Course Outline

SC-5004: Defend against cyberthreats with Microsoft Defender XDR

Duration
1 Day
Price
1.00 ج.م.‏
Course Type
No Location
Implement the Microsoft Defender for Endpoint environment to manage devices, perform investigations on endpoints, manage incidents in Defender XDR, and use Advanced Hunting with Kusto Query Language (KQL) to detect unique threats.

Course Outline

1 - Mitigate incidents using Microsoft Defender
  • Use the Microsoft Defender portal
  • Manage incidents
  • Investigate incidents
  • Manage and investigate alerts
  • Manage automated investigations
  • Use the action center
  • Explore advanced hunting
  • Investigate Microsoft Entra sign-in logs
  • Understand Microsoft Secure Score
  • Analyze threat analytics
  • Analyze reports
  • Configure the Microsoft Defender portal
1 - Mitigate incidents using Microsoft Defender
  • Use the Microsoft Defender portal
  • Manage incidents
  • Investigate incidents
  • Manage and investigate alerts
  • Manage automated investigations
  • Use the action center
  • Explore advanced hunting
  • Investigate Microsoft Entra sign-in logs
  • Understand Microsoft Secure Score
  • Analyze threat analytics
  • Analyze reports
  • Configure the Microsoft Defender portal
2 - Deploy the Microsoft Defender for Endpoint environment
  • Create your environment
  • Understand operating systems compatibility and features
  • Onboard devices
  • Manage access
  • Create and manage roles for role-based access control
  • Configure device groups
  • Configure environment advanced features
2 - Deploy the Microsoft Defender for Endpoint environment
  • Create your environment
  • Understand operating systems compatibility and features
  • Onboard devices
  • Manage access
  • Create and manage roles for role-based access control
  • Configure device groups
  • Configure environment advanced features
3 - Configure for alerts and detections in Microsoft Defender for Endpoint
  • Configure advanced features
  • Configure alert notifications
  • Manage alert suppression
  • Manage indicators
3 - Configure for alerts and detections in Microsoft Defender for Endpoint
  • Configure advanced features
  • Configure alert notifications
  • Manage alert suppression
  • Manage indicators
4 - Configure and manage automation using Microsoft Defender for Endpoint
  • Configure advanced features
  • Manage automation upload and folder settings
  • Configure automated investigation and remediation capabilities
  • Block at risk devices
4 - Configure and manage automation using Microsoft Defender for Endpoint
  • Configure advanced features
  • Manage automation upload and folder settings
  • Configure automated investigation and remediation capabilities
  • Block at risk devices
5 - Perform device investigations in Microsoft Defender for Endpoint
  • Use the device inventory list
  • Investigate the device
  • Use behavioral blocking
  • Detect devices with device discovery
5 - Perform device investigations in Microsoft Defender for Endpoint
  • Use the device inventory list
  • Investigate the device
  • Use behavioral blocking
  • Detect devices with device discovery
6 - Defend against Cyberthreats with Microsoft Defender XDR lab exercises
  • Configure the Microsoft Defender XDR environment
  • Deploy Microsoft Defender for Endpoint
  • Mitigate Attacks with Microsoft Defender for Endpoint
6 - Defend against Cyberthreats with Microsoft Defender XDR lab exercises
  • Configure the Microsoft Defender XDR environment
  • Deploy Microsoft Defender for Endpoint
  • Mitigate Attacks with Microsoft Defender for Endpoint

Target Audience

Course Prerequisites

    • Experience using the Microsoft Defender portal

    • Basic understanding of Microsoft Defender for Endpoint

    • Basic understanding of Microsoft Sentinel

    • Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Upcoming Class Dates and Times
Login