MS-101 Implement threat protection by using Microsoft Defender XDR

By the end of this module, you will be able to:

• Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph
• Describe how the threat dashboard can benefit C-level security officers
• Understand how Threat Explorer can be used to investigate threats and help to protect your tenant
• Describe the Threat Tracker widgets and views that provide you with intelligence on different cybersecurity issues that might impact your company
• Run realistic attack scenarios using Attack simulation training to help identify vulnerable users before a real attack impacts your organization
• Describe how threat hunting in Microsoft Threat Protection enables security operators to identify cybersecurity threats
• Describe how Advanced hunting in Microsoft 365 Defender proactively inspects events in your network to locate threat indicators and entities

By the end of this module, you will be able to:

• Describe how the Security Dashboard gives C-level executives insight into top risks, global trends, protection quality, and the organization’s exposure to threats
• Explain how to use the Security Dashboard to quickly understand details about trends, where threats originate, and who the top targeted users are in your organization
• Identify how the dashboard can be used as a launching point to enable security analysts to drill down for more details by using Threat Explorer
• Describe the built-in alert policies in Microsoft 365
• Describe the global weekly threat detections displayed in the Security Dashboard

By the end of this module, you will be able to:

• Describe how Microsoft Defender for Identity monitors users, entity behavior, and activities with learning-based analytics
• Describe how Defender for Identity protects user identities and credentials stored in Active Directory
• Describe how Defender for Identity identifies and investigates suspicious user activities and advanced attacks throughout the kill chain
• Create your Microsoft Defender for Identity instance in the Defender for Identity portal
• Use the built-in portal to monitor and respond to suspicious activity detected by Defender for Identity

By the end of this module, you will be able to:

• Describe how Cloud App Security provides improved visibility into network cloud activity and increases the protection of critical data across cloud applications
• Explain how to deploy Cloud App Security
• Control your cloud apps with policies
• Troubleshoot Cloud App Security

• Introduction
• Explore Microsoft Intelligent Security Graph
• Examine the Security Dashboard in the Security & Compliance Center
• Investigate security attacks by using Threat Explorer
• Identify cybersecurity issues by using Threat Trackers
• Prepare for attacks with Attack simulation training
• Run automated investigations and responses
• Explore threat hunting with Microsoft Threat Protection
• Explore advanced threat hunting in Microsoft 365 Defender
• Knowledge check
• Summary

• Introduction
• Examine threat detections in the Security Dashboard
• Examine security and malware trends in the Security Dashboard
• Examine alerts in the Security Dashboard
• Explore the built-in alert policies in Microsoft 365
• Examine the global threat detections in the Security Dashboard
• Knowledge check
• Summary

• Introduction
• Explore Microsoft Defender for Identity
• Create your Microsoft Defender for Identity instance
• Work with the Microsoft Defender for Identity portal
• Knowledge check
• Summary

• Introduction
• Explore Cloud App Security
• Deploy Cloud App Security
• Control your cloud apps with policies
• Troubleshoot Microsoft Cloud App Security
• Knowledge check
• Summary