Cloud App Discovery is a feature available in Microsoft 365 that provides insights about the cloud applications used within an organization. It categorizes and ranks applications based on the volume of traffic they generate. With the help of Cloud App Discovery, IT administrators can enforce policies, monitor usage, and manage risk effectively across all cloud applications.
Key Aspects of Cloud App Discovery
The main components and functionalities of Cloud App Discovery that you need to be aware of are:
- Discovering Cloud Applications: Cloud App Discovery identifies all cloud applications used across the organization, items the risk of each application, and ranks them based on usage.
- Detailed Reporting: The tool provides detailed reports on the usage of each identified application. This includes users, IP addresses, volume of traffic, and similar parameters.
- Integration: The data gathered by Cloud App Discovery can be integrated with other security and management solutions for a unified, cross-organizational view.
Reviewing Issues in Cloud App Discovery
As an IT administrator, it is your responsibility to review any issues that are flagged as risks in Cloud App Discovery. Common issues might include the discovery of applications that are considered ‘high risk’ or increased usage of non-compliant apps. By addressing these issues, you protect your organization from potential security threats.
Responding to Issues in Cloud App Discovery
Once a potential issue has been identified, appropriate action should be taken. This might involve:
- Risk Assessment: Conduct a thorough risk assessment for the high-risk applications identified. Determine the reasons for their usage and assess whether it’s necessary.
- Policy Enforcement: Configure policies for managing the use of non-compliant or high-risk apps.
- User Education: All users should be trained on the security implications of using certain apps, advising them on the usage of approved and secure applications wherever possible.
- Continuous Monitoring and Assessment: Regular reviews and adjustments should be done as risks will shift over time.
Conclusion
Cloud App Discovery is a powerful tool that every organization should harness to improve application visibility and manage risks more effectively. As a candidate for the MS-101 Microsoft 365 Mobility and Security exam, mastering the review and response process to the issues identified in Cloud App Discovery will give you an edge in maintaining a secure, compliant organization.
Remember that addressing risks in Cloud App Discovery isn’t a one-time affair. Security is an ongoing process that requires continuous monitoring and adjustment.
Start with the understanding of what Cloud App Discovery is and how it functions, and then learn to review and respond to the identified issues. With each one identified and dealt with, you’re taking one more step towards securing your organization in the cloud.
Practice Test
True or False: Microsoft Cloud App Security is a critical component in Microsoft 365 Mobility and Security.
- True
- False
Answer: True
Explanation: Microsoft Cloud App Security is an essential part of MS-101 Microsoft 365 Mobility and Security, providing visibility, control over data travel, and analytics to identify and combat cyberthreats across all Microsoft and third-party cloud services.
Which of the following can be used to identify issues in Cloud App Discovery?
- A) Event data
- B) User Behavior Analytics
- C) Security reports
- D) All of the above
Answer: D) All of the above
Explanation: Microsoft Cloud App Security uses Event Data, User Behavior Analytics and Security Reports to identify issues and provide solutions in Cloud App Discovery.
True or False: Microsoft Cloud App Security cannot give you insights about apps and services that access your data
- True
- False
Answer: False
Explanation: Microsoft Cloud App Security provides visibility to understand which apps and services are accessing your data, thereby allowing you to manage and protect your resources comprehensively.
The discovery phase in Microsoft Cloud App security involves identifying and assessing applications. True or False?
- True
- False
Answer: True
Explanation: The discovery phase in Microsoft Cloud App Security is designed to identify and assess the apps and services within your organization’s environment.
Who can review and respond to issues identified in Cloud App Discovery?
- A) Users
- B) Administrators
- C) Both
Answer: B) Administrators
Explanation: Administrators have the necessary permissions to review and respond to issues identified in Cloud App Discovery.
True or False: Microsoft 365 Mobility and Security supports third-party cloud apps.
