YoVDO

MS-500 part 2 - Implement and manage threat protection

Offered By: Microsoft via Microsoft Learn

Tags

Windows Systems Administration Courses Incident Response Courses Microsoft Defender for Endpoint Courses Microsoft Sentinel Courses

Course Description

Overview

  • Module 1: Implement Microsoft Defender for Identity
  • By the end of this module, you will be able to:

    • Describe how Microsoft Defender for Identity monitors users, entity behavior, and activities with learning-based analytics
    • Describe how Defender for Identity protects user identities and credentials stored in Active Directory
    • Describe how Defender for Identity identifies and investigates suspicious user activities and advanced attacks throughout the kill chain
    • Create your Microsoft Defender for Identity instance in the Defender for Identity portal
    • Use the built-in portal to monitor and respond to suspicious activity detected by Defender for Identity
  • Module 2: Learn how Microsoft Defender for Endpoint can help your organization stay secure.
  • In this module, you will learn how to:

    • Define the capabilities of Microsoft Defender for Endpoint.
    • Understand how to hunt threats within your network.
    • Explain how Microsoft Defender for Endpoint can remediate risks in your environment.
  • Module 3: Learn how to detect and respond to security issues using Microsoft Defender for Endpoint with the help of features and capabilities such as the incident queue, alerts queue, response actions on devices and files, and Live Response.
  • By the end of this module, you'll be able to:

    • Understand the incident queue
    • Understand the alerts queue
    • Understand response actions
  • Module 4: Deploy the Microsoft Defender for Endpoint environment
  • Upon completion of this module, the learner will be able to:

    • Create a Microsoft Defender for Endpoint environment
    • Onboard devices to be monitored by Microsoft Defender for Endpoint
    • Configure Microsoft Defender for Endpoint environment settings
  • Module 5: Protect against malicious attacks and unauthorized access with Microsoft Edge
  • At the end of this module, you will be able to:

    • Describe how Microsoft Edge is built for secure browsing
    • Use Microsoft Defender SmartScreen and Application Guard to protect against malicious attacks and unauthorized access.
    • Manage Microsoft Edge security options through policies and controls in Microsoft Endpoint Manager
  • Module 6: Learn how to reduce potential attack surfaces across your environment with Microsoft Defender for Endpoint. Capabilities include application control, network protection, hardware-based isolation, controlled folder access, and web protection.
  • By the end of this module, you'll be able to:

    • Understand attack surface reduction in Microsoft Defender for Endpoint.
    • Understand the different kinds of surface attack reduction protection in Microsoft Defender for Endpoint.
    • Understand attack surface reduction rules.
  • Module 7: Learn how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations.
  • Upon completion of this module, you should be able to:

    • Explain how encryption mitigates the risk of unauthorized data disclosure.
    • Describe Microsoft data-at-rest and data-in-transit encryption solutions.
    • Explain how Microsoft 365 implements service encryption to protect customer data at the application layer.
    • Understand the differences between Microsoft managed keys and customer managed keys for use with service encryption.
  • Module 8: In this module, you'll learn about app management using Microsoft Endpoint Manager.
  • In this module, you will:

    • Understand how your organization's apps can be configured and protected.
    • Understand the app management lifecycle.
    • Learn about the data protection framework using app protection policies.
  • Module 9: Manage device compliance
  • By the end of this module, you will be able to:

    • Plan for device compliance by defining the rules and settings that must be configured on a device for it to be considered compliant
    • Configure conditional users and groups for deploying profiles, policies, and apps
    • Create Conditional Access policies to implement automated access control decisions for accessing your cloud apps
    • Monitor enrolled devices to control their Intune activities and compliance status
  • Module 10: Learn about the Microsoft Defender for Office 365 component of Microsoft 365 Defender.
  • In this module, you will learn how to:

    • Define the capabilities of Microsoft Defender for Office 365.
    • Understand how to simulate attacks within your network.
    • Explain how Microsoft Defender for Office 365 can remediate risks in your environment.
  • Module 11: Describe how to query, visualize, and monitor data in Microsoft Sentinel.
  • In this module you will:

