SC-5004 Defend against cyberthreats with Microsoft Defender XDR

Course code: SC5004

Implement the Microsoft Defender for Endpoint environment to manage devices, perform investigations on endpoints, manage incidents in Defender XDR, and use Advanced Hunting with Kusto Query Language (KQL) to detect unique threats.

490 EUR

593 EUR including VAT

The earliest date from 22.09.2025

Selection of dates
onas
Do you have a question?
+420 731 175 867 edu@edutrainings.cz

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: 22.09.2025

Type: In-person/Virtual

Course duration: 1 day

Language: en/cz

Price without VAT: 490 EUR

Register

Starting date: 27.10.2025

Type: In-person/Virtual

Course duration: 1 day

Language: en/cz

Price without VAT: 490 EUR

Register

Starting date: 01.12.2025

Type: In-person/Virtual

Course duration: 1 day

Language: en/cz

Price without VAT: 490 EUR

Register

Starting date: Upon request

Type: In-person/Virtual

Course duration: 1 day

Language: en/cz

Price without VAT: 490 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
22.09.2025 In-person/Virtual 1 day en/cz 490 EUR Register
27.10.2025 In-person/Virtual 1 day en/cz 490 EUR Register
01.12.2025 In-person/Virtual 1 day en/cz 490 EUR Register
Upon request In-person/Virtual 1 day en/cz 490 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course description

In this course you will learn:

  • How the Microsoft Defender portal provides a unified view of incidents from the Microsoft Defender family of products.
  • How to eploy the Microsoft Defender for Endpoint environment, including onboarding devices and configuring security.
  • How to configure settings to manage alerts and notifications. You’ll also learn to enable indicators as part of the detection process.
  • Howto configure automation in Microsoft Defender for Endpoint by managing environmental settings.
  • How to configure Microsoft Defender XDR, deploy Microsoft Defender for Endpoint, and onboard devices. You also configured policies, mitigated threats and responded to incidents with Defender XDR.

Target group

Suited for Security Operations Analysts

Course structure

Module 1: Mitigate incidents using Microsoft Defender

  • Introduction
  • Use the Microsoft Defender portal
  • Manage incidents
  • Investigate incidents
  • Manage and investigate alerts
  • Manage automated investigations
  • Use the action center
  • Explore advanced hunting
  • Investigate Microsoft Entra sign-in logs
  • Understand Microsoft Secure Score
  • Analyze threat analytics
  • Analyze reports
  • Configure the Microsoft Defender portal
  • Knowledge check
  • Summary and resources

Module 2: Deploy the Microsoft Defender for Endpoint environment

  • Introduction
  • Create your environment
  • Understand operating systems compatibility and features
  • Onboard devices
  • Manage access
  • Create and manage roles for role-based access control
  • Configure device groups
  • Configure environment advanced features
  • Knowledge check

Module 3: Configure for alerts and detections in Microsoft Defender for Endpoint

  • Introduction
  • Configure advanced features
  • Configure alert notifications
  • Manage alert suppression
  • Manage indicators
  • Knowledge check
  • Summary and resources

Module 4: Configure and manage automation using Microsoft Defender for Endpoint

  • Introduction
  • Configure advanced features
  • Manage automation upload and folder settings
  • Configure automated investigation and remediation capabilities
  • Block at risk devices
  • Knowledge check
  • Summary and resources

Module 5: Perform device investigations in Microsoft Defender for Endpoint

  • Introduction
  • Use the device inventory list
  • Investigate the device
  • Use behavioural blocking
  • Detect devices with device discovery
  • Knowledge check
  • Summary and resources

Module 6: Defend against Cyberthreats with Microsoft Defender XDR lab exercises

  • Introduction
  • Configure the Microsoft Defender XDR environment
  • Deploy Microsoft Defender for Endpoint
  • Mitigate Attacks with Microsoft Defender for Endpoint
  • Summary

Prerequisites

  • Experience using the Microsoft Defender portal
  • Basic understanding of Microsoft Defender for Endpoint
  • Basic understanding of Microsoft Sentinel
  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Do you need advice or a tailor-made course?

onas

product support

ComGate payment gateway MasterCard Logo Visa logo