Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Mitigate threats using Microsoft Defender XDR

Microsoft via Microsoft Learn

Go to class Write review
Boot.dev Ad

The Most Addictive Python and SQL Courses

Learn More → Unihackers Ad

Launch Your Cybersecurity Career in 6 Months

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
  • Introduction to Microsoft 365 threat protection

    In this module, you learned the role that Microsoft Defender XDR plays in a modern SOC. You should now be able to:

    • Understand Microsoft Defender XDR solutions by domain
    • Understand the Microsoft Defender XDR role in a Modern SOC
  • Mitigate incidents using Microsoft Defender

    Upon completion of this module, the learner is able to:

    • Manage incidents in Microsoft Defender
    • Investigate incidents in Microsoft Defender
    • Conduct advanced hunting in Microsoft Defender
  • Learn how to investigate and remediate threats using Microsoft Defender for Office 365. Explore automated tools, phishing triage, and attack simulation.

    After completing this module, you'll be able to:

    • Automate threat investigation and response using Microsoft Defender for Office 365.
    • Configure Safe Attachments, Safe Links, and anti-phishing policies.
    • Use the Phishing Triage Agent to classify and triage phishing emails.
    • Simulate attacks to identify vulnerabilities and improve security posture.
  • Protecting a user's identity by monitoring their usage and sign-in patterns will ensure a secure cloud solution. Explore how to design and implement Microsoft Entra Identity protection.

    By the end of this module you're able to:

    • Implement and manage a user risk policy.

    • Implement and manage sign-in risk policies.

    • Implement and manage MFA registration policy.

    • Monitor, investigate, and remediate elevated risky users.

  • Learn about the Microsoft Defender for Identity component of Microsoft Defender XDR.

    Upon completion of this module, you should be able to:

    • Define the capabilities of Microsoft Defender for Identity.
    • Understand how to configure Microsoft Defender for Identity sensors.
    • Explain how Microsoft Defender for Identity can remediate risks in your environment.
  • Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services. Learn how to use Defender for Cloud Apps in your organization.

    At the end of this module, you should be able to:

    • Define the Defender for Cloud Apps framework
    • Explain how Cloud Discovery helps you see what's going on in your organization
    • Understand how to use Conditional Access App Control policies to control access to the apps in your organization

Syllabus

  • Introduction to Microsoft Defender XDR threat protection
    • Introduction
    • Explore Extended Detection & Response (XDR) response use cases
    • Understand Microsoft Defender XDR in a Security Operations Center (SOC)
    • Explore Microsoft Security Graph
    • Investigate security incidents in Microsoft Defender XDR
    • Module assessment
    • Summary and resources
  • Mitigate incidents using Microsoft Defender
    • Introduction
    • Use the Microsoft Defender portal
    • Manage incidents
    • Investigate incidents
    • Manage and investigate alerts
    • Manage automated investigations
    • Use the action center
    • Explore advanced hunting
    • Investigate Microsoft Entra sign-in logs
    • Understand Microsoft Secure Score
    • Analyze threat analytics with the Security Copilot Threat Intelligence Briefing Agent
    • Analyze reports
    • Configure the Microsoft Defender portal
    • Module assessment
    • Summary and resources
  • Remediate threats using Microsoft Defender
    • Introduction to Microsoft Defender for Office 365
    • Automate, investigate, and remediate
    • Configure, protect, and detect
    • Microsoft Security Copilot Phishing Triage Agent in Microsoft Defender
    • Simulate attacks
    • Summary and knowledge check
  • Manage Microsoft Entra Identity Protection
    • Introduction
    • Review identity protection basics
    • Implement and manage user risk policy
    • Exercise enable sign-in risk policy
    • Exercise configure Microsoft Entra multifactor authentication registration policy
    • Monitor, investigate, and remediate elevated risky users
    • Implement security for workload identities
    • Explore Microsoft Defender for Identity
    • Explore the Identity Risk Management Agent
    • Module assessment
    • Summary and resources
  • Safeguard your environment with Microsoft Defender for Identity
    • Introduction to Microsoft Defender for Identity
    • Configure Microsoft Defender for Identity sensors
    • Review compromised accounts or data
    • Integrate with other Microsoft tools
    • Summary and knowledge check
  • Secure your cloud apps and services with Microsoft Defender for Cloud Apps
    • Introduction
    • Understand the Defender for Cloud Apps Framework
    • Explore your cloud apps with Cloud Discovery
    • Protect your data and apps with Conditional Access App Control
    • Walk through discovery and access control with Microsoft Defender for Cloud Apps
    • Classify and protect sensitive information
    • Detect Threats
    • Module assessment
    • Summary

Tags

Reviews

Start your review of Mitigate threats using Microsoft Defender XDR

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.