Microsoft Learn
Free Online Course
English
6-7 hours worth of material
selfpaced
Overview
- Module 1: Learn how Microsoft Defender for Endpoint can help your organization stay secure.
- Define the capabilities of Microsoft Defender for Endpoint.
- Understand how to hunt threats within your network.
- Explain how Microsoft Defender for Endpoint can remediate risks in your environment.
- Module 2: Deploy the Microsoft Defender for Endpoint environment
- Create a Microsoft Defender for Endpoint environment
- Onboard devices to be monitored by Microsoft Defender for Endpoint
- Configure Microsoft Defender for Endpoint environment settings
- Module 3: Implement Windows security enhancements with Microsoft Defender for Endpoint
- Explain Attack Surface Reduction in Windows
- Enable Attack Surface Reduction rules on Windows 10 devices
- Configure Attack Surface Reduction rules on Windows 10 devices
- Module 4: Manage alerts and incidents in Microsoft Defender for Endpoint
- Investigate incidents in Microsoft Defender for Endpoint
- Investigate alerts in Microsoft Defender for Endpoint
- Perform advanced hunting in Microsoft Defender for Endpoint
- Module 5: Perform device investigations in Microsoft Defender for Endpoint
- Use the device page in Microsoft Defender for Endpoint
- Describe device forensics information collected by Microsoft Defender for Endpoint
- Describe behavioral blocking by Microsoft Defender for Endpoint
- Module 6: Perform actions on a device using Microsoft Defender for Endpoint
- Perform actions on a device using Microsoft Defender for Endpoint
- Conduct forensics data collection using Microsoft Defender for Endpoint
- Access devices remotely using Microsoft Defender for Endpoint
- Module 7: Perform evidence and entities investigations using Microsoft Defender for Endpoint
- Investigate files in Microsoft Defender for Endpoint
- Investigate domains and IP addresses in Microsoft Defender for Endpoint
- Investigate user accounts in Microsoft Defender for Endpoint
- Module 8: Configure and manage automation using Microsoft Defender for Endpoint
- Configure advanced features of Microsoft Defender for Endpoint
- Manage automation settings in Microsoft Defender for Endpoint
- Module 9: Configure for alerts and detections in Microsoft Defender for Endpoint
- Configure alert settings in Microsoft Defender for Endpoint
- Manage indicators in Microsoft Defender for Endpoint
- Module 10: Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint
- Describe Threat and Vulnerability Management in Microsoft Defender for Endpoint
- Identify vulnerabilities on your devices with Microsoft Defender for Endpoint
- Track emerging threats in Microsoft Defender for Endpoint
In this module, you will learn how to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
After completion of this module, you'll be able to:
Upon completion of this module, the learner will be able to:
Syllabus
- Module 1: Protect against threats with Microsoft Defender for Endpoint
- Introduction to Microsoft Defender for Endpoint
- Practice security administration
- Hunt threats within your network
- Summary and knowledge check
- Module 2: Deploy the Microsoft Defender for Endpoint environment
- Introduction
- Create your environment
- Onboard devices
- Manage access
- Create and manage roles for role-based access control
- Configure device groups
- Configure environment advanced features
- Knowledge check
- Summary and resources
- Module 3: Implement Windows security enhancements with Microsoft Defender for Endpoint
- Introduction
- Understand attack surface reduction
- Enable attack surface reduction rules
- Knowledge check
- Summary and resources
- Module 4: Manage alerts and incidents in Microsoft Defender for Endpoint
- Introduction
- Explain security operations in Microsoft Defender for Endpoint
- Manage and investigate incidents
- Manage and investigate alerts
- Manage automated investigations
- Use the action center
- Perform advanced hunting
- Consult Microsoft threat experts
- Knowledge check
- Summary and resources
- Module 5: Perform device investigations in Microsoft Defender for Endpoint
- Introduction
- Use the device inventory list
- Investigate the device
- Use behavioral blocking
- Knowledge check
- Summary and resources
- Module 6: Perform actions on a device using Microsoft Defender for Endpoint
- Introduction
- Explain device actions
- Run Microsoft Defender antivirus scan on devices
- Collect investigation package from devices
- Initiate live response session
- Knowledge check
- Summary and resources
- Module 7: Perform evidence and entities investigations using Microsoft Defender for Endpoint
- Introduction
- Investigate a file
- Investigate a user account
- Investigate an IP address
- Investigate a domain
- Knowledge check
- Summary and resources
- Module 8: Configure and manage automation using Microsoft Defender for Endpoint
- Introduction
- Configure advanced features
- Manage automation upload and folder settings
- Configure automated investigation and remediation capabilities
- Block at risk devices
- Knowledge check
- Summary and resources
- Module 9: Configure for alerts and detections in Microsoft Defender for Endpoint
- Introduction
- Configure advanced features
- Configure alert notifications
- Manage alert suppression
- Manage indicators
- Knowledge check
- Summary and resources
- Module 10: Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint
- Introduction
- Understand Threat and Vulnerability Management
- Explore vulnerabilities on your devices
- Track emerging threats with threat analytics
- Knowledge check
- Summary and resources