- Module 1: Implement Microsoft Defender for Identity
- Describe how Microsoft Defender for Identity monitors users, entity behavior, and activities with learning-based analytics
- Describe how Defender for Identity protects user identities and credentials stored in Active Directory
- Describe how Defender for Identity identifies and investigates suspicious user activities and advanced attacks throughout the kill chain
- Create your Microsoft Defender for Identity instance in the Defender for Identity portal
- Use the built-in portal to monitor and respond to suspicious activity detected by Defender for Identity
- Module 2: Learn how Microsoft Defender for Endpoint can help your organization stay secure.
- Define the capabilities of Microsoft Defender for Endpoint.
- Understand how to hunt threats within your network.
- Explain how Microsoft Defender for Endpoint can remediate risks in your environment.
- Module 3: Learn how to detect and respond to security issues using Microsoft Defender for Endpoint with the help of features and capabilities such as the incident queue, alerts queue, response actions on devices and files, and Live Response.
- Understand the incident queue
- Understand the alerts queue
- Understand response actions
- Module 4: Deploy the Microsoft Defender for Endpoint environment
- Create a Microsoft Defender for Endpoint environment
- Onboard devices to be monitored by Microsoft Defender for Endpoint
- Configure Microsoft Defender for Endpoint environment settings
- Module 5: Protect against malicious attacks and unauthorized access with Microsoft Edge
- Describe how Microsoft Edge is built for secure browsing
- Use Microsoft Defender SmartScreen and Application Guard to protect against malicious attacks and unauthorized access.
- Manage Microsoft Edge security options through policies and controls in Microsoft Endpoint Manager
- Module 6: Learn how to reduce potential attack surfaces across your environment with Microsoft Defender for Endpoint. Capabilities include application control, network protection, hardware-based isolation, controlled folder access, and web protection.
- Understand attack surface reduction in Microsoft Defender for Endpoint.
- Understand the different kinds of surface attack reduction protection in Microsoft Defender for Endpoint.
- Understand attack surface reduction rules.
- Module 7: Learn how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations.
- Explain how encryption mitigates the risk of unauthorized data disclosure.
- Describe Microsoft data-at-rest and data-in-transit encryption solutions.
- Explain how Microsoft 365 implements service encryption to protect customer data at the application layer.
- Understand the differences between Microsoft managed keys and customer managed keys for use with service encryption.
- Module 8: In this module, you'll learn about app management using Microsoft Endpoint Manager.
- Understand how your organization's apps can be configured and protected.
- Understand the app management lifecycle.
- Learn about the data protection framework using app protection policies.
- Module 9: Manage device compliance
- Plan for device compliance by defining the rules and settings that must be configured on a device for it to be considered compliant
- Configure conditional users and groups for deploying profiles, policies, and apps
- Create Conditional Access policies to implement automated access control decisions for accessing your cloud apps
- Monitor enrolled devices to control their Intune activities and compliance status
- Module 10: Learn about the Microsoft Defender for Office 365 component of Microsoft 365 Defender.
- Define the capabilities of Microsoft Defender for Office 365.
- Understand how to simulate attacks within your network.
- Explain how Microsoft Defender for Office 365 can remediate risks in your environment.
- Module 11: Describe how to query, visualize, and monitor data in Microsoft Sentinel.
- Visualize security data using Microsoft Sentinel Workbooks.
- Understand how queries work.
- Explore workbook capabilities.
- Create a Microsoft Sentinel Workbook.
- Module 12: Implement Microsoft Cloud Application Security
- Describe how Cloud App Security provides improved visibility into network cloud activity and increases the protection of critical data across cloud applications
- Explain how to deploy Cloud App Security
- Control your cloud apps with policies
- Troubleshoot Cloud App Security
By the end of this module, you will be able to:
In this module, you will learn how to:
By the end of this module, you'll be able to:
Upon completion of this module, the learner will be able to:
At the end of this module, you will be able to:
By the end of this module, you'll be able to:
Upon completion of this module, you should be able to:
In this module, you will:
By the end of this module, you will be able to:
In this module, you will learn how to:
In this module you will:
By the end of this module, you will be able to:
