What you'll learn:
- Learn the concepts and perform hands on activities needed to master Microsoft Defender XDR (formerly Microsoft 365 Defender)
- Gain a tremendous amount of knowledge involving Microsoft Defender XDR (formerly Microsoft 365 Defender)
- Learn using hands on simulations on how Microsoft Defender XDR (formerly Microsoft 365 Defender) is administered!
- Learn how to set up your own test lab for practicing the concepts!
We really hope you'll agree, this training is way more than the average course on Udemy!
Have access to the following:
Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
Instructor led hands on and simulations to practice that can be followed even if you have little to no experience
TOPICS COVEREDINCLUDINGHANDSONLECTUREANDPRACTICETUTORIALS:
Introduction
Welcome to the course
Understanding the Microsoft Environment
Foundations of Active Directory Domains
Foundations of RAS, DMZ, and Virtualization
Foundations of the Microsoft Cloud Services
DONT SKIP: The first thing to know about Microsoft cloud services
DONT SKIP: Azure AD is now renamed to Entra ID
Questions for John Christopher
Performing hands on activities
DONT SKIP: Using Assignments in the course
Creating a free Microsoft 365 Account
Activating licenses for Defender for Endpoint and Vulnerabilities
Getting your free Azure credit
Basic concepts of the Microsoft Defender Suite and Services
The Microsoft 365 Defender Suite
Using the Defender and Purview admin centers
Microsoft Defender for Office 365
What is Microsoft Defender for Office 365?
Implementing policies for uses in Email, SharePoint, OneDrive, and Teams
Dealing with threats using Defender for Office 365
Performing a campaign email attack simulation in Microsoft Defender
Microsoft Defender for Cloud Apps and Data Loss Prevention (DLP)
Understanding the concepts of Microsoft Defender for Cloud Apps
Investigating security risks in Defender for Cloud Apps
Concepts of data loss prevention in Microsoft Defender
Alerts with data loss prevention policies (DLP)
Data loss prevention (DLP) policy alert investigation
Microsoft Defender for Endpoint and Defender Vulnerability Management
Understanding Microsoft Defender for Endpoint concepts
Deploy a Windows 11 VM endpoint
Attack surface reduction (ASR) support with Intune
Working with device onboarding regarding Defender for Endpoint
Something to be aware of about extra features
Endpoint advanced features, alerts and incidents
Endpoint vulnerabilities
Device attack surface reduction (ASR)
Device groups with Defender for Endpoint
Microsoft Defender Vulnerability Management risk identification
Endpoint threat indicators
Device discovery of unmanaged devices
Microsoft Defender for Identity
Microsoft Entra ID security risk mitigation
Concepts of using Microsoft Entra Identity Protection
Microsoft Entra Identity Protection security risk mitigation
Microsoft Entra Identity Protection risks in regards to Microsoft Defender
Microsoft Defender for Identity concepts
Using Defender for Identity to mitigate threats with AD DS
Microsoft 365 Defender as an Extended Detection and Response (XDR)
Visualizing the concepts of extended detection and responses (XDR)
Configuring the Microsoft 365 Defender simulation lab
Performing an attack using the simulation lab
Microsoft 365 Defender incidents and automated investigations
Microsoft 365 Defender action and submissions
Using Kusto Query Language (KQL) for threat identification
Microsoft Secure Score
Microsoft 365 Defender threat analytics
Custom detections and alerts
Getting started w/ Defender for Cloud, Defender for Servers & Defender for DevOps
Introduction to Microsoft Defender for Cloud
Regulatory compliance policies along with MCSB
Remediation's with secure score in Microsoft Defender for Cloud
Microsoft Defender for Servers
Microsoft Defender for DevOps
Microsoft Defender External Attack Surface Management (EASM)
Microsoft Defender for Cloud full management and configurations
Settings config in Microsoft Defender for Cloud
Roles in Microsoft Defender for Cloud
Cloud workload protection
Automation of onboarding Azure resource
Azure Arc connections
Multi-cloud connections
Email notifications in Microsoft Defender for Cloud
Using alert suppression rules
Workflow automation configuration in Defender for Cloud
Using sample alerts and incidents
Using Microsoft Defender for Cloud recommendations
Security alerts and incidents in Microsoft Defender for Cloud
Using threat intelligence reports with Microsoft Defender for Cloud
Dealing with insider risks in Microsoft 365
Concepts of insider risk policies
Insider risk policy generation
Insider risk policy alert investigation
Audit and search capabilities in Microsoft Defender and Microsoft Purview
Licensing of unified audit logging
Permissions for unified auditing
Threat hunting with unified audit logging
Threat hunting with Content Searches
Conclusion
Cleaning up your lab environment
Getting a Udemy certificate
BONUS Where do I go from here?
