Description

Module 1: Learn how Microsoft Defender for Endpoint can help your organization stay secure.In this module, you will learn how to:Define the capabilities of Microsoft Defender for Endpoint.Understand how to hunt threats within your network.Explain how Microsoft Defender for Endpoint can remediate risks in your environment.Module 2: Deploy the Microsoft Defender for Endpoint environmentUpon completion of this module, the learner will be able to:Create a Microsoft Defender for Endpoint environmentOnboard devices to be monitored by Microsoft Defender for EndpointConfigure Microsoft Defender for Endpoint environment settingsModule 3: Implement Windows security enhancements with Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Explain Attack Surface Reduction in WindowsEnable Attack Surface Reduction rules on Windows 10 devicesConfigure Attack Surface Reduction rules on Windows 10 devicesModule 4: Manage alerts and incidents in Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Investigate incidents in Microsoft Defender for EndpointInvestigate alerts in Microsoft Defender for EndpointPerform advanced hunting in Microsoft Defender for EndpointModule 5: Perform device investigations in Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Use the device page in Microsoft Defender for EndpointDescribe device forensics information collected by Microsoft Defender for EndpointDescribe behavioral blocking by Microsoft Defender for EndpointModule 6: Perform actions on a device using Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Perform actions on a device using Microsoft Defender for EndpointConduct forensics data collection using Microsoft Defender for EndpointAccess devices remotely using Microsoft Defender for EndpointModule 7: Perform evidence and entities investigations using Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Investigate files in Microsoft Defender for EndpointInvestigate domains and IP addresses in Microsoft Defender for EndpointInvestigate user accounts in Microsoft Defender for EndpointModule 8: Configure and manage automation using Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Configure advanced features of Microsoft Defender for EndpointManage automation settings in Microsoft Defender for EndpointModule 9: Configure for alerts and detections in Microsoft Defender for EndpointAfter completion of this module, you'll be able to:Configure alert settings in Microsoft Defender for EndpointManage indicators in Microsoft Defender for EndpointModule 10: Utilize Threat and Vulnerability Management in Microsoft Defender for EndpointUpon completion of this module, the learner will be able to:Describe Threat and Vulnerability Management in Microsoft Defender for EndpointIdentify vulnerabilities on your devices with Microsoft Defender for EndpointTrack emerging threats in Microsoft Defender for Endpoint

Tags

Syllabus

Syllabus Module 1: Protect against threats with Microsoft Defender for EndpointIntroduction to Microsoft Defender for EndpointPractice security administrationHunt threats within your networkSummary and knowledge checkModule 2: Deploy the Microsoft Defender for Endpoint environmentIntroductionCreate your environmentOnboard devicesManage accessCreate and manage roles for role-based access controlConfigure device groupsConfigure environment advanced featuresKnowledge checkSummary and resourcesModule 3: Implement Windows security enhancements with Microsoft Defender for EndpointIntroductionUnderstand attack surface reductionEnable attack surface reduction rulesKnowledge checkSummary and resourcesModule 4: Manage alerts and incidents in Microsoft Defender for EndpointIntroductionExplain security operations in Microsoft Defender for EndpointManage and investigate incidentsManage and investigate alertsManage automated investigationsUse the action centerPerform advanced huntingConsult Microsoft threat expertsKnowledge checkSummary and resourcesModule 5: Perform device investigations in Microsoft Defender for EndpointIntroductionUse the device inventory listInvestigate the deviceUse behavioral blockingKnowledge checkSummary and resourcesModule 6: Perform actions on a device using Microsoft Defender for EndpointIntroductionExplain device actionsRun Microsoft Defender antivirus scan on devicesCollect investigation package from devicesInitiate live response sessionKnowledge checkSummary and resourcesModule 7: Perform evidence and entities investigations using Microsoft Defender for EndpointIntroductionInvestigate a fileInvestigate a user accountInvestigate an IP addressInvestigate a domainKnowledge checkSummary and resourcesModule 8: Configure and manage automation using Microsoft Defender for EndpointIntroductionConfigure advanced featuresManage automation upload and folder settingsConfigure automated investigation and remediation capabilitiesBlock at risk devicesKnowledge checkSummary and resourcesModule 9: Configure for alerts and detections in Microsoft Defender for EndpointIntroductionConfigure advanced featuresConfigure alert notificationsManage alert suppressionManage indicatorsKnowledge checkSummary and resourcesModule 10: Utilize Threat and Vulnerability Management in Microsoft Defender for EndpointIntroductionUnderstand Threat and Vulnerability ManagementExplore vulnerabilities on your devicesTrack emerging threats with threat analyticsKnowledge checkSummary and resources Read more