User Profile
VinodS2020
Brass Contributor
Joined 5 years ago
User Widgets
Recent Discussions
Re: Idle session timeout Conditional access policy for unmanaged devices
ericsawatzky Hi, I can see this in below given link about Idle session timeout but it seems its for non-company or shared devices but it does not clear whether its going to target unmanaged devices as well or what and seems confusing here. See below snap https://learn.microsoft.com/en-US/microsoft-365/admin/manage/idle-session-timeout-web-apps?view=o365-worldwide&WT.mc_id=365AdminCSH_inproductRe: Script to reboot the devices via Intune as per scheduled date & time
jmakhija I know this Settings catalog policy but I was looking for more customizable like schedule a device reboot on every weekend on particular date and time along with user should have option to extend the reboot to further at least 4 to 8 hours.Re: Testing of web content filtering policy from M365 Defender
rahuljindal Can you clarify which MDE license is needed to an admin as not able to understand here? We have Microsoft Defender for Business assigned to all the admins including end users in the tenant. Link: https://learn.microsoft.com/en-us/microsoft-365/security/defender-business/mdb-overview?view=o365-worldwideget the latest updates on Antivirus agent in MS defender with below capabilities of it via Intune or
What is the frequency to get the latest updates on Antivirus agent in MS defender with below capabilities of it via Intune or Defender for devices? 1. Anti-malware version 2. Signature version 3. Engine version 4. Last quick scan signature versionGet notified by email when someone tries access or login with service account credentials in m365 te
How to get notified by email when someone tries access or login with service account credentials in m365 tenant? As I saw some settings in Cloud App security but now I am not able to find it and setup/configure it?Re: How to check or get to know what all services from M365 tenant are sending emails from the respectiv
Yash_Mudaliar The link you shared does not answer the question yet. I mean to say the services from M365 tenant like SPO, EXO, ODB and Teams and others. This email notification was arrived from SharePoint online service to admin mailbox and we wanted to know that all are those services which sends such emails so we are aware and can educate people to know the legitimacy of emails and where they should trust and where not and report such emails to Security team for further checks. See below snap for clarity .Re: capability to detect password protected files to during the email delivery and ZAP process of the e
ExMSW4319 Thanks for your insightful answer on this, but I think the Transport rule would work on this but we as admins should have to add those legit domains or add authentication Results in the Except field in the rule with SPF=pass. So what's you take on this?Testing of web content filtering policy from M365 Defender
How to test web content filtering policy from M365 Defender as I am not able to see the option to target a specific group for testing purposes? See below snap Also I am seeing below on the link here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-content-filtering?view=o365-worldwide#:%7E:text=To%20add%20a,the%20selected%20categories.How to check or get to know what all services from M365 tenant are sending emails from the respectiv
How to check or get to know what all services from M365 tenant are sending emails from the respective primary domain attached to tenant? Also I wanted to bring this into notice and raise an awareness that threat actors are also sending similar kind of emails to people and those emails are not being cought by EOP and MDO and all other strict policies applied via EOP and Defender across M365 tenant and this seems really concerning if those are not cought by specially EOP then it could be harmful and end users may fall for it to delete items and click on malicious links in the phishing emails and get in Identity/credential theft or give unwanted access to attackers. For example: End user got an email few days back saying that "Your mailbox is almost full" and user need to delete or move some items from inbox and this email was delivered to end users mailbox from the primary domain showing this.Re: Idle session timeout Conditional access policy for unmanaged devices
ericsawatzky How we are going to target unmanaged devices in this created conditional access policy by creating filter under platform or what because if we apply this policy to all the users then how its going to determine which device is this policy for? As we did not add any filter or targeted such unmanaged devices? Also if we wanted to increase the idle session timeout for managed devices lets say 3 hours and unmanaged devices 1 hour then how we are going to do this with both policies in M365 admin and Conditional access policy?capability to detect password protected files to during the email delivery and ZAP process of the e
Does M365 Defender & EOP has capability to detect password protected files to during the email delivery and ZAP process of the email in user mailbox? If yes how we can configure to stop such emails and put them into quarantine and stop the email delivery to end users? I have another follow-up question on this is that if we deploy this Transport rule to quarantine false or parked domains emails like phishing or spam and unwanted emails then how we would filter and allow the legit email domains to send out such files like .PDF, Docs, excel and other password protected files to users mailbox without putting them into Quarantine?Idle session timeout Conditional access policy for unmanaged devices
What is the default time period for this policy in Conditional access policy for Idle Session timeout" policy as I was looking for way to create this policy for unmanaged devices in the tenant and when I checked it there is not filter or checkbox where we can enter or give time period for idle sessions on unmanaged devices? Here is the link I was looking for to created the policy for unmanaged devices: https://learn.microsoft.com/en-us/microsoft-365/admin/manage/idle-session-timeout-web-apps?view=o365-worldwide#turn-on-idle-session-timeout:%7E:text=Idle%20session%20timeout%20on%20unmanaged%20devices See below snapRe: Can we get only searchable items from MS Purview and not unindexed items and what all are the things
LeonPavesic Thanks for reply. I have gone through these links but my questions remains there as I just wanted to get the searchable items which can be opened when we export from Purview portal and don't want unindexed items to be exported or seen in the export at all.
