1. Are you missing Attack Simulator? Attack Simulator requires Microsoft Defender for Office 365 Plan 2 or Office 365 Enterprise E5. Attack Simulator is not included in Microsoft Defender for Office 365 Plan 1, Office 365 Enterprise E3, or any Microsoft 365 Apps for business subscriptions.
2. The account you use to launch simulated attacks requires global administrator or security administrator permissions and multi-factor authentication (MFA). For more information about Attack Simulator requirements, see this topic.
3. Important things to know about Brute Force Password attack simulations:
-
-
If the target account has MFA enabled and the password was guessed correctly, the account will not show as compromised (the second authentication factor will be incomplete).
-
The password file can't be larger than 10 MB. Use one password per line, and include a blank line (carriage return) after the last password in the list.
-
4. Important things to know about Spear Phishing attach simulations:
-
-
By design, you can't provide a custom value for Phishing login server URL.
-
If a recipient uses the Enable the Report Message add-in to report the message as phishing, you might not receive alerts for the message (because this is a simulated attack).
-
5. Reports: After the simulated attack is complete, you can click Attack Details to see the report.
6. For detailed instructions and new features in Attack Simulator, see Attack Simulator in Microsoft 365.
Note: Attack simulation training deployment considerations and FAQ - Office 365 | Microsoft Docs can also be referred
Comments
0 comments
Please sign in to leave a comment.