Module 1: Mitigate incidents using Microsoft Defender
- Introduction
- Use the Microsoft Defender portal
- Manage incidents
- Investigate incidents
- Manage and investigate alerts
- Manage automated investigations
- Use the action center
- Explore advanced hunting
- Investigate Microsoft Entra sign-in logs
- Understand Microsoft Secure Score
- Analyze threat analytics
- Analyze reports
- Configure the Microsoft Defender portal
- Knowledge check
- Summary and resources
Module 2: Deploy the Microsoft Defender for Endpoint environment
- Introduction
- Create your environment
- Understand operating systems compatibility and features
- Onboard devices
- Manage access
- Create and manage roles for role-based access control
- Configure device groups
- Configure environment advanced features
- Knowledge check
Module 3: Configure for alerts and detections in Microsoft Defender for Endpoint
- Introduction
- Configure advanced features
- Configure alert notifications
- Manage alert suppression
- Manage indicators
- Knowledge check
- Summary and resources
Module 4: Configure and manage automation using Microsoft Defender for Endpoint
- Introduction
- Configure advanced features
- Manage automation upload and folder settings
- Configure automated investigation and remediation capabilities
- Block at risk devices
- Knowledge check
- Summary and resources
Module 5: Perform device investigations in Microsoft Defender for Endpoint
- Introduction
- Use the device inventory list
- Investigate the device
- Use behavioural blocking
- Detect devices with device discovery
- Knowledge check
- Summary and resources
Module 6: Defend against Cyberthreats with Microsoft Defender XDR lab exercises
- Introduction
- Configure the Microsoft Defender XDR environment
- Deploy Microsoft Defender for Endpoint
- Mitigate Attacks with Microsoft Defender for Endpoint
- Summary