    • Visualize security data using Microsoft Sentinel Workbooks.
    • Understand how queries work.
    • Explore workbook capabilities.
    • Create a Microsoft Sentinel Workbook.
  • Module 12: Implement Microsoft Cloud Application Security
  • By the end of this module, you will be able to:

    • Describe how Cloud App Security provides improved visibility into network cloud activity and increases the protection of critical data across cloud applications
    • Explain how to deploy Cloud App Security
    • Control your cloud apps with policies
    • Troubleshoot Cloud App Security

Syllabus

  • Module 1: Implement Microsoft Defender for Identity
    • Introduction
    • Explore Microsoft Defender for Identity
    • Create your Microsoft Defender for Identity instance
    • Work with the Microsoft Defender for Identity portal
    • Knowledge check
    • Summary
  • Module 2: Protect against threats with Microsoft Defender for Endpoint
    • Introduction to Microsoft Defender for Endpoint
    • Practice security administration
    • Hunt threats within your network
    • Summary and knowledge check
  • Module 3: Detect and respond to security issues using Microsoft Defender for Endpoint
    • Introduction
    • Use the alerts and incidents queues
    • Take response actions
    • Knowledge check
    • Summary
  • Module 4: Deploy the Microsoft Defender for Endpoint environment
    • Introduction
    • Create your environment
    • Onboard devices
    • Manage access
    • Create and manage roles for role-based access control
    • Configure device groups
    • Configure environment advanced features
    • Knowledge check
    • Summary and resources
  • Module 5: Protect against malicious attacks and unauthorized access with Microsoft Edge
    • Introduction
    • Understand the secure foundations of Microsoft Edge
    • Intercept malicious attacks with Microsoft Defender SmartScreen
    • Enhance browser security with Microsoft Defender Application Guard
    • Manage controls and policies for Microsoft Edge in Microsoft Endpoint Manager
    • Knowledge check
    • Summary and resources
  • Module 6: Reduce potential attack areas with Microsoft Defender for Endpoint
    • Introduction
    • Minimize potential attack areas with attack surface reduction
    • Enable attack surface reduction rules
    • Knowledge check
    • Summary
  • Module 7: Understand Microsoft 365 encryption
    • Introduction to Microsoft 365 encryption
    • Learn how BitLocker encrypts data-at-rest
    • Understand service encryption in Microsoft 365
    • Explore customer key management using Customer Key
    • Learn how data is encrypted in-transit
    • Summary and knowledge check
  • Module 8: Understand app management using Microsoft Endpoint Manager
    • Introduction
    • Understand the app management lifecycle
    • Learn about configuring apps
    • Understand how to protect apps
    • Learn about protected apps
    • Understand how to apply the data protection framework
    • Knowledge Check
    • Summary
  • Module 9: Manage device compliance
    • Introduction
    • Plan for device compliance
    • Configure conditional users and groups
    • Create Conditional Access policies
    • Monitor enrolled devices
    • Knowledge check
    • Summary
  • Module 10: Remediate risks with Microsoft Defender for Office 365
    • Introduction to Microsoft Defender for Office 365
    • Automate, investigate, and remediate
    • Configure, protect, and detect
    • Simulate attacks
    • Summary and knowledge check
  • Module 11: Query, visualize, and monitor data in Microsoft Sentinel
    • Introduction
    • Exercise - Query and visualize data with Microsoft Sentinel Workbooks
    • Monitor and visualize data
    • Query data using Kusto Query Language
    • Use default Microsoft Sentinel Workbooks
    • Create a new Microsoft Sentinel Workbook
    • Exercise - Visualize data using Microsoft Sentinel Workbooks
    • Summary
  • Module 12: Implement Microsoft Cloud Application Security
    • Introduction
    • Explore Cloud App Security
    • Deploy Cloud App Security
    • Control your cloud apps with policies
    • Troubleshoot Microsoft Cloud App Security
    • Knowledge check
    • Summary

Tags

Related Courses

Build a Toolkit with Advanced Windows Commands
Coursera Project Network via Coursera
Manage Office 365 Identities
Microsoft via edX
Become a Windows System Administrator (Server 2012 R2)
LinkedIn Learning
Exchange 2016: Client Access Services
LinkedIn Learning
Windows 10: Advanced Troubleshooting for IT Support
LinkedIn Learning