YoVDO

SC-200: Mitigate threats using Microsoft Defender for Cloud

Offered By: Microsoft via Microsoft Learn

Tags

SC-200: Microsoft Security Operations Analyst Courses Threat Intelligence Courses Cloud Security Courses Threat Mitigation Courses

Course Description

Overview

  • Module 1: Plan for cloud workload protections using Microsoft Defender for Cloud
  • Upon completion of this module, the learner will be able to:

    • Describe Microsoft Defender for Cloud features
    • Microsoft Defender for Cloud workload protections
    • Enable Microsoft Defender for Cloud
  • Module 2: Explain cloud workload protections in Microsoft Defender for Cloud
  • Upon completion of this module, the learner will be able to:

    • Explain which workloads are protected by Microsoft Defender for Cloud
    • Describe the benefits of the protections offered by Microsoft Defender for Cloud
    • Explain how Microsoft Defender for Cloud protections function
  • Module 3: Connect Azure assets to Microsoft Defender for Cloud
  • Upon completion of this module, the learner will be able to:

    • Explore Azure assets
    • Configure auto-provisioning in Microsoft Defender for Cloud
    • Describe manual provisioning in Microsoft Defender for Cloud
  • Module 4: Connect non-Azure resources to Microsoft Defender for Cloud
  • Upon completion of this module, the learner will be able to:

    • Connect non-Azure machines to Microsoft Defender for Cloud
    • Connect AWS accounts to Microsoft Defender for Cloud
    • Connect GCP accounts to Microsoft Defender for Cloud
  • Module 5: Remediate security alerts using Microsoft Defender for Cloud
  • Upon completion of this module, the learner will be able to:

    • Describe alerts in Microsoft Defender for Cloud
    • Remediate alerts in Microsoft Defender for Cloud
    • Automate responses in Microsoft Defender for Cloud

Syllabus

  • Module 1: Plan for cloud workload protections using Microsoft Defender for Cloud
    • Introduction
    • Explain Microsoft Defender for Cloud
    • Describe Microsoft Defender for Cloud workload protections
    • Exercise – Microsoft Defender for Cloud interactive guide
    • Enable Microsoft Defender for Cloud
    • Knowledge check
    • Summary and resources
  • Module 2: Explain cloud workload protections in Microsoft Defender for Cloud
    • Introduction
    • Understand Microsoft Defender for servers
    • Understand Microsoft Defender for App Service
    • Understand Microsoft Defender for Storage
    • Understand Microsoft Defender for SQL
    • Understand Microsoft Defender for open-source databases
    • Understand Microsoft Defender for Key Vault
    • Understand Microsoft Defender for Resource Manager
    • Understand Microsoft Defender for DNS
    • Understand Microsoft Defender for Kubernetes
    • Understand Microsoft Defender for container registries
    • Understand Microsoft Defender additional protections
    • Knowledge check
    • Summary and resources
  • Module 3: Connect Azure assets to Microsoft Defender for Cloud
    • Introduction
    • Explore and manage your resources with asset inventory
    • Configure auto provisioning
    • Manual log analytics agent provisioning
    • Knowledge check
    • Summary and resources
  • Module 4: Connect non-Azure resources to Microsoft Defender for Cloud
    • Introduction
    • Protect non-Azure resources
    • Connect non-Azure machines
    • Connect your AWS accounts
    • Connect your GCP accounts
    • Knowledge check
    • Summary and resources
  • Module 5: Remediate security alerts using Microsoft Defender for Cloud
    • Introduction
    • Understand security alerts
    • Remediate alerts and automate responses
    • Suppress alerts from Defender for Cloud
    • Generate threat intelligence reports
    • Respond to alerts from Azure resources
    • Knowledge check
    • Summary and resources

Tags

Related Courses

SC-200: Mitigate threats using Microsoft Defender for Endpoint
Microsoft via Microsoft Learn
SC-200: Mitigate threats using Microsoft Defender XDR
Microsoft via Microsoft Learn
SC-200: Configure your Microsoft Sentinel environment
Microsoft via Microsoft Learn
SC-200: Connect logs to Microsoft Sentinel
Microsoft via Microsoft Learn
SC-200: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
Microsoft via Microsoft Learn