SC-200: Mitigate threats using Microsoft Defender XDR

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Module 1: Learn about cybersecurity threats and how the new threat protection tools from Microsoft protect your organization’s users, devices, and data.

In this module, you will learn how to:

Define security threats.
Understand common threats.
Explain how the threat landscape is evolving.

Module 2: Mitigate incidents using Microsoft 365 Defender

Upon completion of this module, the learner will be able to:

Manage incidents in Microsoft 365 Defender
Investigate incidents in Microsoft 365 Defender
Conduct advanced hunting in Microsoft 365 Defender

Module 3: Use the advanced detection and remediation of identity-based threats to protect your Azure Active Directory identities and applications from compromise.

In this module, you will:

Describe the features of Azure Active Directory Identity Protection.
Describe the investigation and remediation features of Azure Active Directory Identity Protection.

Module 4: Learn about the Microsoft Defender for Office 365 component of Microsoft 365 Defender.

In this module, you will learn how to:

Define the capabilities of Microsoft Defender for Office 365.
Understand how to simulate attacks within your network.
Explain how Microsoft Defender for Office 365 can remediate risks in your environment.

Module 5: Learn about the Microsoft Defender for Identity component of Microsoft 365 Defender.

Upon completion of this module, you should be able to:

Define the capabilities of Microsoft Defender for Identity.
Understand how to configure Microsoft Defender for Identity sensors.
Explain how Microsoft Defender for Identity can remediate risks in your environment.

Module 6: Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services. Learn how to use Defender for Cloud Apps in your organization.

At the end of this module, you should be able to:

Define the Defender for Cloud Apps framework
Explain how Cloud Discovery helps you see what's going on in your organization
Understand how to use Conditional Access App Control policies to control access to the apps in your organization

Module 7: Respond to data loss prevention alerts using Microsoft 365

Upon completion of this module, the learner will be able to:

Describe data loss prevention (DLP) components in Microsoft 365
Investigate DLP alerts in the Microsoft 365 compliance center
Investigate DLP alerts in Microsoft Defender for Cloud Apps

Module 8: Insider risk management in Microsoft 365 helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.

Upon completion of this module, you should be able to:

Explain how insider risk management in Microsoft 365 can help prevent, detect, and contain internal risks in an organization.
Describe the types of built-in, pre-defined policy templates.
List the prerequisites that need to be met before creating insider risk policies.
Explain the types of actions you can take on an insider risk management case.