Run Microsoft Office 365 Attack Simulator | Configuration Guide

Microsoft Office 365 Attack Simulator Configuration

Prev Question Next Question

Question

As a step to harden your Office 365 security you wish to run Microsoft Office 365 Attack simulator.

You configure Microsoft Defender Advanced Threat Protection and assign your users Microsoft 365 Enterprise E5 licenses.

What must be configured to run the attack simulator?

Answers

A. Create Conditional Access session control scoped at Office 365.

B. Assign your users Defender plan 2-licenses.

C. Configure an identity protection user risk-policy.

D. Enable multi-factor authentication.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: D

Enabling MFA is a prerequisite for running Microsoft Attack Simulator.

Session x

Control user access based on session controls
to enable limited experiences within specific
cloud applications

Learn more

Use app enforced restrictions

O itremtatratsthegeate!
apps: Cunenty, Officaa65 Exchange
Onlin, and SharePoint Onine are the only
re learet sgeape=
(ears Hee

@ Use conditional access App Control

Monitor only (Preview)

© Tris control works instantly for featured
qupentierliaestietteee htc)
eye ta ermal
ethane

Since the answer is given in the documentation, the other options are incorrect.

To know more about Microsoft Office 365 Attack Simulator, please refer to the link below:

To run the Microsoft Office 365 Attack simulator, you need to configure Microsoft Defender Advanced Threat Protection and assign your users Microsoft 365 Enterprise E5 licenses. In addition to this, the correct answer is B: Assign your users Defender plan 2-licenses.

Here's a detailed explanation of the options given in the question:

A. Create Conditional Access session control scoped at Office 365: Conditional Access is a feature of Azure Active Directory that allows administrators to control access to resources based on various conditions, such as user location, device type, and application used. However, creating a Conditional Access session control scoped at Office 365 is not required to run the attack simulator.

B. Assign your users Defender plan 2-licenses: Microsoft Defender for Office 365 (previously known as Office 365 Advanced Threat Protection) is a suite of tools that provides protection against advanced threats such as phishing and malware. To use the Attack simulator, users must have Defender plan 2-licenses assigned to them. These licenses include the Attack Simulator feature, which allows you to simulate a variety of attacks against your organization to test your security controls.

C. Configure an identity protection user risk-policy: Identity Protection is another feature of Azure Active Directory that helps protect user identities and detect suspicious activities. However, this feature is not required to run the attack simulator.

D. Enable multi-factor authentication: Multi-factor authentication (MFA) is an extra layer of security that requires users to provide additional information beyond a username and password to access resources. While MFA is an important security measure, it is not required to run the attack simulator.

In summary, to run the Microsoft Office 365 Attack simulator, you need to configure Microsoft Defender Advanced Threat Protection and assign your users Microsoft 365 Enterprise E5 licenses, and assign your users Defender plan 2-licenses.

Prev Question Next Question