YoVDO

Secure your organization with Microsoft Defender for Endpoint

Offered By: Microsoft via Microsoft Learn

Tags

Windows Systems Administration Courses Cybersecurity Courses Network Security Courses Incident Response Courses Endpoint Security Courses Microsoft Defender for Endpoint Courses

Course Description

Overview

    • Module 1: Learn about Microsoft Defender for Endpoint and its key capabilities, such as threat and vulnerability management, attack surface reduction, automated investigation and remediation, endpoint detection and response, and more.

By the end of this module, you'll:

      • Understand Microsoft Defender for Endpoint.
      • Understand how to access Microsoft Defender for Endpoint.
      • Understand the different capabilities of Microsoft Defender for Endpoint.
    • Module 2: Learn about the different capabilities you can use to evaluate endpoint security using Microsoft Defender for Endpoint including the evaluation lab, the simulation gallery, different types of attack simulation scenarios, and more.

By the end of this module, you'll be able to:

      • Understand the evaluation lab
      • Understand the simulation gallery
      • Understand attack simulation scenarios
    • Module 3: Learn about the onboarding process for Microsoft Defender for Endpoint, which is a three-phase process that consists of: - Prepare: See the considerations you should take, such as stakeholder approvals, and adoption order of capabilities. - Set up: Learn how to set up a Microsoft Defender for Endpoint instance and how it connects with your environment. - Onboard: Learn about the supported onboarding tools, and how to configure available capabilities.

By the end of this module, you'll be able to:

      • Plan for Microsoft Defender for Endpoint.
      • Prepare for Microsoft Defender for Endpoint deployment.
      • Set up and onboard devices to Microsoft Defender for Endpoint.
    • Module 4: Learn about Microsoft Defender for Endpoint capabilities, such as threat and vulnerability management, exposure score, Microsoft Secure Score for devices, and security recommendations, so you can identify vulnerabilities across your devices, and remediate them to strengthen your security posture.

By the end of this module, you'll be able to:

      • Understand threat and vulnerability management in Microsoft Defender for Endpoint.
      • Understand how to assess security posture using Microsoft Defender for Endpoint.
      • Understand how to identify vulnerabilities on devices.
      • Understand how to strengthen your security posture and reduce risk.
    • Module 5: Learn how to reduce potential attack surfaces across your environment with Microsoft Defender for Endpoint. Capabilities include application control, network protection, hardware-based isolation, controlled folder access, and web protection.

By the end of this module, you'll be able to:

      • Understand attack surface reduction in Microsoft Defender for Endpoint.
      • Understand the different kinds of surface attack reduction protection in Microsoft Defender for Endpoint.
      • Understand attack surface reduction rules.
    • Module 6: Learn about next-generation protection in Microsoft Defender for Endpoint including behavior-based, heuristic, and real-time antivirus protection, cloud-delivered protection, dedicated protection and product updates, and more.

By the end of this module, you'll be able to:

      • Understand Microsoft Defender for Endpoint's next-generation protection
      • Understand behavioral blocking and containment.
    • Module 7: Learn how to detect and respond to security issues using Microsoft Defender for Endpoint with the help of features and capabilities such as the incident queue, alerts queue, response actions on devices and files, and Live Response.

By the end of this module, you'll be able to:

      • Understand the incident queue
      • Understand the alerts queue
      • Understand response actions
    • Module 8: Learn how automated investigation and remediation (AIR) work in Microsoft Defender for Endpoint. You'll learn about concepts, including automation levels, how automated investigations are triggered, how to review investigation findings, and how automated remediation actions work.
      • Understand automated investigation
      • Understand how threats are remediated using automated remediation
      • Understand automation levels
    • Module 9: Learn about the different reporting capabilities in Microsoft Defender for Endpoint including the threat protection report, vulnerable devices report, device health and compliance reports, custom reports, and threat analytics.

By the end of this module, you'll be able to:

    • Understand threat protection reports
    • Understand health and compliance reports
    • Understand custom reports with Power BI
    • Understand threat analytics

Syllabus

  • Module 1: Introduction to Microsoft Defender for Endpoint
    • Introduction
    • Use Microsoft Defender for Endpoint
    • Access the portal
    • Knowledge check
    • Summary
  • Module 2: Evaluate endpoint security in Microsoft Defender for Endpoint
    • Introduction
    • Set up the evaluation lab
    • Use the evaluation lab
    • Knowledge check
    • Summary
  • Module 3: Onboard to Microsoft Defender for Endpoint
    • Introduction
    • Plan for Microsoft Defender for Endpoint
    • Prepare for Microsoft Defender for Endpoint
    • Onboard devices to Microsoft Defender for Endpoint
    • Knowledge check
    • Summary
  • Module 4: Strengthen your security posture with Microsoft Defender for Endpoint
    • Introduction
    • Use threat and vulnerability management
    • Assess your security posture
    • Identify vulnerabilities on your devices
    • Improve your security posture and reduce risk
    • Knowledge check
    • Summary
  • Module 5: Reduce potential attack areas with Microsoft Defender for Endpoint
    • Introduction
    • Minimize potential attack areas with attack surface reduction
    • Enable attack surface reduction rules
    • Knowledge check
    • Summary
  • Module 6: Apply next-generation protection with Microsoft Defender for Endpoint
    • Introduction
    • Get intelligent protection with Microsoft Defender for Endpoint's next-generation protection
    • Use behavioral blocking and containment
    • Knowledge check
    • Summary
  • Module 7: Detect and respond to security issues using Microsoft Defender for Endpoint
    • Introduction
    • Use the alerts and incidents queues
    • Take response actions
    • Knowledge check
    • Summary
  • Module 8: Use automated investigation and remediation in Microsoft Defender for Endpoint
    • Introduction
    • Investigate and remediate threats through automated investigation and remediation
    • Set up automated investigation and remediation
    • Knowledge check
    • Summary
  • Module 9: Gain insights through reporting in Microsoft Defender for Endpoint
    • Introduction
    • Use threat protection reports, vulnerability reports, and health reports
    • Track emerging threats with threat analytics
    • Use custom reports with Power BI
    • Knowledge check
    • Summary

Tags

Related Courses

AWS Security Fundamentals (Second Edition) (French)
Amazon Web Services via AWS Skill Builder
AWS Security Fundamentals (Second Edition) (Japanese)
Amazon Web Services via AWS Skill Builder
AWS Security Fundamentals (Second Edition) (Spanish)
Amazon Web Services via AWS Skill Builder
AWS Security Fundamentals (Second Edition) (Traditional Chinese)
Amazon Web Services via AWS Skill Builder
Basics of Amazon Detective (French)
Amazon Web Services via AWS Skill Builder