Summary and knowledge check


In this module, you learned how Microsoft 365 proactively monitors information system assets for vulnerabilities, assesses the risks associated with discovered vulnerabilities, and remediates them in a timely manner.

Now that you have completed this module, you should be able to:

  • Describe Microsoft's Assume Breach strategy in the context of vulnerability management and security monitoring.
  • Explain machine state scanning and the components of PAVC in Microsoft 365.
  • Describe how Microsoft 365 proactively patches its systems.
  • List how Microsoft 365 anti-malware tools detect and prevent malware execution.
  • Explain how Microsoft 365 detects and remediates vulnerabilities and security misconfigurations.
  • Describe how Microsoft 365 uses security monitoring to detect and respond to attacks at scale.
  • List the attack simulation and penetration testing activities used to validate the security posture of Microsoft 365.

Check your knowledge


Which of the following statements about internal penetration testing is correct?


How often are vulnerability and configuration scans performed on Microsoft 365 endpoints?


What methods does Microsoft 365 use to detect malware?


How quickly does Microsoft 365 security monitoring automatically deploy countermeasures and alert on-call engineers of suspicious activity?