- Module 1: Explore threat intelligence in Microsoft 365
- Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph
- Describe how the threat dashboard can benefit C-level security officers
- Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
- Describe the Threat Tracker widgets and views that provide you with intelligence on different cybersecurity issues that might impact your company
- Run realistic attack scenarios using Attack simulation training to help identify vulnerable users before a real attack impacts your organization
- Describe how threat hunting in Microsoft Threat Protection enables security operators to identify cybersecurity threats
- Describe how Advanced hunting in Microsoft 365 Defender proactively inspects events in your network to locate threat indicators and entities
- Module 2: Explore the Security Dashboard
- Describe how the Security Dashboard gives C-level executives insight into top risks, global trends, protection quality, and the organization’s exposure to threats
- Explain how to use the Security Dashboard to quickly understand details about trends, where threats originate, and who the top targeted users are in your organization
- Identify how the dashboard can be used as a launching point to enable security analysts to drill down for more details by using Threat Explorer
- Describe the built-in alert policies in Microsoft 365
- Describe the global weekly threat detections displayed in the Security Dashboard
- Module 3: Implement Microsoft Defender for Identity
- Describe how Microsoft Defender for Identity monitors users, entity behavior, and activities with learning-based analytics
- Describe how Defender for Identity protects user identities and credentials stored in Active Directory
- Describe how Defender for Identity identifies and investigates suspicious user activities and advanced attacks throughout the kill chain
- Create your Microsoft Defender for Identity instance in the Defender for Identity portal
- Use the built-in portal to monitor and respond to suspicious activity detected by Defender for Identity
- Module 4: Implement Microsoft Cloud Application Security
- Describe how Cloud App Security provides improved visibility into network cloud activity and increases the protection of critical data across cloud applications
- Explain how to deploy Cloud App Security
- Control your cloud apps with policies
- Troubleshoot Cloud App Security
By the end of this module, you will be able to:
By the end of this module, you will be able to:
By the end of this module, you will be able to:
By the end of this module, you will be able to:
