself for Not Setting Up
• 0 to hero - the ultimate Microsoft Defender for Endpoint (MDE) guide
• The Anatomy of Great Phishing Emails
• 14 steps to fix a hacked Microsoft 365 account
• Error connecting Windows 10 computer to Microsoft 365. Error code: 80180014