This project is broken up into Windows and Mac versions (listed below).
Security and privacy should never be an afterthought when developing secure software. A formal
process must Security and privacy should never be in place to ensure they're considered at all
points of the product's lifecycle. Microsoft's Security Development Lifecycle (SDL) embeds
comprehensive security requirements, technology-specific tooling, and mandatory processes into
the development and operation of all software products. All development teams at Microsoft must
adhere to the SDL processes and requirements, resulting in more secure software with fewer and
less severe vulnerabilities at a reduced development cost.
Office 365 isolation controls
Microsoft continuously works to ensure that the multi-tenant architecture of Microsoft 365 supports
enterprise-level security, confidentiality, privacy, integrity, and local, international, and availability
standards. The scale and the scope of services provided by Microsoft make it difficult and non-
economical to manage Microsoft 365 with significant human interaction. Microsoft 365 services are
provided through globally distributed data centers, each highly automated with few operations
requiring a human touch or any access to customer content.
Microsoft 365 is composed of multiple services that provide important business functionality and
contribute to the entire Microsoft 365 experience. Each of these services is self-contained and
designed to integrate with one another. Microsoft 365 is designed with the following principles:
- Service-oriented architecture: designing and developing software in the form of interoperable
services providing well-defined business functionality.
- Operational security assurance: a framework that incorporates the knowledge gained through
various capabilities that are unique to Microsoft, including the Microsoft Security Development
Lifecycle, the Microsoft Security Response Center, and deep awareness of the cybersecurity
threat landscape.
How do Microsoft online services employ audit logging?
Microsoft online services employ audit logging to detect unauthorized activities and provide
accountability for Microsoft personnel. Audit logs capture details about system configuration
changes and access events, with details to identify who was responsible for the activity, when and
where the activity took place, and what the outcome of the activity was. Automated log analysis
supports near real-time detection of suspicious behavior. Potential incidents are escalated to the
appropriate Microsoft security response team for further investigation.
Microsoft online services internal audit logging captures log data from various sources,
such as:
Event logs
AppLocker logs
Performance data
System Center data
Call detail records
Quality of experience data
IIS Web Server logs
SQL Server logs
Syslog data
Security audit logs
Windows Users - the Windows version requires Windows (7/10/11) operating environment.
1. Yo.
This project is broken up into Windows and Mac versions lis.pdf
1. This project is broken up into Windows and Mac versions (listed below).
Security and privacy should never be an afterthought when developing secure software. A formal
process must Security and privacy should never be in place to ensure they're considered at all
points of the product's lifecycle. Microsoft's Security Development Lifecycle (SDL) embeds
comprehensive security requirements, technology-specific tooling, and mandatory processes into
the development and operation of all software products. All development teams at Microsoft must
adhere to the SDL processes and requirements, resulting in more secure software with fewer and
less severe vulnerabilities at a reduced development cost.
Office 365 isolation controls
Microsoft continuously works to ensure that the multi-tenant architecture of Microsoft 365 supports
enterprise-level security, confidentiality, privacy, integrity, and local, international, and availability
standards. The scale and the scope of services provided by Microsoft make it difficult and non-
economical to manage Microsoft 365 with significant human interaction. Microsoft 365 services are
provided through globally distributed data centers, each highly automated with few operations
requiring a human touch or any access to customer content.
Microsoft 365 is composed of multiple services that provide important business functionality and
contribute to the entire Microsoft 365 experience. Each of these services is self-contained and
designed to integrate with one another. Microsoft 365 is designed with the following principles:
- Service-oriented architecture: designing and developing software in the form of interoperable
services providing well-defined business functionality.
- Operational security assurance: a framework that incorporates the knowledge gained through
various capabilities that are unique to Microsoft, including the Microsoft Security Development
Lifecycle, the Microsoft Security Response Center, and deep awareness of the cybersecurity
threat landscape.
How do Microsoft online services employ audit logging?
Microsoft online services employ audit logging to detect unauthorized activities and provide
accountability for Microsoft personnel. Audit logs capture details about system configuration
changes and access events, with details to identify who was responsible for the activity, when and
where the activity took place, and what the outcome of the activity was. Automated log analysis
supports near real-time detection of suspicious behavior. Potential incidents are escalated to the
appropriate Microsoft security response team for further investigation.
Microsoft online services internal audit logging captures log data from various sources,
such as:
Event logs
AppLocker logs
Performance data
System Center data
Call detail records
Quality of experience data
IIS Web Server logs
SQL Server logs
Syslog data
2. Security audit logs
Windows Users - the Windows version requires Windows (7/10/11) operating environment.
1. Your task is to examine your Windows operating environment (7/10/11). Using ALL the
available applications/apps provided by underlying operating system, identify these logs
and document your findings as follows:
1.Name of the log (using the list above).
2.Sample of the log (1-2 records/objects/data items).
3.Your own interpretation of the log (brief).
If you cannot find any of the logs mentioned above, document that log(s) as follows:
1.Name of the log.
2.Current Operating System cannot provide this log OR "I am unable to identify this log data".
2. Investigate and list Applications and Windows failure logs including any Warnings using the
Reliability Monitor.
Combine your responses from the above into a Word document and submit by day 7 of this
module. See the rubric for additional grading guidelines.
MacOS Users, do the following:
1.Go to VMWare and create a free account.
2.Login and go to Hands-On Labs.
3.Search for Windows 10 lab.
4.Setup the virtual lab.
5.Then, run the virtual lab for Windows 10.
6.Now Mac users have access to Windows 10.
1. Your task is to examine your Windows operating environment (7/10/11). Using ALL the
available applications/apps provided by underlying operating system, identify these logs
and document your findings as follows:
1.Name of the log (using the list above).
2.Sample of the log (1-2 records/objects/data items).
3.Your own interpretation of the log (brief).
If you cannot find any of the logs mentioned above, document that log(s) as follows:
1.Name of the log.
2.Current Operating System cannot provide this log OR "I am unable to identify this log data".
2. Investigate and list Applications and Windows failure logs including any Warnings using the
Reliability Monitor.
