Understanding Attack Surface Reduction

Difficulty: Intermediate
Duration: 2 minutes and 45 seconds
Students: 1,210
Rating: 4/5

This lesson explores the suite of tools available in Microsoft Endpoint Manager for establishing and maintaining security posture in an organization. These include tools like Microsoft Intune, used for enrolling devices as well as creating and enforcing device compliance, and Microsoft Defender, used for implementing device antivirus and malware defense tools. This lesson will also review the activities involved in reducing attack surfaces in an organization that bad actors could use to penetrate and expose sensitive data. This sensitive data is protected through the implementation of attack surface reduction rules which are deployed through careful auditing and testing to prevent any loss of productivity. This lesson will also touch on the security baselines made available to organizations wishing to enact a more granular security posture and have access to tools like secure score for evaluating the effectiveness of these efforts against known best practices.  

Learning Objectives

  • Create a compliance policy 
  • Monitor enrolled devices
  • Setup surface attack reduction rules
  • Deploy surface attack reduction rules
  • Review security baselines
  • Examine Microsoft secure score

Intended Audience

This lesson is designed for individuals who are responsible for setting up and monitoring device compliance and security in Microsoft 365 as well as those pursuing Microsoft certifications.

Prerequisites 

To get the most from this lesson, you should have some familiarity and experience with the Microsoft 365 security suite of tools including Microsoft Endpoint Manager.  

Covered Topics