MS-101 Explore security metrics in Microsoft Defender XDR

By the end of this module, you will be able to:

• Describe techniques hackers use to compromise user accounts through email
• Describe techniques hackers use to gain control over resources
• Describe techniques hackers use to compromise data
• Mitigate an account breach
• Prevent an elevation of privilege attack
• Prevent data exfiltration, data deletion, and data spillage

By the end of this module, you will be able to:

• Describe the Zero Trust approach to security in Microsoft 365
• Describe the principles and components of the Zero Trust security model
• Describe the five steps to implementing a Zero Trust security model in your organization
• Explain Microsoft's story and strategy around Zero Trust networking

By the end of this module, you will be able to:

• Identify the features of Microsoft Defender for Office 365 that enhance email security in a Microsoft 365 deployment
• Explain how Microsoft Defender for Identity identifies, detects, and investigates advanced threats, compromised identities, and malicious insider actions directed at your organization
• Explain how Microsoft Defender for Endpoint helps enterprise networks prevent, detect, investigate, and respond to advanced threats
• Describe how Microsoft 365 Threat Intelligence can be beneficial to your organization’s security officers and administrators
• Describe how Microsoft Cloud App Security enhances visibility and control over your Microsoft 365 tenant through three core areas

By the end of this module, you will be able to:

• Describe the benefits of Secure Score and what kind of services can be analyzed
• Describe how to collect data using the Secure Score API
• Describe how to use the tool to identify gaps between your current state and where you would like to be regarding security
• Identify actions that will increase your security by mitigating risks
• Explain where to look to determine the threats each action will mitigate and the impact it has on users

By the end of this module, you will be able to:

• Describe how Privileged Identity Management enables you to manage, control, and monitor access to important resources in your organization
• Configure Privileged Identity Management for use in your organization
• Describe how Privileged Identity Management audit history enables you to see all the user assignments and activations within a given time period for all privileged roles
• Explain how Microsoft Identity Manager helps organizations manage the users, credentials, policies, and access within their organizations and hybrid environments
• Explain how Privileged Access Management provides granular access control over privileged admin tasks in Microsoft 365

By the end of this module, you will be able to:

• Describe Azure Identity Protection (AIP) and what kind of identities can be protected
• Enable the three default protection policies in AIP
• Identify the vulnerabilities and risk events detected by AIP
• Plan your investigation in protecting cloud-based identities
• Plan how to protect your Azure Active Directory environment from security breaches