• Startsiden
  • Kurs
  • SC-5004: Defend against cyberthreats with Microsoft Defender XDR

SC-5004: Defend against cyberthreats with Microsoft Defender XDR

Master the skills to defend against cyberthreats with Microsoft Defender XDR. Learn to mitigate incidents, deploy environments, configure alerts, and perform advanced investigations using Microsoft Defender solutions. Gain hands-on experience in protecting endpoints, managing automation, and conducting device forensics to enhance your cybersecurity strategy.

Course Objectives

  • Mitigate security incidents using Microsoft Defender.
  • Investigate and manage incidents with advanced hunting tools.
  • Deploy and configure Microsoft Defender for Endpoint environments.
  • Onboard devices and manage endpoint monitoring.
  • Configure alert settings and manage indicators in Microsoft Defender.
  • Automate security responses using Microsoft Defender's advanced features.
  • Perform device investigations and analyze forensic data.
  • Conduct lab exercises to implement a full Microsoft Defender XDR solution.

Who should attend

  • Security Administrator
  • Security Analyst
  • Security Consultant

Prerequisites

Required

  • Experience using the Microsoft Defender portal
  • Basic understanding of Microsoft Defender for Endpoint
  • Basic understanding of Microsoft Sentinel
  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Course Outline

Mitigate incidents using Microsoft Defender

  • Manage incidents in Microsoft Defender
  • Investigate incidents in Microsoft Defender
  • Conduct advanced hunting in Microsoft Defender

Deploy the Microsoft Defender for Endpoint environment

  • Create a Microsoft Defender for Endpoint environment
  • Onboard devices to be monitored by Microsoft Defender for Endpoint
  • Configure Microsoft Defender for Endpoint environment settings

Configure for alerts and detections in Microsoft Defender for Endpoint

  • Configure alert settings in Microsoft Defender for Endpoint
  • Manage indicators in Microsoft Defender for Endpoint

Configure and manage automation using Microsoft Defender for Endpoint

  • Configure advanced features of Microsoft Defender for Endpoint
  • Manage automation settings in Microsoft Defender for Endpoint

Perform device investigations in Microsoft Defender for Endpoint

  • Use the device page in Microsoft Defender for Endpoint
  • Describe device forensics information collected by Microsoft Defender for Endpoint
  • Describe behavioral blocking by Microsoft Defender for Endpoint

Andre relevante kurs

MasterClass: Hacking and Securing Windows Infrastructure
9. juni
5 dager
Virtual Classroom Startgaranti
Masterclass: Internet Information Services Management (IIS)
4 dager
Virtual Classroom
Masterclass: System Forensics, Incident Handling And Threat Hunting
12. mai
5 dager
Virtual Classroom
MasterClass: Windows Security and Infrastructure Management with Windows Internals
4 dager
Classroom Virtual