Introduction
Les photos et vidéos sont issues de l’évènement « Atelier Cybersécurité – Des solutions & recommandations pour se protéger » qui s’est déroulé le jeu. 6 décembre 2018 de 18:00 à 20:00 chez BeBooster à Fort-de-France.
La sécurisation des environnements Microsoft Office 365
Decision | Description |
DD-01 | Enable MFA for all admins |
DD-02 | Enable MFA for all users |
DD-03 | Enable mailbox owner auditing |
DD-04 | Who will review reports? |
DD-05 | Who will review privileged access? |
DD-06 | Enable client rules forwarding block? |
DD-07 | Enable audit data recording? |
DD-08 | Enable additional mailbox auditing? |
DD-09 | Disable external sharing? |
DD-10 | Disable external SIP federation? |
DD-11 | Enable mobile device management services? |
DD-12 | Require mobile devices to use a password? |
DD-13 | Keep Default Policy or create custom policy. |
DD-14 | Malware Detection Response? YES/NO and STANDARD/CUSTOM |
DD-15 | Common Attachment Types Filter? ON/OFF |
DD-16 | Sender Notification? INTERNAL/EXTERNAL/OFF |
DD-17 | Administrator Notification? YES/NO |
DD-18 | Custom Notification? YES/NO |
DD-19 | Enable Standard Settings? YES/NO (overrides Custom Settings) |
DD-20 | Modify SCL level? – Value ? |
DD-22 | Use Default ATP Policy? YES/NO |
DD-23 | Is there need for a specific policy for dedicated recipients? YES/NO |
DD-24 | Enable ATP Safe attachments for all users? YES/NO |
DD-25 | Use redirect in Policy? YES/NO |
DD-26 | Scope by domain? YES/NO |
DD-27 | Ramp up using Distribution Groups? YES/NO |
DD-28 | Turn on ATP for SharePoint, OneDrive, and Microsoft Teams? YES/NO |
DD-30 | Enable check for authentication in ETRs? YES/NO |
DD-31 | Make use of updated reporting add-in? YES/NO |
DD-32 | Implement SPF, DKIM and DMARC? YES/NO |
DD-33 | Implement DMARC with p=reject. |
DD-34 | Use ETRs to Skip Safe Attachments/Safe Links |
DD-35 | Create ETRs to skip ATP internally? YES/NO |