Challenge #7

On your computer, launch a new browser window (Edge, Chrome), and type in https://security.microsoft.com/ and press enter.

Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.

Within the Microsoft Defender Center:

• Look for and select Email & Collaboration along the left-hand side menu
• Under Email & Collaboration, look for and select Policies & rules
• In the Policies & rules window, select Threat policies

• Within the Threat policies window, under Policies, find and select Safe Links
• Within the Safe Links window, select the + Create
• Provide a Name for your new Safe Links policy, such as My Company Safe Links
• Feel free to also provide a description, such as Policies recommendations from Third Octet’s Level Up challenge
• Click Next
• On the next screen, we’ll be leaving users and groups blank. However, under domains, we want to enter the domain name that we use for our e-mails. As an example, ours is thirdoctet.com. Go ahead and enter your domain name and click enter.
• Now click Next.

• Under the URL & click protection settings, we want to enable several (many of which are already enabled), including:
  • Under Email:
    • Checked On: Safe Links checks a list of known, malicious links when users click links in email. URLs are rewritten by default
    • Checked Apply Safe Links to email messages sent within the organization
    • Checked Apply real-time URL scanning for suspicious links and links that point to files
    • Checked Wait for URL scanning to complete before delivering the message
    • Unchecked Do not rewrite URLs, do checks via Safe Links API only.

• Under the URL & click protection settings, we want to enable several (many of which are already enabled), including:
  • Under Teams:
    • Checked On: Safe Links checks a list of known, malicious links when users click links in Microsoft Teams. URLs are not rewritten

• Under the URL & click protection settings, we want to enable several (many of which are already enabled), including:
  • Under Click Protection Settings:
    • Checked Track user clicks
    • Unchecked Let users click through the original URL
• Now click Next

• Under the URL & click protection settings, we want to enable several (many of which are already enabled), including:
  • Under Office 365 Apps:
    • Checked On: Safe Links checks a list of known, malicious links when users click links in Microsoft Office apps. URLs are not rewritten

• Within the Notification window, we can select Use the default notification text, and select Next
• We can now review and validate our settings.
• Once you are satisfied, click Submit and then Done.
• We’ll then return to the main window where we’ll see our new policy as enabled (status = on).