MS-101 Explore security metrics in Microsoft Defender XDR

By the end of this module, you will be able to:

• Describe techniques hackers use to compromise user accounts through email
• Describe techniques hackers use to gain control over resources
• Describe techniques hackers use to compromise data
• Mitigate an account breach
• Prevent an elevation of privilege attack
• Prevent data exfiltration, data deletion, and data spillage

By the end of this module, you will be able to:

• Describe the Zero Trust approach to security in Microsoft 365
• Describe the principles and components of the Zero Trust security model
• Describe the five steps to implementing a Zero Trust security model in your organization
• Explain Microsoft's story and strategy around Zero Trust networking

By the end of this module, you will be able to:

• Identify the features of Microsoft Defender for Office 365 that enhance email security in a Microsoft 365 deployment
• Explain how Microsoft Defender for Identity identifies, detects, and investigates advanced threats, compromised identities, and malicious insider actions directed at your organization
• Explain how Microsoft Defender for Endpoint helps enterprise networks prevent, detect, investigate, and respond to advanced threats
• Describe how Microsoft 365 Threat Intelligence can be beneficial to your organization’s security officers and administrators
• Describe how Microsoft Cloud App Security enhances visibility and control over your Microsoft 365 tenant through three core areas

By the end of this module, you will be able to:

• Describe the benefits of Secure Score and what kind of services can be analyzed
• Describe how to collect data using the Secure Score API
• Describe how to use the tool to identify gaps between your current state and where you would like to be regarding security
• Identify actions that will increase your security by mitigating risks
• Explain where to look to determine the threats each action will mitigate and the impact it has on users

By the end of this module, you will be able to:

• Describe how Privileged Identity Management enables you to manage, control, and monitor access to important resources in your organization
• Configure Privileged Identity Management for use in your organization
• Describe how Privileged Identity Management audit history enables you to see all the user assignments and activations within a given time period for all privileged roles
• Explain how Microsoft Identity Manager helps organizations manage the users, credentials, policies, and access within their organizations and hybrid environments
• Explain how Privileged Access Management provides granular access control over privileged admin tasks in Microsoft 365

By the end of this module, you will be able to:

• Describe Azure Identity Protection (AIP) and what kind of identities can be protected
• Enable the three default protection policies in AIP
• Identify the vulnerabilities and risk events detected by AIP
• Plan your investigation in protecting cloud-based identities
• Plan how to protect your Azure Active Directory environment from security breaches

• Introduction
• Explore today's work and threat landscape
• Examine how phishing retrieves sensitive information
• Examine how spoofing deceives users and compromises data security
• Compare spam and malware
• Examine how an account breach compromises a user account
• Examine elevation of privilege attacks
• Examine how data exfiltration moves data out of your tenant
• Examine how attackers delete data from your tenant
• Examine how data spillage exposes data outside your tenant
• Examine other types of attacks
• Knowledge check
• Summary

• Introduction
• Examine the principles and components of the Zero Trust model
• Plan for a Zero Trust security model in your organization
• Examine Microsoft's strategy for Zero Trust networking
• Adopt a Zero Trust approach
• Knowledge check
• Summary

• Introduction
• Enhance your email security using Microsoft Defender for Office 365
• Protect your organization's identities using Microsoft Defender for Identity
• Protect your enterprise network against advanced threats using Microsoft Defender for Endpoint
• Protect against cyber attacks using Microsoft 365 Threat Intelligence
• Provide insight into suspicious activity using Microsoft Cloud App Security
• Knowledge check
• Summary

• Introduction
• Explore Microsoft Secure Score
• Examine the Secure Score Dashboard
• Collect Secure Score data using the Secure Score API
• Improve your security posture
• Knowledge check
• Summary

• Introduction
• Explore Privileged Identity Management in Azure AD
• Configure Privileged Identity Management
• Audit Privileged Identity Management
• Explore Microsoft Identity Manager
• Control privileged admin tasks using Privileged Access Management
• Knowledge check
• Summary

• Introduction
• Explore Azure Identity Protection
• Enable the default protection policies in AIP
• Explore the vulnerabilities and risk events detected by AIP
• Plan your identity investigation
• Knowledge check
• Summary