- True
- False
Answer: True
Explanation: Microsoft 365 Mobility and Security and Microsoft Cloud App Security support not only Microsoft cloud services but also third-party cloud applications.
How often should Cloud App discovery reviews be conducted?
- A) Weekly
- B) Monthly
- C) Quarterly
- D) Annually
Answer: B) Monthly
Explanation: It’s generally recommended to conduct Cloud App discovery reviews monthly, though this may vary depending upon the organization’s specific needs and policy considerations.
Unauthorized data access can be controlled with Cloud App Security. True or False?
- True
- False
Answer: True
Explanation: Microsoft Cloud App Security provides control over data access, helping to prevent unauthorized access and maintain compliance.
What is the purpose of setting up policies in Microsoft Cloud App Security Discovery?
- A) To trigger alerts
- B) To control data
- C) To identify threats
- D) All of the above
Answer: D) All of the above
Explanation: Setting up policies in Microsoft Cloud App Security Discovery triggers alerts, controls data access, and helps identify cyber threats, thus ensuring a secure cloud environment.
True or False: Cloud App Discovery allows you to create custom reports.
- True
- False
Answer: True
Explanation: Cloud App Discovery does allow you to create custom reports, providing you with specific insights tailored to your organization’s needs.
Interview Questions
What is Cloud App Discovery?
Cloud App Discovery is a feature in Microsoft 365 that allows information technology administrators to gain visibility into the cloud applications being used in their organization, helping them to understand and manage shadow IT.
What kind of data can you uncover with Cloud App Discovery?
Cloud App Discovery can help you uncover data like which users are using which apps, how much data is being uploaded to these apps, the number of transactions from each app, and the IP addresses that are accessing these apps.
How does Cloud App Discovery help with security?
Cloud App Discovery can help IT administrators identify unauthorized or potentially harmful apps in use within their organization. From there, they can take steps to mitigate risks such as blocking the app or educating users about safe app usage.
How are apps categorized in Cloud App Discovery?
Apps are categorized based on several factors, including their risk level, the data they access, and whether they are sanctioned or unsanctioned.
What are the steps to use Cloud App Discovery?
The general steps are to start a discovery session, analyze the data collected, review the discovered apps, categorize the apps and take actions based on the findings.
What are the potential responses to issues identified in Cloud App Discovery?
Responses may include blocking access to unsanctioned apps, notifying users of non-compliant app usage, and identifying alternative apps that meet organizational standards.
How does an app become sanctioned or unsanctioned?
An app can be sanctioned or unsanctioned based on the organization’s policies. The IT administrators make this decision based on the criteria set in their organization’s IT and security policies.
Can Cloud App Discovery identify all apps being used in an organization?
No, Cloud App Discovery can only identify apps that are accessed through the corporate network.
How frequently should you conduct a Cloud App Discovery?
The frequency of a Cloud App Discovery depends on the organization’s needs. However, it’s recommended to conduct it regularly to keep track of app usage and quickly respond to potential risks.
What are the prerequisites for using Cloud App Discovery?
The prerequisites for using Cloud App Discovery include having a Microsoft 365 subscription and having the necessary administrative permissions to run the discovery session.
How do you deal with false positives in Cloud App Discovery?
They can be dealt with by adjusting the classification rules in the management portal or by increasing the level of detail in the discovery data.
What is a discovery session in Cloud App Discovery?
A discovery session in Cloud App Discovery is a period during which data is collected about the apps being used in the organization.
Can non-administrative users run a Cloud App Discovery session?
No, only users with appropriate administrative permissions can run a Cloud App Discovery session.
Can you export the data from a Cloud App Discovery session?
Yes, you can export the data collected during a Cloud App Discovery session into a CSV file for further analysis.
Does the Cloud App Discovery tool provide a risk score for the discovered applications?
Yes, the Cloud App Discovery tool does provide a risk score for the discovered applications, helping organizations understand their exposure to potential IT and security risks.
extutorials.com